final final

Which one of the following standards provides some level of protection against the fact that there is implicit trust of management frames transmitted across the wireless network?

802.11w

Which of the following statements are true regarding containers and VMs? Select three.

A Type I hypervisor is a bare metal hypervisor. Containers and VMs can be moved from one computer to another. A container holds only the necessary operating system components for a specific application to run.

You are a cloud sales engineer working with an institution that needs to comply with strict federal regulations to avoid being levied very hefty fines. What type of cloud offering are you most likely to recommend?

A community cloud

A company has adopted the policy of placing servers in different VLANs. What security benefit can they derive from this practice? Select two.

Allows for sensitive data to only be transported to members of the VLAN. Can be used to enforce firewall or IDS inspection during communications between servers.

Which of the following represents true statements, similarities, or differences regarding WEP and WPA? Select two.

Although WPA addresses encryption and authentication, it is not considered a secure option. WPA fits into the existing WEP engine without the need for extensive hardware upgrades.

Which of the following represents security criteria a NAC system is most likely to enforce? Select two.

Anti-malware software Operating system patches

A router connects networks A, B, and C. A threat actor is successful in breaching the security protocols and breaks into network A. From network A, the threat actor spoofs the source IP address as if it is originating from network C and sends traffic to network B. How can this condition be mitigated?

Apply an inbound ACL on the router.

You are responsible for ensuring the company's servers are secure. Which of the following policies should you implement?

Apply patches. Monitor the server. Remove unnecessary software. Physically secure the server

Karim is promoted and told he is being given permission to access a secure server. However, as soon he attempts to log in, the host-based IPS on the server issues an alert and prevents him from logging in. Why did the IPS deny access?

Because Karim logging into the secure server is not an activity regularly seen on the network

A large company has collected threat intelligence information from monitoring their network and performed some level of analysis. They would like to confirm some of their observations with other organizations and possibly analyze the data at a deeper level. How can they accomplish this?

Become a member of the CISCP so they can have access to their resources.

Sana takes public transportation to work. Every time Sana walks by a particular store she receives an image on her cell phone promoting a product the store is selling. This type of activity is akin to what type of attack?

Bluejacking

From a network security perspective, which of the following statements best describes the notion of hard edges and blurred edges?

Blurred edges have multiple entry points into the network. Hard edges are typically made up of two components.

A company has multiple branches. They use a VPN to encrypt all traffic to and from the central office. As they continue to grow, they've noticed a reduction in performance at the central office. Which of the following represents a possible short-term solution? Select two.

Do not encrypt web-surfing traffic. Use a split-funnel implementation

Alula is exploring the implementation of a ZTA framework at his organization. Which of the following best represents considerations he is most likely to keep in the forefront? Select two.

Focus on authentication and authorization. Do not implicitly trust internal entities.

Heba configures a firewall rule to prevent traffic from Network A. However, some network services from Network A should be permitted but because of their source IP address they will be blocked by default. What type of firewall rule action should Heba apply?

Force Allow

A company launched a digital product that is selling so well that their web server is unable to keep up with the requests. They are evaluating the possibility of adding a second web server along with a load balancer. What type of load balancer should they add, and what security benefit can it provide?

Layer 7 load balancer; it can detect and stop attacks directed at an application.

A builder is constructing an edifice for a company. The builder works with the company's networking team to design and install a wireless network. Which of the following represents considerations the networking team is most likely to factor into the design and implementation process? Select two.

Perform a site survey to ensure coverage is adequate. Minimize the wireless signal strength outside of the building.

You configure a collection of cloud-based virtual machines (VMs) that should be logically separated from other systems in your cloud configuration. What type of control can you implement to help realize this end?

Security group

An associate is hired by a close friend to learn information technology (IT) administration skills on the job. The associate finds a 24-port hub in a cabinet and is considering using it in a small network setting for a lab environment that will be accessed using Telnet. If the associate uses the hub, which mitigation principle would be violated?

Segmentation

A company is using resources on a server to host an application in a Software as a Service (SaaS) environment. Which of the following best describes the type of architecture being employed?

Serverless infrastructure

Using threat intelligence requires what type of approach as it relates to monitoring?

Signature based

A cyberthreat agency concludes traffic is being sent to an attacker's server based on the characteristics of the traffic. They notify the authorities who then orchestrate a plan to redirect the traffic away from the attacker's server for further analysis. Which of the following most likely represents the strategy the authorities implemented to redirect traffic?

Sinkhole

Which of the following most accurately describes the relationship between the Open Systems Interconnection (OSI) model used to describe a traditional network and the cloud?

The OSI model is not very useful because cloud assets are virtualized.

Bogy, the chief security officer at a company, is adamant about running vulnerability scans that examine cloud-native apps the company develops and uses. Which of the following can be used to justify Bogy's position? Select two.

The apps are a gateway to networks. The apps used open-source libraries.

A threat actor is planning on crafting multiple wireless frames with the intent of having the receiving stations store a value of 65536 (2 raised to the 16th power) in their NAV field. If successful, what will the effect be?

The attempt will be unsuccessful.

An employee fully recovers from an accident and returns to their previous position after 12 months. However, when the employee tries to connect to the network using their wireless laptop, access is not granted. Which of the following most likely describes why access was not granted?

The company implemented a NAC system, so the laptop needs a NAC agent.

A vocational high school IT security instructor suspects some learners are launching attacks during study hall to prevent others from successfully connecting to the wireless network. What are the suspected learners doing to prevent access?

They are spoofing certain types of management frames

A company was convinced their cloud implementation was very secure. However, a security audit conducted by a third-party cloud security company discovered a vulnerability. Which of the following could have contributed to, or explains, the vulnerability?

They failed to clearly understand the responsibility matrix.

A company wants to implement a mechanism that will serve as a security audit on devices as well as on the processes used to protect those devices. Which of the following is most likely to be true? Select three.

They need to understand application package monitoring. They need to determine the sources of data needed. They will need to analyze reports.

A government agency agrees to include a contractual clause that enables third parties to assess security control of cloud providers. Why are they most likely to include such a clause?

They want to be authenticated as being in compliance.

Delancy is setting up to run a vulnerability scan. Which of the following best describes what Delancy needs to make well-informed security decisions that are data-driven?

Threat intelligence

A security research team is in the business of collecting a great deal of network data. Their plan is to analyze the data and map out different types of attacks, suspicious behaviors, exploits, and vulnerabilities. Which of the following most likely describes their goal?

To generate threat intelligence

A high-tech company collects data gathered from their bug bounty initiative. The company then uses the data as input into a vulnerability scanner. Why would they do this? Select two.

To search for weaknesses in the company's defenses. Because the company has a responsible disclosure program.

A security company deliberately creates an Internet-facing network containing some servers with a few vulnerabilities. Why would the company do this?

To study the methods used by attackers.

Various departments in a large organization have been using computing and storage resources from AWS in an uncoordinated fashion. To manage their cloud resources more efficiently, they would like to adopt an approach that is more consolidated and streamlined. Which of the following would you recommend?

Transit gateway

You are asked to design a network for a medium-sized company with three tiers of security requirements for the IT staff. Which of the following statements are you most likely to agree with?

Where applicable, use automated provisioning to simplify the configuration of networks.

Your company asks you to be the project lead in establishing a private cloud. Which of the following are most likely to be true? Select two.

You will create a private network and isolate it from all the available cloud service providers. You expect your company to purchase and maintain all the required hardware and software.

A company has been managing their data center for years. As the company has grown, so has their need for additional hardware. They've decided to migrate to the cloud but need a solution that can withstand natural disasters. Which of the following best identifies the feature of cloud providers that can furnish this capability?

Zones

Which one of the two-part answers best completes the statement? Security appliances and software are __________ while a secure infrastructure design is __________.

reactive; proactive

Mosa owns a small business. One of his employees spends at least 4 hours a day searching for wholesale products to sell in the store and through the website. In the short term, Mosa wants to implement a quick, inexpensive, and easy-to-install solution to help filter and block potentially suspicious websites. What would you recommend?

Browser scanning

A company recently joined an information-sharing center, but they are concerned about the possibility of sharing private information with other member organizations. Which of the following best represents protections to help mitigate the risk? Select two.

CISA FOIA

Preety is trying to connect her Windows 11 laptop to the wireless router at a friend's house. After multiple attempts the connection is still not successful. Preety looks at the settings on the wireless router and makes a change. After implementing the change, the connection is successful. What change did Preety most likely make?

Changed the security protocol from WEP to WPA2

A company is growing and now has 200 procurement agents who buy a wide variety of products on behalf of many large corporations. They often access a series of approved vendor websites, but access speeds seem to be deteriorating with every new agent they hire. Which of the following can they implement to help improve performance and security?

A forward proxy server

Which of the following statements are true regarding software firewalls versus hardware firewalls? Select two.

A hardware firewall provides less of a target for attackers. A hardware firewall is more expensive than a software firewall.

A network administrator specifies a statement that reads "Deny management traffic from untrusted networks to Network B." What type of firewall is the network administrator most likely configuring?

A policy-based firewall

Diana is not very tech savvy but is a marketing genius. She signs a deal with a cloud contractor who will help her set up an online retail store selling rare items. On what type of cloud will her website most likely be hosted?

A public cloud because the cloud services are available to everyone.

You are setting up a wireless network for a small office. What type of AP are you most likely to install and why?

A residential WLAN gateway because it has a firewall, router, and DHCP server.

A programming hobbyist uses a cloud provider to create an online app to back up his CD collection. As soon as he launches the app, it creates an online backup in the form of an ISO image, creates separate MP3 files for each song, and downloads them to a specific folder. What type of computing does this most likely resemble?

Cloud

How does a cloud firewall differ from one installed and implemented using a physical security appliance?

Cloud firewalls may cost more in the long run.

Lakia needs to implement a web filtering solution that will also filter traffic from remote users. Which of the following options is Lakia most likely to implement?

Cloud scanning

In this architecture, software code can be updated more easily with new features and functionality added without rewriting the entire application. What framework, model, or architecture does this statement describe? Select two.

Cloud-native Microservices

Which of the following mitigation principles used to secure information is a true statement? Select two.

Comparing the current state of information security with recommended controls is gap analysis. Applying security measures to reduce unnecessary vulnerabilities is configuration enforcement.

Tanvi is responsible for applying and enforcing mitigation controls to help secure the cloud implementation her company is about to deploy. What areas of cloud computing is she most likely to be concerned with? Select three.

Compute Network Storage

Which of the following statements most accurately describes characteristics of cloud computing? Select two.

Computing resources can be increased or decreased quickly to meet changing demands. They reduce the cost of CapEx by shifting them to OpEx.

In an SDN you need to configure the entity responsible for routing and security checks? Which component are you going to be configuring?

Control plane

A company implements a web filtering solution. However, they notice that some websites contain suspicious pages that are not being blocked. As a result, they adopt a solution that blocks all the pages for a given website. What solution did the company most likely implement?

DNS filtering

Your company claims they installed APs between 50 and 60 feet apart. However, as you walk around you notice what appears to be APs that are placed only 25 to 30 feet apart. Which of the following is likely to be the most logical explanation?

Dedicated probes have been installed between the APs.

A user starts monitoring network traffic because performance has suddenly degraded. They check the settings on their wireless router and notice an unauthorized device is connected. What change can the user make to help prevent this from happening again?

Disable the ability to generate PINs using WPS.

An industrial plant has a series of Internet of Things devices that connect to a nearby wireless system. The system will process the collected data, store it, and send it off to the cloud. From a computing location perspective, what type of model is assumed in this scenario?

Edge

A company recently had a wireless breach due to an oversight, so they are focused on ensuring all employees, including members of the information technology (IT) department, are trained to the degree appropriate for their role. What major areas should be addressed? Select three.

Ensure protections are not overlooked. Ensure devices are properly configured. Emphasize the importance of security.

A consumer is using a wireless router that is three years old. They notice their Internet speed has been slowly degrading over the last week. Upon investigation, it is discovered their system was set up as a file server from which movies could be downloaded. Which of the following best represents an action that could have prevented this breach?

Ensured the router was secured and properly configured

Gazi is sitting at an airport terminal with his laptop. He connects to the wireless network and sends email messages to his contacts to provide updates on his vacation. Within a couple of days, his contacts are receiving a great deal of spam. Which of the following best describes how Gazi's system may have been compromised?

Gazi connected to an evil twin.

A small team of innovative engineers are organizing a company to research and develop unconventional computing and networking modes of operation. Since they have limited funds for hardware, they will initially use a cloud provider. What type of cloud platform are they most likely to use?

Iaas

A potential client wants to migrate some of their services to the cloud but is concerned about failover capabilities. What will the sales engineer from the cloud provider most likely say to help ease the client's concern?

If there is a server failure, services will be moved to other servers at no additional cost.

A company has ported their software to the cloud using a cloud-native format. The components of the application were implemented using a collection of microservices. Which of the following best describes what the company should do to ensure the microservices are able to access each other securely?

Implement secrets management.

Yara is responsible for managing the hybrid cloud posture her company has adopted. Which of the following practices is Yara most likely to help enforce? Select two.

Inspect encrypted traffic. Run scans to identify weak points.

The authentication wireless protocols for wireless networks is known as the Extensible Authentication Protocol (EAP). Given this information, which of the following are true statements regarding EAP? Select two

PEAP is a more flexible EAP scheme because it creates an encrypted channel. EAP is a framework for transporting authentication protocols.

Which of the following represents weaknesses in the WEP security protocol? Select two.

It combines a 24-bit IV with the secret key to generate a random number. The code could be cracked in less than 7 hours if the router is using 802.11b.

A network administrator is implementing a DMZ with input from a consultant. The consultant recommends using two firewalls instead of one. Why would this recommendation be made? Select three.

It helps reduce the restrictions imposed by a potential single point of failure. It is more difficult for an attacker to breach two separate firewalls than just one.

If jamming is a successful wireless denial attack, why is it seldom used? Select two.

It requires expensive equipment. The source of the attack can easily be identified.

A company has adopted the use of the WPA2-Enterprise model for their wireless network. Which of the following accurately describes some of its characteristics? Select two.

It uses port-based authentication to grant access to clients. It strictly limits access to the authentication server.

The owner of a small bookkeeping office with two employees wants to control access to their wireless network. Which of the following, whether a best practice or not, are you most likely to implement to slightly deter malicious actors who are not well versed in breaching wireless networks? Select two.

MAC address filtering Disabling the SSID broadcast beacon

A warehouse clerk uses a handheld barcode scanner to take inventory. Periodically, the clerk takes the scanner to a transfer station and downloads the data from the scanner using NFC technology. The scanner and transfer station connection use a pairing configuration so that one device can only transmit and the other can only receive. What is the benefit of this type of connection?

Mitigates MITM attacks

Gino needs to procure a networking appliance that will filter traffic to permit or deny certain packets. At the very least, Gino should buy a firewall that is capable of filtering traffic based on which of the following parameters? Select three.

Protocol IP address Port number

A store selling athletic shoes tags their assets using RFID technology. A threat actor goes into a store and engages in a nefarious activity such that athletic shoes listed for $250 ring up at the cash register as only costing $50. What type of attack did the threat actor engage in?

RFID cloning

A university is locally managing the learning management system they use for students on a few clustered servers. They are exploring cloud solutions to relieve some of the burden related to managing the servers. Which of the following implementations would help them satisfy their requirement?

SaaS

Two switches, S1 and S2, are connected to each other. To realize segmentation and greater security, each switch has three VLANs configured (students, faculty, and IT). When a faculty endpoint connected to S1 communicates with a faculty endpoint connected to S2, how does S2 know the message belongs to the faculty VLAN?

S1 tags the message, indicating it belongs to the faculty VLAN when sending it to S2.

A large organization uses a cloud provider with a security model that incorporates a variety of technologies. Their goal is to ensure predefined security policies are applied when their data or applications are accessed. In addition, they want to continue monitoring security risks when users or devices are connected. What type of model are they using to help ensure access to their digital assets is secure?

SASE

A large corporation with offices and branch sites throughout the world needs the flexibility of being able to securely handle different kinds of traffic and conditions between sites in real time. Which of the following technologies is most likely to offer the best solution?

SD-WAN

Jelvin is working for an organization that is committed to developing software in which critical security functions can be automated and not require manual intervention. Which of the following enables this capability?

SDV

Which of the following best describes what should be used to help secure VMs and/or containers? Select two.

SELinux Nonprivileged user accounts to manage container-based processes

As a cloud specialist, you are asked to set up a system that, among other capabilities, can analyze traffic that is encrypted using SSL. What type of device are you most likely to deploy?

SWG

Company A bought out Company B because they are certain they can dramatically capitalize on their software portfolio. Company B sees many opportunities in porting a good number of their offerings to the cloud using a cloud-native format. What are some of the benefits Company B anticipates by porting the software? Select two.

Software teams can use a variety of programming languages when rewriting the code. Cloud-based apps are well suited for microservices APIs and RESTful APIs.

You are asked to implement MAC address filtering at a small company. Which of the following represents the way in which you are most likely to apply the requirement?

Specify MAC addresses that are allowed to connect.

A junior technician configures a firewall. The network administrator then runs tests and analyzes the traffic to verify the firewall was configured as expected. The network administrator notices that the only traffic allowed to enter the internal network is return traffic that was requested from an internal source. Which of the following best describes this type of packet filtering?

Stateful packet filtering

An organization wants to start running periodic vulnerability scans. However, they are experiencing a reduction in force across all departments due to the cyclical nature of their business. Which of the following could be a valid concern the company has relative to the vulnerability scans?

The scan could potentially produce more data than they could analyze.

Kokum is on a team analyzing the possibility of developing future apps using microservices. The team has a brainstorming session on cloud security and writes down everything that comes to mind. Considering the statements they wrote, which of the following are NOT true? Select two.

The security of applications running in the cloud is the responsibility of the cloud provider. If we develop an app with built-in security, its native instantiation will be sufficiently secure.

Budgetary constraints are preventing a small company from upgrading their faulty wireless access points until the following month. An employee needs to synchronize the password on their company-issued laptop, so they disconnect the Ethernet cable from the desktop computer and plug it into the laptop. However, no connectivity is established with the laptop. What is the most likely reason?

The switch port has port security enabled.

A company decided to remove their FIM installation for reasons that could be justified and opted to deploy an alternative solution. Which of the following represents the most likely reason why they removed their FIM installation?

The system was generating more information than could be effectively analyzed.

How does AES-CCMP help secure wireless networks? Select two.

The use of CCM with AES provides data privacy The CBC-MAC component of CCMP provides data integrity and authentication.

An attacker sits in a company lobby claiming he is waiting to meet someone who works there but arrived early. In the meantime, the attacker pulls out a laptop and, to his delight, can successfully intercept and read data from a wireless network. Which of the following best describes a potential vulnerability the attacker exploited? Select three.

The wireless network was open. Someone may have set up a rogue AP. The access point may have been misconfigured.

Jovanni opens an ice cream and pastry shop with internet access. As you enter the establishment, there is a sign that reads, "Wi-Fi Access with Automatic Encryption, no VPN Required." Which of the following best explains how Jovanni can justify posting such a sign?

The wireless router supports WPA3 with OWE.

A malicious actor is driving around various parking lots in an industrial complex searching for wireless signals. He notices one company uses the convention WAP-ABCD.EFGH where ABCD.EFGH vary to designate different wireless networks. The attacker also detects a wireless network called MyWiFi. What is the attacker most likely to think or do first? Select two.

Try to connect to the MyWiFi network. Think someone installed a rouge AP.

You are walking around a long, rectangular one-story building performing a site survey. You observe that too much of the wireless signal is leaking. Which of the following is most likely to mitigate the situation?

Turn the power level down a notch.

Tomi owned 34 percent of a business while Jeriko owned 66 percent in a partnership. They had a fallout because Jeriko was engaging in unethical practices. Unfortunately, Jeriko used a wireless connection from his cell phone to acquire business data from Tomi's phone before parting ways. Which of the following best describes this type of attack and/or how it could be prevented? Select two.

Turning off Bluetooth Bluesnarfing

The security team of a large company is debating the type of security devices they should deploy. They have a limited budget and cannot buy all the devices stipulated by the requirements of the individual attendees. If they agree on one device capable of performing several security functions, what type of device are they most likely to deploy?

UTM

Gretel works at a company that is about to implement a vulnerability scanning rotation program. They would like to run the scans themselves, but they do not have the expertise to research threats and produce rules to detect those threats. How are they most likely to proceed?

Use proprietary third-party sources.

What are the risks associated with using the PIN printed on the sticker on some wireless routers (WRs)? Select two.

Using the PIN means an attacker can possibly crack it in four hours or less. If a threat actor gains physical access to the device, they will be able to connect.

Zara was hired as a wireless IoT (Internet of Things) engineer at a firm that is developing new products. They want to ensure wireless connections and transmissions to and from their IoT devices are secure. Which of the following hardware certification labels is their hardware most likely to comply with?

WPA3

Which of the following are true statements regarding the differences or similarities between EDR and XDR? Select two.

XDR tools aggregate data from endpoints, network appliances, and cloud repositories. XDR gives a higher level of visibility and context to incidences.