security+
Which of the following best describes the domain controller component of AD
A domain controller is a server that holds a copy of the AD database that can be written to and is responsible for copying changes to AD between the domain controllers.
An organization's IT department wants to implement a security model responsible for verifying user identities, determining access rights, and monitoring activities within a system. Which concept is most appropriate for the department to implement?
AAA
Smart Card Microprobing attack
Accesses the chip's surface directly to observe, manipulate, and interfere with a circuit
What is the name of the service included with the Windows Server operating system that manages a centralized database containing user account and security information?
Active Directory
Managerial Control
Administrative actions that define the organization's security posture through policy, guidelines, standards, procedures, and other forms of documentation. Does not detect/prevent unauthorized access to data.
You are the CISO at a tech company. Your company is facing issues with silos between the development and operations teams, leading to inefficiencies and security vulnerabilities. Which approach should you adopt to encourage collaboration and integrate security considerations at every stage of software development and deployment?
Adopting a DevOps approach
Which of the following is an example of a preventative control type?
Advanced Network appliance, aka Adaptive Security Appliance (ASA)
A PKI is an implementation for managing which type of encryption?
Asymmetric
Which of the following security challenges refers to the rapid and broad spread of an attack, often affecting a large number of computers in a relatively short amount of time?
Attack scale and velocity
What is the process of controlling access to resources such as computers, files, or printers called?
Authorization
You are a cybersecurity expert implementing a zero trust model in a large organization. You are tasked with designing the control and data planes. Which of the following strategies should you prioritize and why?
Balance your focus between the control and data planes, ensuring both are optimized for security and efficiency
The head of IT security at a financial institution is working to enhance the directive controls in place within the company. Which of the following should the institution implement?
Building access procedures
BCP
Business Continuity Plan
Smart Card Eavsdropping attack
Captures transmission data produced by a card as it is used
Operational Control
Characterizes a tangible item, preventing or detecting unauthorized access to physical spaces, systems, and assets.
Change management is not just for implementing software updates or hardware changes. For example, version control refers to capturing changes made to important documents a company needs. What are some documents that would utilize version control?
Code, important data, and diagrams
An organization changes its security posture after a breach and wants to enhance encryption by putting measures in place to mitigate risk exposures that cannot be directly eliminated by the cyber security team. What type of control is being observed in this situation?
Compensating
Sophisticated attacks
Complex attacks that are difficult to detect and thwart. Use common internet tools and protocols, making it difficult to distinguish an attack from legitimate traffic.
CIRT
Computer Incident Response Team
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security risks is most pressing?
Confidentiality
A company moved its office supplies to another room and instituted a new security system for entry. the Company implemented this after a recent server outage. What category of security control best describes the function of this recent implementation?
Corrective
After encountering a cyber attack, an organization uses a monitoring solution that automatically restarts services after it has detected the system has crashed. What type of functional security control is the company implementing?
Corrective
CSP
Cryptographic service provider - resides on the client and generates the key pair
Which of the following is a limitation of using a DNS sinkhole as a cybersecurity measure?
DNS sinkholes are ineffective if the malware uses a public DNS server or its own DNS server
Smart Card Fault Generation attack
Deliberately induces malfunctions in a card
A user in a company wants a new USB flash drive. Rather than requesting one through the proper channel, the user obtains one from one of the company's storage closets. Upon approaching the closet door, the user notices a warning sign indicating cameras are in use. What is the control objective of the observed sign?
Deterrent
Which type of control is used to discourage malicious actors from attempting to breach a network?
Deterrent
An information technology manager conducted an audit of the company's support tickets. The manager noticed a trend with the tickets, where the majority were for new computer setups. What security control function would the manager's implementation of a new standard operating procedure have?
Directive
DRP
Disaster Recovery Plans
DACL
Discretionary access control list
Collection of network resources (AD)
Domain
You are the CISO at a large corporation. Your company is expanding rapidly and the complexity of managing security across different business functions is increasing. You need a dedicated team to monitor and protect critical information assets across the organization. Which of the following would be the most effective solution?
Establishing a SOC
Smart Card Software Attacks
Exploits vulnerabilites in a card's protocols or encryption methods
After implementing the National Institute of Standards and Technology (NIST) Cybersecurity Framework, the CISO is assessing the company's security posture to identify deficiencies from the framework's recommendations. What process can the CISO run to get a better sense of what the company needs to improve upon?
Gap analysis
Which of the following statements correctly describe the characteristics of generic containers in AD?
Generic containers are used to organize AD objects & are created by default
Which of the following objects identifies a set of users with similar access needs?
Group
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature?
Her private key
Detective control types
ISPs, network monitoring applications, collectors logs, and real-time monitoring alerts
Detective control
Identifies when incidents or vulnerabilities have occurred. Ie auditing/monitoring
IAM
Identity and Access Management
A large multinational corporation has recently experienced a significant data breach. The breach was detected by an external cybersecurity firm, and the corporation's IT department was unable to prevent or detect the breach in its early stages. The CEO wants to ensure that such a breach does not happen again and is considering several options to enhance the company's security posture. Which of the following options would be the most effective in preventing and detecting future data breaches?
Implementing a CIRT
Technical control
Includes hard/software mechanisms used to protect assets. Ie antivirus software, firewalls, and Intrusion detection systems.
The Chief Security Officer (CSO) at a financial organization wants to implement additional detective security controls. Which of the following would best represent this type of control?
Installing surveillance cameras
Your computer system is a participant in an asymmetric cryptography system. You've created a message to send to another user. Before transmission, you hash the message and encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, which protection does the hashing activity provide?
Integrity
The IT director at a financial institution focuses on implementing compensating managerial controls to augment the institution's existing security framework. If a mandated control cannot be put into place, which of the following compensating controls should an analyst recommend as a sufficient substitute?
Isolating a critical system that cannot be patched.
A recently breached company tasks the cyber team to further restrict end-user permissions. What describes the use of an application allow list?
It enforces polices in computer systems and networks
Which of the following controls is an example of a physical access control method
Locks on doors/
A properly implemented change plan for an international company helps keep business operations moving forward. Restarts, dependencies, and downtime are hand-in-hand with change management. When is the best time to implement changes?
Maintenance windows and Off-peak times
Which of the following is a method of implementing security controls?
Managerial Controls
Which type of control makes use of policies, DRPs, and BCPs?
Managerial Controls
Data encryption
Method used to protect data from unauthorized access
When sending confidential data over a network, a company wants to ensure both parties involved cannot deny the validity of the transmitted data. Which security principle should they prioritize?
Non-repudiation
Network resource in the directory (AD)
Object
OCSP
Online Certificate Status Protocol - used to check the status of an individual digital certificate to verify whether it is good or has been revoked
You have placed a FTP server in your DMZ behind your firewall. The FTP server will distribute software updates and demonstration versions of your products. However, users report that they are unable to access the FTP server.
Open ports 20 and 21 for outbound connections
An AUP requires the system to encrypt confidential information while in transit. All employees must use secure email when exchanging proprietary information with external vendors. Which of the following describes this type of AUP?
Operational
Control Categories
Operational, Managerial, Technical
Logical organization of resources (Active Directory/AD)
Organizational unit
Which of the following is a mechanism for granting and validating certificates?
PKI
You want to use CCTV to increase your physical security, and you want the ability to remotely control the camera position. Which camera type should you choose?
PTZ (Pan Tilt Zoom)
Which of the following best describes compensating controls?
Partial control solution that is implemented when a control cannot fully meet a requirement
After a recent server outage, the company discovered that an employee accidentally unplugged the power cable from the server while grabbing some office supplies from the nearby shelf. What security control did the company lack that led to the server outage?
Physical
When setting up a new server room for sensitive data storage, a tech company seeks to enhance preventative measures against unauthorized access?
Physical Security
A manufacturing company is looking to enhance its security measures by implementing deterrent controls in its facility, specifically the server room. Which of the following options would be most effective?
Placing visible signs indicating surveillance and severe penalties for unauthorized entry
After an unauthorized access incident in the server room over the weekend, the IT department of a company decides to implement new security controls to deter similar future incidents. Which of the following should they implement?
Placing visible signs indicating surveillance and severe penalties for unauthorized entry
You are a system administrator for a company that uses Linux servers. One of your tasks is to implement a new smart-card login system for all employees. Which Linux authentication method would you use to accomplish this?
Pluggable Authentication Module (PAM)
A corporation's IT department is integrating a new framework that permits, ascertains, and applies various resources in accordance with established company polices. Which principle should the department incorporate?
Policy-driven access control
The Information technology department in a large organization is implementing a new system where the system allows, determines, and enforces various resources based on predefined company guidelines. Which concept is the department implementing?
Policy-driven access control
A company installed a new locking cabinet in the computer room to hold extra flash drives and other supplies
Preventive
Which technology is primarily used by smart cards to store digital signatures, cryptography keys, and identification codes?
Public Key infrastructure (PKI)
Which of the following algorithms are used in asymmetric encryption?
RSA and Diffie-Hellman
Proliferation of attack software
Refers to wide variety of attack tools available on the internet, allowing anyone with some level of tech knowledge to download the tools and run an attack.
RA
Registration Authority - verifies the information included in a certificate request
Corrective Control
Responds to an incident, fixes it, and prevents it from happening again. Antivirus software.
Which of the following File transfer protocols use SSH to provide confidentiality during the transfers?
SCP, SFTP
FTPS uses which mechanism to provide security for authentication and data transfer?
SSL
Mary wants to send a message to Sam in such a way that only Sam can read it. Which key should be used to encrypt the message?
Sam's public key
SCP
Secure Copy Protocol
Which type of group can be used for controlling access to objects?
Security
A receiver wants to verify the integrity of a message received from a sender. A hating value is contained within the digital signature of the sender. Which of the following must the receiver use to access the hashing value and verify the integrity of the transmission?
Sender's public key
Given the need to prioritize cost-effective solutions for enhancing the company's cybersecurity posture, a global corporation's CSO considers implementing technical controls over physical controls. Which of the following is a technical control?
Setting up a network Intrusion detection system
SMTP
Simple Mail Transfer Protocol - sends and receives emails/not for secure file transfers
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access?
Smart card
You are the head of the cybersecurity team at a large corporation. You notice an increase in network traffic that appears to be legitimate but is causing a slowdown in your systems. Upon further inspection, you find that the traffic patterns vary each time, making it difficult to distinguish from normal traffic. What type of security challenge are you most likely facing?
Sophisticated attack
An organization frequently implements changes, reconfigurations, and patches to enhance its IT infrastructure's security and efficiency. The cybersecurity analyst must carefully analyze dependencies between services, applications, and interfaces to avoid unintended outages and disruptions during service restarts or downtime events. How does understanding dependencies impact the change management process?
Supports the development of post-change performance monitoring to validate system functionality and quickly detect issues, helps avoid unintended outages and disruptions during service restarts or downtime events, and guides the development of effective blackout plans and downtime contingencies.
What file transfer protocols do FTPS and HTTPS use
TLS or SSL
You are the Chief Information Security Officer (CISO) at a large corporation. You have been tasked with implementing a new security control to protect sensitive customer data. The control must be able to automatically detect and prevent unauthorized access to the data. Which type of control should you implement?
Technical Control
A company finds that employees are accessing streaming websites that are not being monitored for malware or viruses. Which type of control can the network administrator implement to protect the system and keep the employees from viewing unapproved sites?
Technical control
A new IT administrator is tasked with managing AD for their company. The Administrator needs to understand the types of objects in the tree and the properties of these objects. Which of the following best describes the AD component that the new administrator needs to understand?
The administrator needs to understand the schema, as it identifies the object classes and their attributes in the tree
TLS
Transport Layer Security
Group of related domains (AD)
Tree
How many keys are used with asymmetric (public key) cryptography?
Two
The security operations manager of a multinational corporation focuses on enhancing directive operational controls. Which of the following should the manager implement?
User awareness and training programs
Control Types
consists of different strategies to prevent, detect, mitigate, and correct any network breach
Collection of related domain trees (AD)
forest
Key escrow
method of storing a copy of the encryption key with a trusted third party
AES
most commonly-used symmetric cipher
What file transfer protocol does FTP use
older TCP/IP protocol
Fake telemetry
provides false/spoofed data, like fake credentials/fake IP address information in response to network probes
Twofish
symmetric encryption algorithm that uses a single key to both encrypt and decrypt data and information
