Security+ (SY0-701) TEST PRACTICE
Inadequate buffer overflow protections.
A drone manufacturer employs a real-time operating system (RTOS) to ensure timely task executions. While optimizing for real-time performance, which of the following security concerns might arise? A. Inadequate buffer overflow protections. B. Uncontrolled cloud access. C. Lack of legacy protocol support. D. Overhead from virtualization.
Limited security update capabilities.
A power plant utilizes a specialized system to manage and monitor its daily operations, including machinery and sensor feedback. While these systems offer centralized control, what security concern is most associated with them? A. Limited security update capabilities. B. Constrained memory use. C. Runtime efficiency constraints. D. Optimization for containerized deployments.
Code Signing
A software development company regularly releases software updates to its global customer base. Recently, some customers reported receiving unauthorized and potentially malicious software updates. The company wants to implement a security technique to ensure the authenticity and integrity of its software updates when delivered to customers. Which of the following would BEST assist in achieving this goal? A. Intrusion Detection System B. Antivirus Scanning C. Multi-factor Authentication D. Code Signing
Supply chain
A tech company discovers that the firmware in some of their devices contains a hidden backdoor. Upon investigation, it's determined that the compromised firmware came from an overseas supplier they contracted with. The backdoor gave attackers remote access to devices without user knowledge. What type of attack vector has the company fallen victim to? A. Bluesnarfing B. Drive-by download C. On-path attack D. Supply chain
Reviewing event logs
After remedying a previously identified vulnerability in their systems, Kelly Innovations LLC wants to ensure that the remediation steps were successful. Which of the following the the BEST method that involves examining related system and network logs to enhance the vulnerability report validation process? A. Patch management B. Rescanning C. Reviewing event logs D. Threat modeling
An attacker gained access, created the unauthorized account, and removed logs.
Alex, a network administrator, reviews logs from the company's main database server. He finds that every night at 3 AM, a backup process runs which generates a series of logs. However, on scanning through last week's data, he finds that logs from two nights are missing entirely. On further investigation, Alex discovers a new, unauthorized user account was created on one of those nights. What might Alex reasonably infer from these observations? A. An attacker gained access, created the unauthorized account, and removed logs. B. The backup process was paused by the IT department for maintenance purposes. C. The IT team might have created a new account for a new employee and forgot to inform him. D. The database server accidentally skipped the backup on those nights due to low storage.
Risk tolerance
An investment firm allows a fluctuation of up to 10% in the value of its high-risk investment portfolio compared to the expected return on investment, but immediate action is required if this threshold is exceeded. This 10% fluctuation represents an example of: A. Risk appetite B. Risk matrix C. Risk management D. Risk tolerance
The physical location of the user accessing the application.
As a security analyst, you are reviewing application logs while investigating a suspected breach. Which of the following pieces of information is NOT typically documented in the application log data? A. Server IP address where the application is hosted. B. User IDs related to specific application transactions. C. The physical location of the user accessing the application. D. Timestamps of application activity.
Installing the cable in a conduit buried underground.
As part of a new building initiative, Dion Training Solutions plans to connect two office buildings via a direct physical link. Which measure will BEST protect the physical infrastructure connectivity? A. Using wireless bridges without encryption. B. Placing the cable on the ground between buildings. C. Installing the cable in a conduit buried underground. D. Running the connection on overhead poles.
Application rollback
At Kelly Innovations Corp., Sarah noticed that their core business application, which tracks customer orders, was not updating inventory levels accurately. A recent update seemed to have introduced a bug. Which of the following would offer the BEST solution? A. Dependency check B. Patch management C. Application rollback D. Application restart
Data Controller
At Kelly Innovations LLC, Susan has been entrusted with determining the purposes and means of processing personal data for the organization's new marketing campaign. She decides what data to collect, how long it will be retained, and with whom it will be shared. Which of the following BEST describes the role Susan is playing? A. Data Custodian B. Data Subject C. Data Controller D. Data Processor
Certificate of Sanitization
Before disposing of old computers at Kelly Innovations LLC, Sasha receives a document that confirms all data has been securely removed. What is this document known as? A. Data Retention Policy B. Purchase Order C. Certificate of Sanitization D. Service Agreement
Inline
Clumsy Contraptions Engineering is seeking to change its security footing. In the past, they have found that too many pieces of malicious software have gotten past the system. Their Chief Security Officer believes they need a device which will actively evaluate traffic and reject or modify packets according to policies the company sets. What type of device is the CSO suggesting? A. Remote Access B. Inline C. SASE D. Fail-close
SD-WAN
Dion Training Solutions is aiming to optimize their wide-area network (WAN) while ensuring advanced network management and performance optimization. They are considering a solution that can be deployed both on-premises and in the cloud. Which of the following technologies would BEST match their requirements? A. SASE (Secure access service edge) B. AH (Authentication Header) C. TLS (Transport Layer Security) D. SD-WAN (Software-defined wide area network)
Layer 7
Dion Training Solutions needs a network appliance capable of filtering traffic based on URL, HTTP headers, and specific web application functionalities. At which layer of the OSI model would this appliance primarily operate? A. Layer 3 B. Layer 5 C. Layer 6 D. Layer 7
Attempting to access files outside of intended directories.
Dion Training has recently implemented a new web portal for their customers. During a routine security review, the IT team notices that some suspicious activities have been logged. An unknown user attempted to access the system with a strange pattern: when requesting a particular user file, instead of the usual URL structure ( /users/[username]/profile ) the system registered requests like ( /users/../admin/config ). Within a short span of time, several such patterns were identified, each trying to reach different sensitive files and directories. Given this information, which of the following types of attack is the user MOST likely attempting? A. Attempting to inject malicious scripts into the system. B. Attempting to exploit a buffer overflow vulnerability. C. Attempting to access files outside of intended directories. D. Attempting to escalate their privileges on the system.
To test employees' ability to recognize and report phishing attempts.
Dion Training is conducting a security awareness training program for its employees to enhance their cybersecurity knowledge. As part of this program, they have planned and executed phishing campaigns. Which of the following BEST describes the primary objective of phishing campaigns conducted during security awareness training? A. To prevent any form of malware from spreading within the organization's network. B. To trick employees into revealing sensitive information. C. To test employees' ability to recognize and report phishing attempts. D. To test employees' ability to recognize and report phishing attempts.
Evidence of internal audits
Dion Training is considering a collaboration with a new IT service vendor. To ensure compliance and adherence to industry standards, Dion Training wishes to see verifiable evaluations of the vendor's security controls and practices. Which of the following would provide Dion Training with insights into the vendor's own internal evaluations of their security measures? A. Customer testimonials B. Evidence of internal audits C. Regulatory compliance certificates D. External penetration test reports
Simultaneous CEO logins from distant locations.
During a network investigation, Aiden, a cybersecurity analyst, identifies two key irregularities: The CEO, who tends to work late, logged in from both Paris and Tokyo within five minutes, and there's an unexpected surge in emails from the HR department outside of recruitment season. Which of the following should the analyst be MOST concerned about based on these observations? A. The absence of the CEO's usual late-night login. B. A recent software update on the CEO's computer. C. Simultaneous CEO logins from distant locations. D. The sudden increase in emails from the HR department.
Turning off all unused services and closing unnecessary ports.
Enrique, the head of IT at Dion Training, is tasked with ensuring all deployed company systems adhere to a set of standardized configurations. He wants to reduce the attack surface as much as possible. Which of the following techniques would BEST reduce the organization's attack surface? A. Turning off all unused services and closing unnecessary ports. B. Implementing a VPN for any remote access to company devices. C. Deploying antivirus software on all company workstations and other devices. D. Requiring frequent password resets for all employees.
Centralized governance
Florence is the CEO of a company. She has the final say over all decisions made regarding the business, IT, accounting, and other departments. What type of governance does Florence's company have? A. Centralized governance B. Decentralized governance C. Committee governance D. Board governance
Web application firewall (WAF)
For ensuring the security of an HTTP application like WordPress or Magento against threats like SQL injection or cross-site scripting, which monitoring tool or method would be MOST appropriate? A. Antivirus software B. Host-based intrusion detection system (HIDS) C. NetFlow D. Web application firewall (WAF)
Digital signatures
Georgina, a lawyer, needs to send a contract to their client for signature. She want to ensure that their client cannot later deny signing the contract. Which of the following methods can they use to prevent them from denying that they have signed contracts? A. Firewalls B. A cryptographic primitive C. Digital signatures D. Encryption
Uninterruptible power supply (UPS)
Given the need for resilience and the ability to recover in a security architecture, which of the following devices ensures uninterrupted operation during a power outage? A. Power Strip B. Onsite/offsite backups C. Voltage Regulator D. Uninterruptible power supply (UPS)
Reputational damage
Horizon Security, a cybersecurity training company, experienced a data breach due to a vendor's negligence. This breach led to a significant loss of sensitive customer information. What type of consequence is Horizon MOST likely to face? A. Fines B. Sanctions C. Reputational damage D. Loss of license
$1,500
If a company's server has an estimated Single Loss Expectancy (SLE) of $15,000 due to an operational failure, and the Annual Rate of Occurrence (ARO) of these failures is expected to be 0.1 times per year, what is the Annual Loss Expectancy (ALE)? A. $15,000 B. $1,500 C. $150,000 D. $150
They need to set boundaries and limitations during the penetration test.
In a meeting with the CEO, Burton has asked for guidance on developing the rules of engagement for an upcoming penetration test. The CEO doesn't think they need to create rules of engagement since they are hiring an experienced, well respected company to do the penetration testing. Why is it important for the company to still establish rules of engagement? A. They need the names of all personnel who will be involved in the penetration test. B. They need to set boundaries and limitations during the penetration test. C. They need to know the total costs of the penetration test. D. They need to set the timeline for later penetration tests.
Complexity
In regards to automation and orchestration, which of the following terms accurately captures the challenges faced when dealing with a system characterized by its intricate web of interconnected components and varied functionalities, potentially hindering seamless integration, effortless management, and straightforward comprehension? A. Technical debt B. Complexity C. Ongoing supportability D. Cost
Critical
Jamario, a security analyst at Dion Training, has just completed a vulnerability assessment on a company's internal web application. One of the vulnerabilities detected has a high likelihood of being exploited and, if successful, could expose sensitive customer data. Based on severity and potential impact, how should this vulnerability be classified? A. Medium B. Critical C. Low D. Informational
Key exchange
Kelly Innovations Corp, an IT company, is implementing a process of encryption where two parties establish a shared secret for communication purposes. Which of the following MOST accurately describes this process? A. Key exchange B. Asymmetric encryption C. Symmetric encryption D. Hashing
Disabling unnecessary services and protocols.
Kelly Innovations LLC is redesigning its network infrastructure to support its expanding R&D team. Which of the following strategies will MOST effectively lessen the attack surface? A. Implementing a single-layered security approach. B. Allowing most inbound and outbound traffic. C. Disabling unnecessary services and protocols. D. Using the same password for all devices.
Layer 4
Kelly Innovations LLC wants to implement a network appliance that focuses on filtering traffic based on source and destination IP addresses, and port numbers. Which layer of the OSI model is this appliance primarily operating at? A. Layer 5 B. Layer 3 C. Layer 4 D. Layer 2
Increased responsibility for physical security.
Kelly Innovations decides to manage its IT infrastructure within its physical location, retaining full control over its hardware, software, and data. Which of the following security implications is MOST directly associated with this approach? A. Dependence on external patch availability. B. Increased responsibility for physical security. C. Risk transference to third-party vendors. D. Multi-tenancy risks.
Risk assessments
Lexicon, an AI company, wants to implement a security measure to identify and evaluate potential threats to their systems and networks. Which of the following is an example of a managerial security control that the company could implement? A. Firewall B. Risk assessments C. Intrusion detection system D. Security guards
Agent based NACs use additional software to authenticate users, while Agentless NACs use network level protocols to authenticate users.
Question 79Correct Which of the following BEST explains the difference between an Agent-based and Agentless NAC?\ A. Agent based NACs use network level protocols to authenticate users, while Agentless NACs use additional software to authenticate users. B. Both require additional software installed on network devices to monitor network traffic, but Agentless NACs collect more data. C. Both involve monitoring network traffic without the need for additional software, but Agent-based NACs collect more data. D. Agent based NACs use additional software to authenticate users, while Agentless NACs use network level protocols to authenticate users.
802.1X
Reed & Jamario Security Services has recommended your company use a port based system to prevent unauthorized users and devices. Which of the following are they recommending? A. Fail-open B. IDS C. 802.1X D. Fail-closed
It might not detect zero-day exploits.
Reed, a cybersecurity specialist at Dion Training Solutions, is optimizing the company's IPS. He notes that while signature-based detection is highly effective against known threats, it has some limitations. Which of the following BEST describes a limitation of signature-based detection in an IPS? A. It requires substantial network bandwidth to operate. B. It might not detect zero-day exploits. C. It encrypts network traffic to hide malicious signatures. D. It automatically updates with behavioral patterns of users.
DAC
Reginald, an IT Manager, is the owner of a file on a server and wants to grant his colleagues access to the file. He is the only one who can decide who is allowed access to the file and what actions they can perform on it. Which authorization model is being used in this scenario? A. MAC B. ABAC C. RBAC D. DAC
The signatures require tuning.
Susan, a security analyst at Kelly Innovations LLC, is reviewing alerts from the IPS. She recognizes a pattern of false positives from signature-based detections. Which of the following is the MOST likely cause for false positives in signature-based detection systems? A. The IPS is scanning encrypted traffic only. B. The signatures require tuning. C. Signature databases are stored in volatile memory. D. The system is only updated with old signatures.
Automating the provisioning of account credentials
The HR department for a large corporation is looking to streamline the onboarding process for new employees. What can the use of scripting do to help attain this goal, in terms of system access? A. Directly improving onboarding training content. B. Automating the provisioning of account credentials. C. Generating hard-copy user manuals for each new hire. D. Facilitating personal interviews between IT and new hires.
Layer 7 Firewall
To improve security at their law firm, Norah, a security analyst wants to implement a system that will selectively block or allow traffic based on the nature of the communication. Which firewall type would be MOST effective for this purpose? A. Layer 7 Firewall B. 802.1x C. VPN D. Layer 4 Firewall
Buffer overflow
Travid is evaluating an attack that has occurred on his organization's system. He sees that the attacker entered a lot of data into the the area of memory in the API that temporarily stores user input. What type of attack did Travid discover? A. Buffer overflow B. Buffer underflow C. Memory fragmentation D. Memory leak
Frequency
What element of backup strategy involves making data copies regularly at set intervals? A. Replication B. Journaling C. Load balancing D. Frequency
Public key
What is the name of a cryptographic key that can be freely distributed and used by others to encrypt messages? A. Digital signature B. Hash key C. Symmetric key D. Public key
Sanitization involves erasing data so it cannot be recovered; destruction is total physical demolition of the asset.
What is the primary difference between sanitization and destruction in the disposal process? A. Sanitization and destruction are synonyms and refer to the same process. B. Sanitization concerns the reuse of assets in an organization, and destruction involves transferring those assets to a different department. C. Sanitization involves erasing data so it cannot be recovered; destruction is total physical demolition of the asset. D. Sanitization refers to physically damaging the asset to render it unusable, while destruction involves completely eliminating all residual data.
To ensure that the vendor's practices align with the organization's requirements
What is the purpose of a security analyst doing due diligence in the vendor selection process? A. To assess the vendor's ability to provide the goods or services when they have promised B. To ensure that the chosen vendor is the best choice among the list of possible vendors C. To compare multiple vendors' suppliers to ensure they are all diligent in analyzing their own supply chains. D. To ensure that the vendor's practices align with the organization's requirements
Risk tolerance
What term refers to an organization's predetermined level of acceptable risk exposure? A. Conservative B. Exposure factor C. Risk tolerance D. Risk appetite
Partition encryption
What type of encryption only affects a section of a storage device? A. Database encryption B. Partition encryption C. Full-disk encryption D. File-level encryption
Implementation of end-to-end encrypted email
When a legal organization routinely communicates with clients via email containing sensitive case details, which strategy would be the MOST effective to secure the communications? A. Conducting regular user cybersecurity training B. Utilization of VPNs for email transmission C. Implementation of end-to-end encrypted email D. Deployment of regular data backups to secure cloud storage
Trapdoor function
When considering the RSA algorithm, which description BEST captures its underlying mathematical property used for public key cryptography? A. Trapdoor function B. Digital signature C. Hash function D. Symmetric encryption
Session management
When considering user interactions with a web service, which of the following are the security measures that involve the secure creation and transfer of identifiers as well as enforcing inactivity limits to prevent unauthorized access? A. Timeout policies B. Token handling C. Session management D. Session cookies
Reduced response time to security incidents.
When evaluating the introduction of automated systems in a security operations center (SOC), which of the following is a prominent time-related benefit that security professionals might expect? A. Reduced response time to security incidents. B. Longer periods for system patching. C. Increased time for team meetings. D. Extended working hours for security staff.
Public Key
When sending an encrypted message to Dion Training, a client would use which of the following to ensure only Dion Training can decrypt and read the message? A. Key escrow B. Private key C. Public key D. Wildcard certificate
ECC (Elliptic curve cryptography)
Which asymmetric encryption technique provides a comparable level of security with shorter key lengths, making it efficient for cryptographic operations? A. RSA(Rivest-Shamir-Adleman) B. DSA (Digital Signature Algorithm) C. Diffie-Hellman D. ECC (Elliptic curve cryptography)
A criminal syndicate
Which group is MOST likely to possess the funding and resources to recruit top talent, including skilled strategists, designers, coders, and hackers? A. An open-source developer community B. A security researcher C. An independent black hat hacker D. A criminal syndicate
Using a passphrase to generate a pairwise master key (PMK).
Which method accurately demonstrates the authentication process used in WPA2 Personal mode? A. QR codes for client device configuration. B. Dragonfly handshake with a MAC address hash. C. Password Authenticated Key Exchange (PAKE). D. Using a passphrase to generate a pairwise master key (PMK).
Disabling ports
Which mitigation technique involves shutting off specific entry and exit points in a system to prevent potential vulnerabilities or unauthorized access? A. Segmentation B. Encryption C. Monitoring D. Disabling ports
Monitoring
Which mitigation technique involves the use of tools like Nagios or Splunk to continuously observe and check the operation of a system or network? A. Segmentation B. Hardening techniques C. Monitoring D. Patching
Script kiddie
Which of the following BEST describes a threat actor who primarily depends on commonly found tools, often easily accessible from the web or dark web? A. APT B. Bug bounty hunter C. Ethical hacker D. Script kiddie
IaC
Which of the following BEST describes an approach where the foundational systems are set up and overseen using scripts and automated instruments instead of hands-on methods? A. Serverless architecture B. Infrastructure as code (IaC) C. Microservices architecture D. Air-gapped network
Decentralized governance
Which of the following BEST describes an organizational structure that allows for autonomous decision-making in separate departments or sectors within the company? A. Matrix structure B. Hierarchical management C. Flat organization D. Decentralized governance
Reduces repetitive and mundane tasks.
Which of the following BEST describes how automation and orchestration in cybersecurity operations influence employee satisfaction and retention? A. Decreases the demand for cybersecurity professionals. B. Reduces repetitive and mundane tasks. C. Directly increases salary packages. D. Facilitates frequent role rotation among teams.
It emphasizes the integration of security in software creation and maintenance.
Which of the following BEST describes the Software Development Life Cycle (SDLC) in application security? A. It only considers security during the testing and creation phases of software development. B. It replaces the need for regular software updates and patches. C. It emphasizes the integration of security in software creation and maintenance. D. It primarily focuses on the speed of software delivery over security.
Verify the legitimacy of the software vendor.
Which of the following BEST describes the initial step to ensure a secure procurement process at Dion Training? A. Check for discounts or bulk pricing. B. Collaborate with the IT department for installation. C. Determine the software's compatibility with existing systems. D. Verify the legitimacy of the software vendor.
To provide historical insights into security incidents for future investigations.
Which of the following BEST describes the primary purpose of archiving as a method to bolster security monitoring? A. To analyze real-time threats and mitigate them instantly. B. To maintain compliance with regulations without needing long-term data storage. C. To provide historical insights into security incidents for future investigations. D. To provide an external backup in case of system crashes
End-of-life vulnerability
Which of the following are hardware issues that result from products that are no longer being made or supported, but are still usable? A. Legacy vulnerability B. Hardware cloning C. End-of-life vulnerability D. Hardware tampering
Resilience
Which of the following characteristics of a cloud architecture model describes a model that can quickly recover from failures due to adverse conditions? A. Scalability B. Ease of Deployment C. Availability D. Resilience
Installation of endpoint protection
Which of the following hardening techniques can help protect systems or devices from attacks by installing software like a firewall or antivirus directly on user devices to report and block potential attacks? A. Changing Default Passwords B. Least Privilege C. Installation of endpoint protection D. Patching
Ownership
Which of the following is an aspect of asset management that ensures that each IT asset is clearly associated with a specific individual or department, providing clarity on responsibilities and access rights? A. Monitoring B. Decommissioning C. Ownership D. Acquisition
Application allow list
Which of the following mitigation techniques can help enforce compliance with security standards and policies on a system or network by designating programs that are allowed to run and blocking all other programs from being run? A. Least Privilege B. Patching C. Application allow list D. Configuration Enforcement
Host-based Firewall
Which of the following mitigation techniques can help protect a device from unauthorized network traffic solely by using software that can control network traffic based on predefined rules and policies? A. Host-based Firewall B. Host-based Intrusion Prevention C. Patching D. Encryption
Data exfiltration
Which of the following motivations refers to any act of stealing information from a system or network? A. Disruption/chaos B. Data exfiltration C. Service disruption D. Ethical motivations
Port 1433
Which of the following ports, if left open and unmonitored, might allow database queries from unauthorized external sources? A. Port 443 B. Port 1433 C. Port 21 D. Port 53
Patching is the process of identifying and fixing security vulnerabilities in software, firmware, and operating systems to prevent potential exploits.
Which of the following statements BEST explains the importance of 'patching' in the context of vulnerability management? A. Patching refers to the process of securing physical entry points to an organization's premises. B. Patching involves installing special, custom made features on software interfaces to enhance user experience and aesthetics. C. Patching refers to regularly updating hardware components to ensure optimal performance and prevent system downtime. D. Patching is the process of identifying and fixing security vulnerabilities in software, firmware, and operating systems to prevent potential exploits.
Enforcing baselines helps to standardize configurations across systems, enabling efficient automation and reducing the risk of security incidents.
Which of the following statements BEST explains the importance of enforcing baselines when automating and orchestrating secure operations? A. Enforcing baselines helps to standardize configurations across systems, enabling efficient automation and reducing the risk of security incidents. B. Enforcing baselines allows for the almost complete automation of incident response, reducing the need for large security teams and incident response teams. C. Baselines set the initial targets for automating threat hunting and penetration testing, thereby reducing dependence on human input. D. Baselines eliminate the need for continuous monitoring of systems because these things are all either automated or orchestrated, thereby freeing up resources.
Environmental variables refer to the unique characteristics of an organization's infrastructure that can affect vulnerability assessments and risk analysis
Which of the following statements BEST explains the importance of environmental variables in regard to vulnerability management? A. Environmental variables refer to the unique characteristics of an organization's infrastructure that can affect vulnerability assessments and risk analysis B. Environmental variables are factors that impact the physical security of an organization's premises C. Environmental variables are parameters used in vulnerability scanning tools to assess the security posture of an organization's network and infrastructure D. Environmental variables are specific conditions that trigger an automated response when a vulnerability is detected in an organization's systems
Log aggregation increases the complexity of managing and interpreting security logs.
Which of the following statements is NOT true about the importance of log aggregation? A. Log aggregation increases the complexity of managing and interpreting security logs. B. Log aggregation helps to detect unusual activity or behavior that may indicate a security breach. C. Log aggregation aids in maintaining regulatory compliance by keeping a record of events that happened in the system. D. Log aggregation can enhance security by consolidating logs from different sources for easier analysis.
Attestation
Which of the following terms BEST describe the affirmation of the validation of the accuracy and thoroughness of compliance-related reports? A. Internal assessment B. Attestation C. Independent third-party audit D. Regulatory examination
Encryption algorithm
Which of the following terms emphasizes the mathematical structure used to scramble data so that only a specific key can unscramble it? A. Hash function B. Encryption algorithm C. Cipher block D. Digital signature
National legal implications
Which of the following terms refer to the specific laws and regulations set by a country's government that dictate how the personal data of its citizens should be collected, stored, and processed? A. Consent management B. National legal implications C. General Data Protection Regulation (GDPR) D. Data encryption
Key risk indicators
Which of the following terms refers to a critical predictive metric that organizations monitor to foresee potential risks and their impact on operations? A. Risk parameters B. Risk threshold C. Risk metrics D. Key risk indicators
Shadow IT
Which of the following threats is MOST likely to accidentally cause harm to the system? A. Shadow IT B. Hacktivist C. Nation-state actors D. Unskilled attackers
Time-of-check (TOC)
Which of the following vulnerabilities BEST describes a situation where a threat actor can manipulate data after it has been verified by an application, but before the application uses it for a specific operation? A. Memory leaks B. Race conditions C. Time-of-check (TOC) D. Resource exhaustion
Insecure Interfaces and APIs
Which of the following vulnerabilities is unique to cloud computing environments, posing risks related to unauthorized access and data manipulation? A. Insecure Interfaces and APIs B. Side loading C. Cross-site scripting (XSS) D. Buffer overflow
It maintains the integrity of digital evidence over time.
While performing a digital investigation, which of the following statements BEST describes the role of preservation of evidence? A. It allows investigators to prioritize evidence collection. B. It maintains the integrity of digital evidence over time. C. It allocates budgetary resources for the forensic investigation. D. It provides legal teams with a roadmap for case strategy.
Compromised availability leading to operational disruptions.
Why might an organization be particularly concerned about introducing automation tools that become single points of failure during secure operations? A. Issues related to system scalability and slow authentication. B. Challenges in upholding data confidentiality. C. Compromised availability leading to operational disruptions. D. Potential gaps in maintaining data integrity.
Risk owner
Within the IT department, Sarah has been designated to oversee the security measures for the new data management platform. She is accountable for the regular review of security protocols and responding to any breaches or vulnerabilities that may arise. Sarah's role would be BEST described by which of the following terms? A.Risk indicator B. Risk owner C. Risk register D. Risk assessor
Providing third-party applications with unrestricted access to user account data without authentication or authorization.
You are a cybersecurity analyst working for a software development company that develops mobile applications. The company wants to implement a secure and standardized method for users to grant third-party applications access to their account data without sharing their credentials. As a cybersecurity analyst, you recommend implementing OAuth for this purpose. Which of the following approaches would be the MOST effective way to implement OAuth in the given scenario? A. Requesting users to share their account credentials directly with third-party applications for data access. B. Implementing a central OAuth authorization server to handle user authentication and issue access tokens to third-party applications. C. Generating random access tokens for users and sharing them directly with third-party applications for data access. D.Providing third-party applications with unrestricted access to user account data without authentication or authorization.
Shadow IT
You are a security analyst at Dion Training and you discover that an unauthorized device has been connected to the company's network. As you investigate, you discover that the device was added so the employee could play video games during her breaks. What type of threat actor are you dealing with? A. Insider Threat B. Shadow IT C. Unskilled Actor D. Nation-state Actor
