2900 quiz review
Which access control scheme is the most restrictive? a. MAC b. Rule-Based Access Control c. DAC d. Role-Based Access Control
MAC
Cryptography can prevent an individual from fraudulently reneging on an action. What is this known as? a. Repudiation b. Obfuscation c. Nonrepudiation d. Integrity
Nonrepudiation
Which of these is NOT a basic security protection for information that cryptography can provide? a. Confidentiality b. Risk c. Integrity d. Authenticity
Risk
Egor wanted to use a digital signature. Which of the following benefits will the digital signature NOT provide? a. Enforce nonrepudiation b. Prove the integrity of the message c. Verify the sender d. Verify the receiver
Verify the reciever
Aleksandra, the company HR manager, is completing a requisition form for the IT staff to create a type of cloud that would only be accessible to other HR managers like Aleksandra who are employed at manufacturing plants. The form asks for the type of cloud that is needed. Which type of cloud would best fit Aleksandra's need? a. Community cloud b. Group cloud c. Hybrid cloud d. Public cloud
community cloud
Which of the following is not a legally enforceable agreement but is still more formal than an unwritten agreement? a. MOU b. BPA c. SLA d. MSA
memorandum of understanding (MOU)
Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose? a. Wide tunnel b. Split tunnel c. Full tunnel d. Narrow tunnel
split tunnel
How is confidentiality achieved through IPsec? a. ESP b. ISAKMP c. AuthX d. AHA
Encapsulating Security Payload (ESP)
Which of the following is a standard for the handling of customer card information?
PCI DSS
Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable? a. PIN method b. Push-button method c. Click-to-connect method d. Piconet method
PIN method
Which of the following is a document that outlines specific requirements or rules that must be met? a. Policy b. Framework c. Guideline d. Specification
Policy
Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need? a. Proprietary firewall b. Content/URL filtering firewall c. Hardware firewall d. Policy-based firewall
Policy-based firewall
Which stage conducts a test that will verify the code functions as intended?
Staging stage
What is the difference between a Trojan and a RAT?
A RAT gives the attacker unauthorized remote access to the victim's computer
What is a virtual firewall? a. A firewall that runs in the cloud b. A firewall that runs in an endpoint virtual machine c. A firewall appliance that runs on a LAN d. A firewall that blocks only incoming traffic
A firewall that runs in the cloud
Which type of access control scheme uses predefined rules that makes it the most flexible scheme? a. MAC b. DAC c. NAC d. ABAC
ABAC
Which of these is a set of permissions that is attached to an object? a. Entity attribute (EnATT) b. ACL c. Object modifier d. SRE
ACL
What can be used to provide both filesystem security and database security? a. ACLs b. CHAPs c. LDAPs d. RBASEs
ACLs
Which of the following is technology that imitates human abilities?
AI
What are the two limitations of private information sharing centers?
Access to data and participation
In which of the following configurations are all the load balancers always active? a. Active-active b. Active-passive c. Active-load-passive-load d. Passive-active-passive
Active-active
Which of the following is NOT part of the AAA framework? a. Accounting b. Authorization c. Access d. Authentication
Access
What is another name for footprinting?
Active reconnaissance
Which of these is the strongest symmetric cryptographic algorithm? a. Advanced Encryption Standard b. Triple Data Encryption Standard c. Data Encryption Standard d. RC1
Advanced Encryption Standard (AES)
Which tool is most commonly associated with state actors?
Advanced Persistent Threat (APT)
If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message? a. Alice's private key b. Alice's public key c. Bob's public key d. Bob's private key
Alice's public key
Which firewall rule action implicitly denies all other traffic unless explicitly allowed? a. Force Allow b. Force Deny c. Allow d. Bypass
Allow
Which type of monitoring methodology looks for statistical deviations from a baseline? a. Heuristic monitoring b. Anomaly monitoring c. Signature-based monitoring d. Behavioral monitoring
Anomaly monitoring
Pablo has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this? a. Accountability b. Authentication c. Authorization d. Attestation
Attestation
Which of the following is NOT a means by which a newly approved root digital certificate is distributed? a. Pinning b. OS updates c. Web browser updates d. Application updates
Application updates
Agape has been asked to experiment with different hardware to create a controller for a new device on the factory floor. She needs a credit-card-sized motherboard that has a microcontroller instead of a microprocessor. Which would be the best solution?
Arduino
Hisoka is creating a summary document for new employees about their options for different mobile devices. One part of his report covers encryption. What would Hisoka NOT include in his document? a. All modern versions of mobile device OS encrypt all user data by default. b. Data backed up to an Apple or Google server could be unlocked by a court order. c. Encryption occurs when the mobile device is locked. d. Apple uses file-based encryption to offer a higher level of security.
Apple uses file-based encryption to offer a higher level of security
Deo has been asked to explain RSA to his colleague. After his explanation, Deo is asked what, if any, weaknesses RSA has. How would Deo respond? a. The digest produced by the RSA algorithm is too short to be secure. b. RSA has no known weaknesses. c. RSA weaknesses are based on ECC. d. As computers become more powerful, the ability to compute factoring has increased.
As computers become more powerful, the ability to compute factoring has increased
Which is an IPsec protocol that authenticates that packets received were sent from the source? a. AH b. CER c. PXP d. DER
Authentication Header (AH)
Which of the following is NOT a characteristic of a penetration test?
Automated
Oskar has been receiving emails about critical threat intelligence information from a public information sharing center. His team leader has asked him to look into how the process can be automated so that the information can feed directly into their technology security. What technology will Oskar recommend?
Automated Indicator Sharing (AIS)
Akira is explaining to his team members the security constraints that have made it a challenge for protecting a new embedded system. Which of the following would Akira NOT include as a constraint?
Availability
Giovanni is completing a report on risks. To which risk option would he classify the action that the organization has decided not to construct a new a data center because it would be located in an earthquake zone? a. Avoidance b. Rejection c. Transference d. Prevention
Avoidance
Which of the following is NOT a cloud computing security issue? a. Insecure APIs b. Compliance regulations c. System vulnerabilities d. Bandwidth utilization
Bandwidth ultilization
Which of the following is NOT an MFA using a smartphone? a. Automated phone call b. Biometric gait analysis c. Authentication app d. SMS text message
Biometric gait analysis
Gabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer?
Blocking ransomeware
Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be? a. Bluejacking b. Bluesnarfing c. Blueswiping d. Bluestealing
Bluesnarfing
What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments?
Brokers
Which of these attacks is the last-resort effort in cracking a stolen password digest file? a. Hybrid b. Brute force c. Rule list d. Mask
Brute force
Which type of memory vulnerability attack manipulates the "return address" of the memory location of a software program?
Buffer overflow attack
Which ISO contains controls for managing and controlling risk?
ISO 31000
In her job interview, Xiu asks about the company policy regarding smartphones. She is told that employees may choose from a limited list of approved devices but that she must pay for the device herself; however, the company will provide her with a monthly stipend. Which type of enterprise deployment model does this company support?
CYOD
What is a platform used to provide telephony, video, and web conferences that can serve as an entry point to a threat actor? a. IP voice b. SIP c. VoIP d. Call manager
Call manager
Which of these is the encryption protocol for WPA2? a. CBD-MAC b. CMAC-RSTS c. CCMP d. CPB
CCMP
Which of the following is the most fragile and should be captured first in a forensics investigation? a. Kernel statistics b. ARP cache c. RAM d. CPU cache
CPU cache
Which group is responsible for the Cloud Controls Matrix?
CSA
Which of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website?
CSRF
Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered? a. Rogue portal b. Control portal c. Authenticated portal d. Captive portal
Captive portal
A centralized directory of digital certificates is called a(n) _____. a. Authorized digital signature (ADS) b. Digital signature permitted authorization (DSPA) c. Certificate repository (CR) d. Digital signature approval List (DSAP)
Certificate repository (CR)
Margaux is reviewing the corporate policy that stipulates the processes to be followed for implementing system changes. Which policy is she reviewing? a. Change format policy b. Change modification policy c. Change management policy d. Change control policy
Change control policy
_____ biometrics is related to the perception, thought processes, and understanding of the user. a. Standard b. Behavioral c. Intelligent d. Cognitive
Cognitive
Which of these is NOT a characteristic of a secure hash algorithm? a. Collisions should occur no more than 15 percent of the time. b. The results of a hash function should not be reversed. c. The hash should always be the same fixed size. d. A message cannot be produced from a predefined hash.
Collisions should occur no more than 15 percent of the time
What is the name of the device protected by a digital certificate? a. RCR b. V2X2 c. CN d. TLXS
Common Name (CN)
Which of the following data types has the highest level of data sensitivity? a. Secure b. Confidential c. Sensitive d. Private
Confidential
Which of the following ensures that only authorized parties can view protected information?
Confidentiality
Which of the following is a federal initiative that is designed to encourage organizations to address how critical operations will continue under a broad range of negative circumstances? a. MTBF b. DPPR c. COOP d. BIA
Continuity of operation planning (COOP)
Which of the following is NOT correct about containers? a. Containers reduce the necessary hard drive storage space to function. b. Containers start more quickly. c. Containers include components like binary files and libraries. d. Containers require a full OS whenever APIs cannot be used.
Containers require a full OS whenever APIs cannot be used
Which of the following does NOT describe an area that separates threat actors from defenders? a. Containment space b. Secure area c. DMZ d. Air gap
Containment space
Enzo is reviewing the financial statements and has discovered a serious misstatement. What type of risk has he found? a. Control risk b. Reporting risk c. Monetary risk d. Financial risk
Control risk
Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC? a. Any type of AP can be managed by a WLC b. Standalone AP c. Controller AP d. Fat AP
Controller AP
What does an incremental backup do? a. Copies all files changed since the last full or incremental backup b. Copies only user-selected files c. Copies all files d. Copies all files since the last full backup
Copies all files changed since the last full or incremental backup
Which of the following uses data anonymization? a. Tokenization b. Data minimization c. Data obfuscation sanitization (DOS) d. Data masking
Data masking
Marius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation?
Cryptomalware can encrypt all files on any network that is connected to the employee's computer.
Which is the final rule of engagement that would be conducted in a pen test?
Reporting
What is a disadvantage of biometric readers? a. Weight b. Standards c. Speed d. Cost
Cost
Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged? a. CD b. CTR c. CN d. CXL
Counter (CTR)
Which of these is NOT an incident response process step? a. Reporting b. Recovery c. Eradication d. Lessons learned
Reporting
Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user? a. DNS overflow attack b. DNS poisoning attack c. DNS hijack attack d. DNS resource attack
DNS poisoning attack
Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider? a. MAC pit b. DDoS Prevention System (DPS) c. IP denier d. DNS sinkhole
DNS sinkhole
Luka has been asked by his supervisor to monitor the dark web for any IOCs concerning their organization. The next week, Luca reports back that he was unable to find anything due to how looking for information on the dark web is different from using the regular web. Which of the following is not different about looking for information on the dark web?
Dark web search engines are identical to regular search engines.
Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking? a. Data processor b. Data controller c. Data privacy officer d. Data custodian/steward
Data custodian/steward
Which of these is NOT used in scheduling a load balancer? a. The IP address of the destination packet b. Round-robin c. Affinity d. Data within the application message itself
Data within the application message itself
Which of the following is NOT a consequence to an organization that has suffered a data security breach? a. Monetary fine b. IP theft c. Reputation damage d. De-escalation of reporting requirements
De-escalation of reporting requirements
Nadia has been asked to perform dynamic resource allocation on specific cloud computing resources. What action is Nadia taking? a. Creating security groups to segment computing resources into logical groupings that form network perimeters b. Deprovisioning resources that are no longer necessary c. Decreasing the network bandwidth to the cloud d. Expanding the visibility of intrusion prevention devices
Deprovisioning resources that are no longer necessary
Simona needs to research a control that attempts to discourage security violations before they occur. Which control will she research? a. Preventive control b. Detective control c. Corrective control d. Deterrent control
Deterrent control
Ella wants to research an attack framework that incorporates adversary, infrastructure, capability, and victim. Which of the following would she choose? a. Cyber Kill Chain b. Mitre ATT&CK c. Basic-Advanced Incident (BAI) Framework d. Diamond Model of Intrusion Analysis
Diamond model of intrusion analysis
Which of the following is NOT a characteristic of malware?
Diffusion
Which of the following is not to be decrypted but is only used for comparison purposes? a. Digest b. Stream c. Algorithm d. Key
Digest
What is the strongest technology that would assure Alice that Bob is the sender of a message? a. Digital certificate b. Digest c. Digital signature d. Encrypted signature
Digital certificate
Mary Alice has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this? a. IT contingency planning b. Business impact analysis planning c. Risk IT planning d. Disaster recovery planning
Disaster recovery planning
What is the difference between a DoS and a DDoS attack? a. DoS attacks do not use DNS servers as DDoS attacks do. b. DoS attacks use more memory than DDoS attacks. c. DoS attacks are faster than DDoS attacks. d. DoS attacks use fewer computers than DDoS attacks.
DoS attacks use fewer computer than DDoS attacks
Which of the following provides the highest level of security? a. XFTP b. FTPS c. SFTP d. FTP
Secure file transfer protocol (SFTP)
Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need? a. Website validation b. Extended validation c. Root d. Domain validation
Domain validation
Basil was reading about a new attack that forces the system to abandon a higher cryptographic security mode of operation and instead fall back to an older and less secure mode. What type of attack is this? a. Deprecation attack b. Obfuscation attack c. Pullback attack d. Downgrade attack
Downgrade attack
What type of analysis is heuristic monitoring based on?
Dynamic analysis
Which of the following attacks targets the external software component that is a repository of both code and data?
Dynamic-link library (DLL) injection attack
Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?
EAP-FAST
Which of the following will NOT protect a container? a. Eliminate APIs. b. Only use containers in a protected cloud environment. c. Use a hardened OS. d. Use reduced-visibility images to limit the risk of a compromise.
Eliminate APIs
Which of the following is NOT a means by which a bot communicates with a C&C device?
Angelo has received notification that a business partner will no longer sell or update a specific product. What type of notification is this? a. EOA b. EOP c. EOS d. EOL
End of life (EOL)
What word is used today to refer to network-connected hardware devices?
Endpoint
Which type of malware relies on LOLBins?
Fileless virus
Alicja is working on a project to deploy automated guided vehicles on the industrial shop floor of the manufacturing plant in which she works. What location of computing would be best for this project? a. Edge b. Off-premises c. Remote d. Fog
Fog
Which device intercepts internal user requests and then processes those requests on behalf of the users? a. Reverse proxy server b. Forward proxy server c. Intrusion prevention device d. Host detection server
Forward proxy server
A BIA can be a foundation for which of the following? a. Functional recovery plan b. Contingency reaction plan c. Resumption assessment plan d. Site risk assessment
Functional recovery plan
Which of the following is NOT used to identify or enforce what mobile devices can do based on the location of the device? a. Geolocation b. Geo-spatial c. Geofencing d. Geo-tagging
Geo-spatial
What enforces the location in which an app can function by tracking the location of the mobile device? a. Location resource management b. Geofencing c. Graphical Management Tracking (GMT) d. GPS tagging
Geofencing
What is the process of identifying the geographical location of a mobile device?
Geolocation
Which of the following is NOT true about data sovereignty? a. Generally, data is subject to the laws of the country in which it is collected or processed. b. Governments cannot force companies to store data within specific countries. c. Regulations are not necessarily on where an organization is headquartered. d. Data sovereignty is a concept that until recently was less of an issue.
Governments cannot force companies to store data within specific countries
Which one-time password is event driven? a. HOTP b. TOTP c. POTP d. ROTP
HMAC-based one-time password (HOTP)
Which of these provides cryptographic services and is external to the device? a. Hardware Security Module (HSM) b. self-encrypting hard disk drives (SED) c. Trusted Platform Module (TPM) d. encrypted hardware-based USB devices
Hardware Security Module (HSM)
Which of the following tries to detect and stop an attack?
Host intrusion prevention system (HIPS)
Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect? a. Reply referrer and domain buffer b. Web server buffer and host DNS server c. Web browser and browser add-on d. Host table and external DNS server
Host table and external DNS server
Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running? a. Replicated site b. Cold site c. Hot site d. Warm site
Hot site
Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack? a. IEEE 802.iw separate b. Disassociation c. Manipulate duration field values d. Jamming
IEEE 802.iw seperate
Which cloud model requires the highest level of IT responsibilities? a. SaaS b. Hybrid cloud c. PaaS d. IaaS
IaaS
Thea has received a security alert that someone in London attempted to access the email account of Sigrid, who had accessed it in Los Angeles one hour before. What feature determined an issue and send this alert to Thea? a. Impossible Travel b. Incompatible Location c. Risky IP address d. Remote IP address
Impossible travel
Which of the following is not something that a SIEM can perform?
Incident response
Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key? a. RC b. IV c. SSD d. SL
Initialization vector (IV)
Which of the following of the CIA Triad ensures that the information is correct, and no unauthorized person has altered it?
Integrity
Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability? a. It conflicts with other network firewalls and can cause them to become disabled. b. It allows an attacker to bypass network security configurations. c. It uses the weaker IEEE 80211i protocol. d. It requires the use of vulnerable wireless probes on all mobile devices.
It allows an attacker to bypass network security configurations
How is the Security Assertion Markup Language (SAML) used? a. It is no longer used because it has been replaced by LDAP. b. It is an authenticator in IEEE 802.1x. c. It serves as a backup to a RADIUS server. d. It allows secure web domains to exchange user authentication and authorization data.
It allows secure web domains to exchange user authentication and authorization data
Which of the following is NOT a reason that threat actors use PowerShell for attacks? a. It cannot be detected by antimalware running on the computer. b. It can be invoked prior to system boot. c. Most applications flag it as a trusted application. d. It leaves behind no evidence on a hard drive.
It can be invoked prior to system boot
Which of the following is FALSE about "security through obscurity"? a. It is essentially impossible. b. Proprietary cryptographic algorithms are an example. c. It can only provide limited security. d. It attempts to hide the existence from outsiders.
It can only provide limited security
Which statement regarding a demilitarized zone (DMZ) is NOT true? a. It provides an extra degree of security. b. It typically includes an email or web server. c. It can be configured to have one or two firewalls. d. It contains servers that are used only by internal network users.
It contains servers that are used only by internal network users
How does BPDU guard provide protection? a. BPDUs are encrypted so that attackers cannot see their contents. b. It sends BPDU updates to all routers. c. All firewalls are configured to let BPDUs pass to the external network. d. It detects when a BPDU is received from an endpoint.
It detects when a BPDU is received from an endpoint
Which statement about Rule-Based Access Control is true? a. It is no longer considered secure. b. It dynamically assigns roles to subjects based on rules. c. It is considered a real-world approach by linking a user's job function with security. d. It requires that a custodian set all rules.
It dynamically assigns roles to subject based on rules
Which of the following is FALSE about a quarantine process?
It holds a suspicious application until the user gives approval.
Which of the following is NOT a characteristic of the Trusted Platform Module (TPM)? a. It can easily be transported to another computer. b. It provides cryptographic services in hardware instead of software. c. It can generate asymmetric cryptographic public and private keys. d. It includes a pseudorandom number generator (PRNG).
It includes a pseudorandom number generator (PRNG)
Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP? a. It is a technology used by IEEE 802.11 for encryption. b. It is the transport protocol used in TCP/IP for authentication. c. It is a framework for transporting authentication protocols. d. It is a subset of WPA2.
It is a framework for transporting authentication protocols
Which of the following is NOT true about VBA? a. It is included in select non-Microsoft products. b. It is commonly used to create macros. c. It is built into most Microsoft Office applications. d. It is being phased out and replaced by PowerShell.
It is being phased out and replaced by PowerShell
Which of the following is NOT true about RAID? a. It is designed primarily to backup data. b. It can be implemented in hardware or software. c. The most common levels of RAID are Level 0, 1, 5, 6, and 10. d. Nested levels can combine other RAID levels.
It is designed primarily to backup data
What is the advantage of a secure cookie?
It is sent to the server over HTTPS
Which of the following is NOT correct about L2TP? a. It is used as a VPN protocol. b. It does not offer encryption. c. It is paired with IPSec. d. It must be used on HTML5 compliant devices.
It must be used on HTML5 compliant devices
Which of the following is true about secrets management? a. It provides a central repository. b. It cannot be audited for security purposes. c. It requires AES-512. d. It can only be used on-prem for security but has a connection to the cloud.
It provides a central repository
What does containerization do? a. It places all keys in a special vault. b. It splits operating system functions only on specific brands of mobile devices. c. It separates personal data from corporate data. d. It slows down a mobile device to half speed.
It separates personal data from corporate data
How is key stretching effective in resisting password attacks? a. It takes more time to generate candidate password digests. b. It does not require the use of salts. c. The license fees are very expensive to purchase and use it. d. It requires the use of GPUs.
It takes more time to generate candidate password digests
An IOC occurs when what metric exceeds its normal bounds?
KRI (Key risk indicator)
Which refers to a situation in which keys are managed by a third party, such as a trusted CA? a. Remote key administration b. Key authorization c. Key escrow d. Trusted key authority
Key escrow
Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?
LOLBins
Which of these is NOT a security feature for locating a lost or stolen mobile device? a. Last known good configuration b. Remote lockout c. Thief picture d. Alarm
Last known good configuration
When researching how an attack recently took place, Nova discovered that the threat actor, after penetrating the system, started looking to move through the network with their elevated position. What is the name of this technique?
Lateral movement
What does Windows 10 Tamper Protection do?
Limits access to the registry
Which of the following is not a basic configuration management tool? a. Diagrams b. MAC address schema c. Standard naming convention d. Baseline configuration
MAC address schema
Which of these is a vulnerability of MAC address filtering in a WLAN? a. The user must enter the MAC. b. Not all operating systems support MACs. c. MAC addresses are initially exchanged unencrypted. d. APs use IP addresses instead of MACs.
MAC addresses are initially exchanged unencrypted
Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this? a. MAC overflow attack b. MAC spoofing attack c. MAC cloning attack d. MAC flooding attack
MAC flooding attack
Bob needs to create an agreement between his company and a third-party organization that demonstrates a "convergence of will" between the parties so that they can work together. Which type of agreement will Bob use? a. SLA b. MOU c. BPA d. ISA
MOU
Which of the following is the Microsoft version of EAP? a. PAP-Microsoft b. MS-CHAP c. AD-EAP d. EAP-MS
MS-CHAP
Which of the following is not used to describe those who attack computer systems?
Malicious agent
Which attack intercepts communications between a web browser and the underlying OS? a. Man-in-the-browser (MITB) b. DIG c. Interception d. ARP poisoning
Man-in-the-browser (MITB)
The CEO is frustrated by the high costs associated with security at the organization and wants to look at a third party assuming part of their cybersecurity defenses. Nikola has been asked to look into acquiring requests for proposal (RFPs) from different third parties. What are these third-party organizations called? a. MSecs b. MPSs c. MSSPs d. MHerrs
Managed security service provider (MSSPs)
Which boot security mode sends information on the boot process to a remote server?
Measured Boot
Which tool manages the distribution and control of apps? a. MFM b. MAM c. MCM d. MDM
Mobile application management (MAM)
What allows a device to be managed remotely? a. Mobile application management (MAM) b. Mobile device management (MDM) c. Mobile wrapper management (MWM) d. Mobile resource management (MRM)
Mobile device management (MDM)
Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate? a. Wi-Fi b. Bluetooth c. Radio frequency ID (RFID) d. Near field communication (NFC)
NFC
Molly needs to access a setting in Microsoft Windows Group Policy to change the type of a network to which a computer is attached. Which setting must Molly change? a. Network Location b. Wi-Fi/Wired Network Policy c. Network Config d. Network Type
Network location
Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend? a. OAuth b. NTLM c. Shibboleth d. Open ID
OAuth
Which of the following is not a recognized attack vector?
On-prem
Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use? a. Staple b. Online Certificate Status Protocol (OCSP) c. Certificate Revocation List (CRL) d. Real-Time CA Verification (RTCAV)
Online Certificate Status Protocol (OCSP)
What device is always running off its battery while the main power runs the battery charger? a. Offline UPS b. Backup UPS c. Secure UPS d. Online UPS
Online UPS
Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use? a. Use the latest version of Python. b. Only use compiled and not interpreted Python code. c. Use caution when formatting strings. d. Download only vetted libraries
Only use compiled and not interpreted Python code
Which of these does not require authentication? a. Open method b. Enterprise method c. Initialization method d. PSK
Open method
Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack? a. IoT b. Network c. Operational Technology d. Application
Operational technology
What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption? a. .xdr b. .P7B c. .P12 d. .cer
P7B (Cryptographic message syntax standard with .P7B extension)
Randall's roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn't want the software because it slows down the computer. What type of software is this?
PUP
Oliwia has been given a project to manage the development of a new company app. She wants to use a cloud model to facilitate the development and deployment. Which cloud model will she choose? a. XaaS b. IaaS c. SaaS d. PaaS
PaaS
Which of these is considered the strongest type of passcode to use on a mobile device? a. Fingerprint swipe b. PIN c. Password d. Draw connecting dots pattern
Password
Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers? a. Password crackers differ as to how candidates are created. b. Due to their advanced capabilities, they require only a small amount of computing power. c. Most states prohibit password crackers unless they are used to retrieve a lost password. d. A password cracker attempts to uncover the type of hash algorithm that created the digest because once it is known, the password is broken.
Password crackers differ as to how candidates are created
Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts? a. Offline brute force attack b. Password spraying attack c. Role attack d. Online brute force attack
Password spraying attack
Which of the following is not an issue with patching?
Patches address zero-day vulnerabilities
Which of the following will a BIA NOT help determine? a. Mission-essential functions b. Single point of failure c. Percentage availability of systems d. Identification of critical systems
Percentage availability of systems
What is data called that is to be encrypted by inputting it into a cryptographic algorithm? a. Byte-text b. Plaintext c. Ciphertext d. Cleartext
Plaintext
Ebba has received a new initiative for her security team to perform an in-house penetration test. What is the first step that Ebba should undertake?
Planning
Blaise needs to create a document that is a linear-style checklist of required manual steps and actions needed to successfully respond to a specific type of incident. What does she need to create? a. Playbook b. Runbook c. SIEM-book d. ARC Codebook
Playbook
Which of the following can a UPS NOT perform? a. Prevent any new users from logging on b. Disconnect users and shut down the server c. Notify all users that they must finish their work immediately and log off d. Prevent certain applications from launching that will consume too much power
Prevent certain applications from launching that will consume too much power
What are the two concerns about using public information sharing centers?
Privacy and speed
Which of the following sensors can detect an object that enters the sensor's field? a. Field detection b. IR verification c. Proximity d. Object recognition
Proximity
Sergio has been asked to make a set of data that was once restricted now available to any users. What data type will Sergio apply to this set of data? a. Unrestricted b. Open c. Public d. Available
Public
Which commercial data classification level would be applied to a data set of the number of current employees at an organization and would only cause a small amount of harm if disclosed? a. Private b. Confidential c. Open d. Public
Public
Which of the following technologies can convert a texting app into a live chat platform? a. RCS b. QR c. SMS d. MMS
RCS
What is a difference between NFC and RFID? a. NFC is based on wireless technology while RFID is not. b. RFID is faster than NFC. c. RFID is designed for paper-based tags while NFC is not. d. NFC devices cannot pair as quickly as RFID devices.
RFID is designed for paper-based tags while NFC is not
Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust? a. Frequency band b. Channel width c. Channel selection d. RFID spectrum
RFID spectrum
Brielle is researching substitution ciphers. She came across a cipher in which the entire alphabet was rotated 13 steps. What type of cipher is this? a. XOR b. XAND13 c. Alphabetic d. ROT13
ROT13
Zuzana is creating a report for her supervisor about the cost savings associated with cloud computing. Which of the following would she NOT include on her report on the cost savings? a. Pay-per-use b. Reduction in broadband costs c. Scalability d. Resiliency
Reduction in broadband costs
Who verifies the authenticity of a CSR? a. Registration authority b. Certificate authority c. Signature authority d. Certificate signatory
Registration authority
Which of the following are developed by established professional organizations or government agencies using the expertise of seasoned security professionals?
Regulations
What are documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas?
Requests for comments (RFCs)
Which of the following is NOT an important OS security configuration?
Restricting patch management
Which of the following is NOT an element that should be part of a BCP? a. Scalability b. Diversity c. Robustness d. High availability
Robustness
Banko's sister has just downloaded and installed an app that allows her to circumvent the built-in limitations on her Android smartphone. What is this called? a. Ducking b. Jailbreaking c. Rooting d. Sideloading
Rooting
Which WPA3 security feature is designed to increase security at the time of the handshake? a. OWE b. SAE c. MIT d. WEP
SAE
Which of the following is NOT a symmetric cryptographic algorithm? a. Blowfish b. SHA c. 3DES d. DES
SHA
Cicero is researching hash algorithms. Which algorithm would produce the longest and most secure digest? a. SHA-256 b. MD5 c. SHA3-512 d. SHA6-6
SHA3-512
Which of the following can automate an incident response?
SOAR
Tuva's supervisor wants to share a recent audit outside the organization. Tuva warns him that this type of audit can only be read by those within the organization. What audit does Tuva's supervisor want to distribute?
SSAE SOC 2 Type II
Which of the following manipulates the trusting relationship between web servers?
SSRF
What prevents a mobile device from being used until the user enters the correct passcode? a. Screen lock b. Screen timeout c. Touch swipe d. Swipe identifier (SW-ID)
Screen lock
Tilde is working on a contract with the external penetration testing consultants. She does not want any executives to receive spear-phishing emails. Which rule of engagement would cover this limitation?
Scope
Which is a protocol for securely accessing a remote computer in order to issue a command? a. Secure Shell (SSH) b. Transport Layer Security (TLS) c. Secure Hypertext Transport Protocol (SHTTP) d. Secure Sockets Layer (SSL)
Secure Shell (SSH)
After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and will be a supervisor over a group of security technicians. Which of these generally recognized security positions has she been offered?
Security Manager
Which of the following is true regarding the relationship between security and convenience?
Security and convenience are inversely proportional
Which of the following is NOT a feature of a next-generation SWG? a. Send alerts to virtual firewalls b. Can be placed on endpoints, at the edge, or in the cloud c. Analyze traffic encrypted by SSL d. DLP
Send alerts to virtual
What does the term "serverless" mean in cloud computing? a. Server resources of the cloud are inconspicuous to the end user. b. Servers are run as VMs. c. All appliances are virtual and do not interact with physical servers. d. The cloud network configuration does not require any servers.
Server resources of the cloud are inconspicuous to the end user
Cheryl has been asked to set up a user account explicitly to provide a security context for services running on a server. What type of account will she create? a. Privilege account b. Service account c. User account d. Generic account
Service account
Emiliano needs to determine the expected monetary loss every time a risk occurs. Which formula will he use? a. ARO b. ALE c. AV d. SLE
Single loss expectancy (SLE)
Which statement regarding a keylogger is NOT true?
Software keyloggers are generally easy to detect.
Which of the following is NOT used for authentication? a. Something you exhibit b. Something you can do c. Somewhere you are d. Something you can find
Something you can find
Which of these is NOT a factor in determining restoration order? a. Speed of implementation b. Dependencies c. Process of fundamental importance d. Alternative business practices
Speed of implementation
What is an objective of state-sponsored attackers?
Spy on citizens
Which of the following groups use Advanced Persistent Threats?
State actors
Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this? a. Proxy firewall b. Connection-aware firewall c. Stateful packet filtering d. Packet filtering firewall
Stateful packet filtering
Which of the following is not an improvement of UEFI over BIOS?
Support of USB 3.0
What is the term used to describe the connectivity between an organization and a third party?
System integration
Which of the following is an application protocol for exchanging cyberthreat intelligence over HTTPS?
TAXII
Which privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information?
TLP (Traffic light protocol)
Which of the following is typically a monthly discussion of a scenario conducted in an informal and stress-free environment to evaluate an incident response plan? a. Walkthrough b. Tabletop c. Incident Response Plan Evaluation (IRP-E) d. Simulation
Tabletop
Which of the following is NOT a threat classification category? a. Compliance b. Tactical c. Strategic d. Financial
Tactical
Which of the following is a tool for editing packets and then putting the packets back onto the network to observe their behavior? a. Packetdump b. Wireshark c. Tcpreplay d. Tcpdump
Tcpreplay
What is the result of an ARP poisoning attack? a. MAC addresses are altered. b. The ARP cache is compromised. c. An internal DNS must be used instead of an external DNS. d. Users cannot reach a DNS server.
The ARP cache is compromised
What is Bash? a. The open source scripting language that contains many vulnerabilities b. The command-language interpreter for Linux/UNIX OSs c. The underlying platform on which macOS is built d. A substitute for SSH
The command-language interpreter for Linux/UNIX OSs
Which of these is NOT a reason that users create weak passwords? a. A security policy requires a password to be changed regularly. b. A lengthy and complex password can be difficult to memorize. c. Having multiple passwords makes it hard to remember all of them. d. The length and complexity required force users to circumvent creating strong passwords.
The length and complexity required force users to circumvent creating strong password
What is a definition of RPO? a. The maximum length of time that can be tolerated between backups b. How a backup utility reads an archive bit c. The frequency that data should be backed up d. Length of time it will take to recover data that has been backed up
The maximum length of time that can be tolerated between backups
What is low latency? a. The requirements for an IoT device that is using a specific network. b. A low-power source requirement of a sensor. c. The time between when a byte is input into a cryptographic cipher and when the output is obtained. d. The delay between when a substitution cipher decrypts the first block and when it finishes with the last block.
The time between when a byte is input into a cryptographic cipher and when the output is obtained
Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say? a. The user's public key with their private key b. The user's identity with their public key c. A private key with a digital signature d. The user's symmetric key with the public key
The user's identity with their public key
Which is the first step in a key exchange? a. The web browser verifies the server certificate. b. The web server sends a message ("ServerHello") to the client. c. The web browser sends a message ("ClientHello") to the server. d. The browser generates a random value ("pre-master secret").
The web browser sends a message ("ClientHello") to the server
Which of the following is NOT a limitation of a threat map?
They can be difficult to visualize
Which of the following is NOT correct about high availability across zones? a. An Availability Zone (AZ) is one or more data centers within a Region—each with redundant power, networking, and connectivity. b. In a cloud computing environment, reliability and resiliency are achieved through duplicating processes across one or more geographical areas. c. They require that specific security appliances be located on-prem so that the local data center can be considered as a qualified Zone. d. They are more highly available, fault tolerant, and scalable than would be possible with a single data center.
They require that specific security appliances be located on-prem so that the local data center can be considered as a qualified Zone
Lykke's supervisor is evaluating whether to use internal security employees to conduct a penetration test. Lykke does not consider this a good idea and has created a memo with several reasons they should not be used. Which of the following would NOT be part of that memo?
They would have to stay overnight to perform the test.
How do vendors decide which should be the default settings on a system?
Those settings that provide the means by which the user can immediately begin to use the product.
Which premise is the foundation of threat hunting?
Threat actors have already infiltrated our network
What race condition can result in a NULL pointer/object dereference?
Time of check/time of use race condition
What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time? a. Greenwich Mean Time (GMT) b. Daylight savings time c. Civil time d. Time offset
Time offset
Which of the following is NOT a problem associated with log management? a. Multiple devices generating logs b. Time-stamped log data c. Large volume of log data d. Different log formats
Time-stamped log data
Which of the following is NOT a concern for users regarding the usage of their privacy data? a. Individual inconveniences and identity theft b. Timeliness of data c. Associations with groups d. Statistical inferences
Timeliness of data
What is the purpose of certificate chaining? a. To ensure that a web browser has the latest root certificate updates b. To group and verify digital certificates c. To hash the private key d. To lookup the name of intermediate RA
To group and verify digital certificates
Which of the following can a digital certificate NOT be used for? a. To verify the authenticity of the CA b. To encrypt channels to provide secure communication between clients and servers c. To verify the identity of clients and servers on the Web d. To encrypt messages for secure email communications
To verify the authenticity of the CA
Which of the following is NOT a Microsoft defense against macros? a. Trusted domain b. Protected View c. Trusted location d. Trusted documents
Trusted domain
What is a collision? a. Two keys are the same length. b. Two ciphertexts have the same length. c. Two files produce the same digest. d. Two algorithms have the same key.
Two files produce the same digest
Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing? a. Multiplayer recognition b. Dual observation protocol (DOP) c. Two-person integrity/control d. Compromise mitigation assessment (CMA)
Two-person integrity/control
Enki received a request by a technician for a new subnotebook computer. The technician noted that he wanted USB OTG support and asked Enki's advice regarding its. Which of the following would Enki NOT tell him?
USB OTG is only available for connecting Android devices to a subnotebook.
Hakaku needs a tool with a single management interface that provides capabilities for managing and securing mobile devices, applications, and content. Which tool would be the best solution?
Unified endpoint management (UEM)
Which of these appliances provides the broadest protection by combining several security functions? a. UTM b. WAF c. NGFW d. NAT
Unified threat management (UTM)
Which of the following is NOT a NAC option when it detects a vulnerable endpoint? a. Give restricted access to the network. b. Connect to a quarantine network. c. Deny access to the network. d. Update Active Directory to indicate the device is vulnerable.
Update active directory to indicate the device is vulnerable
Which of these is NOT created and managed by a microservices API? a. Database b. User experience (UX) c. Authentication d. Logs
User experience (UX)
Which of the following is NOT an advantage to an automated patch update service?
Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service.
Why are dictionary attacks successful? a. Users often create passwords from dictionary words. b. They link known words together in a "string" for faster processing. c. Password crackers using a dictionary attack require less RAM than other types of password crackers. d. They use pregenerated rules to speed up the processing.
Users often create passwords from dictionary words
Which of the following is NOT a firewall rule parameter? a. Action b. Visibility c. Context d. Time
Visibility
Which of the following is NOT a characteristic of cloud computing? a. Immediate elasticity b. Metered services c. Universal client support d. Visible resource pooling
Visible resource pooling
Which of these is NOT a type of wireless AP probe? a. WNIC probe b. Wireless device probe c. AP probe d. Dedicated probe
WNIC probe
Which model uses a sequential design process?
Waterfall model
Which of these is a list of preapproved applications?
Whitelist
Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network? a. Dynamic ad hoc b. Ad hoc II c. Wi-Fi Direct d. Alliance IBSS
Wi-fi Direct
Aoi has been asked to provide research regarding adding a new class of Android smartphones to a list of approved devices. One of the considerations is how frequently the smartphones receive firmware OTA updates. Which of the following reasons would Aoi NOT list in her report as a factor in the frequency of Android firmware OTA updates?
Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks.
Which of these is NOT a risk when a home wireless router is not securely configured? a. Wireless endpoints must be manually approved to connect to the WLAN. b. An attacker can steal data from any folder with file sharing enabled. c. Malware can be injected into a computer connected to the WLAN. d. Usernames, passwords, credit card numbers, and other information sent over the WLAN could be captured by an attacker.
Wireless endpoints must be manually approved to connect to the WLAN
Which of the following is known as a network virus?
Worm
Which of the following attacks is based on a website accepting user input without sanitizing it?
XSS
Luna is reading a book about the history of cybercrime. She read that the very first cyberattacks that occurred were mainly for what purpose?
fame
What penetration testing level name is given to testers who have no knowledge of the network and no special privileges?
black box
Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate? a. Custom attack b. Dictionary attack c. Brute force attack d. Hybrid attack
brute force attack
Eros wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use? a. head b. display c. show d. cat
cat
What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection? a. PFX b. Certificate attributes c. Electronic Code Book (ECB) repositories d. CTR
certificate attributes
What entity calls in crypto modules to perform cryptographic tasks? a. Intermediate CA b. Certificate Authority (CA) c. Crypto service provider d. OCSP
crypto service provider
Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing? a. WEP-II b. Bluetooth grabber c. Rogue access point d. Evil twin
evil twin
Which of the following threats would be classified as the actions of a hactivist? a. External threat b. Compliance threat c. Internal threat d. Environmental threat
external threat
Which of the following functions does a network hardware security module NOT perform? a. Random number generator b. Key exchange c. Fingerprint authentication d. Key management
fingerprint authentication
Which human characteristic is NOT used for biometric identification? a. Retina b. Height c. Iris d. Fingerprint
height
Which of the following contains honeyfiles and fake telemetry? a. Honeypotnet b. High-interaction honeypot c. Honeyserver d. Attacker-interaction honeypot
high-interaction honeypot
Which utility sends custom TCP/IP packets? a. curl b. pingpacket c. shape d. hping
hping
Which of the following is NOT an advantage of crowdsourced penetration testing?
less expensive
Which of these creates a format of the candidate password to significantly reduce the time needed to crack a password? a. Mask b. Pass the hash c. Overlay d. Rainbow
mask
Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use? a. Masking b. Tokenization c. PII Hiding d. Data Object Obfuscation (DOO)
masking
What is the average amount of time that it will take a device to recover from a failure that is not a terminal failure? a. MTTR b. MTBF c. RTO d. RPO
mean time to recovery (MTTR)
Which of the following is a Linux utility that displays the contents of system memory? a. Autopsy b. WinHex c. memdump d. dd
memdump
Linnea is researching a type of storage that uses a single storage device to serve files over a network and is relatively inexpensive. What type of storage is Linnea researching? a. SAN b. ARI c. RAID d. NAS
network-attached storages (NAS)
In which of the following threat classifications would a power blackout be classified? a. Technical b. Operational c. Strategic d. Managerial
operational
Which of the following control categories includes conducting workshops to help users resist phishing attacks? a. Technical b. Managerial c. Administrative d. Operational
operational
What are public key systems that generate different random public keys for each session? a. Diffie-Hellman (DH) b. perfect forward secrecy c. Public Key Exchange (PKE) d. Elliptic Curve Diffie-Hellman (ECDH)
perfect forward secrecy
Which of the following should NOT be stored in a secure password database? a. Iterations b. Plaintext password c. Salt d. Password digest
plaintext password
Which of the following approaches to risk calculation typically assigns a numeric value (1-10) or label (High, Medium, or Low) to represent a risk? a. Qualitative risk calculation b. Rule-based risk calculation c. Quantitative risk calculation d. Policy-based risk calculation
qualitative risk calculation
Which type of OS is typically found on an embedded system? a. RTOS b. COPE c. SoC d. OTG
real-time operating system (RTOS)
What term refers to changing the design of existing code?
refractoring
Which of these is NOT a response to risk? a. Avoidance b. Resistance c. Transference d. Mitigation
resistance
What is a list of potential threats and associated risks? a. Risk assessment b. Risk matrix c. Risk register d. Risk portfolio
risk register
Which of the following is a packet sampling protocol that gives a statistical sample instead of the actual flow of packets? a. journalctl b. IPFIX c. sFlow d. NetFlow
sFlow
Which of the following should be performed in advance of an incident? a. Segmentation b. Capture c. Isolation d. Containment
segmentation
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity. a. Encrypted signatures b. Session keys c. Digital certificates d. Digital digests
session keys
Which of the following is an authentication credential used to access multiple accounts or applications? a. Federal login b. Identification authentication c. Single sign-on d. Credentialization
single sign-on
Which of the following is a third-party OS penetration testing tool? a. Nessus b. theHarvester c. scanless d. sn1per
sn1per
Which of the following virtualizes parts of a physical network? a. SDX b. SDV c. SDN d. SDA
software-defined network
Which of the following hides the existence of information? a. Decryption b. Encryption c. Steganography d. Ciphering
steganography
Which tool is an open source utility for UNIX devices that includes content filtering? a. rsyslog b. syslog c. syslog-ng d. nxlog
syslog-ng
Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____.
through products, people, and procedures on the devices that store, manipulate and transmit the information
Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use? a. tracert b. traceroute c. trace d. tracepacket
traceroute
Wiktoria is frustrated that her company is using so many different cloud services that span multiple cloud provider accounts and even different cloud providers. She wants to implement a technology to give full control and visibility over all the cloud resources, including network routing and security. What product does Wiktoria need? a. Thin virtual visibility appliance (TVVA) b. CASB c. SWG d. Transit gateway
transit gateway
Which type of hypervisor runs directly on the computer's hardware? a. Type IV b. Type II c. Type III d. Type I
type I