Security + Practice test 1
If a company's server has an estimated Single Loss Expectancy (SLE) of $15,000 due to an operational failure, and the Annual Rate of Occurrence (ARO) of these failures is expected to be 0.1 times per year, what is the Annual Loss Expectancy (ALE)?
$1,500
As a network administrator, you have been assigned the critical task of upgrading a company's encryption protocol for wireless devices. The current encryption method is outdated and poses a significant security risk. Your objective is to select the most secure option for the upgrade. Which of the following encryption protocols BEST represents the ideal choice for this upgrade?
AES
Toby has just started a new job and, on his first day, is given a stack of documents to review and sign. Among these, he finds a document prohibiting the use of his business email address for personal purchases online. This catches him off guard, as he had previously used his company email for similar purchases at his last job. After some consideration, he realizes that using a business email for non-business activities could pose security risks for the company. He signs the document. What kind of document Toby just signed?
AUP
Dion Training is implementing a security device tasked with inspecting live network traffic and taking immediate action to mitigate potential threats. Which of the following security items would MOST effectively satisfy this requirement?
An active device
Which of the following mitigation techniques can help enforce compliance with security standards and policies on a system or network by designating programs that are allowed to run and blocking all other programs from being run?
Application allow list
Dion Training Solutions is implementing a security system for its research facility, where sensitive data is stored. If the access control system fails, which mode should be adopted to ensure that no unauthorized personnel can enter the facility, even if it means some inconvenience to authorized staff?
Fail-closed
Dion Training Solutions has partnered with several smaller companies. They set up a system allowing employees from any company to access resources from another partner company without requiring a separate username and password. Which of the following is this an example of?
Federation
Which of the following BEST describes a threat actor whose primary motivation is to obtain unauthorized access to credit card data?
Financial gain
Who sets the strategic direction and policies of an organization and holds the ultimate decision-making authority, often relying on support from specialized groups for critical information?
Governance Board
After the IT department proposed a new software update, Kevin, a system analyst, evaluates the potential effects of this change on system performance, user experience, and business processes. Which term BEST describes Kevin's evaluation?
Impact analysis
Jason and Reed, both IT specialists at Kelly Innovations LLC, are tasked with ensuring the workstations' secure baseline remains uncompromised over time. Which technique would BEST help them achieve this?
Implement Ansible to enforce and verify settings
At Dion Training, David is advising on cloud security best practices regarding a company's recent issue with logins. Which measure is the most crucial to inform them when safeguarding against unauthorized logon attempts?
Implementing MFA and using conditional authentication for risky logons
You are a security analyst for an enterprise that has recently experienced several security incidents related to web browsing. Management has decided to implement a centralized proxy solution to enhance security and mitigate the risk of future incidents. Which of the following actions would be the MOST effective way to enhance security with the centralized proxy in the given scenario?
Implementing SSL inspection to monitor and control encrypted web traffic
Last month at Kelly Innovations LLC, Jamario reported receiving inappropriate images while researching industry competitors. To prevent employees from accidentally accessing such media in the future, which of the following solutions would be MOST effective?
Implementing content categorization
What is the primary difference between an insider threat and a shadow IT threat actor?
Malicious intent
Hair and There, an online beauty supply store, has conducted a comprehensive risk assessment and identified potential vulnerabilities in their network infrastructure. They recognize that another global pandemic would seriously harm their business and is a considerable risk. After careful analysis, they determine that they simply cannot control whether another pandemic occurs. They take measures to help reduce the types of damage a pandemic will cause and then hope that it doesn't happen. Which risk management strategy is are they employing?
Mitigate
Dion Training Solutions is looking to upgrade their current firewall to one that can detect and block advanced threats, provide additional functions like intrusion prevention, and give them deep visibility into traffic. Which of the following types of firewalls is BEST described here?
NGFW
Which of the following statements BEST explains the purpose of Netflow?
Netflow is a network tool that provides visibility into network traffic and helps identify potential security threats
What is a similarity between data exfiltration and espionage as motivations for threat actors?
Obtaining sensitive/confidential information
Enrique at Dion Training is responsible for ensuring that the company's project data is protected from potential data loss, especially since the office is located in a region prone to natural disasters. Which backup method would provide him with the most secure protection by keeping a physically separate copy of the data?
Offsite backups
Recently, Antatack, a martial arts company, has had a data breech. Barzan, a security analyst, was hired to investigate. He found a rogue WAP near the building. The attacker used the WAP to gain information about Anatack's clients. Which of the following network attacks is BEST demonstrated by this finding?
On-path
Which of the following BEST describes the phase of a penetration test where information is gathered without directly interacting with the target system?
Passive reconnaissance
Which of the following terms refers to the ability to obtain and apply security updates or fixes for software or systems?
Patch availability
What is the name of the attack vector that involves sending fraudulent emails to trick recipients into revealing sensitive information or clicking malicious links?
Phishing
Which of the following BEST describes a system that allocates permissions and access based on pre-defined organizational guidelines, strategies, codes, roles, or requirements?
Policy-driven access control
Which of the following motivations is common among Hacktivists?
Political beliefs
Jason receives an email at his Kelly Innovations LLC account. The email seems to be from Reed, a coworker, and states that Reed urgently needs to see the invoice for a recent project. However, Reed specifies he needs it within the next 10 minutes as he is in a meeting with Sasha and top executives. Jason quickly sends over the invoice without double-checking with Reed. Which type of attack best describes this situation?
Pretexting
Jenny, a newly hired sales representative, has been granted access to view customer records but is unable to modify, delete, or add new ones. Only managers and the IT department have the ability to make changes to these records to maintain data integrity. Which principle is the organization applying?
Principle of least privilege
While conducting a routine system audit at Kelly Innovations LLC, Enrique, a senior IT administrator, stumbled upon a startling discovery. He found that Jamario, a junior database analyst whose responsibilities typically revolved around running simple queries and generating weekly reports, suddenly had permissions to modify core database structures, including adding and removing tables. Further analysis revealed that these permissions weren't granted through the company's formal access control procedure. Enrique suspected an external intervention that could have allowed Jamario's account to bypass the standard role-based permissions. This is an example of:
Privilege escalation
Which of the following terms BEST describes the measurement used to describe a 7% possibility of hardware failure in the next year based on past statistical data?
Probability
During the decommissioning process of a database server, the IT department of Dion Training ensures that all stored customer data is rendered unrecoverable to protect against unauthorized access in the future. Which of the following practices is the IT department employing in this scenario?
Sanitization
Reed is getting a new computer from his employer, Kelly Innovations LLC. He wants to remove all his personal data from his old computer, ensuring it's irretrievable. Which of the following methods should he use?
Secure erase
Which of the following terms BEST describes a situation in which a company avoids addressing known system inefficiencies or shortcuts due to time constraints, potentially leading to future rework and vulnerabilities?
Technical debt
Which of the following statements BEST explains the importance of considering technical debt?
Technical debt can increase the complexity of long term security issues, making automation and orchestration more difficult
Dion Training wants to increase the trustworthiness of its website for its clients. They are seeking a certificate that is signed and verified by a recognized external authority. What type of certificate should they pursue?
Third-party certificate
Which of the following statements is NOT true regarding the role of Ticket Creation in the context of automation for secure operations?
Ticket creation fosters more security team cohesion and makes collaboration within the team more effective
An application creates a temporary file to save a value for later use. A malicious actor deletes this file after its creation but before its subsequent use by the application. What type of vulnerability is being exploited in this situation?
Time-of-use (TOU)
Dion Training Solutions recently integrated a single security solution that provides multiple security functions at one point on their network. This solution incorporates functionalities such as intrusion prevention, gateway anti-virus, and VPN. Which of the following BEST describes this solution?
UTM
Sweet as Thyme, a flavoring supplier, uses a peer to peer network which relies on a public ledger to ensure the integrity of transactions and to provide a permanent record of all transactions. What is this technology they are using called?
Blockchain
While browsing the company portal of Dion Training Solutions, Tina, an employee, attempted to access a link to a third-party site she frequently uses for market research. Instead of reaching the site, she received a message stating that access to this URL was denied due to policy violations. Which of the following terms BEST describes the action experienced by Tina?
Blocked content
Which of the following is a type of unsecure wireless network that uses short-range radio waves to connect devices without encryption or authentication?
Bluetooth
In the Zero Trust model, which of the following components focuses on making decisions about who can access what resources based on policies, identity verification, and threat analysis?
Control Plane
While analyzing network traffic at Dion Training Solutions, Carlos, a security analyst, discovered a specific workstation repeatedly sending HTTPS requests to unfamiliar IP addresses. These requests contained encoded data that matched sensitive company information. Carlos also noted the workstation downloading unknown executables from various domains. Which of the following terms BEST describes the primary malicious activity of extracting sensitive information that Carlos detected?
C2 Communication
Trust Us is a company that acts as a trusted entity. They issue and manage security credentials and issue digital signature wrappers for public keys for message encryption. What type of company is Trust Us?
Certificate Authority
Which of the following BEST explains the importance of exceptions and exemptions in vulnerability management?
Exceptions and exemptions are official authorizations that allow specific deviations from established security policies or baseline controls
A software development company regularly releases software updates to its global customer base. Recently, some customers reported receiving unauthorized and potentially malicious software updates. The company is now seeking to implement a security technique to ensure the authenticity and integrity of its software updates when delivered to customers. Which of the following would BEST assist in achieving this goal?
Code signing
Which of the following entities is responsible for providing detailed analysis and recommendations to the governance board to aid in informed decision-making, particularly in areas requiring specialized knowledge?
Committees
Which of the following mitigation techniques can help prevent users from making changes to the security features of devices by applying predefined security standards?
Configuration enforcement
Which of the following terms describes a risk evaluation method that operates without interruption to provide real-time data, allowing organizations to rapidly detect and respond to emerging threats?
Continuous assessment
A financial services firm processes high volumes of transactions daily. To minimize data loss in case of a system failure, which backup frequency would you most likely recommend?
Continuous backups
Which of the following statements BEST explains the importance of 'continuous' integration for the security of an organization?
Continuous integration makes collaboration of security teams and developers easier
Enrique was validating the integrity of files in the company's database when he came across two distinct files that, surprisingly, had the same cryptographic hash value. Understanding the implications, Enrique immediately escalated the situation, realizing this could be a potential vulnerability in the hashing algorithm in use. Which of the following BEST describes the anomaly Enrique found in Kelly Innovations LLC's file signatures?
Cryptographic collision
Which email security protocol uses cryptographic signatures to verify the authenticity of an email's sender?
DKIM
Emily is part of the IT team and oversees the secure transmission of sensitive data within her organization, ensuring that all systems comply with integrity protocols. She monitors for any inconsistencies or issues that could compromise data integrity. What role does Emily most likely hold?
Data Custodian
You are a cybersecurity analyst for a large enterprise that has experienced several security incidents resulting from insider threats and compromised user accounts. The organization wants to enhance its security posture by implementing User Behavior Analytics (UBA). Which of the following approaches would be the MOST effective way to implement UBA for the given scenario?
Deploying UBA on all endpoint devices to monitor user interactions and application usage
Which of the following mitigation techniques can help reduce the exposure of systems to potential attacks by turning off unneeded or unwanted network communication channels?
Disabling ports and protocols
Jason is working with David to enhance the security of the switches at Dion Training. Which technique would be the BEST for them to prioritize?
Disabling unused ports
In the realm of digital forensics, which activity is MOST essential to maintaining the chain of custody for digital evidence?
Documenting who has handled the evidence
Kelly Innovations LLC is in the process of selecting a new vendor for their cloud storage solutions. As part of the selection process, the IT manager, Jamario, reviews the potential vendor's past financial stability, customer reviews, and history of cybersecurity incidents. Which aspect of the vendor selection process is Jamario emphasizing?
Due diligence
Kelly Innovations LLC is implementing a wireless network and needs a flexible authentication method that supports multiple mechanisms for authenticating both wired and wireless users. Which protocol BEST fits their requirements?
EAP
Kelly Innovations LLC needs to securely authenticate remote users and needs to be able to handle multiple authentication methods. Which of the following protocols would be BEST suited for this scenario?
EAP
When analyzing cloud-specific vulnerabilities, which of the following factors is essential to ensure that the system can be quickly restored after a disruption?
Ease of Recovery
In the process of deploying a new software application within Kelly Innovations LLC, the IT team identified that a certain module wouldn't function unless another software was already installed. Which of the following BEST describes this situation?
Encountering a software dependency.
Kelly Innovations LLC has integrated a new payment gateway into their application. To ensure no potential security gaps exist, especially related to data breaches or financial data leaks, which of the following actions would be the MOST effective?
Engaging penetration testers to mimic real-world hacking techniques
Which of the following attackers is MOST likely driven by a desire to expose unethical practices within a corporation, even if it means acting in an unethical way themselves?
Hacktivist
Which of the following mitigation techniques inspects and controls incoming and outgoing network traffic on a per-application basis?
Host-based Firewall
Which of the following ISO standards provides an overall framework for Enterprise Risk Management (ERM), considering risks and opportunities beyond cybersecurity, including financial, customer service, competition, and legal liability factors, and establishes best practices for performing risk assessments?
ISO 31K
Kelly Innovations decides to manage its IT infrastructure within its physical location, retaining full control over its hardware, software, and data. Which of the following security implications is MOST directly associated with this approach?
Increased responsibility for physical security
Which of the following terms refers to a major program executed by powerful entities to shift public opinion?
Influence campaign
Reason and Rhyme, a tutoring service, has increased the security of its customers' passwords. They have always converted passwords to fixed length sequences, but now they will do this process more than once to increase the amount of computing power and time it will take for an attacker to decode the password. What is this method known as?
Key Stretching
What part of PKI allows the storing of encrypted keys with a third party so keys can be recovered if they are lost?
Key escrow
Dion Training Solutions needs a network appliance capable of filtering traffic based on URLs, HTTP headers, and specific web application functionalities. At which layer of the OSI model would this appliance primarily operate?
Layer 7
Which email security standard helps prevent email spoofing by allowing domain owners to specify which mail servers are authorized to send email on their behalf?
SPF
In disaster recovery planning, which of the following terms is used to describe the maximum targeted period in which data might be lost from an IT service due to a major incident?
RPO
Dion Training Solutions, a software-as-a-service company, began facing latency issues and, in some cases, outages. The IT team found that a massive amount of traffic was flooding in, but the peculiarity was that the incoming data appeared to be responses to requests that the company never made. These responses came from a wide range of IP addresses scattered globally. Which of the following types of malicious activities is BEST described in this scenario?
Reflected DDoS attack
Which of the following terms refers to a document that defines tasks that different parties perform in a cloud service agreement?
Responsibility matrix
What term refers to an organization's predetermined level of acceptable risk exposure?
Risk tolerance
A company's access control mechanism determines access to resources based on users' job functions. The system enforces access control based on these predefined responsibilities, and users do not have the discretion to modify or override access permissions. Which type of access control mechanism is being used in this scenario?
Role-based
Which agreement type outlines the specific services to be provided by the vendor, along with associated timelines and costs?
SOW
When considering data storage, which of the following BEST describes a method to capture the state of a system at a specific point in time, offering a quick recovery solution without the need for a full backup?
Snapshots
Oliver travels frequently for work. His organization wants to implement an additional authentication method that considers his geographic location before granting access to sensitive systems. Which factor of multifactor authentication is the organization planning to use?
Somewhere you are
Which type of symmetric encryption is BEST suited for scenarios where the total length of the message is not predetermined and encrypts data one byte or bit at a time?
Stream cipher
o protect customers' financial records and adhere to standards set to prevent money laundering and fraud, which of the following is the BEST strategy a bank should adopt?
Strict adherence to AML/KYC regulations and secure data storage
In the context of privacy compliance, which of the following describes the role of a data controller?
The entity responsible for determining why data is processed.
Which of the following BEST describes the primary purpose of designing sites as zones while deploying or upgrading physical security controls?
To maximize access controls for the most secure areas.
Which of the following BEST represents a primary goal when seeking evidence of internal audits from a third-party vendor?
Verification of compliance with internal security standards.
At Kelly Innovations LLC, Sasha received an unexpected call from someone claiming to be from the IT department. The caller asked her to confirm her username and password for a system upgrade. Unsure, Sasha hesitated and asked the caller to provide some form of identification or a callback number. Which of the following terms describes the Social Engineering technique that Sasha encountered?
Vishing
Which of the following is the BEST action a security professional would undertake to determine the order in which identified vulnerabilities should be addressed, based on potential impact and exploitation likelihood?
Vulnerability prioritization
Which option BEST explains the importance of having vulnerability scanners?
Vulnerability scanners are critical in detecting and assessing security weaknesses in applications and systems
Which of the following types of penetration tests provides the tester with comprehensive knowledge of the target environment, including the system's architecture, design, and source code, to identify hidden vulnerabilities?
White box
