50-100
Hisoka is creating a summary document for new employees about their options for different mobile devices. One part of his report cover encryption. What would Hisoka NOT include in his document?
Apple uses file-based encryption to offer a higher level of security
Agape has been asked to experiment with different hardware to create a controller for a new device on the factory floor. She needs a credit-card-sized motherboard that has a microcontroller instead of a microprocessor. Which would be the best solution?
Arduino
1. Oskar has been receiving emails about critical threat intelligence information from a public information sharing center. His team leader has asked him to look into how the process can be automated so that the information can feed directly into their technology security. What technology will Oskar recommend?
Automated Indicator Sharing (AIS)
Akira is explaining to his team members the security constraints that have made it a challenge for protecting a new embedded system. Which of the following would Akra NOT include as a constraint?
Availability
1. In her job interview, Xiu asks about the company policy regarding smartphones. She is told that employees may choose from a limited list of approved devices but that she must pay for the device herself; however, the company will provide her with a monthly stipend. Which type of enterprise deployment model does this company support?
CYOD
Marius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation?
Cryptomalware can encrypt all files on any network that is connected to the employees computer
1. Luka has been asked by his supervisor to monitor the dark web for any IOCs concerning their organization. The next week, Luca reports back that he was unable to find anything due to how looking for information on the dark web is different from using the regular web. Which of the following is not different about looking for information on the dark web?
Dark web search engines are identical to regular search engines
What type of analysis is heuristic monitoring based on?
Dynamic analysis
What enforces the location in which an app can function by tracking the location of the mobile device?
Geofencing
What is the process of identifying the geographical location of a mobile device?
Geolocation
Which of the following tries to detect and stop an attacks?
HIPS
Which of the following is FALSE about a quarantine process?
It holds a suspicious application until the user gives approval
IOC occurs when what metric exceeds its normal bounds?
KRI
Josh is researching the diff. types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?
LOLBins
which of these is NOT a security feature for locating a lost of stolen mobile device?
Last known good configuration
Which tool manages the distribution and control of apps?
MAM
Which boot security mode sends information on the boot process to a remote server?
Measure Boot
What are the two concerns about using public information sharing centers?
Privacy and speed
Which of these is used to send SMS text messages to selected users or groups of users?
Push notification services
what is the diff. between a trojan and a RAT
RAT gives the attacker unauthorized remote access to the victim's computer
Which of the following technologies can convert a texting app into a live chat platform
RCS
Which type of OS is typically found on an embedded system?
RTOS
Which of the following is NOT an important OS security configuration?
Restricting patch management
Bank's sister has just downloaded and installed an app that allows her to circumvent the built-in luimitations on her android smartphone. What is this called?
Rooting
What prevents a mobile device from being used until the user enter the coreect passcode?
Screen lock
What does containerization do?
Separates personal data from corporate data
Which of the following is not an i,provement of UEFI over BIOS?
Support of USB 3.0
Which of the following is an application protocol for exchanging cyberthreat intelligence over HTTPS
TAXII
which privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information?
TLP
hakaku needs a tool with a single management interface that provides capabilities for managing and securing mobile devices, applications, and content. Which tool would be the best solution?
UEM
Enki received a request by a tech for a new subnotebook computer. The tech noted that he wanted USB OTG support and asked Enki's advice regarding it. Which of the following would Enki NOT tell him?
USB OTG is only available for connecting Android devices to a subnotebook
Which of the following is NOT an advantage to an automated patch update service?
Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service
Which of these is a list of preapproved applications?
Whitelist
1. Aoi has been asked to provide research regarding adding a new class of Android smartphones to a list of approved devices. One of the considerations is how frequently the smartphones receive firmware OTA updates. Which of the following reasons would Aoi NOT list in her report as a factor in the frequency of Android firmware OTA updates?
Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks
which of the following known as a network virus?
Worm
Which of the following attacks is based on a website accepting user input with sanitizing it?
XSS
which of the following is NOT a characteristic of malware?
diffusion
what word is used today to refer to network-connected hardware devices
endpoint
What is the advantage of a secure cookie?
it is sent to the server over HTTPS
What does windows 10 tamper protection do?
limits access to the registry
What allows a device to be managed remotely?
mobile device management (MDM)
Which of the following is NOT a context-aware authentication
on-body detection
which model uses a sequential design process?
waterfall model
what are the two limitations of private information sharing centers?
access to data and participation
1. Gabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer?
blocking ransomware
Which of these is considered the strongest type of passcode to use on a mobile device?
password
what term refers to changing the design of existing code
refactoring
Which stage conducts a test that will verify the code functions as intended?
staging stage
Which of the following is NOT a limitation of a threat map
they can be difficult to visualize
What race condition can result in a NULL pointer/object dereference?
time of check/time of use race condition
