601 Security+ Missed

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What are the characteristic features of the Personal Information Exchange (PFX) and P12 digital certificate format? (Select 3 answers) .pfx and .p12 file extensions Generally used for Microsoft windows servers Encoded in text (ASCII Base64) format .pem, .crt, .cer and .key file extensions Encoded in binary format Generally used for Apache servers or similar configurations

.pfx and .p12 file extensions Generally used for Microsoft windows servers Encoded in binary format

Which of the following answers refers to a filename extension used in a cross-platform, general-purpose programming language? .bat .py .ps1 .vbs

.py

A strong password that meets the password complexity requirement should contain: (Select the best answer) Uppercase letters (A-Z) Digits (0-9) Non-alphanumeric characters if permitted (e.g. !, @, #, $) Lowercase letters (a-z) A combination of characters from at least 3 character groups

A combination of characters from at least 3 character groups

A rule-based access control mechanism implemented on routers, switches, and firewalls is called: ACL CSR DLP AUP

ACL

Which of the algorithms below does not fall into the category of asymmetric encryption? RSA GPG DSA AES DHE ECDHE PGP

AES

Which of the cryptographic algorithms listed below is the least vulnerable to attaccks? AES DES RC4 3DES

AES

For the purpose of encryption, WiFi Protected Access 3 (WPA3) takes advantage of: (Select 2 answers) AES-GCMP PSK TKIP with RC4 RC4 AES-CCMP SAE

AES-GCMP, AES-CCMP

Which part of the IPsec protocol suite provides authentication and integrity? CRC AH SIEM AES

AH

Which of the following terms refers to a US government initiative for real-time sharing of cyber threat indicators? NVD AIS TTP CVSS

AIS

Which of the acronyms listed below refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period? ARO SLE ALE SLA

ALE

Which of the following answers refers to the correct formula for calculating probable financial loss due to a risk over a one-year period? SLE = AV x EF ALE = ARO x SLE SLE = ALE x AV SLE = AV x EF

ALE = ARO x SLE

Which of hte following enables the exchange of information between computer programs?

API

An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as: ALE SLA ARO SLE

ARO

In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat ALE SLA ARO SLE

ARO

An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attacker's IP address instead of the IP address of the default gateway. Based on the given info, which type of attack is taking place in this scenario? ARP poisoning Replay attack Cross-site request forgery DNS poisoning

ARP poisoning

A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources is referred to as: SLA EULA AUP BPA

AUP

What is the PKI role of Registration Authority (RA)? (Select 2 answers) Accepting requests for digital certificates Validating digital certificates Authenticating the entity making the request Providing backup source for cryptographic keys Issuing digital certificates

Accepting requests for digital certificates, Authenticating the entity making the request

Which of the following answers refer to the Rule-Based Access Control (RBAC) model? (Select 2 answers) Access to resources granted or denied depending on Access Control List (ACL) entries Every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object Implemented in network devices such as firewalls to control inbound and outbound traffic based on filtering rules Every resource has a sensitivity label matching a clearance level assigned to a user, labels and clearance levels can only be applied and changed by an administrator An access control method based on user identity

Access to resources granted or denied depending on Access Control List (ACL) entries, Implemented in network devices such as firewalls to control inbound and outbound traffic based on filtering rules

Which of the physical security control types listed below provides isolation from external computer networks? Air gap Network segmentation Hardware firewall Protected cable distribution

Air gap

Restoring data from an incremental backup requires: (Select 2 answers) Copy of the last incremental backup All copies of differential backups made since the last full backup Copy of the last differential backup All copies of incremental backups made since the last full backup Copy of the last full backup

All copies of incremental backups made since the last full backup Copy of the last full backup

Which of the answers listed below refer to examples of PKI trust models? Single CA model Hierarchical model (root CA + Intermediate CAs) Mesh model (cross-certifying CAs) Web of trust model (all CAs act as root CAs) Client-server mutual authentication model All of the above

All of the above

Which of the following answers can be used to describe the category of managerial security controls? (Select 3 answers) Also known as administrative controls Sometimes referred to as logical security controls Focused on managing risk Executed by computer systems (instead of people) Documented in written policies Focused on the day-to-day procedures of an organization

Also known as administrative controls, Focused on managing risk, Documented in written policies

Which of the following statements can be used to describe the characteristics of an on-path attack? (Select all that apply) An on-path attack is also known as MITM attack In an on-path attack, attackers place themselves on the communication route between two devices In an on-path attack, attackers intercept or modify packets sent between two communicating devices In an on-path attack, attackers do not have access to packets exchanged during the communication between two devices In an on-path attack, attackers generate forged packets and inject them in the network

An on-path attack is also known as MITM attack, In an on-path attack, attackers place themselves on the communication route between two devices, In an on-path attack, attackers intercept or modify packets sent between two communicating devices

The term "Rooting" refers to the capability of gaining administrative access to the operating system and system applications on: Android devices iOS devices Microsoft devices All type of mobile devices

Android devices

What are the characteristics features of Elliptic Curve Cryptography (ECC)? (Select 3 answers) Asymmetric encryption Low processing power requirements Suitable for small wireless devices High processing power requirements Symmetric encryption Not suitable for small wireless devices

Asymmetric encryption, Low processing power requirements, Suitable for small wireless devices

Which of the following answers refers to an open-source forensics platform that allows to examine the contents of a hard drive or mobile device and recover evidene from it? Memdump FTK imager Autopsy Metasploit

Autopsy

Which of the following answers refers to a key document governing the relationship between two business organizations? ISA ALE SLA BPA

BPA

Which of the following answers refers to an STP frame? MTU Jumbo frame BPDU Magic packet

BPDU

Which of the following answers refer to compensating security controls? (Select all that apply) Backup power system Sandboxing Temporary port blocking Fire suppression system Security audits Temporary service disablement

Backup power system, Sandboxing, temporary port blocking, temporary service disablement

Which of the following terms is used to describe a text message containing system information details displayed after connecting to a service on a server?

Banner

The practice of connecting to an open port on a remote host to gather more information about its configuration is known as

Banner grabbing

Which of the following answers describes the features of TOTP? (Select 3 answers) Vulnerable to replay attacks Based on a cryptographic hash function and a secret cryptographic key Valid for multiple login sessions Based on a shared secret key and current time Not vulnerable to replay attacks Valid for only one login session

Based on a shared secret key and current time, Not vulnerable to replay attacks, valid for only one login session

Which cryptographic attack relies on the concepts of probability theory? KPA Brute-force Dictionary Birthday

Birthday

Which of the following terms best describes threat actors whose sole intent behind breaking into a computer system or network is monetary gain? State actors Black hat hackers Criminal syndicates Advanced Persistent Threat (APT)

Black hat hackers

Gaining unauthorized access to a Bluetooth device is referred to as:

Bluesnarfing

What is the function of a C2 server?

Botnet control

A situation in which an application writes to an area of memory it is not supposed ot have access to is referred to as:

Buffer overflow

Penetration testing: (Select all that apply) Bypasses security controls Only identifies lack of security controls Actively tests security controls Exploits vulnerabilities Passively tests security controls

Bypasses security controls, Actively tests security controls, Exploits vulnerabilities

A type of trusted third party that issues digital certificates used for creating digital signatures and public private key pairs is known as: RA IKE CA CSP

CA

Which of the following answers refers to a security policy enforcement software tool or service placed between cloud service users and cloud applications? UTM CASB NGFW DMVPN

CASB

Which of the following answers refers to a cybersecurity control framework for cloud computing? CCM CSA CSF CIS

CCM

Which of the following answers refers to a nonprofit organization focused on developing globally-recognized best practices for securing IT systems and data against cyberattacks? CIS RMF CSA SSAE

CIS

Which of the following answers refers to a U.S. government initiative that provides the details on how to ensure continued performance of essential functions during unexpected events? SLA COOP RPO COPE

COOP

In which of the mobile device deployment models employees can use corporate-owned devices both for work-related tasks and personal use? BYOD COPE VDI CYOD

COPE

Which of the following solutions allow to check whether a digital certificate has been revoked? (Select 2 answers) CIRT CRL OSCP CSR Key escrow

CRL, OSCP

Which of the answers listed below refers to a method for requesting a digital certificate? CBC CSR CFB CRL

CSR

Which of the following answers refer to vulnerability databases? (Select 2 answers) DBA CVE DBaaS NVD AIS

CVE, NVD

An industry standard for assessing the seveirty of computer system security vulnerabilities is known as: SIEM CVSS OSINT SOAR

CVSS

A mobile device deployment model in which employees select devices for work-related tasks from a company-approved device list is known as: VDI CYOD BYOD COPE

CYOD

Which of the following provides physical security measure against laptop theft? Cable lock Trusted Platform Module Geotracking LoJack for Laptops

Cable lock

Which memory type provides a CPU with the fastest access to frequently used data? Secondary storage Flash memory DRAM Cache memory

Cache memory

Which of the following answers refers to an example order of volatility for a typical computer system? Cache memory -> RAM -> Disk files -> Temporary files -> Swap/Pagefile -> Archival media Archival media -> Disk files -> Temporary files -> Swap/Pagefile -> RAM -> Cache memory Cache memory -> RAM -> Swap/Pagefile -> Temporary files -> Disk files -> Archival media Temporary files -> RAM -> Cache memory -> Swap/Pagefile -> Archival media -> Disk files

Cache memory -> RAM -> Swap/Pagefile -> Temporary files -> Disk files -> Archival media

Which of the following answers refers to a security solution that allows administrators to block network access for users until they perform required action? Honeypot Quarantine network Captive portal FIrewall

Captive portal

What is the function of the Linux chmod command? Changes file/directory access permissions Moves or renames files Changes file owner and group permissions COmpares the contents of two files or sets of files

Changes file/directory access permissions

Which of the following terms illustrate the security through obscurity concept? (Select all that apply) Code obfuscation Steganography SSID broadcast suppression Encryption

Code obfuscation, Steganography, SSID broadcast suppression

What is STIX?

Common language for describing cyber/threat information

Which of the following terms best describes threat actors that engage in illegal activities to get the know-how and gain market advantage? Insiders Nation states /APTs Criminal syndicates Competitors

Competitors

Which of the following examples fall into the category of operational security controls? (Select 3 answers) Configuration management Data backups Authentication protocols Awareness programs Vulnerability assessments

Configuration management, Data backups, Awareness programs

Which functionality allows a DLP system to fulfill its role? Biometrics Environmental monitoring Content inspection Loop protection

Content inspection

Which of the following terms refers to a modified mobile device equipped with software features that were not originally designed by the device manufacturer? Jailbreaking Custom firmware Rooting Sideloading

Custom firmware

A network protocol providing an alternative solution to the manual allocation of IP addresses is called: DNS SNMP DAT DHCP

DHCP

A security feature of a network switch that provides countermeasures against rogue DHCP servers is called: DHCP scope DHCP reservation DHCP snooping DHCP relay agent

DHCP snooping

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as

DLL

Which of the following describes an application attack that relies on executing a library of code? Memory leak DLL injection Pointer dereference Buffer overflow

DLL injection

A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as: DEP RADIUS DLP PGP

DLP

Which of the following would prevent using a mobile device for data exfiltration via cable connection? DLP Full device encryption Screen locks COPE

DLP

Remapping a domain name to a rogue IP address is an example of what kind of exploit? DNS poisoning Domain hijacking ARP poisoning URL hijacking

DNS poisoning

A suite of security extensions for an internet service that translates domain names into IP addresses is known as: EDNS DNSSEC Split DNS DDNS

DNSSEC

Replacing password characters in a password field with a series of asterisks is an example of Data masking Tokenization Anonymization Pseudo-anonymization

Data masking

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as Inline code Dead code Code bloat Duplicate code

Dead code

A wireless disassociation attack is a type of: (Select 2 answers) Cryptographic attack Downgrade attack Deauthentication attack Brute-force attack Denial-of-Service (DoS) attack

Deauthentication attack, Denial-of-Service (DoS) attack

Netstat is a command-line utility used for: (Select 2 answers) Displaying active TCP/IP connections Testing the reachability of a remote host Displaying intermediary points on the packet route Viewing the TCP/IP configuration details Displaying network protocol statistics

Displaying active TCP/IP connections, Displaying network protocol statistics

Which of the following factors has the biggest impact on domain reputation? Domain age Missing SSL certificate Derivative content Bounce rate Distribution of spam

Distribution of spam

What are the characteristic features of a transparent proxy? (Select all that apply) Doesn't require client-side configuration Modifies client's requests and responses Redirects client's requests and responses without modifying them Clients might be unaware of the proxy service Requires client-side configuration

Doesn't require client-side configuration, Redirects client's requests and responses without modifying them, Clients might be unaware of the proxy service

SSL stripping is an example of: (Select 2 answers) Brute-force attack Downgrade attack Watering hole attack On-path attack Denial-of-Service (DOS) attack

Downgrade attack, On-path attack

Which of the following would add power redundancy on a server box? Standby UPS Backup generator Managed PDU Dual-power supply

Dual-power supply

The process of searching, collecting, and securing electronic data with the intent of using it in a legal proceeding or investigation is known as: OSINT E-discovery White-hat hacking Active reconnaissance

E-discovery

Which cryptographic solution would be best suited for low-power devices? ECC EFS SED FDE

ECC

Which of the following answers refers to an endpoint security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats? SWG CASB EDR NGFW

EDR

Which of the terms listed below refer to a product/service that no longer receives continuing support? (Select 2 answers) ETL SDLC EOL EOF ERP EOSL

EOL, EOSL

Which part of IPsec provides authentication, integrity, and confidentiality? AES SHA AH ESP

ESP

POP3 is used for: Name resolution Sending email messages File exchange Email retrieval

Email retrieval

What are the characteristic features of the Distinguished Encoding Rules (DER) digital certificate format? (Select 3 answers) Encoded in binary format Generally used for Microsoft windows servers .der and .cer file extensions Encoded in text (ASCII Base64) format Generally used for Java servers .perm, .crt, .cer and .key file extensions

Encoded in binary format, .der and .cer file extensions, Generally used for Java servers

Which of the following answers refer to the Privacy Enhanced Email (PEM) digital certificate format? (Select 3 answers) Encoded in binary format .pfx and .p12 file extensions Generally used for Java servers Encoded in text (ASCII Base64) format .pem, .crt, .cer and .key file extensions Generally used for Apache servers or similar configurations

Encoded in text (ASCII Base64) .pem, .crt, .cer and .key file extensions Generally used for Apache servers or similar configurations

Which of the following terms applies to the concept of confidentiality? Hashing Encryption Security through obscurity MFS Digital certificate

Encryption

Which of the answers listed below refer to examples of technical security controls? (Select 3 answers) Security audits Encryption protocols Organizational security policy Configuration management Firewall ACLs Authentication protocols

Encryption protocols, Firewall ACLs, Authentication protocols

What are the characteristics of TACACS+? (Select 3 answers) Encrypts only the password in the access-request packet Combines authentication and authorization Encrypts the entire payload of the access-request packet Primarily used for device administration Separates authentication and authorization Primarily used for network access

Encrypts the entire payload of the access-request packet Primarily used for device administration Separates authentication and authorization

Which of the following answers can be used to describe characteristics of a cross-site scripting attack? (Select 3 answers) Exploits the trust a user's web browser has in a website A malicious script is injected into a trusted website User's browser executes attacker's script Exploits the trust a website has in the user's web browser A user is tricked by an attacker into submitting unauthorized web requests Website executes attacker's requests

Exploits the trust a user's web browser has in a website, A malicious script is injected into a trusted website, User's browser executes attacker's script

Which of the following answers can be used to describe characteristics of a cross-site request forgery attack? (Select 3 answers) Exploits the trust a website has in the user's web browser A user is tricked by an attacker into submitting unauthorized web requests Website executes attacker's requests Exploits the trust a user's web browser has in a website A malicious script is injected into a trusted website User's browser executes attacker's script

Exploits the trust a website has in the user's web browser, A user is tricked by an attacker into submitting unauthorized web requests, Website executes attacker's requests

Which of the following answers refers to a rule-based access control mechanism associated with files and/or directories? EFS FACL FIM NTFS

FACL

A software technology designed to provide confidentiality for an entire data storage device is known as: AES FDE EFS HSM

FDE

A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is referred to as: FAR CER CRC FRR

FRR

Which of the following answers refers to a tool for creating forensic images of computer data? diskpart FTK Imager fsutil Autopsy

FTK Imager

Which of the following protocols allow(s) for secure file transfer? (Select all that apply) FTPS TFTP FTP SFTP

FTPS, SFTP

A dynamic code analysis allows for detecting application flaws without the need for actual execution of the application code

False

A situation where a cryptographic hash function produces two different digests for the same data input is referred to as a hash collision.

False

Code obfuscation techniques rely on encryption to protect the source code against unauthorized access

False

Examples of techniques used for encrypting information include symmetric encryption (also called public-key encryption) and asymmetric encryption (also called secret-key encryption, or session-key encryption)

False

FTPS is an extension to the Secure Shell (SSH) protocol and runs by default on port number 22.

False

High MTBF value indicates that a component or system provides low reliability and is more likely to fail.

False

In a differential backup strategy, restoring data from backup requires only a working copy of the last full backup.

False

In cybersecurity exercises, purple team combines the roles of all other teams (i.e. red, blue, and white)

False

In penetration testing, passive reconnaissance relies on gathering information on the targeted system with the use of various non-invasive software tools and techniques, such as pinging, port scanning, or OS fingerprinting

False

In the context of IT security, the term "Data minimization" refers to the process of removing all unnecessary characters from the source code to make it less intelligible for humans and faster to process by machines:

False

Secure File Transfer Protocol (SFTP) is an extension to the FTP protocol that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols

False

Stateless inspection is a firewall technology that keeps track of the state of network connections and based on that data determines which network packets to allow through the firewall.

False

The term "DHCP snooping" refers to an exploit that enables operation of a rogue DHCP network server.

False

The term "Non-repudiation" describes the inability to deny responsibility for performing a specific action. In the context of data security, non-repudiation ensures data confidentiality, provides the proof of data integrity, and proof of data origin.

False

The term "Static code analysis" refers to the process of discovering application run-time errors

False

An authentication subsystem in which a single set of authentication credentials provides access to multiple systems across different organizations is called AAA framework Multi-factor authentication Group-based access control Federation

Federation

Which type of malware resides only in RAM? Rootkit Fileless virus Backdoor Logic bomb

Fileless virus

Which of the following answers can be used to describe the category of operational security controls (Select 3 answers) Also known as administrative controls Focused on the day-to-day procedures of an organization Executed by computer systems (instead of people) Used to ensure that the equipment continues to work as specified Focused on managing risk Primarily implemented and executed by people (as opposed to systems)

Focused on the day-to-day procedures of an organization, Used to ensure that the equipment continues to work as specified, Primarily implemented and executed by people (as opposed to systems)

Which of the following passwords is the moste complex? T$7C52WL4SU GdL3tU8wxYz @TxBL$nW@Xt G$L3tU8wY@z

G$L3tU8wY@z

Which of the block cipher modes listed below provides both data integrity and confidentiality? CBC GCM ECB CTR

GCM

Which of the following regulates personal data privacy of the European Union (EU) citizens? PHI HIPAA PCI DSS GDPR

GDPR

A mobile device's built-in functionality enabling the usage of locator applications is called: WPS GSM IMEI GPS

GPS

A person who breaks into a computer network or system for a politically or socially motivated purpose is usually described as a(n) Insider Gray hat hacker Hacktivist State actor

Hacktivist

Example of MFA attributes include (Select all that apply) USB token Retina scan Handwritten signature Gait analysis GPS reading PIN Chain of trust

Handwritten signature Gait analysis GPS reading Chain of trust

Which firewall would provide the best protection for an ingress / egress point of a corporate network? (Select 2 answers) Hardware firewall Network-based firewall Software firewall Host-based firewall

Hardware firewall Network-based firewall

Which of the following refers to the contents of a rainbow table entry? Hash/Password IP address/Domain name Username/Password Account name/Hash

Hash/Password

Which of the following terms applies to the concept of data integrity? MFA Digital certificate Hashing Security through obscurity Encryption

Hashing

Which of the following can be used to validate the origin (provenance) of digital evidence? (Select 2 answers) Hashing Tokenization Salting Metadata examination Checksums

Hashing, Checksums

An administrator needs to adjust the placement of multiple Access Points (APs) to ensure the best wireless signal coverage for the network. Which of the following would be of help while identifying areas of low signal strength? Heat map Power level controls Logical network diagram WiFi hotspots

Heat map

A NIDS/NIPS that detects intrusions by comparing network traffic against the previously established baseline can be classified as: (Select all that apply) Heuristic Anomaly-based Behavioral Signature-based

Heuristic Anomaly-based Behavioral

Which of the following enables processing data in an encrypted form? Diffusion Homomorphic encryption Obfuscation Hashing

Homomorphic encryption

Which of the following is a common firewall type used for protecting a single computer? (Select 2 answers) Host-based firewall Software firewall Network-based firewall Hardware firewall

Host-based firewall, Software firewall

Which of the following examples do not fall into the category of physical security controls (Select 3 answers) Lighting Warning signs Sensors IDS/IPS Security cameras Alarms Encryption protocols Fences/bollards/barricades Security guards Firewall ACLs Access control vestibules Door locks / cable locks

IDS/IPS, Encryption protcols, Firewall ACLs

Which of the following answers refers to an IEEE standard that can be implemented in a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports? IEEE 802.1X IEEE 802.11ac IEEE 802.111D IEEE 802.11x

IEEE 802.1X

An IETF specification that defines how IP flow information is to be formatted and transferred from an exporter to a collector is called: NetFlow IPFIX sFlow NXLog

IPFIX

Which of the answers listed below refer to examples of corrective security controls? (Select all that apply) IPS Security guards Backups and system recovery Log monitoring Alternate site Fire suppression system

IPS, backups and system recovery, Alternate site, Fire suppression system

Examples of protocols used for implementing secure VPN tunnels include: (Select all that apply) bcrypt IPsec SRTP TLS L2TP

IPsec, TLS, L2TP

Which of the answers listed below refers to a short distance, line-of-sight technology used for example in home remote controls? NFC Bluetooth IR Zigbee

IR

Which of the following terms refers to a group of experts designated to handle a natural disaster or an interruption of business operations? IETF CSIRT IRT IRTF

IRT

Which of the following answers refers to an ISO/IEC standard providing code of practice for information security controls? ISO/IEC 27001 ISO/IEC 27002 ISO/IEC 27701 ISO/IEC 27701

ISO/IEC 27002

An extension to the ISO/IEC 27001 standard that focuses on privacy data management is called: ISO/IEC 27002 ISO/IEC 27701 ISO/IEC 27702 ISO/IEC 31000

ISO/IEC 27702

Which of the following answers refers to a family of standards providing principles and guidelines for risk management? ISO/IEC 27001 ISO/IEC 27002 ISO/IEC 27701 ISO/IEC 31000

ISO/IEC 31000

Which of the following answers refers to a cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software? SaaS XaaS PaaS IaaS

IaaS

Which of the following answers refers to a trusted third-party service for validating user identity in a federated identity system? RA IdP CA Kerberos

IdP

Which of the following statements are not true? (Select 2 answers) Risk awareness is the acknowledgement of risk existence Control risk is the risk caused by improper implementation of security controls Risk appetite is the amount of risk an organization is willing to take in pursuit of its goals Inherent risk is the remaining risk after implementing controls Residual risk is the original level of risk that exist before implementing any controls

Inherent risk is the remaining risk after implementing controls, Residual risk is the original level of risk that exist before implementing any controls

Which programming aspects are critical for secure application development process? (Select 2 answers) Patch management Input validation Password protection Error and exception handling Application whitelisting

Input invalidation, Error and exception handling

Digital signatures provide: (Select 3 answers) Integrity Authentication Confidentiality Authorization Non-repudiation Accounting

Integrity, Authentication, Non-repudiation

A type of forensic evidence that can be used to detect unauthorized access attempts to other malicious activities is called: CVE IoC AIS OSINT

IoC

A type of hardened server used as a secure gateway for remote administration of devices placed in a different security zone is known as: C2 server Jump server UC server Proxy server

Jump server

Which of the following servers would be best suited to act as an intermediary between an intranet and a screened subnet? UC server Proxy server C2 server Jump server

Jump server

During a password reminder procedure the system asks security question that covers personal details that should be known only to the user (e.g. user's favorite holiday destination). This type of authentication method is an example of SAE KBA IdP PII

KBA

Which of the following are examples of hardware authentication tokens? (Select 3 answers) Key fob Cable lock Passphrase Biometric reader RFID badge Smart card

Key fob, RFID badge, Smart card

Which of the following answers refers to the concept of non-persistence? (Select 3 answers) Last known-good configuration System image Live boot media Journaling Known state reversion

Last known-good configuration, Live boot media, Known state reversion

Which of the answers listed below refers to a type of removable storage media that contains a portable, non-persistent OS?

Live boot media

Which of the following answers refer to examples of detective security controls (Select all that apply) Lighting Log monitoring Sandboxing Security audits CCTV IDS

Log monitoring, Security audits, CCTV, IDS

Which of the following fall(s) into the category of Layer 2 attacks? (Select all that apply) MAC cloning ARP poisoning MAC flooding DNS poisoning MAC spoofing

MAC cloning ARP poisoning MAC flooding MAC spoofing

Which of the following answers refers to a dedicated mobile app management software? UEM MAM RCS MDM

MAM

Which of the following terms applies to the authentication process? Digital certificate MFA Encryption Security through obscurity Hashing

MFA

Which of the following answers refer to an office equipment that combines the functionality of multiple devices (Select 2 answers) MFD IoT MFP PED MFA

MFD, MFP

A globally accessible knowledge base of Adversary Tactics, Techniques, and Procedures (TTPs) based on observations from real-world attacks is known as MITRE ATT&CK The Diamond Model of Intrusion Analysis Cyber Kill Chain

MITRE ATT&CK

Which of the following answers refer to a general document established between two or more parties to define their respective responsibilities and expectations in accomplishing a particular goal or mission? (Select 2 answers) SLA MOU SOW MOA ISA

MOU, MOA

A type of agreement that specifies generic terms to simplify the negotiation of future contracts between the signing parties is called: MOU SLA MSA SOW

MSA

Which of the following would be the best solution for a company that needs IT services that lacks any IT personnel? MSA MaaS MSP MSSP

MSP

Which of the following terms refers to a third-party vendor offering IT security management services? (Select best answer) MSP MaaS MSA MSSP

MSSP

Which of the following terms is used to describe an average time required to repair a failed component or device? MTBF RPO MTTR SLA

MTTR

Which of the following answers refers to a sequential-access backup media? Magnetic tapes Disk drives Optical discs Flash media

Magnetic tapes

Which of the following forensic utilities enables the extraction of RAM contents? Memdump Wirehex FTK Imager Autopsy

Memdump

A nontransparent proxy: (Select 2 answers) Modifies client's requests and responses Doesn't require client-side configuration Requires client-side configuration Redirects client's requests and responses without modifying them

Modifies client's requests and responses, Requires client-side configuration

A solution that alleviates the problem of depleting IPv4 address space by allowing multiple hosts on the same private LAN to share a single public IP address is known as: DNS APIPA NAT DHCP

NAT

A very short-range communication method where a wireless signal is sent between two devices that are touching or nearly touching each other is a characteristic feature of: RFID NFC Infrared(IR) Bluetooth

NFC

What is the name of a technology used for contactless payment transactions? NFC SDN PED WAP

NFC

Which of the following answers refers to a firewall type that improves upon first- and second- generation firewalls by offering additional features, such as more in-depth inspection of network traffic and application-level inspection? IDS Packet filter NGFW Stateful firewall

NGFW

The process of combining multiple physical network adapters into a single logical interface for increased throughput and redundancy is called: Device pairing Multipath I/O Route aggregation NIC teaming

NIC teaming

Which protocol ensures the reliability of the Kerberos authentication process? EAP NTP IPsec RTP

NTP

Which of the following is a cross-platform log-managing tool? Netflow rsyslog NXLog sFlow syslog-ng

NXLog

Which of the following tools offers the functionality of a configuration compliance scanner? Zenmap Roo Nessus DBAN

Nessus

Which of the following is a Cisco-designed IP traffic collection method that by default does not offer packet sampling? IPFIX NetFlow NXLog sFlow

NetFlow

Which of the following answers refer(s) to wireless threat vector(s)? (Select all that apply) Network protocol vulnerabilities (WEP/WPA) Rogue AP/ Evil twin Default security configurations Malicious email attachments Vulnerabilities in network security standards (WPS)

Network protocol vulnerabilities (WEP/WPA), Rogue AP / Evil twin, Default security configurations, Vulnerabilties in network security standards (WPS)

What is the most common form of a DDoS attack?

Network-based

In a round-robin load balancing method, each consecutive request is handled by: (Select best answer) FIrst server in a cluster Next server in a cluster Least utilized server in a cluster Last server in a cluster

Next server in a cluster

What is the fastest way for checking the validity of a digital certificate? CRL Key escrow OSCP CSR

OSCP

Which type of DDoS attack targets industrial equipment and infrastructure? IoT ATT&CK OT IoC

OT

Mobile device updates delivered over a wireless connection are known as: WAP UAV OTA RAS

OTA

Which technology enables establishing direct communication links between two USB devices? VDE GRE OTG DHE

OTG

Which of the following answers refer to IMAP? (Select 2 answers) Offers improved functionality in comparison to POP3 Serves the same function as POP3 Enables sending email messages from client devices Offers less functions than POP3 Enables email exchange between mail servers

Offers improved functionality in comparison to POP3, Serves the same function as POP3

Which of the following answers refers to a common antenna type used as a standard equipment on most Access Points (APs) for indoor Wireless Local Area Network (WLAN) deployments? Omnidirectional antenna Dish antenna Unidirectional antenna Yagi antenna

Omnidirectional antenna

Which wireless antenna type provides a 360-degree horizontal signal coverage? Dish antenna Unidirectional antenna Yagi antenna Omnidirectional antenna

Omnidirectional antenna

A security solution that provides control over elevated (i.e. administrative type) accounts is known as: MAC PAM ICS FACL

PAM

Which of the following answers refers to a solution designed to strengthen the security of session keys? ECB PFS EFS PFX

PFS

The US Health Insurance Portability and Accountability Act (HIPAA) provides privacy protection for: (Select best answer) PII ESN PHI PIV

PHI

Which of the following acronyms refers to any type of information pertaining to an individual that can be used to uniquely identify that person? PHI Biometrics PII PKI

PII

Which of the following fall into the category of MFA factors? (Select 3 answers) GPS reading Handwritten signature PIN Chain of trust USB token Gait analysis Retina scan

PIN, USB token, Retina scan

Which of the following answers refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates? Web of trust PKI IaaS CA

PKI

Which of the following answers refers to a deprecated method for implementing Virtual Private Networks (VPNs)? GRE PPTP OpenVPN SSTP

PPTP

Which of the following acronyms refers to a client authorization method used in WPA2 Personal mode? AES RC4 IKE PSK SAE

PSK

Which cloud service model would provide the best solution for a web developer intending to create a web app? XaaS SaaS PaaS IaaS

PaaS

Which of the following can be used as an extension of RAM? (Select 2 answers) Pagefile Extended partition Swap partition Primary storage Archive file

Pagefile, Swap partition

A security administrator configured a NIDS to receive traffic from network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the NIDS? (Select 2 answers) In-band Passive Inline Out-of-band

Passive, Out-of-band

URL redirection is a characteristic feature of: Pharming Directory traversal attacks On-path attacks Typosquatting

Pharming

Which of the following answers refer(s) to the characteristic feature(s) of Faraday cage? (Select all that apply) Physical security control type Provides protection against RFI Technical security control type Provides protection against EMI Administrative security control type

Physical security control type, Provides protection against RFI, provides protection against EMI

Which of the following allows an administrator to inspect traffic passing through a network switch? VLAN tagging Port mirroring Fault-tolerant mode Port scanner

Port mirroring

802.1X is an IEEE standard for implementing: VLAN tagging Token ring networks Port-based NAC Wireless networks

Port-based NAC

According to predictions, the most future-proof cryptographic solution should be: Quantum cryptography Symmetric-key cryptography Post-quantum cryptography Asymmetric-key cryptography Public-key cryptography

Post-quantum cryptography

Which of the following is used in data URL phishing? Prepending Typosquatting Pretexting Domain hijacking

Prepending (prepending refers to when an attacker prepends, or attaches, a trustworthy value like "RE:" or "MAILSAFE: PASSED" to a message in order to make the message appear more trustworthy. You would do URL phishing in an email or some form of communication. Typosquatting refers to registering slightly misspelled domains of company url's, pretexting is a social engineering technique that abuses a user's trust in a familiar situation, and domain hijacking is when registration of a domain name is transferred away from the rightful owner)

What are the characteristic features of RADIUS? (Select 3 answers) Primarily used for network access Encrypts the entire payload of the access-request packet Combines authentication and authorization Encrypts only the password in the access-request packet Primarily used for device administration Separates authentication and authorization

Primarily used for network access Combines authentication and authorization Encrypts only the password in the access-request packet

A type of contactless smart card that can be read at a close range from a reader device is commonly referred to as: MicroSD card Common Access Card (CAC) Proximity card Personal Identity Verification (PIV) card

Proximity card

What type of preventive physical access controls would provide a basic means for securing a door access? (Select 2 answers) Air gap Proximity card reader CCTV Industrial camouflage Smart card reader

Proximity card reader, Smart card reader

What is the name of a cloud computing deployment model in which the cloud infrastructure is provisioned for open use by the general public? Hybrid cloud Private cloud Community cloud Public cloud

Public cloud

Assessment of risk probability and its impact based on subjective judgement falls into the category of: Risk acceptance Quantitative risk assessment Risk transference Qualitative risk assessment

Qualitative risk assessment

Which of the following solutions is used for controlling network resources and assigning priority to different types of traffic? Measured service Acceptable Use Policy (AUP) Fair access policy Quality of Service (QoS)

Quality of Service (QoS)

A calculation of the Single Loss Expectancy (SLE) is an example of: Quantitative risk assessment Risk deterrence Qualitative risk assessment Risk acceptance

Quantitative risk assessment

Which of the following RAID levels does not offer fault tolerance?

RAID 0

Which of the solutions listed below add(s) redundancy in areas identified as single points of failure (Select all that apply) RAID Dual-power supply Virtualization Failover clustering Load balancing

RAID, Dual-power supply, Fallover clustering, Load balancing

Which type of Trojan enables unauthorized remote access to a compromised system? pcap RAT MaaS pfSense

RAT

Group-based access control in MS Windows environments is an example of: RBAC DAC ABAC MAC

RBAC

Which of the following answers refers to a technology designated as a successor to SMS and MMS? RCS S/MIME IM CMS

RCS

Which of the following answers refer(s) to (an) example(s) of physical authentication token(s)? (Select all that apply) RFID badge Password key Password vault Key fob Smart card

RFID badge, Password key, Key fob, Smart card

A mandatory IT security and risk management framework for U.S. federal government developed by NIST is known as: SSAE CSF RMF CSA

RMF

Which of the algorithms listed below does not belong to the category of symmetric ciphers? RC4 DES RSA AES BLowfish 3DES Twofish

RSA

Which of the acronyms listed below refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster? SLA RTO AUP RPO

RTO

A type of OS characterized by low delay between the execution of tasks required in specific applications such as in military missile guidance systems or in automotive braking systems, is known: UNIX Windows NT POSIX RTOS

RTOS

A malfunction in a preprogrammed sequential access to a shared resource is described as:

Race condition

Examples of embedded systems include: (Select all that apply) Android OS Raspberry PI iOS Arduino Field Programmable Gate Array (FPGA) Mainframe computer system

Raspberry Pi, Arduino, Field Programmable Gate Array (FPGA)

The practice of modifying an application's code without changing its external behavior is referred to as:

Refactoring

Which of the following terms refer to software/hardware driver manipulation techniques (Select 2 answers) Prepending Fuzz testing Refactoring Shimming Sideloading

Refactoring, Shimming

Which VPN type is used for connecting computers to a network? (Select all that apply) Remote access Intranet-based Client-to-site Site-to-site Extranet-based

Remote access, Client-to-site

Hardware RAID Level 0: (Select all that apply) Requires a minimum of 2 drives to implement Is also known as disk striping Decreases reliability (failure of any disk in the array destroys the entire array) Is also referred to as disk mirroring Offers less volume capacity in comparison to RAID 1 Requires at least 3 drives to implement Is suitable for systems where performance has higher priority than fault tolerance Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data)

Requires a minimum of 2 drives to implement Is also known as disk striping Decreases reliability (failure of any disk in the array destroys the entire array)

Hardware RAID Level 10 (a.k.a. RAID 1+0): (Select 3 answers) Requires a minimum of 4 drives to implement Is referred to as stripe of mirrors, i.e. a combination of RAID 1 (disk mirroring) and RAID 0 (disk striping) Requires a minimum of 5 drives to implement Offers increased performance and fault tolerance (failure of one drive in each mirrored pair of disk drives does not destroy the array) Requires a minimum of 3 drives to implement Continues to operate in case of failure of more than 2 drives

Requires a minimum of 4 drives to implement, Is referred to as stripe of mirrors, i.e. a combination of RAID 1 (disk morroring) and RAID 0 (disk striping), Offers increased performance and fault tolerance (failure of one drive in each mirrored pair of disk drives does not destroy the array)

Hardware RAID level 1: (Select 3 answers) Requires at least 2 drives to implement Is also known as disk striping Offers improved performance in comparison to RAID 0 Requires at least 3 drives to implement Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data) Is also referred to as disk mirroring

Requires at least 2 drives to implement, Offers improved reliability by creating identical data sets on each drive contains identical copy of the data) Is also referred to as disk mirroring

Hardware RAID Level 5: (Select 2 answers) Requires at least 2 drives to implement Continues to operate in case of failure of more than 1 drive Requires at least 3 drives to implement Offers increased performance and fault tolerance (single drive failure does not destroy the array and lost data can be re-created by the remaining drives) Requires at least 4 drives to implement

Requires at least 3 drives to implement, Offers increased performance and fault tolerance (single drive failure does not destroy the array and lost data can be re-created by the remaining drives)

Which of the following answers refer to an assessment tool used for prioritizing the severity of different risks? (Select 2 answers) Risk register Quantitative risk assessment Risk heat map Disaster Recovery Plan (DRP) Risk matrix

Risk heat map, Risk matrix

Which of the following answers refers to a document containing detailed information on potential cybersecurity risks? Risk register Risk heat map Risk matrix Risk repository

Risk register

Cybersecurity insurance is an example of which risk management strategy? Risk avoidance Risk deterrence Risk transferrence Risk acceptance

Risk transference

A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as a:

Rootkit

An access control model in which access to resources is granted or denied depending on the contents of Access Control List (ACL) entries is called: Role-Based Access Control Mandatory Access Control Rule-Based Access Control Lattice-Based Access Control

Rule-Based Access Control

Which of the following acronyms refers to a client authentication method used in WPA3 Personal mode? SAE IKE RC4 PSK AES

SAE

Which of the answers listed below refers to an XML-based markup language for exchanging authentication and authorization data? SAML OpenID Connect Shibboleth OAuth

SAML

Which of the following answers refer to software technologies designed to simplify network infrastructure management? (Select 2 answers) SDP SSP SDV SEH SDN

SDV, SDN

Which of the following answers refers to a data storage device equipped with hardware-level encryption functionality? SSP SEH SDN SED

SED

A security solution designed to detect anomalies in the log and event data collected from multiple network devices is called SNMP PCAP HPS SIEM

SIEM

A correlation engine used for processing various types of log data into an actionable information is a feature of: REST API SIEM dashboard Syslog server SOAR

SIEM dashboard

Which of the following answers refers to a protocol used for managing real-time session that include voice, video, application sharing, or instant messaging services? L2TP BGP RSTP SIP

SIP

An agreement between a service provider and users defining the nature, availability, quality, and scope of the service to be provided is known as: SOW MSA SLA MOU

SLA

Which of the following terms refers to an agreement that specifies performance requirements for a vendor? MSA SLA MOU SOW

SLA

Which term describes the predicted loss of value to an asset based on a single security incident? SLE ARO ALE SLA

SLE

Which of the answers listed below refers to a deprecated TLS-based method for securing SMTP IMAPS STARTTLS POP3S SMTPS

SMTPS

Which version(s) of the SNMP protocol offer(s) authentication based on community strings sent in an unencrypted form? (Select all that apply) SNMPv1 SNMPv2 SNMPv3 SNMPv4

SNMPv1, SNMPv2

Which of the following tools enables automated response to security incidents? NIDS SOAR HIDS SIEM

SOAR

Which protocol enables secure, real-time delivery of audio and video over an IP network? S/MIME RTP SIP SRTP

SRTP

Which type of exploit allows an attacker to take control over a server and use it as a proxy for unauthorized actions?

SSRF

Which of the following answers refers to a deprecated encryption protocol? SSH TLS S/MIME SSL IPsec PGP

SSl

Which of the following protocols provide protection against broadcast storms and switching loops? (Select 2 answers) RPT SRTP RDP STP RSTP

STP, RSTP

A cloud computing service model offering remote access to applications based on monthly or annual subscription fee is called PaaS SaaS IaaS XaaS

SaaS

Which of the following answers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks? Seed IV Salt Shim

Salt

Which of the following provide randomization during encryption process? (Select 2 answers) Salting Rainbow tables Obfuscation Initialization Vector (IV) Shimming

Salting Initialization Vector (IV)

What are the countermeasures against VM escape? (Select 2 answers) Group policy Sandboxing User training Patch management Asset documentation

Sandboxing, Patch management

A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company's firewall is called:

Screened subnet

What are the characteristic features of the secure version of IMAP? (Select all that apply) TCP port 143 Secure Sockets Layer (SSL) TCP port 993 Transport Layer Security (TLS) TCP port 995

Secure Sockets Layer (SSL), TCP port 993, Transport Layer Security (TLS)

Which of the following answers refer(s) to POP3S encrypted communication? (Select all that apply) TCP port 993 Secure Sockets Layer (SSL) TCP port 995 Transport Layer Security (TLS) TCP port 110

Secure Sockets Layer (SSL), TCP port 995, Transport Layer Security (TLS)

LDAPS is an example of: Authentication protocol Secure directory access protocol Address resolution protocol File exchange protocol

Secure directory access protocol

What are the examples of preventive security controls? (Select 3 answers) Security guards Fire suppression system System hardening Login banners CCTV Separation of duties

Security guards, System hardening, Separation of duties

Which of the answers listed below refers to a concept of having more than one person required to complete a given task? Job rotation Role-Based Access Control (RBAC) Multitasking Separation of duties

Separation of duties

A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: (Select 3 answers) Session-key encryption Public-key encryption Symmetric encryption Asymmetric encryption Secret-key encryption

Session-key encryption Public-key encryption Symmetric encryption Asymmetric encryption Secret-key encryption

Which of the following alters the external behavior of an application and at the same time does not introduce any changes to the application's code? Shimming Refactoring API call Sideloading

Shimming

Allowing "Unknown Sources" in Android Security Settings enables: Rooting Carrier unlocking Sideloading Jailbreaking

Sideloading

Installing mobile apps from websites and app stores other than the official marketplaces is referred to as: Jailbreaking Rooting Sideloading Carrier unlocking

Sideloading

Which of the following answers does not refer to an email communication threat vector? Skimming Malicious attachment Social engineering Malicious URL Phishing

Skimming

Which of the following answers refers to an example implementation of certificate-based authentication? Smart card ID badge PIN code Biometric lock

Smart card

Which of the following devices best illustrates the concept of edge computing? Router Smartwatch Thin client Server

Smartwatch

Which of the following answers refer to smishing? (Select 2 answers) Social engineering technique Email communication Spam over Internet Telephony Text messaging Spam over Internet Messaging (SPIM)

Social engineering technique, Text messaging (Smishing is a form of social engineering that uses text messages (SMS) to trick people into revealing sensitive information or downloading malware, aka SMS phishing)

Which of the following answers can be used to describe the category of technical security controls (Select 3 answers) Focused on managing risk Sometimes called logical security controls Executed by computer systems (instead of people) Also known as administrative controls Implemented with technology Primarily implemented and executed by people (as opposed to systems)

Sometimes called logical security controls, Executed by computer systems (instead of people), Implemented with technology

A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of a: Replay attack Dictionary attack Spraying attack Birthday attack

Spraying attack

Which of the terms listed below refers to the dynamic packet filtering concept? Port mirroring Stateful inspection Out-of-band management Stateless inspection

Stateful inspection

Which of the following terms refers to an automated or manual code review process aimed at discovering logic and syntax errors in the application's source code? Input validation Dynamic code analysis Fuzzing Static code analysis

Static code analysis

What are the countermeasures against SQL injection attacks? (Select 2 answers) Code obfuscation Database normalization Stored procedures Code signing Input validation

Stored procedures, Input validation

What are the characteristic features of WPA2/WPA3 Enterprise mode? (Select 3 answers) Suitable for large corporate networks IEEE 802.1D Does not require an authentication server IEEE 802.1X Suitable for all types of wireless LANs Requires RADIUS authentication server

Suitable for large corporate networks, IEEE 802.1X, Requires RADIUS authentication server

A type of file that an OS uses to hold parts of programs and data files that cannot be stored in RAM due to insufficient memory space is called: (Select 2 answers) Swap file Temporary file Pagefile Signature file Archive file

Swap file, Pagefile

Which of the following terms refers to an embedded cryptoprocessor that can be found on the motherboards of newer PCs and laptops? CFB AHCI UEFI TPM

TPM

Which of the following answers list examples of hardware root of trust? (Select 2 answers) EFS TPM SED HSM FDE

TPM, HSM

Which of the following describes the behavior of a threat actor? PII TTPs IPS MaaS

TTPs

Which of the following answers refers to a Command-Line Interface (CLI) packet-crafting tool? tcpdump theHarvester Tcpreplay WireShark

Tcpreplay

Which of the following tools enables sending custom packets that can be used to evaluate the security of a network device? WireShark Tcpreplay tcpdump theHarvester

Tcpreplay

A mobile device's capability to share its internet connection with other devices is referred to as: Pairing Clustering Tethering Bonding

Tethering

Which of the following answers refers to a methodology framework for intrusion analysis developed by U.S. government intelligence community? MITRE ATT&CK The Diamond Model of Intrusion Analysis Cyber Kill Chain

The Diamond Model of Intrusion Analysis

Which of the following terms refers to a vulnerability caused by race conditions? Mean time to failure Replay attack Mean time between failures Time-of-check to time-of-use

Time-of-check to time-of-use

Which of the following security solutions can be used to protect database contents? (Select all that apply) Fuzzing Tokenization Salting Normalization Hashing

Tokenization Salting Hashing

Which part of the IPsec modes provides entire packet encryption? Tunnel Payload Transport Default

Tunnel

Examples of key stretching algorithms include: (Select 2 answers) ROT13, Twofish, Bcrypt, DSA, PBKDF2

Twofish, Bcrypt, PBKDF2

Which of the following answers refers to a software tool that provides a single management interface for mobile devices, PCs, printers, IoT devices and wearables? MDM RCS UEM MAM

UEM

What is the name of a device that can provide short-term emergency power during an unexpected main power source outage? UPS PoE SVC PSU

UPS

Examples of application software designed to selectively block access to websites include: (Select 2 answers) URL filter Captive portal FIrewall Content filter Proxy server

URL filter, Content filter

Which of the following physical security controls can be implemented as DLP solution? USB data blocker Visitor logs CCTV Motion detection

USB data blocker

An attacker impersonates a company's managing staff member to manipulate a lower rank employee into disclosing confidential data. The attacker informs the victim that the information is essential for a task that needs to be completed within the business hours on the same day and mentions potential financial losses for the company in case the victim refuses to comply. Which social engineering principles apply to this attack scenario? (Select 3 answer) Urgency Familiarity Authority Consensus Intimidation Scarcity

Urgency, Authority, Intimidation

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers) Patch management Usage audit Physical security controls Sandboxing Asset documentation

Usage audit Asset documentation

Which of the following answers list the characteristic features of the Mandatory Access Control (MAC) model? (Select 3 answers) Users are not allowed to change access policies at their own discretion Labels and clearance levels can only be applied and changed by an administrator Every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object Access to resources based on user identity Every resource has a sensitivity label matching a clearance level assigned to a user

Users are not allowed to change access policies at their own discretion, Labels and clearance levels can only be applied and changed by an administrator, Every resource has a sensitivity label matching a clearance level assigned to a user

Which of the following enables running macros in Microsoft Office applications? DOM VBA SDK RAD

VBA

A logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain regardless of their physical location is known as: VLN Screened subnet Intranet SAN

VLAN

Which of the following answers refer to the characteristics of HOTP? (Select 3 answers) Valid for only one login session Based on a shared secret key and current time Vulnerable to replay attacks Based on a cryptographic hash function and a secret cryp

Valid for only one login session, Based on a cryptographic hash function and a secret cryptographic key, Not vulnerable to replay attacks

The practice of using a telephone system to manipulate user into disclosing confidential information is known as:

Vishing (Voicemail phishing)

Which of the acronyms listed below refers to a firewall controlling access to a web server? WEP WAP WPS WAF

WAF

Which of the following would be of help in troubleshooting wireless signal loss and low wireless network signal coverage? (Select 2 answers) Protocol analyzer WAP power level controls WiFi analyzer Logical network diagram Network mapper

WAP power level controls, WiFi analzyer

Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities resulting from implementation flaws? EAP AES WPA2 WEP

WEP

A solution that simplifies configuration of new wireless networks by allowing non-technical users to easily configure network security settings and add new devices to an existing network is known as: WPA WPS WEP WAP

WPS

Which of the wireless technologies listed below are deprecated and should not be used due to their known vulnerabilities? (Select 2 answers) WPS WAP WPA2 WAF WEP

WPS, WEP

An optimal Wireless Access Point (WAP) antenna placement provides a countermeasure against: War chalking Spoofing War driving Insider threat

War driving

Which of the terms listed below refers to a platform used for watering hole attacks? Mail gateways Websites PBX systems Web browsers

Websites (A watering hole attack is a targeted attack designed to compromise users within a specific industry or group of users by infecting websites they typically visit and luring them to a malicious site)

Which of the following answers refers to a diagnostic tool that can be used for measuring wireless signal strength? Tone generator Multimeter WiFi analyzer Network mapper

WiFi analyzer

Which digital certificate allows multiple subdomains to be protected by a single certificate? Root signing certificate Subject Alternative Name (SAN) certificate Extended Validation (EV) certificate Wildcard certificate

Wildcard certificate

The process of planning and designing new WLANs for optimal performance, security and compliance typically involves: Penetration testing Wireless site survey Vulnerability scanning End user awareness and training

Wireless site survey

Which of the following answers refers to a command-line tool used to download or upload data to a server via any of the supported protocols, such as FTP, HTTP, SMTP, IMAP, POP3, or LDAP? theHarvester curl sn1per memdump

curl

A Linux command-line utility that can be used in the forensic process for creating and copying image files is called: fsutil diskpart dd format

dd

Which of the following answers refers to network administration command-line utilities used for DNS queries? (Select 2 answers) dig tracert nslookup ping pathping

dig, nslookup

Which of the following tools would be best suited for gathering information about a domain? FTK Imager dnsenum scanless Wireshark

dnsenum

Which of the following enables client-side URL redirection? host hosts hostname localhost

hosts

Which of the following answers refers to a command-line tool used for security auditing and testing of firewalls and networks? pathping netstat nslookup hping

hping

Which of the following answers refers to a Linux utility for querying and displaying logs that are stored in binary form? logger uncompress read journalctl

journalctl

Which of the following commands enables adding messages to the /var/log/syslog file in Linux? paste logger write printf

logger

A Linux command-line command for displaying routing table contents is called: print route netstat -r route print netstat -a

netstat -r

Which network command-line utility in MS Windows combines the features of ping and tracert? nbtstat pathping traceroute netstat

pathping

Which of the following command-line commands in MS Windows are used to display the contents of a routing table? (Select 2 answers) netstat -p route print netstat -a print route netstat -r

route print, netstat -r

Which of the following answers refers to a cross-platform IP traffic collection method that takes advantage of packet sampling to optimize bandwidth and hardware resources usage? sFlow NXLog NetFlow IPFIX

sFlow

Which of the following answers refers to an advanced network exploration and penetration testing tool integrating functionalities from multiple other tools, such as ping, whois, or nmap? sn1per dnsenum curl scanless

sn1per

Examples of utilities that enable logging of data from different types of systems in a central repository include: (Select all that apply) syslog rsyslog journalctl syslog-ng NXLog

syslog rsyslog syslog-ng NXLog

Which of the following are log managing utilities for Unix and Unix-like systems that implement the basic syslog protocol and extend it with additional functionalities? (Select 2 answers) NXLog syslog-ng NetFlow rsyslog sFlow

syslog-ng, rsyslog

Which of the following is a Command-Line Interface (CLI) packet-capturing tool used in Unix-like operating systems? tcpdump Wireshark theHarvester Tcpreplay

tcpdump

Which of the following tools is used for gathering OSINT? Wireshark theHarvester Nessus FTK Imager

theHarvester

A Linux command-line utility for displaying intermediary points (routers) the IPv4 packet is passed through on tis way to another network node is known as: nbtstat traceroute netstat tracert

traceroute

A network command-line utility in MS Windows that tracks and displays the route taken by IPv4 packets on their way to another host is called ping traceroute nslookup tracert

tracert


Ensembles d'études connexes

The Research Process—Finding and Evaluating Sources

View Set

Stress, Adaptation, Sensory Functions

View Set

BUSMGT 3230 Manufacturing and Service Processes

View Set

Parathyroid Glands: Anatomy and Physiology

View Set

Chapter 1: Cells: The Fundamental Units of Life

View Set