final

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Marcus is considering GPS tagging for use with an MDM tool and asks you if there is a major concern with this approach. What advice does the text share that you could pass on to Marcus? No concern Chain of custody Support for geofencing Privacy

Privacy

What type of malware is adware typically classified as? A DOG A backdoor A PUP A rootkit

A PUP

What does the chmod command do?

Changes permissions of a file

Lilo is conducting a penetration test for a client. The client provided Lilo with limited but important information on the configuration of the systems under test. What type of pentest is Lilo performing? Gray-box test Red-box test White-box test Black-box test

Gray-box test

Devices that centralize the acceptance and forwarding of network requests are known as what? Proxy servers Firewalls Routers VPN concentrator

Proxy servers

Aubrey needs to implement LDAP service. What type of service is Aubrey attempting to enable? An attestation service A federation A directory service A biometric identity provider

A directory service

What service runs on port 53?

DNS

Malware

Describes a wide range of software intentioanlly designed to cause harm to systems, networks and devices

PII

Includes any information that unqiuely identifies an individual person

RAID 0

Data is spread to every drive in the array, which is like artifiically gluing two hard drives or more together

What service runs on port 80?

HTTP

Lilo discovers that users are using many approaches to using systems resources and some approaches are creating unforeseen risks. Lilo creates a revised document that limits users to any one of several approaches that have not been shown to create risks. What type of document did Lilo create? Policy Standard Guideline Procedure

Standard

Risk acceptance

A management decision to take no furhter risk reduction actions and accept the existing risk as part of normal operations

Nessus

A network-vulnerability scanner, that can determine whether a server is vulnerable

A prominent cloud-computing vendor is engaging an audit firm to produce a report that will be shared publicly to demonstrate that appropriate controls are in place. The audit firm will assess the controls as well as the effectiveness of the controls. What type of report should the cloud-computing firm expect? SOC 2 Type 1 SOC 2 Type 2 SOC 3 Type 1 SOC 3 Type 2

SOC 3 Type 2

Confidentiality

Ensure that data remainds private while in transite, in storage and in use

What tool supports incident responders by allowing unified, automated responses across an organization? IPS COOP SOAR IRC

SOAR

ISO 31000

guidelines for risk management programs

Which scripting environment is native to most UNIX/Linux distributions? PowerShell Python Bash Go

Bash

Kim creates open-source software tools and wants to assure users that the code they received is authentic code provided by the author. What technique can Kim use to provide this assurance? Code signing Code endorsement Code encryption Code obfuscation

Code signing

While on the night shift working in the SOC, Ash notices traffic between systems being monitored within the organization and a known malicious host using TCP port 6667. What type of traffic is Ash most likely detecting? A RAT Command and control A worm A bot

Command and control

Which of the following measures would database administrators consider to be the best defense against data exposure? Normalization Data minimization Tokenization Hashing

Data minimization

Which tool cannot be used in the data obfuscation process? Hashing Tokenization Data masking Data minimization

Data minimization

Procedures

Detailed step-by-step process that individuals in an organization must follow

Which cybersecurity tool focuses heavily on understanding the attacker and their motivations to help defenders understand the threat? MITRE Diamond Model Cyber Kill Chain SIEM

Diamond Model

Which component of an incident response plan focuses on activities and restoration related to a disaster? Communications plan Stakeholder management Business continuity Disaster recovery

Disaster recovery

Maria's needs to provide access to secure information via the wireless network and therefore wishes to ensure that individuals outside the building cannot connect to the wireless network. What type of solution is a good fit for this requirement? IPS Geofencing Context-aware authentication Unified Endpoint Management (UEM)

Geofencing

Kyra tapes a sign over an Ethernet jack with a sign saying the system is part of an incident and warning that only the IR team can approve connecting the device. What is the name for this step? Containment Isolation Segmentation Zoning

Isolation

The phases of the software development life cycle in order are: Planning , Requirements , Design , Coding , Testing , Training and Transition , and Ongoing Operations and Maintenance . What is the order they go in?

Planning -> Requirements -> Design -> Coding -> testing -> Training and Transition -> Ongoing Opeartions and Maintenance

DMZ (demilitarized zone)

Sections of a network that are exposed to less trusted areas of the internet, such as web servers

Sam was instructed to implement a data protection technique that will be reversible if needed. Which technique would Sam want to use? Tokenization Masking Hashing Shredding

Tokenization

Taylor is reviewing details of a forensic investigation to create documentation for attorneys preparing for a potential prosecution and finds a pagefile for a system. From where was the pagefile taken? Memory disk CPU register Device firmware

disk

Which of the following is NOT considered a type of virus? memory-resident virus boot-sector virus rat-toolkit virus email virus

rat-toolkit virus

What service runs on port 22?

SSH

Morgan is testing software by sending invalid and even random data to the application. What type of code testing is Morgan conducting? Mutation testing Static code analysis Dynamic ocde analysis Fuzzing

Fuzzing

Authentication

Verifying the claimed identity of a system user

Wireshark

Application that captures and analyzes network packets. Which can also be used to analyze a VOIP conversation.

Embedded systems that must place priority on processing data as it arrives rather than using interrupts or other waiting techniques are likely to utilize which type of operating system? Windows Linux DOS RTOS

RTOS

Data processors

Service providers that process information on behalf of the data controller

Chris turned on logon auditing for a Windows system. Which log will show them? The Windows Application log The Windows Security log The Windows System log All of the above

The Windows Security log

During a periodic review of security controls, Maria discovered that individuals who breach the network security perimeter would be able to then attack IoT systems that operate manufacturing. Manufacturing is a closed system and does not require internet connectivity. What type of solution is best suited for this? Air gap Faraday Cage Cold aisle screened subnet

Air gap

Policies

High-level statements of management intent

Lilo recently conducted a risk measurement exercise to determine the risk the organization faced before implementing any mitigations or controls. What term best describes this risk? Inherent risk Control risk Risk appetite Residual risk

Inherent risk

Extranet

Networks that are used by trusted partners or customers, and provides greater access than what is available to the public

Bob would like to send Alice a secure message using an asymmetric encryption algorithm. What key should Bob use to encrypt the message? Bob's public key Bob's private key Alice's public key Alce's private key

Alice's public key

What program defines the requirements that government agencies need to meet to ensure that continuity of operations can be ensured? NIST SP 500 COOP National Disaster Preparedness Plan FedDP

COOP

Sam wants to follow the order of volatility to guide a forensic data acquisition. Which of the following is most volatile? RAM CPU cache and register Data on the hard disk Backups

CPU cache and register

What does the grep command do?

tool to search for patterns

27001

Provides a common structure for security programs based on accepted industry best practices.

Sam wants to implement a RAID array upon which data is striped across drives, with drives used for parity (checksum) of the data. Sam also wants to ensure that the system can handle more than one drive failing at a time. What RAID type should Sam use? RAID 1 RAID 5 RAID 6 RAID 10

RAID 6

Jayden is monitoring network traffic and discovers an employee monitoring or spying on others using their organization-provided systems. What type of malware is Jayden likely monitoring to make this discovery? Worms RATs Crypto Malware PUPs

RATs

Terry identified a new security vulnerability and computed its CVSS base score as 3.5. Which risk category would this vulnerability fall into? Low Medium High Critical

Low

Trojans

Require user interaction to be triggered

Which term refers to a measure of reliability of a system? MTBF MTTR RTO RPO

MTBF

Deleting a file in a Windows results in a Quick formatting which leads to which outcome? memory is reformatted and data is overwritten memory is wiped and data is destroyed file index is wiped but data likely remains untouched file index and data is wiped

file index is wiped but data likely remains untouched

In what cloud security model does the cloud service provider bear the least responsibility for implementing security controls? IaaS PaaS SaaS FaaS

IaaS

What legal concept is related to the ability to validate the integrity of the data and the process of collecting it? Nexus Nonrepudiation Jurisdiction Admissibility

Nonrepudiation

Kelly installs a backdoor in a database server that was exploited as part of a penetration test which will provide ongoing access to the server in the future. Which term describes this action? Lateral movement Privilege escalation Maneuver Persistence

Persistence

University IT staff determined that the campus LMS can be down for no more than 24 hours before causing unacceptable damage to the business. What metric describes this outcome? MTBF MTTR RTO RPO

RTO

Mackenzie needs a solution that will provide an alert if services were installed without approval from the change control process. What solution would you recommend? Registry dumps Firewall logs Vulnerability scans Flow logs

Registry dumps

What technology is VOIP used in?

Telephpony

What does the head command do?

View the first part of a file

Steganography

The art of using cryptographic techniques to hide secret messages inside of a file

SSO Systems

Allows a user to log in with a single identity and use multipel systems without reauthenticating

Data custodians

Individuals or teams that are responsible for safekeeping information

As part of a penetration test, Lilo is attempting to cause traffic between two devices to be relayed through a third device allowing the traffic to be monitored or even altered. What type of attack is Lilo attempting? DNS attack DDOS attack On-Path attack DOS attack

On-Path attack

Mindy works for an automobile parts manufacturer and has access to a cloud environment that is exclusive to organizations that provide services or parts to a major automobile manufacturer. What model of of cloud computing does this environment represent? Public cloud Private Cloud Hybrid Cloud Community cloud

Community cloud

Joanna recovers a password file with passwords stored as MD5 hashes. What tool can she use to crack the passwords? MD5Sum John the Ripper GPG Netcat

John the Ripper

Sam is conducting a penetration test in preparation for an external pentest engagement. Sam attempts a session hijacking attack which will require a __________ to be successful. Sessiong ticket Session cookie Username User password

Session cookie

What protocol is used to securely wrap many otherwise insecure protocols? ISAKMP SSL IKE TLS

TLS

Taylor would like to try different tools on a Windows 10 system that will verify each hop along the path from the system to the server to which it is connected. Which tool or tools could Taylor try? tracert route traceroute pathping

tracert pathping

ISO 27701

An extension to ISO 27001 and is a framework for managing privacy controls to reduce the risk of privacy breach to the privacy of individuals.

Terry is investigating a security incident where the attacker entered a very long string into an input field, which was followed by a system command. What type of attack likely took place? Cross site request forgery Server siude request forgery Command injection Buffer overflow

Buffer overflow

Which component of an incident response plan focuses on keeping the organization functional when incidents occur? Communications plan Stakeholder management plan Business continuity Disaster recovery

Business continuity

While reviewing systems logs, Kendra determined that phishing attacks were focused solely on members of the sales and marketing team. What type of phishing does this event indicate? Smishing Spear fishing Whaling Vishing

Spear fishing

theHARVESTER

An open source OSINT tool that gathers several different types of background information on a target

Data controllers

Entity that determines why someone processes personal information

Password Vaults

Software solutions that store, manage and secure passwords and other information

Mac needs to utilize application-level virtualization in which multiple servers operate independently while sharing an operating system. What type of resource does Mac need to use? Virtual Machines Elastic Systems Containers Hypervisors

containers

Lilo needs to provide access control in enterprise-systems applications such as database, microservice, and API access which requires considerable flexibility. Which access control scheme is Lilo likely to use? RBAC ABAC RuBAC ACL

ABAC

Nonrepudiation

Provide assurance to the recipient that the sender of the message was the original sender and not a third party

A SPAN

Traffic sent to multiple ports is forwarded to another switch port for monitoring

GPS

uses a series of satellites, tracking stations, and receivers to determine precise absolute locations on earth

Jen is configuring a cloud environment and needs to define network traffic that is allowed into the organization's cloud environment while blocking other network traffic. What resource would a cloud provider typically offer to meet this need? Firewall VPC Security groups SSH

Security groups

What is the document that tracks the custody or control of a piece of evidence called? Evidence log Audit log Event report Chain of custody

Chain of custody

Lyndsey wants to implement a striped drive solution. What RAID level does this describe? RAID 0 RAID 1 RAID 5 RAID 6

RAID 0

What type of attack does an account lockout policy help to prevent? Stolen password Race Condition Buffer Overflows brute force

Brute force

Kevin would like to utilize a security control that can implement access restrictions across all of the SaaS solutions used by the organization. What control would best meet Kevin's needs? Security group Resource policy CASB SWG

CASB

CPP recently upgraded the Guest Wi-Fi account to require the gathering of information such as a cell phone number before allowing access to the university network. What solution is the university likely using? WPS capture mode Kerberos WPA2 Captive portal

Captive portal

The Bronco Bookstore on campus accepts many forms of payment including cash, department account charges and credit cards. With what external compliance obligation does the bookstore need to comply? FERPA GDPR PCI DSS SOX

PCI DSS

Mackenzie needs to implement a Wi-Fi authentication solution that implements certificate-based authentication but does not require certificates on endpoints and does not require additional software to be installed on any devices. Which solution would best fit Mackenzie's needs? PEAP EAP-FAST EAP-TLS EAP-TTLS

PEAP

What type of recovery site has all the infrastructure and data needed to operate the organization? A hot site A warm site a cloud site A cold site

A hot site

What type of malicious actor is most likely to use hybrid warfare? A nation state A script kiddie A hacktivist An inside threat

A nation state

Risk Avoidance

A risk response strategy where the strategy is to eliminate the potential for a risk to occur

Broadcast domain

A segment of a network where all devices have the same IP subnet

VPN

A tool that creates a virtual network that users outside of your network can connect to and interact with each other as if they were on the same network.

The SWIFT club has 80 members and they all need the ability to communicate with one another securely using an asymmetric encryption system. The system allows any two members to communicate without other members eavesdropping. If an 81st member is added to the club, how many new keys must be added to the system? 1 2 80 81

2

Lilo is working in the SOC and observes a command and control system being used to allow attackers to manage, control and update systems automatically. What type of malware is Lilo observing? A bot A drone A Vampire A Worm

A bot

Taylor is reviewing authentication frameworks for wireless networks. Which framework is Taylor likely to find most useful for wireless environments? SAML EAP OAuth LDAP

EAP

Ransomware

Malware that takes over a computer and then demands payment

What type of malware is VBA code most likely to show up in? Macro Viruses RATs Worms Logic bombs

Mcaro Viruses

Cynthia wants to make an exact copy of a drive using a Linux command-line tool. What command should Cynthia use? dd df cp ln

dd

Sam has developed a plan to prevent ransomware, what would be an additional critical step to defend the organization against losses from ransomware? (choose the best answer) back up all data deploy a backup system that stores files in a separate location that will not be impacted if the system or device it backs up is infected Ensure old data is deleted obfuscate data at rest

deploy a backup system that stores files in a separate location that will not be impacted if the system or device it backs up is infected

Data stewards

Carry out the intent of the data controllers

Taylor is designing a pentest platform that needs to be able to expand and contract as needs change. Which of the following terms describes Taylor's goal? Elasticity Scalability Agility Cost effectiveness

Elasticity

Maria working for a Florida-based firm and is completing a forensic examination related to events that emanated from California. What legal concept must be considered when determining if laws from a particular state must be considered or adhered to in a particular investigation? Nexus Nonrepudiation Jurisdiction Admissibility

Nexus

Miguel sends backups to a company that keeps them in a secure vault. What type of backup solution has Miguel implemented? Nearline Safe Online Offline

Offline

Sam has detected lateral network traffic that is not compliant with the organization's security policy creating a belief that a cybersecurity compromise has already occurred. Sam decides to search for evidence of the compromise, which type of security assessment technique should Sam utilize? Vulnerability scanning Penetration testing Threat huntiung War driving

Threat hunting

NFC

VERY short range wireless data transmission that allows devices to transfer payment information to a POS, point of sale, system. (Near Field Communication)

Kara discovered the web server was being overwhelmed by traffic causing a CPU bottleneck. Using an interface from the cloud provider, Kara added a second web server and a load balancer to balance the load between the two servers. What term best describes Kara's action? Elasticity Horizontal Scaling Vertical Scaling High Availability

Horizontal scaling

When CIS students receive an email from Dr. Hwang that has been digitally signed, what key should the students use to verify the digital signature? Dr. Hwangs.......... Public Key Private key Student's....... Individual public keys Individual private keys

Dr. Hwang's public key

Lilo is configuring a web server to use digital certificates and wishes to allow clients to quickly verify the status of the certificate without contacting a remote server. What technology can Lilo use to accomplish this outcome? Certificate Pinning Certificate stapling CRL OSCP

Certificate stapling

Michael is wanting to implement numerous smaller servers for the data center and then deploy a load balancer to gain scalability. What type of scalability is Michael trying to implement? Horiziontal Scalability Vertical Scalability Lateral scalability Hot-site Scalability

Horiziontal Scalability

Taylor is conducting a penetration test and deploys a toolkit on a compromised system which is then used to gain access to other systems. What term best describes Taylor's activity? OSINT Lateral Movement Privilege Escalation Footprinting

Lateral movement

Ben examined the hash values for the firmware on a firewall that was just shipped from the manufacturer and discovered they do not match values published by the firewall's manufacturer. What type of attack should Ben be concerned with regarding the mismatched hash values? A hoax A vishing attack A supply chain attack A pharming attack

A supply chain attack

Dr. Hwang is the CIS department chair and wishes to send a message to CIS students that does not need to be kept secret but students need to be assured that the message actually came from Dr. Hwang. What key should Dr. Hwang use to sign the message? Dr. Hwangs.......... Public Key Private key Student's....... Individual public keys Individual private keys

Dr. Hwangs' Private key

Logging into an AWS environment to perform maintenance work is most commonly done through which tool? SSH Telnet FTP SFTP

SSH

What type of phishing targets specific groups of employees, such as all managers in the financial department of a company? Smishing Spear Fishing Whaling Vishing

Spear Fishing

Taylor needs to prevent a know Excel file from being downloaded and accessed on devices that are being managed. What type of tool can Taylor use to accomplish this task? Allow list SOAR SIEM Deny list

Deny list

Taylor was made aware that some users devices were unintentionally configured in a manner that caused devices to act as wireless access points on the network. What is the term used for such access points? Evil twin Alternate SSID Rogue AP Split WiFi

Rogue AP

What technology is SCADA used in?

Industrial Control Systems

Intranet

Internal networks that are used by employees or highly trusted entities

Guidelines

bet practices and recommendations given for a cocnept, technology or task

Sam is using full disk encryption technology to protect the contents of laptops against theft. What goal of cybersecurity is Sam attempting to achieve? Integrity nonrepudiation Authentication Confidentiality

Confidentiality

Sam is responsible for the deployment of IoT gateway devices located in close proximity to sensors that are collecting data. The gateway performs preprocessing of the data before sending results to the cloud. What term best describes this approach? Edge computing Client-server ocmputing Fog computing Thing client computing

Fog computing

Sam discovered that users are struggling to use their personal devices to complete specific work on organization systems. In response, Sam created a document with solutions users may try to achieve their intended outcomes. What type of document did Sam create? Policy Standard Guideline Procedure

Guideline

Sam wants to set an account policy that raises an alert if a user logs in from two different locations in a timeframe that is too short for reasonable travel. What type of account policy should Sam set? Time of day Geogencing time based logins Impossible travel time

Impossible travel time

Entering the command chmod 754 with respect to a file will result in which set of permissions? rw-rw-rw- rwxr-xr-x rwxr-xr-- rwxrwxrwx

rwxr-xr--

What technology are raspberry Pis used in?

Embedded system

Marie is researching solutions to ensure that the administrative interfaces of network devices cannot be accessed by attackers. Which of the following solutions is typically utilized for this purpose? NAC Trunking Out-of-band management Port security

Out-of-band management

RAID 5

Data is striped across drives. Data is striped across drives, with one being used for parity for the data

After a forensic analysis of a cyber breach, Taylor discovered that software was left on the system allowing attackers to have remote access to systems within the company. How should Taylor describe or classify this malware? A Worm Crypto Malware A trojan A back Door

A backdoor

Substitution cipher

A type of coding or cipehring that changes one cahracter or symbol to another

Taylor performs a backup that captures the changes since the last backup. What type of backup has Taylor performed? A new full backup A snapshot An incremental backup A differential backup

An incremental backup

bots

Remotely controlled systems or devices that have malware installed on them

Worms

Seklf-installed and spread on their own

Risk mitigation

a process whereby the organization takes actions to REDUCE the probability of a risk occuring

keyloggers

Programs that capture keystrokes from keyboards

integrity

Ensures that data is not altered without authorization

What does the cat command do?

output file contents so that they can be appended to other files

theHarvester

An open source intelligence gathering tool that can retrieve information like email accounts, domains, usernames, and other details using LinkedIn; search engines like Google, Bing, and Baidu; PGP servers; and other sources. t

Which of the CVSS metrics would contain information about the difficulty of exploiting the vulnerability? AV C PR AC

AC

In preparation for a penetration test engagement, Kai goes to the IT managers house on trash day to rifle through the trash can that is out on the street and search for information about the manager that may prove useful during the penetration test. What term describes this activity? Trash Pharming Dumpster harvesting Dumpster diving waste engineering

Dumpster diving

A home router typically runs a NAT firewall that keeps track of the session status between devices in the home and addresses on the Internet to which home devices connect. Tracking this status allows the home router to redirect traffic from Internet sources back to the correct device on the home network. This is an example of which type of firewall? Application Stateless Stateful Heuristic

Stateful

Which of the following are considered embedded systems by the Security+ exam? (there is more than one answer) Android phone Raspberry Pi Arduino Android tablet FPGA

Android phone Raspberry Pi Arduino FPGA

Infrared

Low to high bandwidth, requires line of sight

Rootkits

Malware that is specfically designed to allow attackers in through a backdoor

backdoor

methods or tools that provide access that bypasses normal authentication and authorization procedures, allowing attackers access to systems, devices, or applications.

Sam needs to create load balancing to ensure that a failure of the organizations web server will cause a secondary or backup system to come online and start handling web requests. What type of load balancer should Sam implement? Active/active Active/passive Round-robin Least connection

Active/passive

University IT staff discover that a student is operating a for-profit enterprise from a dorm room using university computing and communications resources. What policy would IT staff likely review when dealing with this situation? NDA MOU SLA AUP

AUP

An individual's name, location, and role in the organization are all examples of what? Biometric factors Identity factors Attributes Account permissions

Attributes

Inherent Risk

The original level of risk, before security controls are implemented

Which of the following techniques is considered passive reconnaissance? Port scans Vulnerability scanning WHOIS lookups Footprinting

WHOIS lookups

Sam is seeking the most robust solution possible to ensure that stolen or lost devices do not result in a data breach the company. What solution is best to meet this challenge? Context-aware authentication Containerization Storage segmentation Full-device encryption

Full-device encryption

Sana is deploying the organization's websites in the local AWS availability zone as well as an availability zone across the country. This plan will provide enhanced uptime and scalability, but why did Sana choose an availability zone on the far side of the country? Because it is requrie by law Network traffic latency concerns Geographical dispersal Geographic tax reasons

Geographical dispersal

The Student Data Center (SDC) on campus ties together local computing capabilities within the SDC with capabilities from multiple public-cloud providers. Which deployment model best describes this environment? Public Cloud Private cloud community cloud hybrid cloud

Hybrid Cloud

Taylor is saving hash values of data archives so that these same archives in the future can be tested to ensure that the archive has not been changed or modified. What goal of cybersecurity is Taylor attempting to achieve? Inegrity Nonrepudiation Authentication Confidentiality

Integrity

Jen is engaged in a penetration test and wishes to eavesdrop on communications between a user and a web server. What type of attack would Jen likely use? Man in the middle Session hijacking Buffer overflow Meet in the middle

Main in the middle

Filesystem Controls

Determines which accounts can read, write, access and/or execute files in a system

Risk transference

Shfits some of the risk an organization is experiencing to another entity

RAID 1

All data from one half of the drives are copied to the other half exactly. Mirrored

Taylor is preparing to perform a cybersecurity assessment at a nuclear power plant with a focus on embedded systems controls. Which of the following topics should Taylor review to prepare? SCADA AVAD SIM HVAC

SCADA

Benny needs to create an account for an application (e.g. a VM instance) to access other resources. What type of account should Benny use? Usr account Admin Account Guest Account Service Account

Service Account

Lilo wants to use Perfect Forware Secrecy to ensure message security as well as SAE in place of shared keys. What Wi-Fi security standard does Lilo need to implement? WPA WPA2 WPA3 WPA4

WPA3

When making a change to a web application in use by an organization to fix a bug, the work should be completed in the _____________ environment. Test Development Stagin Production

Development

Taylor is seeking the Cloud Reference Architecture which offers a high-level taxonomy for cloud services. What document should Taylor access? CSA CCM NIST SP 500-292 ISO 27001 PCI DSS

NIST SP 500-292

RFID

Relateively short range communication using tags and receivers

Bluetooth

Short range, low bandwidth wireless technology often used for mobile phone headsets or earphones operates at 2.4ghz

Marta discovers that someone set up a website with a URL that is nearly identical to the site she manages and appears to be easily mistaken for her own. Which of the following best describes this sort of attack? Phishing Pharmning Typosquatting Tailgating

Typosquatting

SAML

An XML Based open standard for exchanging authentication and authorizing information

Alex is reviewing network logs and recognized a high volume of brute force username/password attacks against organization and IT leadership members' credentials. What type of attack might Alex surmise is taking place? Spoofing Spooning Whaling Vishing

Whaling

Carla needs to capture network traffic to support a forensic investigation. What tool should Carla use? EnCase FTK dd Wireshark

Wireshark

Sam wants to change file permissions. Which of the following command-line Linux tools will accomplish this task? logger tail chmod head

chmod

What device or service would alert the security team to an unauthorized wireless access point? wireless intrusion detection system Firewall Router logs Rainbow table

wireless intrusion detection system

tcpdump

A common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached.

Mackenzie's firm is reviewing a recent data breach related to a partnership with another company that codeveloped and comarketed one of the firm's most profitable products. Which type of document should Mackenzie likely review to determine responsibility and next steps? BPA CTF MSA SLA

BPA

Mackenzie was offered an on-the-job training opportunity that includes defending the organization's systems from attack as part of a security training exercise. What role is Mackenzie playing in this exercise? Red Team blue Team Orange Team White Team

Blue Team

Ash recently received a flash drive with data along with instructions to load the data into the recently-created customer database. The flash drive arrived in an envelope that appeared to be official and the sending address was the address of the company's headquarters. Ash loaded the data and then discovered the flash drive was actually send by a company conducting a penetration test on the organization and the sending address was manipulated by the company completing the pentest. What social engineering principle best matches this type of attack? Consensus Authority Scarcity Trust

Trust

Mac is monitoring a log file and wishes to view the most recent entries which are found at the bottom of the file. Which command will allow Mac to view the most recent entries to the file? logger view-last tail chmod

tail

What service runs on port 443?

HTTPS

What technology is CAN used in?

Automobiles

Taylor is granted a set of IS permissions to carry out work but restricted from many other systems capabilities and resources. This is an example of which principle? Separation of duties Least privilege Clean desk space Nondisclosure agreement

Least privilege

Standards

Mandatory requirements describing how an organization will carry out IS responsibilities

Precompiled SQL statements that only require variables to be input are an example of what type of application security control? Parameterized queries Encoding Data Input validation Appropriate access controls

Parameterized queries

A formal document was recently sent from our university president designating that all systems access at Cal Poly Pomona must use MFA. This document is an example of which type of document? Policy Standard Guideline Procedure

Policy

Taylor's employer is collecting information from subscribers to enhance customer support but then using this same information for marketing without subscribers' permission. What principle is likely being violated? Data minimization Data retention Purpose limitation Data sovereignty

Purpose limitation

Calculate the impact sub-score (ISS) given the following CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 0.24 0.56 0.44 0.92

0.56 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Attack Vector: Network (score: 0.85) Attack Complexity: Low (score: 0.77) Privileges Required: None (score: 0.85) User Interaction: None (score: 0.85) Scope: Unchanged Confidentiality: High (score: 0.56) Integrity: None (score: 0.00) Availability: None (score: 0.00) ISS = 1 - [(1 - Confidentiality) x (1-Integrity) x (1-Availability)] ISS = 1 - [(1-0.56) x (1-0) x (1-0)] = .56

Lilo needs to conduct a forensic investigation and needs to find an open source forensic suite due to financial constraints. Which of the following tools should Lilo select? EnCase FTK WinHex Autopsy

Autopsy

Cipher

A method used to scramble or obfuscate cahracters to hide their values

Port Security

A capability that allows you to limit the number of MAC addresses on a single port number

Which of the following controls will NOT affect scan results? Firewall settings Network segmentation Audit requirements Intrusion Detection System (IDS)

Audit Requirements

Which type of compute environment is designed to be ephemeral and using shared resources thereby creating fewer forensic artifacts? Mobile phone Virtual machines Containers Physical servers

Containers

After conducting a risk measurement exercise to determine the organization's risk before implementing mitigations or controls, Lilo then measured the risk that still remains after the application of mitigations and controls. What term best describes this risk? Inherent risk Control risk Risk appetite Residual risk

Residual risk

What is an HSM used for? To capture biometric enrollment data To generate, manage, and securely store cryptographic keys To generate one-time passwords via a time-based code algorithm To enable federation between organizations

To generate, manage, and securely store cryptographic keys

ISO 27001

standard document titled "Information technology— Security techniques—Information security management systems— Requirements." This standard includes control objectives covering 14 categories

Lilo is concerned about vehicles approaching the entrance to a building. What physical security control should Lilo implement. Hot aisle Robotic Sentry Bollard Firewall

Bollard

At which phase of the cyber kill chain does an attacker gain two-way communication with the remote system? Weaponization Delivery Exploitation Command and Control

Command and Control

Maria wants to use an individuals job requirements as the basis for an access control scheme. Which scheme is best suited to this implementation? RBAC DAC ABAC MAC

RBAC

Taryn wants to ensure that the threat of a data breach due to a lost phone. What pair of technologies are best suited to this need? Wi-Fi and NFC Remote wipe and FDE Containerization and NFC Geofencing and remote wipe

Remote wipe and FDE

What type of cipher operates on one character at a time? Block cipher Bit cipher Stream cipher Balanced Cipher

Stream cipher

RAID 10

a combination of RaID 1 and RaID 0 that requires at least four disks to work as an array of drives and provides the best redundancy and performance.


Ensembles d'études connexes

HAZWOPER 40 - Lesson 10: Decontamination

View Set

Post Test: Congruence, Proof, and Constructions

View Set

Ch 4 / The Gastrointestinal System / Coseo

View Set

Historia General de la Educación 3er Parcial

View Set