4740 exam 2

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

You are a network administrator for ACME Corporation. You want to implement a new access control mechanism. The mechanism you are considering takes into account the entire environment/scenario of the access request. What does this describe?

ABAC

Which of the following provides authentication based on a physical characteristic of a subject?

Biometrics

Alyssa wants to use her Android phone to store and manage cryptographic certificates. What type of solution could she choose to do this using secure hardware?

A microSD HSM

What is the key difference between hashing and checksums?

Both can validate integrity, but a hash also provides a unique digital fingerprint.

Which one of the following alternative processing sites takes the longest time to activate?

Cold site

Which cloud delivery model has an infrastructure shared by several organizations with shared interests and common IT needs?

Community

Hitesh wants to keep a system online but limit the impact of the malware that was found on it while an investigation occurs. What method from the following list should he use?

Containment

Which of the following would normally not be part of an incident response policy?

Contingency plans

Theresa's organization has received a legal hold notice for their files and documents. Which of the following is not an action she needs to take?

Delete all sensitive documents related to the case.

Dennis has implemented an authentication system that uses a password, a PIN, and the user's birthday. What best describes this system?

Single factor

A PIN is an example of what type of factor?

Something you know

What does the term "100-year flood plain" mean to emergency preparedness officials?

The odds of a flood at this level are 1 in 100 in any given year.

When going with a public cloud delivery model, who is accountable for the security and privacy of the outsourced service?

The organization

Why are Faraday cages deployed?

To prevent EMI

Which type of hypervisor implementation is known as "hosted"?

Type II

What protocol is used by technologies for load balancing/prioritizing traffic?

QoS

Gabby wants to implement a mirrored drive solution. What RAID level does this describe?

RAID 1

What disaster recovery principle best protects your organization against hardware failure?

Redundancy

Juan has just made a minor change to the company's e-commerce application. The change works as expected. What type of testing is most important for him to perform?

Regression testing

In which one of the following database recovery techniques is an exact, up-to-date copy of the database maintained at an alternative location?

Remote mirroring

What type of database backup strategy involves maintenance of a live backup server at the remote site?

Remote mirroring

Brian would like to limit the ability of users inside his organization to provision expensive cloud server instances without permission. What type of control would best help him achieve this goal?

Resource policy

Which of the following is not one of the four phases in COOP?

Documentation and reporting

What is the end goal of disaster recovery planning?

Restoring normal business activity

Which of the following is the best choice to support a federated identity management (FIM) system?

Security Assertion Markup Language (SAML)

What is another name for working copies?

Shadow copies

What type of document will help public relations specialists and other individuals who need a high-level summary of disaster recovery efforts while they are under way?

Executive summary

Sally has a user account and has previously logged on using a biometric system. Today, the biometric system didn't recognize her so she wasn't able to log on. What best describes this?

False rejection

Which of the following biometric technologies is most broadly deployed due to its ease of use and acceptance from end users?

Fingerprint scanner

Samantha wants to set an account policy that ensures that devices can be used only while the user is in the organization's main facility. What type of account policy should she set?

Geofencing

A user logs in with a login ID and a password. What is the purpose of the login ID?

Identification

What phase in the incident response process leverages indicators of compromise and log analysis as part of a review of events?

Identification

Terrance is examining an authentication system that was developed at MIT and uses tickets for authentication. What system is Terrance most likely examining?

KERBEROS

Upper management has suddenly become concerned about security. As the senior network administrator, you are asked to suggest changes that should be implemented. Which of the following access methods should you recommend if the technique to be used is one that is primarily based on preestablished access and can't be changed by users?

MAC

Which AP-based technology can increase security dramatically by allowing or denying access based on a client's physical address?

MAC filtering

Which team member acts as a primary conduit to senior management on an IR team?

Management

Madhuri wants to implement a camera system but is concerned about the amount of storage space that the video recordings will require. What technology can help with this?

Motion detection

Which of the following is the term used whenever two or more parties authenticate each other?

Mutual authentication

Which of the following technologies is the least effective means of preventing shared accounts?

Password complexity requirements

What can you use to prevent users from rotating between two passwords?

Password history

What is the process of applying manual changes to a program called?

Patching

Which standard defines port-based security for wireless network access control?

802.1x

What is the primary purpose of Kerberos?

Authentication

Accountability requires all of the following items except one. Which item is not required for accountability?

Authorization

Which of the following is not a typical reason to use an IP addressing schema in an enterprise?

Avoiding use of other organizations' IP addresses

Kira would like to implement a security control that can implement access restrictions across all of the SaaS solutions used by her organization. What control would best meet her needs?

CASB

You are working as a security administrator for a small financial institution. You want to use an authentication method that will periodically reauthenticate clients. Which protocol is best uited for this?

CHAP

Gurvinder wants to select a mobile device deployment method that provides employees with devices that they can use as though they're personally owned to maximize flexibility and ease of use. Which deployment model should he select?

COPE

Which one of the following would not commonly be available as an IaaS service offering?

CRM

Greg would like to find a reference document that describes how to map cloud security controls to different regulatory standards. What document would best assist with this task?

CSA CCM

What factor is a major reason organizations do not use security guards?

Cost

What method can be used to map out the needs of an organization for a new facility?

Critical path analysis

Which of the following is not a typical security measure implemented in relation to a media storage facility containing reusable removable media?

Hashing

What is the machine on which virtualization software is running known as?

Host

Your company does electronic monitoring of individuals under house arrest around the world. Because of the sensitive nature of the business, you can't afford any unnecessary downtime. What is the process of applying a repair to an operating system while the system stays in operation?

Hotfix

What is the most important goal of all security solutions?

Human safety

Which cloud delivery model could be considered an amalgamation of other types of delivery models?

Hybrid

Which cloud computing deployment model requires the use of a unifying technology platform to tie together components from different providers?

Hybrid cloud

Charles needs to know about actions an individual performed on a PC. What is the best starting point to help him identify those actions?

Interview the individual.

Which of the following does not need to be true in order to maintain the most efficient and secure server room?

It must be human compatible.

Jarod is evaluating web-based, single sign-on solutions. Which of the following technologies is most associated with web page authorization?

SAML

Brian has deployed a system that monitors sensors and uses that data to manage the power distribution for the power company that he works for. Which of the following terms is commonly used to describe this type of control and monitoring solution?

SCADA

With which of the following subscription-based models is security more cost effective than individuals or smaller corporations could ever get on their own?

SECaaS

Which type of multifactor authentication is considered the least secure?

SMS

Michelle wants to ensure that attackers who breach her network security perimeter cannot gain control of the systems that run the industrial processes her organization uses as part of their business. What type of solution is best suited to this?

An air gap

According to CERT, which of the following would be a formalized or an ad hoc team you can call upon to respond to an incident after it arises?

CSIRT

Megan's organization uses the Diamond Model of Intrusion Analysis as part of their incident response process. A user in Megan's organization has discovered a compromised system. What core feature would help her determine how the compromise occurred?

Capability

What type of motion detector senses changes in the electrical or magnetic field surrounding a monitored object?

Capacitance

The present method of requiring access to be strictly defined on every object is proving too cumbersome for your environment. The edict has come down from upper management that access requirements should be slightly reduced. Which access model allows users some flexibility for information-sharing purposes?

DAC

What type of backup involves always storing copies of all files modified since the most recent full backup?

Differential backups

What is both a benefit and a potentially harmful implication of multilayer protocols?

Encapsulation

Which of the following is not a security-focused design element of a facility or site?

Equal access to all locations within a facility

In which cloud service model can the consumer "provision" and "deploy and run"?

IaaS

In which of the following cloud categories are customers typically charged based on the number of virtual server instances dedicated to their use?

IaaS and PaaS

You're trying to rearrange your backup procedures to reduce the amount of time they take each evening. You want the backups to finish as quickly as possible during the week. Which backup system backs up only the files that have changed since the last backup?

Incremental backup

Gerard is concerned about SQL injection attacks on his company's e-commerce server. What security measure would be most important for him to implement?

Input validation

What legal concept determines the law enforcement agency or agencies that will be involved in a case based on location?

Jurisdiction

Which cloud service model provides the consumer with the infrastructure to create applications and host them?

PaaS

What type of disaster recovery plan test fully evaluates operations at the backup facility but does not shift primary operations responsibility from the main site?

Parallel test

Karl is conducting penetration testing on the Pranks Anonymous servers and having difficulty finding a weakness. Suddenly, he discovers that security on a different company's server—a vendor to Pranks Anonymous—can be breached. Once he has compromised the completely different company's server, he can access the Pranks Anonymous servers and then launch an attack. What is this weakness/exploit known as?

Pivot

What is the best type of water-based fire suppression system for a computer facility?

Preaction system

Which of the following types of access control uses fences, security policies, security awareness training, and antivirus software to stop an unwanted or unauthorized activity from occurring?

Preventive

Which cloud delivery model is implemented by a single organization, enabling it to be implemented behind a firewall?

Private

Theresa wants to implement an access control scheme that sets permissions based on what the individual's job requires. Which of the following schemes is most suited to this type of implementation?

RBAC

What is a field-powered technology that can be used for inventory management without requiring direct physical contact?

RFID

Which of the following technologies is used to identify and track tags attached to objects?

RFID

Which of the following is not a routing protocol?

RPC

Denish is testing an application that is multithreaded. Which of the following is a specific concern for multithreaded applications?

Race conditions

What tool is specifically designed to support incident responders by allowing unified, automated responses across an organization?

SOAR

Which of the following can be used to offload the public-key encryption to a separate hardware plug-in card?

SSL accelerator

In what cloud security model does the cloud service provider bear the most responsibility for implementing security controls?

SaaS

What is the term for restricting an application to a safe/restricted resource area?

Sandboxing

Michael wants to acquire the firmware from a running device for analysis. What method is most likely to succeed?

Use forensic memory acquisition techniques.

Which one of the following is not an example of infrastructure as code?

Using a cloud provider's web interface to provision resources

Kevin discovered that his web server was being overwhelmed by traffic, causing a CPU bottleneck. Using the interface offered by his cloud service provider, he added another CPU to the server. What term best describes Kevin's action?

Vertical scaling

An IV attack is usually associated with which of the following wireless protocols?

WEP

Jim wants to view log entries that describe actions taken by applications on a CentOS Linux system. Which of the following tools can he use on the system to view those logs?

journalctl

During a site survey, Chris discovers that there are more access points broadcasting his organization's SSID than he expects there to be. What type of wireless attack has he likely discovered?

An evil twin

Which network devices are used to divide larger networks into smaller sections by sitting between two physical network segments and managing the flow of data between the two?

Bridges

What type of attack does an account lockout policy help to prevent?

Brute force

Wanda is responsible for a series of seismic sensors placed at remote locations. These sensors have low-bandwidth connections and she would like to place computing power on the sensors to allow them to preprocess data before it is sent back to the cloud. What term best describes this approach?

Edge computing

What component of a virtualization platform is primarily responsible for preventing VM escape attacks?

Hypervisor

Angela has chosen to federate with other organizations to allow use of services that each organization provides. What role does Angela's organization play when they authenticate their users and assert that those users are valid to other members of the federation?

Identity provider

Evan fears that the tenant in the office next door is using RF interference to try to force his small company to vacate the building in frustration. Purposely obstructing or interfering with a signal is known as which of the following?

Jamming

Which of the following would not be an asset that an organization would want to protect with access controls?

None of the above

Which of the following best expresses the primary goal when controlling access to assets?

Preserve confidentiality, integrity, and availability of systems and data.

Which cloud delivery model could be considered a pool of services and resources delivered across the Internet by a cloud provider?

Public

Elaine wants to implement an AAA system. Which of the following is an AAA system she could implement?

RADIUS

What type of attribute is a Windows picture password?

Something you can do

What major difference is likely to exist between on-premises identity services and those used in a cloud-hosted environment?

The cloud service will provide account and identity management services.

Which of the following is true related to a subject?

The subject is always the entity that receives information about or data from anobject

Ryan is selecting a new security control to meet his organization's objectives. He would like to use it in their multicloud environment and would like to minimize the administrative work required from his fellow technologists. What approach would best meet his needs?

Third-party control

Henry wants to check to see if services were installed by an attacker. What commonly gathered organizational data can he use to see if a new service appeared on systems?

Vulnerability scans

Which of the following protections implies that information, once written, cannot be modified?

WORM

Which site best provides limited capabilities for the restoration of services in a disaster?

Warm site

John is a network administrator for ACME company. He is trying to explain least privileges to a new technician. Which of the following is the basic premise of least privilege?

When assigning permissions, give users only the permissions they need to do their work and no more.

If you are the victim of a bluejacking attack, what was compromised?

Your cell phone

Cynthia wants to make an exact copy of a drive using a Linux command-line tool. What command should she use?

dd

John is trying to determine the origin of an email. He has captured the email headers and knows the IP address of the originating email server. What command would show John thecomplete path to that IP address?

tracert

Gwen is building her organization's documentation and processes and wants to create the plan for what the organization would if her datacenter burned down. What type of plan would typically cover that type of scenario?

A disaster recovery plan

Howard is assessing the legal risks to his organization based upon its handling of PII. The organization is based in the United States, handles the data of customers located in Europe, and stores information in Japanese datacenters. What law would be most important to Howard during his assessment?

All should have equal weight

Which of the following are on-premise or cloud-based security policy enforcement points?

Cloud access security brokers

Which one of the following storage locations provides a good option when the organization does not know where it will be when it tries to recover operations?

Cloud computing

Which one of the following statements about cloud computing is incorrect?

Cloud computing customers provision resources through the service provider's sales team.

Scott wants to allow users to bring their own credentials to his website so that they can log in using a Google or Microsoft account without giving him their passwords. What protocol can he use that will allow those users to grant the website access to their information?

OpenID

Tony purchases virtual machines from Microsoft Azure and uses them exclusively for use by his organization. What model of cloud computing is this?

Public cloud

Naomi is preparing to migrate her organization to a cloud service and wants to ensure that she has the appropriate contractual language in place. Which of the following is not a common item she should include?

Right to forensic examination

Kathleen wants to discourage potential attackers from entering the facility she is responsible for. Which of the following is not a common control used for this type of preventive defense?

Robotic sentries

Which of the following devices is the most capable of providing infrastructure security?

Router

Ian has been receiving hundreds of false positive alerts from his SIEM every night when scheduled jobs run across his datacenter. What should he adjust on his SIEM to reduce the false positive rate?

Sensitivity

By examining the source and destination addresses, the application usage, the source of origin, and the relationship between current packets with the previous packets of the same session, firewalls are able to grant a broader range of access for authorized users and activities and actively watch for and block unauthorized users and activities.

Stateful inspection

Theresa has implemented a technology that keeps data for personal use separate from data for her company on mobile devices used by members of her staff. What is this concept called?

Storage segmentation

As more and more clients have been added to your network, the efficiency of the network has decreased significantly. You're preparing a budget for next year, and you specifically want to address this problem. Which of the following devices acts primarily as a tool to improve network efficiency?

Switch

Which of the following are multiport devices that improve network efficiency?

Switches

Your organization issues devices to employees. These devices generate onetime passwords every 60 seconds. A server hosted within the organization knows what this password is at any given time. What type of device is this?

Synchronous token

Madhuri disables SMS, MMS, and RCS on phones in her organization. What has she prevented from being sent?

Text messages and multimedia messages

Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data, it's imperative that authentication be established on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid only during a single session?

Tokens

Ursula would like to link the networks in her on-premises datacenter with cloud VPCs in a secure manner. What technology would help her best achieve this goal?

Transit gateway

You have added a new child domain to your network. As a result of this, the child has adopted all of the trust relationships with other domains in the forest that existed for its parent domain. What is responsible for this?

Transitive access

Which of the following is not a typical security concern with MFPs?

Use of weak encryption

When your company purchased a virtual datacenter provider, you inherited a mess. The employees working there had to respond regularly to requests to create virtual machines without the disciplines and controls normally found in the physical world. This resulted in machines being over-provisioned (too much CPU, memory, or disk) and consuming resources long after they were no longer required. What type of problem is this?

VM sprawl

Which of the following is a memory forensics toolkit that includes memdump?

Volatility

What infrastructure component is often located in the same position across multiple floors in order to provide a convenient means of linking floor-based networks together?

Wiring closet


Ensembles d'études connexes

(Week 12) Supply chain management

View Set

Genetics Final Exam Review (Old material)

View Set

Chapter 3| The Structure of Bones & Joints

View Set