IMNT 543 Test 2
In a security review meeting, you proposed a demilitarized zone for one of your company's data centers. You were then asked to explain the objective of having a DMZ in the data centers. Which of the following should be your answer?
A DMZ will separate the secure facilities from unknown and potentially hostile outsiders.
Which of the following best describes a faraday cage?
A Faraday cage is an enclosure used to block electromagnetic fields.
Which of the following correctly differentiates between a man-in-the-middle (MITM) attack and a man-in-the-browser (MITB)?
A MITM attack occurs between two endpoints, whereas a MITB attack occurs between a browser and underlying computer.
Which of the following best describes a host-based firewall?
A host-based firewall is a software firewall that protects a single endpoint device.
Which of the following best describes a mantrap?
A mantrap is a small space with two separate sets of interlocking doors.
Which of the following best describes a network address translation?
A network address translation (NAT) enables a private IP network to connect to the internet.
Which of the following best describes a network hardware security module?
A network hardware security module is a trusted network computer that performs cryptographic operations.
Which of the following is a collection of that includes information about the IP addresses resolved to their corresponding MAC addresses?
ARP cache
Which of the following is a layer 2 attack?
ARP poisoning
______ contains rules that administer the availability of digital assets by granting or denying access to the assets.
Access control list (ACL)
Wilson has requested your help to suggest an encryption method that will provide the highest security against attacks. Which encryption process should you suggest?
Advanced Encryption Standard (AES)
You oversee your company's physical security, and you are asked to protect their CCTV cameras. The cameras are installed along the pathway, mounted on poles. They need protection from being physically handled by potential intruders. Which of the following fencing deterrents should you use?
Anticlimb collar
Which of the following is a major objective of packet analysis?
Assess and secure networks
Which cryptographic method should Susanne use to ensure that a document can be encrypted with a key and decrypted with a different key?
Asymmetric
John needs to add an algorithm for his company communication process, in which encryption uses two keys. One is the public key, and the other one is a private key. Which algorithm will be suitable to achieve this?
Asymmetric cryptography
Which of the following is an external perimeter defense method?
Barrier
Which of the following best describes bash?
Bash is a command language interpreter
Chris is shopping for shoes on an e-commerce website and needs to enter their credit card details. Which of the following can assure them that he is using the retailer's authentic website and not an imposter's look-alike site that will steal their credit card details?
Certificate
Sigma Solutions use hash algorithms in the communications between departments while transferring confidential files. A human resource employee informed you that one of the employees' salary statements sent from her end looks tampered with and requested your help. Which of the following tasks would enable you to identify whether the file is tampered with or not, and how will you make the determination?
Check the digest of the file with the original digest. If the values are different, it can be confirmed that the file has been tampered with.
Wireless data networks are particularly susceptible to which type of attack?
Ciphertext attack
Which attack sees an attacker attempt to determine the hash function's input strings that produce the same hash result?
Collision attack
Which of the following best describes DLP?
DLP is used to prevent leakage of confidential data.
As a cybersecurity expert, you are asked to take adequate measures to mitigate DDoS attacks on your enterprise servers. Which of the following techniques should you apply?
DNS Sinkhole
During an interview, you are provided with the following scenario: The enterprise you recently joined uses a specific ISP server that resolves domain names. You are asked which specific attack will need to be mitigated first to secure the enterprise network. Which of the following attacks should you choose?
DNS hijacking
Josh is a cybersecurity expert assigned to look after the security of a public server that manages naming services to hosts and their corresponding IP addresses. One day, during his usual inspection of this server, he found that some entries on this server been altered, resulting in URL redirection for some users. What type of attack has Josh discovered?
DNS hijacking
Which specific type of attack occurs when a threat actor redirects network traffic by modifying the local host file to send legitimate traffic anywhere they choose?
DNS poisoning
Which of the following is a state of data, where data is transmitted across a network?
Data in transit
You are a security expert asked to protect the webservers hosted in your building from exposure to anyone other than server admins. Which of the following physical security method should you implement to achieve this?
Demilitarized zones
Alex needs to find a method that can change a single character of plaintext into multiple characters of ciphertext. Which method should Alex use?
Diffusion
John receives an encrypted document using asymmetric cryptography from Alex. Which process should Alex use along with asymmetric cryptography so that John can be sure that the received document is real, from Alex, and unaltered?
Digital signature algorithm
_____ is a network management protocol that automates the process of configuring an endpoint on IP networks by dynamically assigning an IP address and other network configuration parameters to endpoints.
Dynamic Host Control Protocol (DHCP)
ABC Enterprises plans to upgrade its internal confidential communication channel for the senior management team, which is geographically spread out, to enhance communication speed and security. They have decided to use cryptography to achieve this but can't decide on which model. The CEO has come to you for your suggestion on whether to use RSA or ECC. What should you recommend to the CEO, and why?
ECC, as it uses sloping curves to generate keys. This makes it very secure for smaller key sizes making it secure and the communication exchange extremely fast.
You are a cyber forensic expert wanting to protect devices retrieved from a crime scene from being remotely wiped of evidence. Which of the following physical security equipment should you use so that inbound and outbound signals cannot be sent or received?
Faraday bags
These security controls are based on a technology designed to "keep an eye on" files to detect any changes within the files that may indicate a cyberattack.
File integrity monitors
Which encryption method in BitLocker prevents attackers from accessing data by booting from another OS or placing the hard drive in another computer?
Full Disk Encryption
Which monitoring methodology will trigger the IDS if any application tries to scan multiple ports?
Heuristic monitoring
Which of the following is a network set up with intentional vulnerabilities?
Honeynet
The servers behind load balancers are usually given a specific ___
IP address
Which type of intrusion detection system can also block attacks?
Inline
An ARP poisoning attack initially aims to compromise which of the CIA Triad objectives?
Integrity
Which of the following protocols is embedded in a computer's operating system or communication hardware to secure internet communications?
Internet Protocol Security (IPsec)
Which of the following attacks tries to force a network switch into the fail-open mode?
MAC flooding
Max found someone is impersonating him after discovering that data sent to him was always being received by someone else in his enterprise network. He informed the network administrator about the issue. While inspecting the switch, the administrator discovered that the threat actor was another employee at the same enterprise. As a senior security consultant, which of the following attacks should you mention in the charge sheet?
MAC-related attack
In an interview, you are given the following scenario: David sent a message to Tina saying, "There is no office meeting today!" For some reason, the message showed up on Tina's device as, "Come to the office meeting ASAP!" You (the candidate) are asked to name the type of attack that would cause this situation. Which of the following should you identify?
MITM
Which of the following best describes east-west traffic?
Movement of data from one server to another within a data center
A manager working in ABC Consulting shared a list of employees from his team who were eligible for an extra week off. Later, he claimed that he has never shared this list. Which principle or functionality of a secured communication can be used to substantiate or verify the manager's claim?
Nonrepudiation
Which feature of cryptography is used to prove a user's identity and prevent an individual from fraudulently reneging on an action?
Nonrepudiation
Which characteristic of cryptography makes unclear and by which the original information becomes impossible to be determined?
Obfuscation
Which PKI feature enables looking up the revocation status of a certificate?
Online Certificate Status Protocol (OCSP)`
Which of the following uses hardware encryption technology to secure stored data and ensures the inseparability of SEDs among vendors?
Opal
Which of the following is defined as a structure for governing all the elements involved in digital certificate management?
PKI
Which of the following techniques is the best fit for monitoring traffic on switches with large volumes of traffic?
Port TAP
Which of the following is a powerful scripting tool in the Microsoft environment that allows executing commands while bypassing security protections without evidence?
PowerShell
Which of the following best describes an extranet?
Private network that can also be accessed only by authorized entities, such as customers, vendors, and partners.
Which of the following can prevent macros attacks?
Protected view
___ is a set of network technologies used to guarantee its ability to dependably serve network resources and high-priority applications to endpoints.
QoS
What is a jump box used for?
Restricting access to a demilitarized zone
Which of the following digital certificates are self-signed and do not depend on the higher-level certificate authority (CA) for authentication?
Root
Sarah needs to send an email with important documents to her client. Which of the following protocols ensures that the email is secure?
S/MIME
Which protocol is used to prevent looping in a switch?
STP
Which of the following is a deception instrument?
Sinkhole
In an interview, Max was asked to tell one difference between a software firewall and a virtual firewall. How should Max answer?
Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.
Which function in cryptography takes a string of any length as input and returns a string of any requested variable length?
Sponge
Which algorithm encrypts and decrypts data using the same key?
Symmetric cryptography algorithm
Which of the following protocols are used to secure HTTP?
TLS and SSL
How do NACs ensure that a device is safe to connect to a secure network?
The NAC issues a health certificate, only allowing healthy devices to connect to the secured network.
What action does a BPDU guard take when a BPDU is received from an endpoint and not a switch?
The port is disabled, and no traffic will be sent or received by the port.
_______ obfuscates sensitive data elements, such as an account number, into a random string of characters
Tokenization
Which of the following OS network discovery commands in the Windows environment shows the details about the path a packet takes from a computer or device to a destination?
Tracert
Which encryption is a chip on the motherboard of a computer that provides cryptographic services?
Trusted Platform Module (TPM)
Which of the following best describes trusted location in MS Office?
Trusted location allows you to run macros-enabled files with no security restrictions.
Which of following is a characteristic of electronic code book (ECB) mode?
Two identical plaintext blocks are encrypted into two identical ciphertext blocks, making them susceptible to attacks.
Which encryption device you can use that has the following features? 1. It should allow administrators to remotely prohibit accessing the data on a device until it can verify the user status. 2. It can lock user access completely or even instruct the drive to initiate a self-destruct sequence to destroy all data.
USB device encryption
Which of the following outlines the process of a proxy server?
User - forward proxy - Internet - reverse proxy - server
Which of the following best describes VBA?
VBA is an event-driven programming language.
Which technology allows scattered users to be logically grouped even when they are connected to different physical switches?
VLAN
As a cybersecurity specialist, you are asked to defend the web app hosted by your enterprise from web application attacks like cross-site scripting, SQL injections, etc. Which of the following actions should you take?
Web Application Firewall (WAF)
Which of the following is a popular and GUI packet capture and analysis tool?
Wireshark
Which of the following is a standard format for digital certificates?
X.509
An employee at your enterprise is caught violating company policies by transferring confidential data to his private email. As a security admin, you are asked to prevent this from happening in the future. Which of the following actions should you perform?
You should set up a DLP.
In a security review meeting, you are asked to take appropriate security measures to mitigate IP spoofing attacks against the enterprise network. Which of the following methods should you apply?
You should set up an ACL.
The head of cybersecurity at your enterprise has asked you to set up an IDS that can create the baseline of all system activities and raise an alarm whenever any abnormal activities take place, without waiting to check the underlying cause. Which of the following actions should you take?
You should set up an IDS with anomaly-based monitoring methodology.
After encountering a network attack in your enterprise network, the chief network security engineer assigned you a project. The project was to create a vulnerable network that is similar to your enterprise network and entices the threat actor to repeat the attack. This is to analyze the behavior and techniques the attacker is using to ensure better defenses to your enterprise network in the future. Which of the following appliances should you use?
You should use a honeynet
In an interview, you are asked to change the permissions of a file on a Linux system so that the file can only be accessed by its owner. Which of the following tools should you use?
chmod
Which of the following is a third-party network analysis tool?
nmap
A source computer's ability to reach a specified destination computer can be tested using which of the following?
ping