Practice test questions
A system engineer is researching backup solutions that are inexpensive and can store large amounts of data offline. The backup solution must be portable and maintainable for a certain length of time defined in the company's backup recovery plan. Which of the following is the best backup solution?
Tape
Select the type of incident response exercise that involves recreating system interfaces or using emulators to allow students to practice configuration tasks, or even practice with other trainees to mimic real-time attack scenarios.
Simulations
A cloud customer prefers separating storage resources that hold different sets of data in virtual private clouds (VPCs). One of those data sets must comply with the Health Insurance Portability and Accountability Act (HIPAA) guidelines for patient data. How should the customer configure these VPCs to ensure the highest degree of network security?
Split segments between VPCs
After software testing activities have been completed, a system administrator moves the .war file to an environment that allows end users to access the application. Which environment is the completed software being deployed to?
Staging
A user cannot install an app from Google Play, referred to by a colleague. The user downloads the .apk file from a website and successfully installs the app. This process is known as sideloading. What are valid security concerns for installing software on a mobile device from a website rather than an app store? (Select all that apply.)
The website may have an outdated version, The .apk file may be a malicious software.
A company that maintains a classified environment staffs the front entrance with a person to review credentials and a person to verify authorized access. Employees must pass through a faraday cage before being allowed into the classified area. Which type of physical security does this best represent?
Two-person control
Security admins are evaluating Windows server vulnerabilities related to Dynamic Link Library (DLL) injections. Modern applications are running on these Windows servers. How would an attacker exploit these vulnerabilities? (Select all that apply.)
Use malware with administrator privilege, Evade detection through refactoring
A threat actor logs in to a website as a free user and submits a request for a file. The request references the parent directory of the web server. This injection attack is successful by using a canonicalization attack to disguise the nature of the malicious input. How was the threat actor able to retrieve the file?
Using a directory traversal attack.
A network administrator needs a service to easily manage Virtual Private Cloud (VPC) and edge connections. The service must have a central console for ease of monitoring all components. Which of the following is the best solution for the administrator to use in a cloud computing environment?
Transit gateway
Flow analysis tools, such as IPFIX or Netflow, collect metadata about network traffic without capturing each frame. Evaluate the type of analysis that uses these tools.
Trend analysis
A company purchased a few rack servers from a different vendor to try with their internal cluster. After a few months of integration failures, the company opted to remain with their previous vendor and to upgrade their other rack servers. The current commercial software will be migrated to the new rack servers. What may have caused the company to remain with their previous vendor for new rack servers? (Select all that apply.)
Vendors lacks expertise, Servers are incompatible
A network administrator can conduct a site survey to find potential placement locations of wireless access points (WAP) using which of the following? (Select all that apply.)
Wi-Fi analyzer, heat map
A user receives access to a company system through the use of a smart card. The user can then access data they have privileges to access. A record of all events the user accomplishes or attempts to is recorded in a log for administrative purposes. What access management policy does this best describe?
AAA
A systems administrator learns Linux commands to view log files. Which command should be used if line numbers are required to view an entire file?
cat
A government system uses Public Key Infrastructure to enable users to securely exchange data using both a public and private cryptographic key pair that is obtained and shared through a trusted authority. This process most likely describes which of the following?
Authentication
A government system uses Public Key Infrastructure to enable users to securely exchange data using both a public and private cryptographic key pair that is obtained and shared through a trusted authority. This process most likely describes which of the following?
Authentication application
An organization moves its data to the cloud. Engineers use regional replication to protect data. Review the descriptions and conclude which apply to this configuration. (Select all that apply.)
Available access if a single data center is destroyed, Known as zero-redundant storage
Select the tools with which an attacker can identify misconfigured DNS servers with which a zone transfer can be performed, compromising the records of all hosts in a domain. (Select all that apply.)
dig, nslookup/dig
What identifies the physical location of a device?
geolocation
When uploading a picture to a photo web site, it automatically loads the photo onto its interactive world map. How is it possible that the website can read the location of the uploaded picture? (Select all that apply.)
geolocation, gps tagging
A basic dictionary attack includes using which of the following?
plaintext
A start-up company operates all of its web servers and services on a cloud platform using Platform as a Service (PaaS). The company offices run a local domain controller for directory services. Which type of attacks would the cloud service provider consider as cloud-based attacks as opposed to on-premise? (Select all that apply.)
Backdoor to virtual platforms, RAT on web servers
Which attack vector makes it possible for a threat actor to compromise a whole platform with just one account?
Cloud
A company leases access to resources from a service provider as agreed upon in a service level agreement. The company pays only for what is used on a monthly basis. Which of the following computing concepts is being used?
Cloud computing
After opening a third branch office in another state, the security team is having difficulty monitoring the network and managing system logs. Using a standard Security Information and Event Management (SIEM) system, what can the team do to better manage these events in a centralized way?
Deploy listeners
What is an antivirus and anti-malware software capable of doing to protect a computer system? (Select all that apply.)
Detect trojans, Signature-based detection
In which environment can multiple developers check out software code and include change management processes?
Development
The 802.1x framework establishes several ways for devices and users to be securely authenticated before they are permitted access to LAN (Local Area Network) or WLAN (Wireless LAN). Identify the actual authentication mechanism established.
EAP
A company deployed a wireless access point and wishes to enable the Enterprise mode for secure wireless connections. The servers have certificates, but the supplicants do not. Which of the following options would fit the company's needs? (Select all that apply.)
EAP-FAST, EAP MD5
The client wants to deploy a wireless network that uses a smart card or a certificate that can be installed on the client's PC. Which type of authentication mechanism is most suitable for this task?
EAP-TLS
Users in a company complain that they cannot reach internal servers when using WiFi. IT discovers that the SSID of the broadcasted network is similar to the company's but is not legitimate. IT plans on searching the network to remove which disruptive technologies? (Select all that apply.)
Evil twin, Rouge access point
A systems administrator plans to protect a data center with various security controls and safety mechanisms. Which solution does the administrator plan based on a "triangle" principle?
Fire suppression
The financial staff at an organization works with IT and management to determine the risks associated with currently deployed systems. What measure of risk results from this analysis?
Inherent risk
Describe an intrusion prevention system (IPS) that also makes it a single point of failure for network traffic if there is no fault tolerance mechanism in place.
Inline appliance
A software developer created a new application, and the software company pressured the developer to release it to the public. Which of the following helps ensure the application is secure before the release? (Select all that apply.)
Input Validation, Error handling, Proper Authentication and Authorization
Which of the following are deployed similarly to a credit card skimmer?
Malicious USB Plug
Which boot integrity concepts utilize the trusted platform module (TPM)? (Select all that apply.)
Measured boot, Boot attestation
Two organizations plan on forming a partnership to provide systems security services. Part of the onboarding requirements for both sides includes a mutual understanding of quality management processes. Which approach details this requirement?
Measurement systems analysis (MSA)
A security firm and an organization meet and agree to begin a business relationship. While a contract is not in place yet, what do the parties use to maintain confidentiality and as an intent to work together?
Memorandum of understanding (MOU)
Which of the following cryptographic algorithm standards is best suited for Internet of Things (IoT) devices?
Lightweight
An application's appliance template virtual machine (VM) is running on the production network. A Linux administrator logs in to the system as the default root account to verify network settings. The appliance was deployed "out of the box" and is running healthy. A security engineer would have some concerns about which of the following configurations? (Select all that apply.)
Log on as superuser, default template settings
A support technician wants to test a system's connectivity by examining TCP and UDP ports. If the technician requires the ability to test both Linux and Windows systems, which tools qualify? (Select all that apply.)
Netcat, Netstat, nmap
There are several ways to check on the status of an online certificate, but some introduce privacy concerns. Consider how each of the following is structured and select the option with the best ability to hide the identity of the certificate requestor.
OCSP stapling
Conclude what type of data has high trade values in black markets, is often anonymized or deidentified for use in scientific research, and when compromised, can lead to its use in blackmail or insurance fraud, as well as cause reputational damage to the responsible organization.
Personal health information (PHI)
Which of the following are common constraints of embedded systems? (Select all that apply.)
Network Range, Cryptography capability, Compute power
A configuration manager creates policies and procedures for events such as power failure, network intrusion, and denial of service. These documents include step-by-step instructions to protect the application and restore it to a functional state within a certain timeframe. What has the configuration manager implemented?
Response and recovery control
Analyze the methods and determine which a technician uses as a non-persistent recovery method on a server using a system baseline.
Rollback to known configuration
Finance representatives at an organization meet professional standards by providing reports that are highly detailed and designed to be restricted. As members of the American Institute of Certified Public Accountants (AICPA), which standards do the finance representatives follow?
SSAE SOC 2 Type II
A financial institution uses File Transfer Protocol Secure (FTPS) to transmit personally identifiable information (PII) to a receiving institution. Which encryption method would best be suitable for protecting the confidentiality of the information in transit?
SSL/TLS
Which of the following is NOT an example of improper or weak application patch management.
Application design flaw
Determine the type of code execution policy that would ensure that unrecognized software cannot run.
Allow list
Management is planning a secure network design for corporate mobile devices given to remote employees. One security suggestion involves only allowing corporate apps to access the corporate network when the mobile device is connected via a virtual private network (VPN). Which of the following will support this design? (Select all that apply.)
Context-aware authentication, Unified endpoint management, Mobile application management
Which of the following will reduce the risk of data exposure between containers on a cloud platform? (Select all that apply.)
Control groups, Namespaces
During a risk assessment, a company indicates the value of employee used laptops to be $1,500.00 a piece. What should the company define to come up with the annual loss expectancy in a quantitative risk assessment
ARO
A Windows firewall rule allows all programs, all protocols, and all ports within a 192.168.0.0/24 subnet to connect to the network. What type of Windows Firewall with Advanced Security is this?
Access Control List (ACL)
A new administrator completed setting up an admin account on the network. The admin successfully logged on to a remote file server with the new credentials but not on a remote domain controller (DC) server. Determine the most likely cause for not being able to log in to a DC server.
Access policy
Companies often update their website links to redirect users to new web pages that may feature a new promotion or to transition to a new web experience. How would an attacker take advantage of these common operations to lead users to fake versions of the website? (Select all that apply.)
Add redirects to .htaccess files, Craft phishing links in email
Which of the following attacks would allow an attacker to sniff all traffic on a switched network?
Address Resolution Protocol (ARP) poisoning
A logistics facility provides transportation services globally for many clients. Clients require their planning information to be kept in a secure environment not connected to a network until the needs have been fulfilled. Which of the following solutions would be the most ideal method of meeting this requirement for the company?
Air gap
Simulate the hypertext transfer protocol secure (HTTPS) protocol in use.
An encrypted TCP connection protects sensitive banking information during online transmission.
A recent attack on the company involving a threat actor from another country prompted the security team to host regular penetration testing exercises. The recent attack involved the IT team as well as human resources because an employee's desktop was breached. In the upcoming exercise, what role would the human resource team portray along with the IT team to simulate the recent attack and its experiences?
Blue team
Which of the following was an example of a vulnerability database that a sec admin can use tenable Nessus to assess state of servers on network?
CVE
Conclude which terms represent a core feature of the Diamond Model of Intrusion Analysis. (Select all that apply.)
Capability, Infrastructure
A group of junior systems administrators participates in an ethical hacking seminar that allows for advancement and rewards for completing challenges. Which training methods do the administrators experience?
Capture the flag, Gamification
Select viable methods of investigation in the case of authentication attacks. (Select all that apply.)
Compare authentication logs with security and network logs, Use a SIEM dashboard to identify suspicious trends in user traffic, Search application logs for use of unauthorized applications
A software developer enables a security feature commonly known as stack protection but does not execute the source code. Which of the following best describes what the developer is using?
Complier
Differential, full, and incremental refer to which of the following when discussing backup types that will not collect open files?
Copy
An employee at a financial firm is responsible for ensuring that data is stored in accordance with applicable laws and regulations. What role does the employee have in terms of data governance?
Data steward
Which attack types are client-side attacks that are impacted by malicious code? (Select all that apply.)
Cross-site scripting, session replay
An IT hobbyist builds a script in Python to scrape web-pages for images. Recommend a command-line tool the hobbyist can use in his script to download the image files to his local drive.
Curl
Which of the following is designed to mitigate losses from cyber incidents such as data breaches, outages, and network damage
Cybersecurity insurance
A visiting consultant to a company fails at trying to copy a file from a shared drive to a USB flash drive. Which security solutions block the file from being copied? (Select all that apply.
DLP system, EPP
A cyber security team would like to gather information regarding what type of attacks are occurring on a network. Which of the following implementations would assist in routing information on the attackers to a Honeynet?
DNS Sinkhole
The local operational network consists of physical electromechanical components controlling valves, motors, and electrical switches. All devices enterprise-wide trust each other in the internal network. Which of the following attacks could overwhelm the network by targeting vulnerabilities in the headers of specific application protocols?
DNS amplification attack
A small department at a company manages a server, separate from IT, for data access and backup purposes. What role does the department fulfill?
Data custodian
An application processes and transmits sensitive data containing personally identifiable information (PII). The development team uses secure coding techniques such as encryption, obfuscation, and code signing. Which of the following is the development team concerned with?
Data exposure
A Security Information and Event Management (SIEM) system is heavily dependent on which of the following to provide meaningful information about security events and trends?
Data inputs
The IT team has purchased a few devices that are compatible with the Trusted Computing Group Security Subsystem Class called Opal. Which of these device specifications will take advantage of Opal's security features?
Disk encryption
Which of the following hardening procedures can protect a multifunction printer from a cybersecurity attack? (Select all that apply.)
Enable Logging, Deleted queued data, change default password
A large business works with a consulting group to develop a business continuity plan. The goal of the plan is to provide a potentially uninterrupted workflow in the event of an incident. Examine the descriptions and determine which one matches this goal.
Ensuring processing redundancy supports workflow
An enterprise has recently experienced a severe malware attack. Admin has identified and removed the cause, and they are now checking the systems and bringing them back online. How would one categorize the cause with respect to incident response procedures?
Eradication
A foreign country is planning to target another country to destabilize its economy and upcoming elections. A hacktivist group and government leaders are working together using hybrid warfare tactics to accomplish their goal. What are the most effective methods the foreign country can use to carry out their plan? (Select all that apply.)
Espionage, Fake tweets, soft power
Security admins are evaluating Windows server vulnerabilities related to Dynamic Link Library (DLL) injections. Modern applications are running on these Windows servers. How would an attacker exploit these vulnerabilities? (Select all that apply.)
Evade detection through refactoring, Use malware with administrator privilege.
A security administrator notices port scanning from an unknown entity on the company infrastructure. The administrator sets up a router to provide erroneous information to be provided in return to protect the system from breach or attack. What is the router providing in response to the scan?
Fake telemetry
Devices deployed in a network and that send data to the local area network (LAN) level and process it with an Internet of things (IoT) sensor are which of the following?
Fog computing
A datacenter requires an instantaneous failover power solution that is inexpensive. Which of the following is the least likely solution for the datacenter?
Generator
An application requires continuity of operations within a 24 hour period due to the command and control capabilities it maintains. The failover site must be physically separated from the program office and be available within the required timeframe with live data. Which of the following redundancy solutions best meets the failover requirement?
Geographical dispersal
A web administrator notices a few security vulnerabilities that must be addressed on the company Intranet. The portal must force a secure browsing connection, mitigate script injection, and prevent caching on shared client devices. Determine the secure options to set on the web server's response headers. (Select all that apply.)
HTTP Strict Transport HSTS, CSP, Cache Control)
Using Unified Extensible Firmware Interface (UEFI) to boot a server, the system must also provide secure boot capabilities. Part of the secure boot process requires a secure boot platform key or self-signed certificate. Determine which of the following an engineer can use to generate keys within the server using an available Peripheral Component Interconnect Express (PCIe) slot.
Hardware security module
A healthcare organization was asked to share its data with an analytics company to perform research on patient well-being. Which of the following encryption methods would most likely ensure patient information during analysis?
Homographic
A risk management implementation begins with which of the following characteristics? (Select all that apply.)
Identification, Classification, Prioritization
Which of the following is the service that provisions the user account and processes authentication requests?
Identity provider
Specify elements that a playbook should include. (Select all that apply.)
Incident categories and definitions, Query strings to identify incident types, When to report compliance incidents
Which of the following is TRUE about a certificate authority (CA) in a hierarchical model as opposed to a single CA model? (Select all that apply.)
Intermediate CA issue certificates, Offline CA is a best practice
Analyze and select the items demonstrating advantages Terminal Access Controller Access-Control System Plus (TACACS+) has over Remote Authentication Dial-In User Service (RADIUS). (Select all that apply.)
It provide greater flex and realiability, It is easier to detect when the server is down
A threat actor can exploit an unauthenticated access to submit arbitrary directory queries using which type of attack?
LDAP Injection
An organization suffers a breach and learns a lesson in the proper approach of maintaining archived data. An engineer writing a report focuses on which areas? (Select all that apply.)
Lessons learned, Retention policies
Which of the following baseband radio technologies support higher bandwidth capacities?
LTE-M
A Cloud Service Provider (CSP) outsources the entire cyber security elements to a third party for the infrastructure in which an application resides due to lack of resources. The CSP maintains responsibility of the environment and attributes. What is this an example of?
MSSP
Which type of certificate does Secure Multipart Internet Message Extensions (S/MIME) NOT use to sign a message? (Select all that apply.)
Machine, Root, User cert
Mobile Android operating system (OS) encryption software might allow encryption of which of the following?
MicroSD
A company's infrastructure and resources are set up in a vault on the second floor of a building. The company is responsible for maintaining services and equipment. Which of the following best describes the company's cloud concept?
On premise
A multinational company has partnered with several smaller, younger companies. To protect their supply chain and improve their own risk posture, the company offers to provide network security services for their new partners. Conclude what type of risk the company is addressing.
Multiparty
What protocol alters public IP addresses to private IP addresses and vice versa, in an attempt to protect internal computers from the Internet?
NAT
A user at an organization reports that their mobile payment method may have been hacked. A security engineer determines that a compromise must have occurred through card skimming. Which technology was used for mobile payments?
NFC
Which of the following wireless technologies does not provide encryption and is known as a "bump"?
NFC
Determine a solution that can combine with a cloud access security broker (CASB) to provide a wholly cloud-hosted platform for client access?
Next-generation Secure Web Gateway
Which of the following are examples of weak patch management for operating systems and device firmware in a classified network? (Select all that apply.)
Non-centralized deployment, Undocumented processes
After a year of vulnerability scans, a security engineer realized that there were zero false positive cases. The application logs showed no issues with the scanning tool and reports. What type of scanning tool or configuration would result in zero false positives being reported? (Select all that apply.)
Non-credentialed scan, Non-intrusive tool
A developer is concerned with Cross-Site Scripting (XSS) in the latest deployed version of an application. What should the developer refer to for information regarding critical application security risks?
OWASP
An administrator goes through regular tasks every morning at the office to quickly gather health metrics of the network and associated systems. The admin connects to a Windows jump server using a secure shell (SSH) to run health scripts which outputs the data to a .xls file on a local shared folder accessible to all employees. The most recent run of the health script failed immediately without any indication of the issue. If an Information System Security Officer (ISSO) examined these morning tasks, what would be considered a weak configuration? (Select all that apply.)
Open permissions, Default settings
Describe what distinguishes tabletop training from walkthrough training.
Participants describe their course of action, using no computer equipment.
Password lockout commonly prohibits users from logging in after a number of failed password attempts. While this practice may protect against unauthorized users gaining access to valid user login information, what disadvantages could implementing this practice create for an organization? (Select all that apply.)
Password lockout increases the workload for security management, Password lockout is vulnerable to Denial of Service (DoS) attacks.
Which penetration technique allows a tester to bypass a network boundary and compromise servers on an internal network?
Pivot
Which control types does a systems engineer implement when an initial locking mechanism does not perform as expected? (Select all that apply.)
Preventative, Compensating
The IT team manages multiple root accounts on a spreadsheet that provides access to virtual hosts. Although only administrators have access to the share location where the spreadsheet exists, management would like to add auditing measures to these accounts. Which solution will support the requirement?
Privilege access management
A systems admin deploys a new infrastructure for an organization. Examine the given descriptions and determine which applies to the technology used with the LDAP protocol.
Provides privilege management and authorization
Identify security control options that can be categorized as "corrective." (Select all that apply.)
Quarantine of infected hosts, Containment of the threat
IT management wants to make it easier for users to request certificates for their devices and web services. The company has multiple intermediate certificate authorities spread out to support multiple geographic locations. In a full chain of trust, which entity would be able to handle processing certificate requests and verifying requester identity?
RA
A Local Area Network (LAN) is set up with an Authentication, Authorization, and Account (AAA) server. The AAA server allows remote supplicants to access the LAN through a Network Access Point (NAP). Which of the following best describes the type of remote authentication solution that is set up on the LAN?
RADIUS
A connection cannot be established during a network connection test of a newly deployed WAP (Wireless Access Point) in WPA2 Enterprise (Wi-Fi Protected Access) mode. After checking the wireless controller, the 802.1x option was selected, but another configuration setting did not save. Apply knowledge of the network connection process to determine which of the following did not save.
RADIUS Server settings
Determine appropriate methods the team can use to acquire OS-level information from Windows.
Reboot and analyze memory dump files, Initiate sleep mode and analyze the hibernation file, Check system and security logs.
A vendor ensures that each Internet of Things (IoT) device produced uses random, unique cryptographic keys in accordance with the established certificate and key management practices found in The National Institute of Standards and Technology (NIST) publications. Which of the following constraints is the vendor preventing?
Reuse
A company shares an external drive that allows members to collaborate documentation and products to work simultaneously. The CIO enforces a rule that some users can download files to their local desktop while others can only view files. This is an example of which type of data protection?
Rights Management
An instructor in the Logistics Planning class has restricted the ability to save and edit forms within the online application of students due to the sensitivity of information. What type of data protection does this most closely represent?
Rights management
A security consultant recently audited a company's cloud resources and web services. The consultant found ineffective secrets management and a lack of input validation mechanisms. What type of attack would the company's cloud resources be susceptible to at its current state? (Select all that apply.)
SQL Injection, API Attack, Resource exhaustion
A developer uses a prepackaged set of tools that includes documentation, application programming interfaces (APIs), code samples, and libraries to easily integrate an application with the company Linux operating system. Which secure coding process is the developer using?
SDK
A company wants to implement a control model that dictates access based on attributes. The company would like to reconfigure the network by making changes from executable files instead of physically reconfiguring. Which of the following should the company implement?
SDN
Identify types of metadata that would be associated with CDR (call detail records) of mobile devices. (Select all that apply.)
SMS text timestamps, List of towers connected to, Call durations
Network administrators are configuring a demilitarized zone (DMZ) to provide Internet-facing services to customers. These admins will perform minimum configuration and security to rapidly deploy two web servers that are load balanced. Which of the following will most likely be configured in this DMZ? (Select all that apply.)
Scheduling algorithm, Bastion hosts, Virtual IP addresses
Which resource can help for a cloud consumer to evaluate a cloud service provider as services relate to integrating on-premise controls?
Security guidance
Failed logins or instances of denial of access to restricted files may be indicators of compromise. Suggest where records of such incidents might be found. (Select all that apply.)
Security logs, Authentication logs
How can an attacker exploit the lack of authentication between the internal services (e.g., implicit trust) of a web host to steal service account credentials?
Server-side request forgery
In regards to performing forensic investigation in public clouds, what document would contain the right to audit clause, giving the investigator the authority to audit files on the network?
Service-level agreements (SLA)
Employees use a two-factor authentication (2FA) method to log into company resources. The employees combine something they have with something they know. Which 2FA method is most likely being used to verify employee credentials?
Smart card
Which of the following practices would help mitigate the oversight of applying coding techniques that will secure the code of an internal application for a company?
Static code analysis
Teams of security experts are preparing for a penetration exercise using a white box environment. The activities will be monitored in an isolated environment in the company's local datacenter. What would be the appropriate rules of engagement for this exercise? (Select all that apply.)
Steal files from file server A., Do not access production network
Which certificate attribute describes the computer or machine it belongs to?
Subject Alternate name and Common Name
Consider conditional access to a system and determine which options fit the criteria. (Select all that apply.)
Sudo restrictions, User Account Control (UAC)
Analyze the active defense solution statements and determine which best describes the purpose of a honeyfile.
The attempts to reuse can be traced if the threat actor successfully exfiltrates it.
An organization wants to implement a certificate on a website domain. The organization prepares for a rigorous check to prove its identity using extended validation. Evaluate the options and conclude why the certificate would not be issued.
The domain uses a wildcard
In what way does Challenge Handshake Authentication Protocol (CHAP) protect against replay attacks?
The handshake is repeated with different challenge messages periodically throughout the session connection
Users are only allowed to work in the office. Account policies must provide login security measures. So, users are only working during normal business hours. Identify the policy that establishes the maximum amount of time an account may be logged in for at the workplace?
Time-based login policy
Multiple private data sources ingest pictures to a machine learning tool on Google Cloud Platform to find specific species of butterflies. The pictures are tagged by creator names in the company before being loaded onto the various data source locations. What type of security solution can the IT team implement to prevent tainted training data from getting to the machine learning tool? (Select all that apply.)
Use SOAR to check picture properties, Keep ML algorithm a secret
Today's hackers are keen on knowing that security teams are actively hunting for threats on the network. Hackers may use resources to trigger a diversion to keep threat hunters busy, while another attack is initiated to carry out the primary objective of the planned penetration attack. How can a security team best circumvent this strategic hacking technique?
Use a defensive maneuver
Evaluate and select the differences between WPA and WPA2.
WPA2 supports an encryption algorithm based on the Advanced Encryption Standard (AES) rather than the version of RC4 "patched" with the Temporal Key Integrity Protocol (TKIP), WPA2 requires entering a longer password than WPA.
IT discovers a flaw in a web application where it allows queries without encryption. As a result, requests are being spoofed and directories containing private files are viewable. What is happening?
XML Injection
A cloud service provider (CSP) offers email capability, remote desktop access, and virtual class software to its consumers. Which cloud service model does this best represent?
XaaS
A lack of which of the following measures of disorder can leave a cryptosystem vulnerable and unable to encrypt data securely?
entropy
A basic installation of a web server will require which of the following to allow unauthenticated access?
guest
Which value is the result of a quantitative or qualitative risk analysis?
inherent risk