Security Quizlet
A machine where the operating system runs an application on top of an operating system is called _______.
A Virtual Machine
Ian, a systems administrator, was checking systems on Monday morning when he noticed several alarms on his screen. He found many of the normal settings in his computer and programs changed, but he was sure no one had physically entered his room since Friday. If Ian did not make these changes, which of the events below is the most likely reason for the anomalies?
A backdoor was installed previously and utilized over the weekend to access the computer and the programs.
Which of the following statements correctly describes the disadvantage of a hardware-based keylogger?
A hardware-based keylogger must be physically installed and removed without detection.
Which of the following best describes a host-based firewall?
A host-based firewall is a software firewall that protects a single endpoint device.
Which of the following best describes a network hardware security module?
A network hardware security module is a trusted network computer that performs cryptographic operations.
Which of the following is a characteristic of a vulnerability scan that is not a characteristic of a penetration test?
A vulnerability scan is usually automated.
Zero-day vulnerabilities and configuration vulnerabilities can heavily impact a system if exploited. How should you differentiate between a zero-day vulnerability and a configuration vulnerability?
A zero-day vulnerability is an unknown vulnerability in released software that is found and exploited by a threat actor, whereas a configuration vulnerability is caused by improper settings in hardware or software.
Wilson has requested your help to suggest an encryption method that will provide the highest security against attacks. Which encryption process should you suggest?
AES
Which of the following can be used to mitigate a limitation of public sharing centers in OSINT?
AIS
Which of the following mobile device features senses movements that it then uses to ensure the screen is always oriented upright?
Accelerometer
What are the primary features of a security information event management (SIEM) tool?
Aggregation, correlation, event deduplication, time synchronization, and alerting
Sara is asked to create a controller for light sensors. When the light falls on the sensor, it needs to indicate when a particular object is moved from its original position. For this, she needs a credit card-sized motherboard with a microcontroller on it. Which option should she select?
Arduino
Which of the following devices is similar to Raspberry Pi
Arduino
The cryptographic method used to ensure that a document can be encrypted with a key and decrypted with a different key
Asymmetric
Which cryptographic method should Susanne use to ensure that a document can be encrypted with a key and decrypted with a different key?
Asymmetric
John needs to add an algorithm for his company communication process, in which encryption uses two keys. One is the public key, and the other one is a private key. Which algorithm will be suitable to achieve this?
Asymmetric cryptographic
What is the primary goal of penetration testing
Attempt to uncover deep vulnerabilities and then manually exploit them
Which threat actors violate computer security for personal gain?
Black hat hackers
A new e-commerce startup with global operations is looking for a method to manage its supply-chain data for production. Instead of using bar codes, scanners, paper forms, and individual databases, making the system difficult to use, which method should be used to quickly track shipments?
Blockchain
Japan's cybercrime control center noticed that around 200,000 Tokyo computers are infected by bots, and all these bots are remotely controlled by a single attacker. What is this attacker referred to as?
Bot herder
Jane, an IT security expert whose services are sought by XYZ Company, has recommended implementing CTR mode in the network. What is one requirement that needs to be fulfilled for computers to communicate when the CTR mode is implemented?
Both sender and receiver should have access to a counter.
Which threat actors sell their knowledge to other attackers or governments?
Brokers
Star Technology is working on a project that needs a communication mode specializing in encryption, where only authorized parties should understand the information. The company also requires accuracy, completeness, and reliability of data throughout the project. The company has contacted you for an ideal cipher mode solution without using a counter. Which mode should you suggest?
CBC
While Andel is logging into his email through a browser, the login window disappears. Andel attempts to log in again and is successful. Days later, he goes to log into his email, and his attempt fails. He receives a message indicating that his username and/or password are invalid. What is Andel likely a victim of?
CSRF
In which of the following mobile device connectivity methods are transmitters connected through a mobile telecommunication switching office (MTSO) that controls all of the transmitters in the cellular network and serves as the link between the cellular network and the wired telephone world?
Cellular
Sigma solutions use hash algorithms in the communications between departments while transferring confidential files. A human resource employee informed you that one of the employees' salary statements sent from her end looks tampered with and requested your help. Which of the following tasks would enable you to identify whether the file is tampered with or not, and how will you make the determination?
Check the digest of the file with the original digest. If the values are different, it can be confirmed that the file has been tampered with.
A company has its network compromised. As an expert professional, the organization has hired you to identify the probable cause of the attack and fix it. As a security professional, you have noticed the pattern of compromise is unlike anything previously seen. You are looking to find new information on vulnerabilities like the attack that occurred. Which of the following actions would help achieve this objective?
Checking the dark web
Which of the following mobile device enterprise deployment models are implemented so that employees in an organization are offered a suite of security, reliability, and durability choices that the company has already approved?
Choose your own device (CYOD)
Zyan works for ABC Technology. The enterprise wants to provide smartphones to all its employees. They can choose from a limited list of approved mobile devices. But they need to pay for the device themselves. The company will pay them a monthly stipend. Which deployment method should Zyan suggest to meet his company's needs?
Choose your own device (CYOD)
Which of the following is a combination of encryption, authentication, and MAC algorithms, like a collection of instructions on securing a network?
Cipher suite
Wireless data networks are particularly susceptible to which type of attack
Ciphertext attack
Wireless data networks are particularly susceptible to which type of attack?
Ciphertext attack
What is another term commonly used to define cross-site request forgery (CSRF)
Client-side request forgery
James is a black hat hacker employed as an authorized officer at Apple. He has credentials and signed a non-disclosure agreement to perform advanced penetration testing on the iOS 6.1.6 operating system, and has already gained low-level access to the mobile device using a backdoor. Which of the following actions should James take to design/create his own custom firmware to exploit underlying vulnerabilities and gain a higher level of access to a UNIX shell with root privileges, essentially allowing them to do anything on the device?
Clone and inherit the source code of the open-source software "P0sixspwn"
Which attack sees an attacker attempt to determine the hash function's input strings that produce the same hash result?
Collision attack
Which type of threat actor would benefit the most from accessing your enterprise's new machine learning algorithm research and development program?
Competitors
A learning management system application has been written in Python. While running the application code, the specific program or application that converts the program into machine language is called what?
Compiler
Your company recently purchased routers with new and updated features and deployed them in the highly secure enterprise network without changing the default settings. A few days later, the enterprise network suffered a data breach, and you are assigned to prepare a report on the data breach. Which of the following vulnerabilities should you identify as the source of the breach?
Configuration Vulnerability
In an interview, the interviewer introduced the following scenario: An enterprise is hosting all its computing resources on a cloud platform, and you need to identify which vulnerability is most likely to occur. Which of the following should you choose?
Configuration vulnerability
Your company recently purchased routers with new and updated features and deployed them in the highly secure enterprise network without changing the default settings. A few days later, the enterprise network suffered a data breach, and you are assigned to prepare a report on the data breach. Which of the following vulnerabilities should you identify as the source of the breach?
Configuration vulnerability
What is the primary difference between credentialed and non-credentialed scans?
Credentialed scans use valid authentication credentials to mimic threat actors, while non-credentialed scans do not provide authentication credentials.
Blockchain relies on which cryptographic algorithm to make it computationally infeasible to try to replace a block or insert a new block of information without the approval of all entities involved?
Cryptographic hash algorithms
ABC Enterprise is a global operation. As such, it needs to send regular, confidential messages and data between offices to communicate important market information, employee decisions, financial decisions, etc., for management consideration and senior-level decision making. Since these decisions impact the local employees and global businesses, they suspect that these data may be prone to attacks from threat actors internally and externally. While one of the senior systems administrators suggested implementing steganography to achieve this objective, the IT Department head at another branch suggested implementing cryptography. The management team has now called you for expert advice to select the best method to implement in the enterprise. What should your advice be, and why?
Cryptography should be implemented because it allows information to be viewed only by authorized users and checks whether the information has been altered or changed by anybody. It also makes the information unclear, even if other users see it. Cryptography is a more advanced technology than steganography. These features make cryptography the right choice for the enterprise to implement.
ABC Enterprise is a global operation. As such, it needs to send regular, confidential messages and data between offices to communicate important market information, employee decisions, financial decisions, etc., for management consideration and senior-level decision making. Since these decisions impact the local employees and global businesses, they suspect that these data may be prone to attacks from threat actors internally and externally. While one of the senior systems administrators suggested implementing steganography to achieve this objective, the IT Department head at another branch suggested implementing cryptography. The management team has now called you for expert advice to select the best method to implement in the enterprise. What should your advice be, and why?
Cryptography should be implemented because it allows information to be viewed only by authorized users and checks whether the information has been altered or changed by anybody. It also makes the information unclear, even if other users see it. Cryptography is a more advanced technology than steganography. These features make cryptography the right choice for the enterprise to implement.
Which of the following is a state of data, where data is transmitted across a network
Data in transit
John has been appointed as a product manager at a large mobile device manufacturing company. He is designing the core features included in their flagship mobile device that will be launched during the holiday shopping season. Which of the following features should he primarily include?
Data synchronization with a remote server or separate device
Which issue can arise from security updates and patches?
Difficulty patching firmware
John and Sarah are working for Star Alliance. John had to send certain confidential data and messages to Sarah online. The use of which of the following will ensure that the message's sender is, in fact, John?
Digital Certificate
Which of the following is part of the OS security configuration
Disabling default passwords and unnecessary ports
Which of the following is part of the OS security configuration?
Disabling default passwords and unnecessary ports
Which of the following is a physical social engineering technique
Dumpster diving
Which of the following is a physical social engineering technique?
Dumpster diving
Which of the following is NOT an automated vulnerability scanning tool
ELK Stack
Which of the following is NOT an automated vulnerability scanning tool?
ELK Stack
What is meant by "the chain of trust" in boot security?
Each step in the boot sequence relies on the confirmation from the previous boot sequence step.
Which of the following is an attack vector used by threat actors to penetrate a system?
Which of the following is the most common method for delivering malware
Amaya is looking for a hardware chip or integrated circuit (IC) that can be programmed by the user to carry out one or more logical operations, can be reprogrammed when needed, and can be configured by either the user or designer. Which option should Amaya select?
Field-programmable gate array (FPGA)
Which of the following is the most secure encryption solution to adopt for a Google Android mobile device
File-based encryption
Which of the following is a feature of a fileless virus?
Fileless viruses are persistent.
Which cookie is created by the website a user is currently browsing to store the customer's browsing preference information?
First-party cookie
What is NOT a principle of agile development?
Follow rigid sequential processes
Kile is assigned a role as a grey box penetration tester in the financial sector. He has to conduct a pen testing attack on all the application servers in the network. Which of the following tasks should he perform first while conducting a penetration testing attack on a network?
Footprinting
You have been asked to implement a block cipher mode of operation that requires both the sender and receiver of the message to have access to a synchronous counter that adds an AAD to the transmission. Which operating block cipher mode should you use?
GCM
Your enterprise has played fast and loose with customer information for years. While there has been no significant breach of information that could damage the organization and/or their customers, many in the enterprise feel it is only a matter of time before a major leak occurs. Which type of threat actor is an employee who wishes to personally ensure that the enterprise is exposed and blocked from accessing their customers' information until they ensure more secure protocols?
Hacktivist
Which of the following is considered an industry-specific cybersecurity regulation?
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Which monitoring methodology will trigger the IDS if any application tries to scan multiple ports?
Heuristic monitoring
Which of the following is a network set up with intentional vulnerabilities?
Honeynet
Which of the following protocols is embedded in a computer's operating system or communication hardware to secure internet communications?
IPsec
XYZ University wants to set up a VPN network to connect to the internet and ensure that all their data is safe. They have asked you to recommend the correct communication protocol to use. Which of the following protocols should you recommend and why?
IPsec, because it authenticates that the packets received were sent from the source and ensures that no other party can view the contents. It manages the keys to ensure that they are not intercepted or used by unauthorized parties.
An unauthorized person recently accessed your enterprise network. The security team had received a call from the threat actor claiming to be a higher official. They followed the attacker's instructions to log them onto a specific webpage, leading to the exposure of enterprise network credentials.Which of the following social engineering techniques was used here?
Impersonation and phishing
John is asked to design a specialized device that does not have any security features but operates on the basis of trust that assumes all other devices or users can be trusted. Which security constraint for the embedded system should John use?
Implied trust
Which of the following describes a memory leak attack?
In a memory leak attack, the threat actor takes advantage of the programming error of not freeing the memory after executing a process, taking advantage of the device's low memory conditions to attack.
Threat actors focused on financial gain often attack which of the following main target categories?
Individual users
In which of the following mobile device connectivity methods are light waves used as a communication channel
Infared
In which of the following mobile device connectivity methods are light waves used as a communication channel?
Infrared
How can a configuration review reduce the impact of a vulnerability scan on the network's overall performance?
It ensures the scan is designed to meet its intended goals by defining scope and sensitivity levels.
Which of the following is a characteristic of a potentially unwanted program (PUP)
It interferes and obstructs the user with web browsing and pop-up windows
Which of the following is a disadvantage of the secure boot process
It makes third party non-vendor-approved software difficult to implement
Which of the following is a disadvantage of the secure boot process?
It makes third party non-vendor-approved software difficult to implement
Kia recently noticed that when she browses her favorite online shopping site, she is immediately redirected to a competitor's site. What is happening here, and what is the best option for Kia to fix this situation?
Kia must uninstall the toolbar software and the accompanying components she has recent installed on her browser.
Which of the following computing platforms is highly vulnerable to attacks?
Legacy
Which of the following types of platforms is known for its vulnerabilities due to age?
Legacy Platform
Which of the following types of platforms is known for its vulnerabilities due to age
Legacy platform
Which of the following types of platforms is known for its vulnerabilities due to age?
Legacy platform
Alice, a vulnerability assessment engineer at a bank, is told to find all the vulnerabilities on an internet-facing web application server running on port HTTPS. When she finishes the vulnerability scan, she finds several different vulnerabilities at different levels. How should she proceed?
Look at the priority and the accuracy of the vulnerability
Which of the following tools allow a mobile device to be managed remotely by an organization and typically involve a server sending out management commands to mobile devices?
MDM
Walter's organization is in the beginning stages of a new project. His team is tasked with finding a tool that must have the following features, allowing it to be remotely managed by the organization: 1. It must be able to apply default device settings. 2. It must be able to approve or quarantine new mobile devices. 3. It must be able to configure emails, calendars, contacts, and Wi-Fi profile settings. 4. It must be able to detect and restrict jailbroken and rooted devices. Which tool should Walter's team suggest, and why?
MDM, because it allows remote management and over the air updates.
Dan uses his personal laptop for writing the script for an upcoming high-budget, highly anticipated movie. To keep the script private, he decided not to connect his laptop to any network and updated his system with the latest virus definitions and security patches. Which of the following is Dan's laptop still vulnerable to?
Malicious USB
Which one of the following is the most appropriate explanation of photoplethysmography?
Measuring heart rate by tracking changes in green light absorption, since human blood absorbs green light
Spectrum Technologies uses SHA 256 to share confidential information. The enterprise reported a breach of confidential data by a threat actor. You are asked to verify the cause of the attack that occurred despite implementing secure cryptography in communication. Which type of attack should you consider first, and why?
Misconfiguration attack; the company should have configured a higher security hash algorithm rather than using the less-secure SHA 256.
Keily is a vulnerability assessment engineer. She is told to find surface vulnerabilities on all internet-facing web servers in the network. Which of the following are surface vulnerabilities that she should initially chase?
Missing patches, lack of OS hardening, network design flaw, lack of application hardening, weak passwords, and misconfigurations
Which of the following best describes east-west traffic?
Movement of data from one server to another within a data center
Which of the following tools can be used to scan 16 IP addresses for vulnerabilities?
Nessus Essentials
What is the fastest-running vulnerability scan, and why does this type of scan run so fast?
Non-credentialed scans perform fundamental actions such as looking for open ports and finding software that will respond to requests.
A manager working in ABC Consulting shared a list of employees from his team who were eligible for an extra week off. Later, he claimed that he has never shared this list. Which principle or functionality of a secured communication can be used to substantiate or verify the manager's claim?
Nonrepudiation
Which feature of cryptography is used to prove a user's identity and prevent an individual from fraudulently reneging on an action?
Nonrepudiation
What is the secure coding technique that organizes data within the database for minimum redundancy?
Normalization
what is the secure coding technique that organizes data within the database for minimum redundancy
Normalization
Alliance Consulting, a company based in France, is shutting down. Louis, the owner of the company, applied to revoke his digital certificate. He is very busy with the other details of shutting the company down and needs to be able to check the certificate's status quickly and easily. Which of the following will help him get a real-time lookup of the certificate's status?
OCSP
Sheena wants to make sure that her browser activity is safe and prevent others from intercepting her data as it is transmitted over the browser. What should Sheena do to achieve this objective?
Only visit websites that are hosted over HTTPS or HSTS
Which of the following uses hardware encryption technology to secure stored data and ensures the inseparability of SEDs among vendors?
Opal
Which of the following techniques is a method of passive reconnaissance
Open Source Intelligence (OSINT)
Which of the following compliance standards was introduced to provide a minimum degree of security to organizations who handle customer information such as debit card and credit card details daily?
PCIDSS
Which of the following is used to create a sequence of numbers whose output is close to a random number?
PRNG
What is an officially released software security update intended to repair a vulnerability called?
Patch
Which of the following is the advantage of penetration testing over vulnerability scanning?
Penetration testing uncovers and exploits deep vulnerabilities, while vulnerability scanning only discovers surface vulnerabilities.
Social engineering is a means of eliciting information by relying on the weaknesses of individuals. How should you differentiate between the social engineering techniques of phishing and pharming?
Phishing involves sending an email message or displaying a web announcement that falsely claims to be from a legitimate enterprise, whereas pharming is a redirection technique that attempts to exploit how a URL is converted into its corresponding IP.
Peter is a design engineer at a mobile device manufacturing company. He is designing the core components included in their flagship mobile device being launched during year-end 2020. Peter wants to design a tablet component that would detect vibrations and movements and determine the device's orientation so that the screen image is always displayed upright. Which of the following are materials he should use for developing this component?
Piezoelectric, piezoresistive, and capacitive components
Which of the following is a social engineering method that attempts to influence the subject before the event occurs?
Prepending
Which of the following best describes an extranet?
Private network only accessed by an authorized party
Which unit is used by quantum computers, making them faster and more efficient than normal computers
Qubit
Which of the following is a form of malware attack that uses specialized communication protocols?
RAT
What does ransomware do to an endpoint device?
Ransomware attacks the endpoint device holding it hostage by preventing it from functioning unless the user fulfills the ransom payment demanded.
Fatima is responsible for conducting business transactions for XYZ Company, and she only had the stored private key. She is on leave and currently unavailable, and the organization needs to complete an urgent business transaction. Which of the following methods should enable the organization to access Fatima's private key and digital certificate?
Recovery
What type of attack occurs when the threat actor snoops and intercepts the digital data transmitted by the computer and resends that data, impersonating the user?
Replay
What is a jump box used for?
Restricting access to a demilitarized zone
Which standardized framework was developed by NIST to be used as a guidance document designed to help organizations assess and manage risks to their information and systems, and are also used as a comprehensive roadmap that organizations can use to seamlessly integrate their cybersecurity?
Risk management framework (RMF)
Robert is a black box penetration tester who conducted pen testing attacks on all of the network's application servers. He was able to exploit a vulnerability and gain access to the system using a mimikatz tool. Which of the following activities did he perform using mimikatz, and which task should he perform next?
Robert used mimikatz for credential harvesting, and should perform privilege escalation using a high-privileged account next.
Which of the following digital certificates are self-signed and do not depend on the higher-level certificate authority (CA) for authentication?
Root digital certificates
Which of the following technologies can be used together for data management in security infrastructure and collecting and analyzing data?
SIEM and SOAR
Which of the following is a Linux/UNIX-based command interface and protocol
SSH
Which of the following protocols can be used as a tool for secure network backups
SSH
Which of the following protocols can be used as a tool for secure network backups?
SSH
Which of the following is the earliest and most general cryptographic protocol
SSL
Which of the following is the earliest and most general cryptographic protocol?
SSL
Which of the following terms best describes the process in which a user believes that the browser connection they are using is secure and the data sent is encrypted when in reality, the connection is insecure, and the data is sent in plaintext?
SSL stripping
A cyber analyst needs to quickly do a vulnerability scan on an enterprise network with many devices. Which approach should the analyst take?
Scan the most important devices for as long as it takes for each device
What is meant by "infrastructure as code" in SecDevOps?
SecDevOps method of managing software and hardware using principles of developing code
Which of the following is a deception instrument?
Sinkhole
Which of the following sets consists of only the core features of a mobile or computing device?
Small form factor, mobile operating system, wireless data network interface for internet access, app stores, local non-removable data storage
Daniel accidentally installed a vulnerable application. Which of the following system exploitations would NOT be caused by the vulnerable application?
Social engineering and phishing attacks
What is a variation of a common social engineering attack targeting a specific user
Spear phishing
Over the last few days, several employees in your enterprise reported seeing strange messages containing links in their company's IM account. Even though no one has clicked on the messages, they are spreading throughout the network. Which type of malicious activity is this?
Spimming
Which algorithm encrypts and decrypts data using the same key
Symmetric cryptographic algorithm
Which of the following uses vulnerable applications to modify Microsoft registry keys?
System tampering
Which of the following protocols are used to secure HTTP
TLS and SSL
Which of the following protocols are used to secure HTTP?
TLS and SSL
What is a risk to data when training a machine learning (ML) application?
Tainted training data for machine learning
Which alert utility can identify theft in a smart meter?
Tamper protection
Which of the following are categories of vulnerabilities in mobile device connections that can also be exploited by threat actors?
Tethering, USB-on-the-go (OTG), malicious USB cable, hotspots
How do NACs ensure that a device is safe to connect to a secure network?
The NAC issues a health certificate, only allowing healthy devices to connect to the secured network.
Which of the following describes the action of an SQL injection into a database server?
The SQL injection inserts specially created structured query language statements to manipulate the database server, giving control of the database to the attacker, who can then manipulate the database.
An attacker has changed the value of a variable used when copying files from one cloud server to a local drive. What is the most likely motive behind the attack?
The attacker is using an integer overflow attack to initiate a buffer overflow that can allow them to take over the machine.
ABC Technologies had its computer network compromised through a cybersecurity breach. A cybersecurity expert was employed to analyze and identify what caused the attack and the damage caused by the attack. He checked an available database for this purpose and found the threat actor behind the attack. He also found out the cybercriminal has been attempting to sell the company's valuable data on the internet.Which are the most probable methods used by the cybersecurity expert to get to this stage of the investigation?
The cybersecurity expert checked with CISCP and also investigated the dark web.
What action does a BPDU guard take when a BPDU is received from an endpoint and not a switch?
The port is disabled, and no traffic will be sent or received by the port
A few computers at a high-security software firm location have been compromised. The threat actor took user videos, confidential information like bank account IDs and passwords, email IDs and passwords, and computer screenshots. These confidential data have been shared every three hours from the computers to the threat actor. Which of the following is correct, based on the evaluation of the above observation?
This is a software keylogger attack, as screenshots, video captures, and keystrokes have been routinely monitored and periodically shared.
Zeda Corporation provides online training solutions to global customers. To provide e-learning solutions, it integrates with multiple vendor platforms. This ensures seamless transfer to multiple operators' solutions through sign on. Joe, an IT security administrator, noticed that a threat actor has attacked the platform and stolen the user data. The source of this vulnerability was identified as one of the integrated external applications.What type of attack is this?
This is an API attack.
Which encryption is a chip on the motherboard of a computer that provides cryptographic services
Trusted platform module
Which encryption is a chip on the motherboard of a computer that provides cryptographic services?
Trusted platform module
Which of following is a characteristic of electronic code book (ECB) mode?
Two identical plaintext blocks are encrypted into two identical ciphertext blocks, making them susceptible to attacks.
Which of the following provides confidentiality services?
Unauthentication mode
Juan, a cybersecurity expert, has been hired by an organization whose networks have been compromised by a malware attack. After analyzing the network systems, Juan submits a report to the company mentioning that the devices are infected with malware that uses a split infection technique on files.Which malware attack is Juan reporting?
Virus
Your enterprise experienced several technical issues over the last few days. There were multiple instances of passwords needing to be changed and other issues causing downtime. Management has started receiving voicemails regarding fraudulent activities on their accounts. While the voicemails sound authentic, the help desk concludes that they are fake. What type of malicious activity will this be considered?
Vishing
There is often confusion between vulnerability scanning and penetration testing. What is the best explanation of the difference between vulnerability scanning and penetration testing?
Vulnerability scanning is performed using an automated tool to scan a network for known vulnerability signatures. Penetration testing involves attempting to manually uncover deep vulnerabilities just as a threat actor would, and then exploiting them.
Which of the following is the most efficient means of discovering wireless signals?
War flying
Attackers have taken over a site commonly used by an enterprise's leadership team to order new raw materials. The site is also visited by leadership at several other enterprises, so taking this site will allow for attacks on many organizations. Which type of malicious activity is this?
Watering hole
Attackers have taken over a site commonly used by an enterprise's leadership team to order new raw materials. The site is also visited by leadership at several other enterprises, so taking this site will allow for attacks on many organizations.Which type of malicious activity is this?
Watering hole
Which of the following is a configuration vulnerability?
Weak Encryption
Which of the following is a configuration vulnerability
Weak encryption
Your company is considering updating several electronic devices used in the enterprise network. The third-party service provider that your company approached says that they require access to the enterprise network in order to implement the updates. As the chief information security officer, you are asked to analyze the requirement and submit a report on potential vulnerabilities when giving a third-party access to the network. Which of the following vulnerabilities should you list as the most likely to affect the enterprise network?
Weakest link
William downloaded some free software to help him with photo editing. A few days later, William noticed several personal photographs were modified and posted to various social media pages with obscene comments. He also noticed that there were videos of him that were morphed and circulated on adult websites. The videos were obviously taken using his webcam. What should William do to fix his problem and prevent it from happening again in the future?
William should run an antimalware program and scan for all known RATs, then quarantine and remove the infected file(s). To prevent this in the future, he should only download software from trusted websites.
What is the inbuild application available to prevent threat actors from modifying the registry in a Windows 10 operating system?
Windows 10 tamper protection
A cybercriminal attempts to trick a computer's user into sharing their personal information by implementing content to discreetly capture user information over the actual webpage. What should the user implement to avoid this situation?
X-Frame
Which of the following is a standard format for digital certificates
X.509
As a cybersecurity specialist, you are asked to defend the web app hosted by your enterprise from web application attacks like cross-site scripting, SQL injections, etc. Which of the following actions should you take?
You should install a WAF.
In a security review meeting, you are asked to take appropriate security measures to mitigate IP spoofing attacks against the enterprise network. Which of the following methods should you apply?
You should set up an ACL.
You are asked to configure your enterprise network in such a way that the customer support team gets a higher priority in the network and can conduct customer video calls without any connectivity issues. Which of the following methods should you apply?
You should set up quality of service to give higher priority to the customer support team.
After encountering a network attack in your enterprise network, the chief network security engineer assigned you a project. The project was to create a vulnerable network that is similar to your enterprise network and entices the threat actor to repeat the attack. This is to analyze the behavior and techniques the attacker is using to ensure better defenses to your enterprise network in the future. Which of the following appliances should you use?
You should use a honeypot
After encountering a network attack in your enterprise network, the chief network security engineer assigned you a project. The project was to create a vulnerable network that is similar to your enterprise network and entices the threat actor to repeat the attack. This is to analyze the behavior and techniques the attacker is using to ensure better defenses to your enterprise network in the future. Which of the following appliances should you use?
You should use a honeypot.
Which of the following penetration testing consultants have limited knowledge of the network and some elevated privileges?
gray box
Which penetration testing consultants have limited knowledge of the network and some elevated priviledges
gray box
Which type of intrusion detection system can also block attacks?
inline