Final Review
Which type of wireless attack is designed to capture wireless transmissions coming from legitimate users? a.Intercepting wireless datab.Rogue access point c.Evil twin d.Wireless denial of service attacks
c.Evil twin
Which of the following is physical security equipment for computer hardware? a.Bollardsb.Robot sentry c.Faraday cage d.Alarmed carrier PDS
c.Faraday cage
Which of the following can be achieved using availability zones in cloud computing? a.Lower costb.More visibility c.Fault tolerance d.Less redundancy
c.Fault tolerance
Which of the following protocol can be used for secure routing and switching? a.HTTPS b.IPsec c.DNSSECd.HTTP
b.IPsec
Which of the following is the most common method for delivering malware? a.Social mediab.Removable media c.Email d.Identity theft
c.Email
Which of the following is the most versatile cloud model? a.PaaSb.XaaS c.IaaS d.SaaS
c.IaaS
Which monitoring methodology will trigger the IDS if any application tries to scan multiple ports? a.Signature-based monitoring b.Heuristic monitoring c.Anomaly-based monitoringd.Behavior-based monitoring
b.Heuristic monitoring
Which endpoint application runs on an endpoint device that only detects an attack in an endpoint device? a.HIDS b.Cookiesc.EDRd.HIPS
a.HIDS
Which of the following protocols can make accessing data using man-in-the-middle attacks difficult while web browsing? a.DNSSEC b.IPv6 c.SFTPd.HTTP
b.IPv6
How do NACs ensure that a device is safe to connect to a secure network? a.The NAC issues a health certificate, only allowing healthy devices to connect to the secured network.b.The NAC moves suspicious data on an unknown device onto an external storage device.c.The NAC encrypts all of the data on an unknown device before connecting it to the secured network.d.The NAC ensures the safety of the device by deleting all suspicious files.
a. The NAC issues a health certificate, only allowing healthy devices to connect to the secured network.
Threat actors focused on financial gain often attack which of the following main target categories? a.Individual users b.REST servicesc.Product listsd.Social media assets
a.Individual users
Which of the following describes the action of an SQL injection into a database server? a.The SQL injection inserts specially created structured query language statements to manipulate the database server, giving control of the database to the attacker, who can then manipulate the database. b.The SQL injection inserts specially created extensible markup language to manipulate the database taking control of the database giving control to the attacker to manipulate the database.c.The SQL injection inserts code into the DLL running process, causing the program to function differently than intended.d.The SQL injection is specially created code inserted into a legitimate program, which then lies dormant unless a special logical event triggers it.
a.The SQL injection inserts specially created structured query language statements to manipulate the database server, giving control of the database to the attacker, who can then manipulate the database.
Which of the following best describes VBA? a.VBA is an event-driven programming language. b.VBA is a network assessment tool.c.VBA is a command language interpreter.d.VBA is a hardware network security device.
a.VBA is an event-driven programming language.
You are a security consultant. An enterprise client contacted you because their mail domain is blocked due to an unidentified entity using it to send spam. How should you advise them to prevent this from happening in the future? a.Configure the IMAP to store emails on the email serverb.Configure the POP to monitor incoming and outgoing emails c.Configure the SMTP relay to limit relays to only local users d.Configure the POP3 so that it listens on port 25
c.Configure the SMTP relay to limit relays to only local users
In an interview, Tom was asked to give a brief on how containers perform virtualization. How should Tom reply? a.Containers use hardware hypervisors for virtualizationb.Containers use dedicated physical storage for virtualization c.Containers use OS components for virtualization d.Containers use Type I hypervisors for virtualization
c.Containers use OS components for virtualization
In a practical test, Steve was asked to securely connect different on-premises computing devices with a database deployed in the cloud. What action is Steve taking? a.Using next-generation secure web gatewayb.Using cloud access security broker c.Creating a virtual network d.Using a simple network management protocol
c.Creating a virtual network
Under which vulnerability can an attacker steal information from a user's phone using a device to connect to the phone without physically touching it? a.Eavesdroppingb.Device theft c.Data theft d.Man-in-the-middle
c.Data theft
Which of the following types of platforms is known for its vulnerabilities due to age? a.On-premises platformb.Cloud platform c.Legacy platform d.Online platform
c.Legacy platform
What is a variation of a common social engineering attack targeting a specific user? a.Spamb.Watering holes c.Spear phishing d.Redirection
c.Spear phishing
In which of the following attacks do attackers use intentional interference to flood the RF spectrum with enough interference to prevent a device from effectively communicating with the AP? a.Disassociation attackb.Intercepting wireless data c.Wireless denial of service attacks d.Evil twin
c.Wireless denial of service attacks
Which of the following is a disadvantage of the secure boot process? a.It slows down considerably, affecting the performance of the computer .b.It makes third party non-vendor-approved software difficult to implement. c.It does not validate the boot process.d.It requires an operating system like Microsoft OS to ensure secure boot.
.b.It makes third party non-vendor-approved software difficult to implement.
A few computers at a high-security software firm location have been compromised. The threat actor took user videos, confidential information like bank account IDs and passwords, email IDs and passwords, and computer screenshots. These confidential data have been shared every three hours from the computers to the threat actor. Which of the following is correct, based on the evaluation of the above observation? a.This is a hardware keylogger attack; it is only periodically sharing the information and is a manual transfer of information by a human agent .b.This is a software keylogger attack, as screenshots, video captures, and keystrokes have been routinely monitored and periodically shared .c.This is a hardware keylogger attack, as video capture functionality and periodic transfer of data are not possible with a software keylogger.d.This is a software keylogger attack, as it is sharing the information every three hours to the attacker.
.b.This is a software keylogger attack, as screenshots, video captures, and keystrokes have been routinely monitored and periodically shared
Which of the following best describes a mantrap? a.A mantrap separates threat actors from defenders.b.A mantrap is a challenge given to cybersecurity experts .c.A mantrap is a small space with two separate sets of interlocking doors. d.A mantrap cools a server room by trapping body heat.
.c.A mantrap is a small space with two separate sets of interlocking doors.
Which of the following differentiates an access point probe and a dedicated probe? a.A dedicated probe is a wireless adapter plugged into a desktop computer to monitor the RF in the area for transmissions. In contrast, an access probe is a standard wireless device that can be configured to act as a wireless probe.b.A dedicated probe has the ability t to serve as both a probe and an access point that can provide roaming to wireless users. In contrast, an access point probe only monitors RF transmissions.c.A dedicated probe is a standard wireless device that can be configured to act as a wireless probe. In contrast, an access point probe is a wireless adapter plugged into a desktop computer to monitor the RF in the area for transmissions .d.A dedicated probe only monitors RF transmissions, while an access probe can serve as both a probe and an access point that can provide roaming to wireless users.
.d.A dedicated probe only monitors RF transmissions, while an access probe can serve as both a probe and an access point that can provide roaming to wireless users.
Which of the following best describes a network address translation? a.A network address translation (NAT) blocks specific websites or attacks that attempt to exploit known vulnerabilities in specific client software.b.A network address translation (NAT) is a device that combines several security functions like packet filtering, anti-spam, anti-phishing, anti-spyware, encryption, intrusion protection, and web filtering. c.A network address translation (NAT) enables a private IP network to connect to the internet .d.A network address translation (NAT) can detect applications using deep packet inspection by examining the packet payloads and determining if they are carrying any malware.
c.A network address translation (NAT) enables a private IP network to connect to the internet
Which of the following is a layer 2 attack? a.DDoSb.DNS hijacking c.ARP poisoning d.DNS poisoning
c.ARP poisoning
In an interview, you were asked to briefly describe how emails containing malware or other contents are prevented from being delivered. Which of the following should be your reply? a.X.500 prevents unwanted mails from being delivered. b.Mail gateways prevent unwanted mails from being delivered .c.SMTP relays prevent unwanted mails from being delivered.d.LDAP prevents unwanted mails from being delivered.
b.Mail gateways prevent unwanted mails from being delivered
Which of the following best describes east-west traffic? a.Movement of data from one unsecured endpoint to another b.Movement of data from one server to another within a data center c.Movement of data from an unsecured endpoint to a server outside a data cente rd.Movement of data from a router to an enterprise switch
b.Movement of data from one server to another within a data center
What is the name of the process where a website validates user input before the application uses the input? a.Eliminating b.Sanitizing c.Authorizingd.Tokening
b.Sanitizing
David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed? a.Take a screenshot of the virtual machine before testing the configuration b.Take a snapshot of the virtual machine before testing the configuration c.Enable "roll back" on the previous configuration before testing the new configurationd.Use sandboxing in the virtual machine before testing the configuration
b.Take a snapshot of the virtual machine before testing the configuration
Which of the following statements correctly defines jamming? a.An attacker circumvents the security protections in the company's network, accessing the network behind the firewall.b.An attacker creates false deauthentication or disassociation management frames that appear to come from another client device, causing the client to disconnect from the AP. c.An attacker intentionally floods the RF spectrum with extraneous RF signal "noise" that creates interference and prevents communications. d.An attacker tries to mimic an authorized AP, so a user's mobile device such as a laptop or tablet unknowingly connects to the evil twin instead.
c.An attacker intentionally floods the RF spectrum with extraneous RF signal "noise" that creates interference and prevents communications.
Which of the following is a major objective of packet analysis? a.Estimate network costb.Calculate employee work hours c.Assess and secure networks d.Ensure physical security
c.Assess and secure networks
In an interview, you are asked to analyze the following statements regarding secure network designs and choose the correct one. Which of the following should you choose? a.Workgroup switches reside at the top of the hierarchy and carry traffic between switches. b.Zero trust is designed to make a system trusted. c.Load balancers can detect and stop protocol attacks directed at a server or application. d.Switches can transfer packets when VLAN members on one switch need to communicate with members connected to another switch.
c.Load balancers can detect and stop protocol attacks directed at a server or application.
Max found someone is impersonating him after discovering that data sent to him was always being received by someone else in his enterprise network. He informed the network administrator about the issue. While inspecting the switch, the administrator discovered that the threat actor was another employee at the same enterprise.As a senior security consultant, which of the following attacks should you mention in the charge sheet? a.DDoS attackb.MITB attack c.MAC cloning attack d.DNS poisoning
c.MAC cloning attack
A company has approached you for their product testing, and you agree to do it. First, you have to install the necessary plugins for the software through the browser, install the software, and run the software again.What procedure should you adopt to ensure that you don't compromise the browser and the computer's operating system? a.Make sure that the browser's CSP policy is set, then quarantine the software file, then access the software using an active directory, use a sandbox to run the software.b.Make sure that the antivirus/antispyware is run on the plugins, run the software in the sandbox, check the CSP options before running the software, and send a secure cookie to the server. c.Making sure that the OS's security options are deployed, run the antivirus/antispyware on the files downloaded, run the software on HSTS/HTTPS mode, and then send a secure cookie to the server. d.Deploy the OS securities, check for vulnerabilities in the plugins, quarantine the software before installing, and send a secure cookie to the server.
c.Making sure that the OS's security options are deployed, run the antivirus/antispyware on the files downloaded, run the software on HSTS/HTTPS mode, and then send a secure cookie to the server.
Which of the following techniques is the best fit for monitoring traffic on switches with large volumes of traffic? a.Port mirroringb.Signature-based monitoring c.Port TAP d.Port spanning
c.Port TAP
Which of the following can prevent macros attacks? a.VBAb.Private DNS server c.Protected view d.PowerShell
c.Protected view
Which of the following protocols can be used for secure video and voice calling? a.VPNb.S/MIME c.SRTP d.SNMP
c.SRTP
Which protocol is used to prevent looping in a switch? a.SSLb.SMTP c.STP d.SSTP
c.STP
Which of the following correctly differentiates between a man-in-the-middle (MITM) attack and a man-in-the-browser (MITB)? a.A MITM attack can only analyze the intercepted packet, whereas a MITB attack can modify the intercepted packet.b.A MITM attack occurs between two endpoints, whereas a MITB attack occurs between a browser and web server.c.A MITM attack can modify the intercepted packet, whereas a MITB attack can only analyze it. d.A MITM attack occurs between two endpoints, whereas a MITB attack occurs between a browser and underlying computer.
d.A MITM attack occurs between two endpoints, whereas a MITB attack occurs between a browser and underlying computer.
Which of the following best describes a host-based firewall? a.A host-based firewall is a hardware firewall that protects multiple endpoint devices.b.A host-based firewall is a software firewall that protects multiple endpoint devices.c.A host-based firewall is a hardware firewall that protects a single endpoint device. d.A host-based firewall is a software firewall that protects a single endpoint device.
d.A host-based firewall is a software firewall that protects a single endpoint device.
Which of the following is a feature of secrets management? a.Data redundancy b.Default encryption c.Data availabilityd.Decreased latency
b.Default encryption
What is NOT a principle of agile development? a.Satisfy the customer through early and continuous delivery b.Follow rigid sequential processes c.Business people and developers work togetherd.Pay continuous attention to technical excellence
b.Follow rigid sequential processes
What is the secure coding technique that organizes data within the database for minimum redundancy? a.Normalization b.Code signingc.Dead coded.Stored procedure
a.Normalization
Japan's cybercrime control center noticed that around 200,000 Tokyo computers are infected by bots, and all these bots are remotely controlled by a single attacker. What is this attacker referred to as? a.Botnet b.Bot herder c.Zombied.Payload
b.Bot herder
As a cybersecurity specialist, you are asked to defend the web app hosted by your enterprise from web application attacks like cross-site scripting, SQL injections, etc. Which of the following actions should you take? a.You should install a WAF.b.You should install an NAT.c.You should install a proxy server.d.You should install an NGFW.
a. You should install a WAF.
Shanise is an IT security professional for a large private bank. She got an alert that the bank website received a funds transfer request that was correctly credentialed but flagged as being out of the account owner's usual pattern. If the alert is correct, what type of attack has likely occurred? a.Replay attack b.CSRF attack c.XSS attackd.SQL injection
b.CSRF attack
Which of the following protects SNMP-managed devices from unauthorized access? a.X.500 lite b.Community string c.X.500d.Resource records
b.Community string
Which of the following best describes bash? a.Bash is a command language interpreter. b.Bash is computer hardware.c.Bash is a network assessment tool.d.Bash is a physical security measure.
a.Bash is a command language interpreter.
A company has its network compromised. As an expert professional, the organization has hired you to identify the probable cause of the attack and fix it. As a security professional, you have noticed the pattern of compromise is unlike anything previously seen. You are looking to find new information on vulnerabilities like the attack that occurred.Which of the following actions would help achieve this objective? a.Checking the dark web b.Implementing TCP/IP protocol across the networkc.Checking the surface webd.Checking the green web
a.Checking the dark web
What is another term commonly used to define cross-site request forgery (CSRF): a.Client-side request forgery b.Server-side request forgeryc.Client-server request forgeryd.Cross-server request forgery
a.Client-side request forgery
Which of the following best describes DLP? a.DLP is used to prevent leakage of confidential data. b.DLP is used to control access to digital assets.c.DLP is a VPN protocol.d.DLP is a protocol used to transfer data within switches.
a.DLP is used to prevent leakage of confidential data.
Which probe is designed exclusively to monitor the RF for transmissions and can only monitor the airwaves? a.Dedicated probe b.Desktop probec.Wireless device probed.Access point probe
a.Dedicated probe
Which of the following is a feature of a fileless virus? a.Fileless viruses are easy to detect. b.Fileless viruses are easy to defend.c.Fileless viruses grant limited control.d.Fileless viruses are persistent.
a.Fileless viruses are easy to detect.
A federal appeals court recently made a judgment that caused significant public outrage. Soon after the ruling, the court's website was hacked, and the content was replaced with the text "Equal justice for all."Which of the following type of threat actors attacked the court's site? a.Hacktivists b.Cyberterroristsc.State actorsd.Insiders
a.Hacktivists
What additional measure should be enacted to increase the security on a computer network after secure boot, protective measures from attacks like antimalware, and intrusion detection systems are implemented in all the computers on the network? a.Implement hardening at endpoints with patch management and operating system safeguards b.Disable connections on the Wi-Fi networkc.Implement an antivirus solution in all systems and serversd.Disable operating system patch updates to prevent malicious attacks
a.Implement hardening at endpoints with patch management and operating system safeguards
A company monitors the network activity of the organization and stores the logs in a database. You have been asked to identify whether there are any malicious activities in the network. Which of the following can denote the upper and lower bounds of their various network activities? a.KRI b.OSI modelc.Threat mapsd.TTP
a.KRI
Kia recently noticed that when she browses her favorite online shopping site, she is immediately redirected to a competitor's site. What is happening here, and what is the best option for Kia to fix this situation? a.Kia must uninstall the toolbar software and the accompanying components she has recent installed on her browser. b.Kia has installed spyware, and she has to close the browser and reboot the system to correct the problem.c.Kia must reinstall a fresh copy of the operating system and all applications.d.Kia has accidentally installed a virus. She must close the browser and run a good antivirus program before browsing the website for shopping again.
a.Kia must uninstall the toolbar software and the accompanying components she has recent installed on her browser.
In an interview, you are given the following scenario:David sent a message to Tina saying, "There is no school today!" For some reason, the message showed up on Tina's device as, "Come to the school ASAP!" You (the candidate) are asked to name the type of attack that would cause this situation.Which of the following should you identify? a.MITM b.DNS hijackingc.DDoSd.Macro attack
a.MITM
Which of the following is a subset of artificial intelligence? a.Machine learning b.Artificial intelligence algorithmc.Machine intelligenced.Data science
a.Machine learning
Ronald is a software architect at MindSpace Software. He has been approached to develop a critical application for a finance company. The company has asked him to ensure that the employed coding process is secure. They have also requested that the project be completed in a few months, with a minimum version of the identified functionalities provided. The other functionalities can be developed later and added to the software while the application is live.Which development process would be ideal for Ronald to employ to achieve this objective? a.Ronald can employ the SecDevOps model to meet the requirements of the client. b.Ronald can employ the rapid development model to meet the requirements of the client.c.Ronald can employ an agile development model to meet the requirements with penetration testing done on the modules.d.Ronald can employ a waterfall model to meet the requirements by testing the code at every phase of development.
a.Ronald can employ the SecDevOps model to meet the requirements of the client.
Which of the following sensors is best suited for fire detection? a.Temperature detection sensor b.Noise detection sensorc.Motion detection sensord.Proximity sensor
a.Temperature detection sensor
Which of the following outlines the process of a proxy server? a.User - forward proxy - Internet - reverse proxy - user b.User - forward proxy - user - reverse proxy - Internetc.User - reverse proxy - Internet - forward proxy - userd.User - internet - reverse proxy - forward proxy - user
a.User - forward proxy - Internet - reverse proxy - user
Which of the following is a configuration vulnerability? a.Weak encryption b.Zero dayc.Weakest linkd.Direct access
a.Weak encryption
A cybercriminal attempts to trick a computer's user into sharing their personal information by implementing content to discreetly capture user information over the actual webpage.What should the user implement to avoid this situation? a.X-Frame b.HSTSc.X-XSSd.CSP
a.X-Frame
Which type of threat actor would benefit the most from accessing your enterprise's new machine learning algorithm research and development program? a.Brokers b.Competitors c.Shadow ITd.Criminal syndicates
b.Competitors
What type of APs can be managed by wireless LAN controllers (WLCs)? a.Standalone APs b.Controller AP c.Captive portal APsd.Fat AP
b.Controller AP
Sherry needs to suggest a technology that can enable smartphones or laptops to control multiple devices like speakers, mice, etc., within a 100-meter distance. The device should also be connected without any wired connection.Which technology should Sherry suggest? a.NFC technology can be used to connect mobile devices to speakers b.Bluetooth technology can be used to connect devices without any wired connection c.RFID technology can be used to connect laptop mouse without any wired connectiond.WLANs can be used to connect mobile devices to speakers
b.Bluetooth technology can be used to connect devices without any wired connection
Justin works for an automobile manufacturer. The company is designing a new car that enables the users to use the car as a mobile office. To achieve this, the car must provide an internet connection as an access point, mirror a smartphone screen on the LED dash display, and have a hands-free system where drivers can use voice controls to browse their phone's contact list, make and receive hands-free phone calls, and use navigation apps.Which technology should he use and why? a.WLAN, because it can be connected to the car's internal computer system to provide internet and screen mirroring features. b.Bluetooth, because it can be used to pair devices, allowing for hands-free and screen mirroring features .c.RFID devices, because they establish two-way communication between devices, which can be used to provide hands-free features with voice control.d.NFC, because it is used to transmit information between devices by a small tag that can help provide hands-free features and an internet connection.
b.Bluetooth, because it can be used to pair devices, allowing for hands-free and screen mirroring features
ABC Technologies had its computer network compromised through a cybersecurity breach. A cybersecurity expert was employed to analyze and identify what caused the attack and the damage caused by the attack. He checked an available database for this purpose and found the threat actor behind the attack. He also found out the cybercriminal has been attempting to sell the company's valuable data on the internet.Which are the most probable methods used by the cybersecurity expert to get to this stage of the investigation? a.The cybersecurity expert checked the threat maps and used the MAR report. b.The cybersecurity expert checked with CISCP and also investigated the dark web .c.The cybersecurity expert checked the threat maps and used TAXII.d.The cybersecurity expert used STIX and checked with CISCP.
b.The cybersecurity expert checked with CISCP and also investigated the dark web
In an interview, the interviewer asks you to boot a PC. Before the boot process begins, an interface asks you to choose between Windows 10 and Ubuntu Linux. The interviewer then asks you to identify the type of VR monitor program being used. What should your reply be? a.Type III hypervisor b.Type I hypervisor c.Containerd.Type II hypervisor
b.Type I hypervisor
Maze must establish a communication channel between two data centers. After conducting a study, she came up with the idea of establishing a wired connection between them since they have to communicate in unencrypted form. Considering the security requirements, Maze proposed using an alarmed carrier PDS over a hardened carrier PDS. Why would Maze make this suggestion in her proposal? a.Network speeds would be slowed too much if they used a hardened carrier PDS. b.Using a hardened carrier PDS would require someone to conduct periodic visual inspections .c.Data transmission between buildings wouldn't be possible if they used a hardened carrier PDS.d.Using a hardened carrier PDS would restrict their ability to transfer large amounts of data.
b.Using a hardened carrier PDS would require someone to conduct periodic visual inspections
As a cybersecurity expert, you are asked to take adequate measures to mitigate DDoS attacks on your enterprise servers. Which of the following techniques should you apply? a.You should set up a proxy server. b.You should set up a DNS sinkhole. c.You should set up a virtual private network.d.You should set up a host-based firewall.
b.You should set up a DNS sinkhole.
In a security review meeting, you are asked to take appropriate security measures to mitigate IP spoofing attacks against the enterprise network. Which of the following methods should you apply? a.You should set up a proxy server. b.You should set up an ACL .c.You should set up a VPN.d.You should set up a DLP.
b.You should set up an ACL
Which of the following is a third-party network analysis tool? a.hping b.nmap c.curld.netstat
b.nmap
Which of the following is a characteristic of a potentially unwanted program (PUP)? a.A PUP pretends to perform natural activities while also performing malicious activities.b.A PUP gives access to the computer, program, or a service, circumventing the system's normal security protections. c.A PUP interferes and obstructs the user with web browsing and pop-up windows. d.A PUP gives the threat agent remote access to the user's device using specially configured communication protocols.
c.A PUP interferes and obstructs the user with web browsing and pop-up windows.
Ian, a systems administrator, was checking systems on Monday morning when he noticed several alarms on his screen. He found many of the normal settings in his computer and programs changed, but he was sure no one had physically entered his room since Friday. If Ian did not make these changes, which of the events below is the most likely reason for the anomalies? a.A firewall scan that was run over the weekend shut down the computer and the programs.b.The security administrator ran a penetration test over the weekend and did not tell anyone. c.A backdoor was installed previously and utilized over the weekend to access the computer and the programs. d.The power went out over the weekend and caused the programs to move back to their default settings.
c.A backdoor was installed previously and utilized over the weekend to access the computer and the programs.
What is a Type I hypervisor? a.A hypervisor that runs on security devicesb.A hypervisor that uses binary files for virtualization c.A hypervisor that runs directly on computer hardware d.A hypervisor that runs on host operating system
c.A hypervisor that runs directly on computer hardware
Suzanne is a cybersecurity expert. She was approached by Alex with a complaint that his payment information has leaked even though he has not made any online payments or shared information with anyone. Suzanne concluded that attackers most likely bumped a portable reader against Alex's smartphone to make an NFC connection and steal the payment information stored on the phone.What should Suzanne suggest to Alex to prevent this type of attack from happening in the future? a.Alex should configure his device pairing so one device can only send and the other onlyreceive.b.Alex should remain aware of the people around him while making NFC payments.c.Alex should protect his smartphone with a unique password or strong PIN. d.Alex should always turn the NFC off while he's in a crowded area.
d.Alex should always turn the NFC off while he's in a crowded area.
Which of the following is an external perimeter defense method? a.Fire suppressionb.Demilitarized zone (DMZ)c.Electronic lock d.Barrier
d.Barrier
In which type of RFID attack can unauthorized users listen to communications between RFID tags and readers? a.Data theftb.Fake tagsc.Unauthorized tag access d.Eavesdropping
d.Eavesdropping
What is the difference between protecting against eavesdropping and protecting against a man-in-the-middle (MITM) attack? a.Eavesdropping can be prevented by configuring in a pairing method so only one side can send and the other can receive it at a time, while MITM can be prevented by using strong passwords and PINs.b.Eavesdropping can be prevented by turning off NFC while in public, while MITM attack can be protected by using strong passwords and PINs.c.Eavesdropping can be prevented by strong passwords and PINs, while MITM attacks can be prevented by being aware of one's surroundings while using NFC technology. d.Eavesdropping can be prevented by being aware of one's surroundings while using NFC technology, while MITM attack can be prevented by configuring in a pairing method so only one side can send and the other can receive it at a time.
d.Eavesdropping can be prevented by being aware of one's surroundings while using NFC technology, while MITM attack can be prevented by configuring in a pairing method so only one side can send and the other can receive it at a time.
Melvin is moving his small business from his basement to an office building now that he has five full-time employees. What type of enterprise AP should he choose when setting up the new office's WLAN? a.Captive portal APb.Standalone APc.Controller AP d.Fat AP
d.Fat AP
Which cookie is created by the website a user is currently browsing to store the customer's browsing preference information? a.Session cookieb.Third-party cookiec.Secure cookie d.First-party cookie
d.First-party cookie
Makayla has created software for automating the accounting process at ABL Manufacturing. She completed the software development, with testing done during development at individual stages. Before putting the software into production, Mary, who is in charge of the testing software, ran the application using tools and generated a report giving the various inputs and corresponding exceptions generated by the application.What process did Mary use? a.Dead codingb.Code signingc.Camouflaged coding d.Fuzzing
d.Fuzzing
Which of the following is a network set up with intentional vulnerabilities? a.Honeypotb.Virtual private networkc.Sinkhole d.Honeynet
d.Honeynet
An organization is planning a revamp of the existing computer hardware with new ones. The IT manager has informed department heads that some computers have faced BIOS attacks in the past. He has requested help in preventing future BIOS attacks.As an expert, which of these solutions can you use to effectively improve boot security when the new computers are implemented in the network? a.Implement a Norton Antivirus solutionb.Implement BIOS supplemented with CMOSc.Use computers with flash memory for booting instead of BIOS d.Implement measured boot with UEFI
d.Implement measured boot with UEFI
Which of the following describes a memory leak attack? a.In a memory leak attack, an attacker changes the variable's value to something outside the range the programmer had intended.b.Memory leak attacks take advantage of the token generated and sent to the user's browser by the website as part of the authentication.c.A memory leak occurs when a process attempts to store data beyond a fixed-length storage buffer's boundaries. d.In a memory leak attack, the threat actor takes advantage of the programming error of not freeing the memory after executing a process, taking advantage of the device's low memory conditions to attack.
d.In a memory leak attack, the threat actor takes advantage of the programming error of not freeing the memory after executing a process, taking advantage of the device's low memory conditions to attack.
What is an officially released software security update intended to repair a vulnerability called? a.Vectorb.Defaultc.Firmware d.Patch
d.Patch
Social engineering is a means of eliciting information by relying on the weaknesses of individuals. How should you differentiate between the social engineering techniques of phishing and pharming? a.Phishing involves digging through trash receptacles to find information that can be useful in an attack, whereas pharming involves sending millions of unsolicited emails to a large volume of users.b.Phishing involves sending millions of generic email messages to a large volume of users, whereas pharming targets specific users by sending emails customized to the recipients, including their names and personal information.c.Phishing involves sending customized emails to recipients, including their names and personal information, to make the message appear legitimate, whereas pharming is a variant of phishing that specifically targets wealthy individuals or senior executives within a business. d.Phishing involves sending an email message or displaying a web announcement that falsely claims to be from a legitimate enterprise, whereas pharming is a redirection technique that attempts to exploit how a URL is converted into its corresponding IP.
d.Phishing involves sending an email message or displaying a web announcement that falsely claims to be from a legitimate enterprise, whereas pharming is a redirection technique that attempts to exploit how a URL is converted into its corresponding IP.
Which of the following tools can be used to protect containers from attack? a.Virtual machine managerb.Software-defined networkingc.Software-defined visibility d.Security-Enhanced Linux
d.Security-Enhanced Linux
Smitha, an employee working in the accounts department, reported to the information security officer that she could not access her computer. James, the security officer, noticed the following on Smitha's system:On booting the computer, the following message was flashing on the computer screen with the IRS logo:"This computer is locked by the Internal Revenue Service. It has come to our attention that you are transferring funds to other agencies using this computer without compliance with the local income tax laws. As per section 22 of the U.S. Income Tax Act, the transmission of funds without applicable taxes is prohibited. Your IP address is identified in this fraudulent transaction and is locked to prevent further unlawful activities. This offense attracts a penalty of $400.00 for the first offense. You are hereby given 16 hours to resolve this issue, failing which you shall be prosecuted to the full extent of the law. You may make a secure payment by clicking on the following link. If you face any issues, you may reach out to us at [email protected]."The message will not close, nor is there access to applications or files on the computer; however, James can open shared files and folders on Smitha's computer through the network.What is your inference about the problem faced by Smitha on her computer? a.Smitha's computer is compromised by cryptomalware.b.Smitha's computer is compromised by spyware.c.Smitha's computer is compromised by a PUP. d.Smitha's computer is compromised by ransomware.
d.Smitha's computer is compromised by ransomware.
In an interview, Max was asked to tell one difference between a software firewall and a virtual firewall. How should Max answer? a.Virtual firewalls are used on almost all devices, whereas software firewalls are mostly used by enterprises.b.Software firewalls can protect all the endpoints in a network, whereas virtual firewalls can protect only one device.c.Virtual firewalls are cost-free, whereas software firewalls are paid services. d.Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.
d.Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.
Natasha, a network security administrator for an online travel portal, noticed that her website was the victim of an SQL injection. She decided to study the SQL queries to find which one made this vulnerability in the database, and she noticed the following SQL code piece executed on the database:'whatever' AND email IS NULL;What has been accessed by the attacker running this SQL injection? a.The attacker accessed the entirety of email address data from all users in the database.b.The attacker accessed the data of specific users.c.The attacker has used the SQL injection to delete the table in the database. d.The attacker has determined the names of different types of fields in the database.
d.The attacker has determined the names of different types of fields in the database.
The files in James's computer were found spreading within the device without any human action. As an engineer, you were requested to identify the problem and help James resolve it. During file code inspection, you noticed that certain types of files in the computer have similar codes.You found that the problem is coming from a set of codes that are not part of the actual files, appended at the bottom of the file. You also noticed a transfer control code written at the beginning of the files giving control to the code at the bottom of the file.Which type of infection is this a characteristic of? a.This is a typical characteristic of a spyware infection in the endpoint device.b.This is a typical characteristic of files infected by keystrokes in an endpoint.c.This is a typical characteristic exhibited by files attacked by ransomware in the device. d.This is a typical characteristic of an endpoint device infected with a file-based virus attack.
d.This is a typical characteristic of an endpoint device infected with a file-based virus attack.
Which security protocol encrypts transmissions by using a shared secret key combined with an initialization vector (IV) that changes each time a packet is encrypted? a.MACb.WPAc.WPS d.WEP
d.WEP
Attackers have taken over a site commonly used by an enterprise's leadership team to order new raw materials. The site is also visited by leadership at several other enterprises, so taking this site will allow for attacks on many organizations.Which type of malicious activity is this? a.Spear phishingb.Vishingc.Hoax d.Watering hole
d.Watering hole
Which site survey tool is used to visually represent wireless network details such as channel bandwidth, channel coverage, data rate, and interference, among others? a.Heat mapsb.Channel selectionc.Channel overlays d.Wi-Fi analyzers
d.Wi-Fi analyzers
Which HTTP response header should be used to prevent attackers from displaying their content on a website? a.HSTSb.CSPc.X-XSS d.X-Frame-Option
d.X-Frame-Option
A source computer's ability to reach a specified destination computer can be tested using which of the following? a.curl b.ipconfig c.ifconfig d.ping
d.ping