compTIA security
Which of the following situations would most likely motivate a hacktivist?
A large food-processing enterprise is dumping byproducts into a nearby stream.
This morning, you received a notification about an API vulnerability in your CSP's serverless architecture technologies. Which of your cloud-based services is most likely to be directly affected by the vulnerability or subsequent API changes?
A microservice-based application developed in-house for inventory management
Which of the following is an example of an attribute that strengthens the authentication process but does not act as a primary authentication factor?
A point-of-contact signing someone else into a secure facility
What is eDiscovery?
A process for sharing electronic forensic data
Which of the following statements about third-party risks is accurate?
A third-party application begins to produce risk just by losing vendor support.
What are hot and cold aisles designed to assist?
Air circulation in the server room
A company configures workstations only to run software from an approved list. What is this an example of?
Allow listing
Why might an administrator engage in the arduous task of manually reviewing log files on a regular basis? Each correct answer represents a complete solution. Choose two.
As a compensating control for vulnerability assessments and this is correct answer To comply with PCI DSS regulations
What AAA element specifies the exact resources a given principal is allowed to access?
Authorization
Question 79 : Which tenet of security can be affected most by an enterprise HVAC (heating, ventilation, and air-conditioning) system?
Availability
Which of the following enterprise mobile deployment models introduces the greatest amount of risk for the implementing organization?
BYOD
Your organization has a degausser in the basement. What media can it securely destroy? Each correct answer represents a complete solution. Choose two.
Backup tapes Hard drives
A network technician has been asked to troubleshoot recently observed performance issues as well as the root cause of new alerts regarding network traffic anomalies. Which monitoring tool should the technician choose first to troubleshoot both problems?
Bandwidth monitor
Which Windows encryption tool can protect the entire system volume?
BitLocker
What is the difference between a bluejacking and a bluesnarfing attack?
Bluesnarfing involves data compromise.
Complex passwords that are combinations of upper and lower case letters, numbers, and special characters protect your system from which types of attacks? Each correct answer represents a complete solution. Choose two.
Brute force Dictionary
An attack on your web application began with a long string of numbers sent to a field that's only supposed to hold a four-digit variable. What kind of attack was it?
Buffer overflow
What document specifically covers moving operations to a temporary site?
COOP
Which of the following statements about captive portals is accurate?
Captive portals can be used as a landing page prior to authentication.
Which policy is focused on preventing data loss?
Clean desk policy
You're researching a recent XSS attack against a web application. The developer showed you the JavaScript code used to sanitize and validate input in the browser; even if you're not a coder, it seems like it would have prevented the attack. What is the most likely reason the web application was vulnerable?
Client-side validation can be easily bypassed.
Which of the following is a difference between load balancing and clustering?
Clustering tends to use tighter integration between redundant systems.
Which of the following is the reason why attacks over the telephone, claiming that well-known groups of individuals have taken advantage of the assistance being offered, are as effective as they are?
Consensus
What form of incident mitigation technique do isolation and segmentation exemplify?
Containment
The VP of human resources has put you in charge of securing a critical server for the department. You'll be hardening its operating system according to company policies and regularly checking configuration and system logs. In asset management terms, what role have you taken on?
Custodian
You've taken up a contract helping to upgrade the existing industrial control network for an oil refinery. What network type should you expect to work with?
DCS
What XSS techniques don't require the attacker to store data on the target server? Each correct answer represents a complete solution. Choose two.
DOM-based Reflected
Which of the following are examples of password policies which were once against conventional wisdom, but are now recommended by NIST to reduce the likelihood of users forgetting their passwords or needing to write them down to remember them? Each correct answer represents a complete solution. Choose two.
Do not require users to create complex passwords. Do not require passwords to be changed on a regular basis.
Which protocol is more of a message framework than an authentication method in itself?
EAP
Which of the following is an algorithm employed in asymmetric cryptography that uses newer complex mathematical approaches to create relatively short but very secure and high-performance keys?
ECC
Your WAP is currently secured with WPA-Personal encryption and authentication, using a shared key. Wi-Fi Protected Setup (WPS) is currently disabled. Which of the following is true?
Enabling 802.1X could increase security, but enabling WPS would reduce it.
A security program alerts you of a failed login attempt to a secure system. On investigation, you learn the system's regular user accidentally had caps lock turned on. What kind of alert was it?
False positive
You want to test an application to make sure it doesn't behave insecurely when it receives non-standard input. What technique should you use?
Fuzzing
In the area of threat hunting, what is meant by intelligence fusion?
Gathering intelligence from multiple sources to feed advanced analytics
Which of the following are forms of cybersecurity resilience that help to ensure fault tolerance or recoverability of services in the case of an outage? Each correct answer represents a complete solution. Choose three.
Geographically dispersed data centers NIC teaming A diesel generator
What is true of a digital certificate, but not true of a digital signature? Each correct answer represents a complete solution. Choose two.
Has a valid starting and ending date Proves the authenticity of a person or system
What type of cryptography is most commonly used for secure password storage?
Hashing
You're receiving many unauthorized network scans using methods carefully designed to bypass existing firewall rules. What device or feature would be the best way to recognize and block those scans?
IPS
Click to select the steps of a complete risk assessment, and then drag them into the correct order.
Identify assets at risk. Conduct a threat assessment. Analyze business impact. Evaluate threat probability. Prioritize risks. Create a mitigation strategy.
Which statements about service accounts are most accurate? Each correct answer represents a complete solution. Choose two
It is an account associated with an application or service that needs to interact with the system. A web server will have a service account that owns and accesses resources as if it were a user but independent of which user installed or ran the service.
In terms of time, how does a differential backup plan tend to differ from an incremental backup plan?
It's slower to create backups, but quicker to restore data.
Your employer stores a copy of all private keys used on devices in the enterprise because the regulatory agency that audits and certifies your company's business practices demands centralized access to them in case the court's order decryption of any official communications at the agency's request. What is this an example of?
Key escrow
What VPN type is very secure, compatible with nearly any application, and supported by most operating systems?
L2TP/IPsec
A secure records room installed a new iris scanner, chosen for its low crossover error rate. What does that mean it has?
Low FRR and low FAR
What kind of application centrally manages security policy and settings on all company mobile devices?
MDM
What SNMP component is a database of predefined manageable items for a particular device?
MIB
Evil twins are mostly used as part of what kind of attack?
Man-in-the-middle
What access control model was popularized by military usage?
Mandatory
What security controls can protect against tailgating? Each correct answer represents a complete solution. Choose two.
Mantraps Security guards
Which of the following risk management practices or concepts is designed to test the variability in testing processes?
Measurement systems analysis
Three applications were developed in-house to work together on a complex task. After a month of continuous execution, it is discovered that one of the applications frequently requests that shared memory be allocated for a procedure that all three applications must contribute to.Once the procedure is complete, the requesting applications fail to release the memory, and neither of the two other applications requires that the memory remain allocated nor do they take responsibility for releasing it. What type of vulnerability has the requesting application introduced?
Memory leak
During a discussion of user account policies, someone suggests lowering the account-lockout threshold on the Windows domain. What would be the net effect of this change?
More security and less convenience for users
Which of the following is the port scanner that you can use for network mapping and service enumeration?
Nmap
What kind of policy governs the removal of sensitive data and credentials when a user device is no longer used for company business?
Offboarding
What type of control is a security assessment procedure?
Operational
Which of the following is the most serious concern when rebuilding the content of a failed RAID drive from parity?
Other drives in the array may fail.
What would you recommend to a team member who is interested in additional sources of information to assist with refining their own understanding of the current attack surface of the organization?
Output from the latest configuration review, vulnerability scanning, and penetration tests
Your company is developing an application that will support credit card transactions and the storage of identifying information regarding paying customers. Regardless of what other data the application handles, what kind of compliance do you already know you need to research?
PCI DSS
You're helping a software development team choose a secure cloud-based solution. The team wants to develop custom web applications but prefers the development environment itself to be provided by the hosting service. What kind of service model should you evaluate?
PaaS
Bob Smith received an email delivered to his enterprise email account. The email stressed the importance for Bob to verify the balance in his bank account and offered a link to do so. Bob hovered his mouse cursor over the link and observed a popup tag containing a URL ending in a domain that was not related to his bank. All of the logos in the email were legitimate icons for his bank. What kind of attack is Bob likely the victim of?
Phishing
Click to select the steps of the incident response process, and then drag them into the correct order.
Preparation Identification Containment Investigation Eradication Recovery and Follow up
Someone in the CEO's office followed instructions in a malicious email with the subject line, "RE: FWD: From the Office of the CEO - Please respond". Below the portion with the malicious instructions was what appeared to be a legitimate email from the CEO's office requesting instructions that make those offered seem plausible. Which of the following phishing techniques were employed in this particular attack? Each correct answer represents a part of the solution. Choose two.
Prepending Whaling
What kind of tool, often called a sniffer, is used to capture network traffic, allowing the operator to visualize the various processes involved in the communication?
Protocol analyzer
One of your co-workers is organizing four teams for a penetration test against a newly designed distributed service. Which team would you expect to focus on fostering a collaborative environment and ensuring that the attacking and defending teams learn from one another?
Purple team
Which of the following are examples of threat vectors? Each correct answer represents a complete solution. Choose two.
Removable storage media and this is correct answer B option B Email attachments
The chief financial officer (CFO) of a large corporation has been tasked with assessing tangible and intangible losses associated with the recent exploitation of a vulnerability in a critical enterprise system. Which of the following classes of impact should cause the CFO to be most concerned about loss of future business?
Reputation
A co-worker detects a potential social engineering attack because the return email address is a domain associated with scammers. What kind of threat indicator is this?
Reputational
Your company has long maintained an email server, but it's insecure and unreliable. As a solution, you're considering outsourcing email to an external company that provides secure cloud-based email services. What risk management strategy are you employing?
Risk transference
Which wireless networking technology brings additional security to PSK modes without invoking additional ciphers or AAA servers?
SAE
You've been asked to consult on security for an application that's designed to interoperate with Google and Salesforce SSO systems. What protocol should you study first?
SAML
What security appliance is similar to a MitM attack, but designed to enhance network security rather than disrupt it?
SSL decryptor
Which cloud security control to guard keys and credentials can be implemented through on-premises solutions as well as through managed services referred to as SECaaS?
Secrets management
If your organization is in need of a pre-written benchmark for validating that your network infrastructure devices are secured properly, what offering from an industry standards organization can best help with this requirement?
Secure configuration guide
Your organization has decided to outsource several IT services to a cloud provider. They're hosted outside your enterprise network, but you want to centrally manage all authentication, encryption, activity logging, and other security policies for connections between local computers and the cloud and would like to keep this management and control internal to your organization. What security solution would address these issues?
Security broker
Which of the following statements about STIX and TAXII is most accurate?
TAXII enables the automated sharing of STIX-structured threat information.
Upon browsing the website shop.javatucana.com, which your company uses regularly in the normal course of business, you are greeted by a privacy error that states, "Your connection is not private." After confirming that your own computer's date and time are correct, you positively verify the following details:The valid-date range of the web server's certificate is current.The certificate's chain of trust is valid, which includes the fact that your computer trusts the root CA's certificate.The certificate's Subject Alternative Name field contains javatucana.com.You accurately entered shop.javatucana.com in the web browser.Given your inability to explain the privacy error based on your investigation of these factors, what could be the cause for the error? Each correct answer represents a complete solution. Choose two.
The web server's certificate is on the CRL. There are no wildcards in the web server's certificate.
What is the importance of the cleanup process of a penetration test?
To remove any malicious tools used in the engagement
In a building floor plan, you notice lines that follow a few of the hallways, terminating in various locations, including the data center and conference rooms. The legend at the bottom of the diagram for these lines is labeled "Protected Distribution System (PDS)." What is a PDS used for?
Unencrypted data
Your organization is interested in implementing secure email services. Communication with outbound email servers is already secured, so securing email retrieval protocols is of particular interest. Additionally, it has been mandated that internal emails be sent confidentially and that these emails sent to others within the organization be stored by the sender in a secured format.Which of the following changes will be required to fulfill the goals to secure the company's email as described? Each correct answer represents a part of the solution. Choose three.
Use port 995. Use port 993. Issue encryption certificates to all employees.
Which of the following is an accurate characteristic of virtual private networks (VPNs) or their features?
VPNs offer secure communications over wired and wireless networks alike.
Which of the following statements about vulnerability scans is accurate?
Vulnerability scans should consist of credentialed scans as well as non-credentialed scans.
Click to select the wireless encryption methods, and then drag them into the correct order from most to least secure.
WPA3-GCMP WPA3-CCMP WPA-CCMP WPA2-TKIP WPA-TKIP WEP
What kind of penetration test involves a tester with full knowledge of your network configuration?
White box
What kind of malware can spread through a network without any human interaction?
Worm
Which of the following is a risk to cloud services that is not a risk to on-premises services?
Your data may be threatened by attacks launched on the data of others.
Someone put malware on your computer that records all of your keystrokes. What aspect of security was primarily attacked? Choose the best response.
confidentiality
Which of the following is a packet crafting utility useful to attackers and penetration testers?
hping