Linkedin Practice CC Exams
well known ports
0-1023
which of the following best describes MAC?
Access control model that leverages a central authority that regulates access based on security levels
which part of the access control mechanism provides information used by auditors and investigators
Accountability can be used to support security investigations and auditing
what is a method commonly used to ensure the right people are notified immediately after a disaster or incident?
Call trees
which method of authentication provides the strongest security
Dual Factor
What is a primary benefit of a quantitative risk analysis in cybersecurity
It provides a more objective understanding of risk likelihood and impact
Which access control model is commonly used in military and government environments to protect classified information
MAC
What type address is also referred to as a physical address for network devices?
MAC address
which technology would an organization use to control which devices could connect to their network?
NAC
Joe ran vulnerability scan and posted the results on his organization's unsecured website so it would be easy for his employee to see the results. was this a good idea
No, because scan results contain sensitive information which could be used by cybercriminals to launch attacks against the organization
Smishing
Phishing attacks committed using text messages (SMS).
POLICIES
REQUIREMENT
which of the following would a hack not usually learn by conducting scans against a targeted network
Reveal user accounts on endpoints that have excessive privilegs
what step of the risk management process involves listing and describing the risks the organization may face?
Risk Identification
Security Risk Management
Risk Identify-> assessment -> Treatment
what is the most important governance element for a customer to use to ensure cloud service provider is delivering on expectations?
SLA Service level agreement
Which of the following cryptographic techniques is used to protect data in transit?
SSL/TLS: protected by utilizing encrypted network connect protocols such a SSL/TLS and VPN encryption
which of the following is an example of an administrative control?
Security awareness training
SSID
Service Set Identifier. Identifies the name of a wireless network. Disabling SSID broadcast can hide the network from casual users but an attacker can easily discover it with a wireless sniffer. It's recommended to change the SSID from the default name.
Which of the following encryption types uses a single key for both encryption and decryption
Symmetric encryption
UDP
TRUE: Connectionless protocol
which of the following is not considered a privileged account?
clerk
DoS attack
floods a system with network traffic
Guidlenes
provide advice but not madatory
what is the primary purpose of succession planning?
to define plans for how to handle the sudden loss of an executive or key employee of the organization
registered ports
1024-49151
TCP
A connection-oriented transport layer protocol.
A server admin wants to ensure that the server's hard drive is encrypted to protect the sensitive data on the server in case the server is ever stolen. Which of the following would enable the best configuration for disk encryption?
AES (Advanced Encryption Standard)
Craig wants to know if he can use his smartphone to access his company's salesforce application so he can update his task status/ Where should he look for guidance?
BYOD policy
Joe is designing a new identity management solution for his organization. His company has many divisions and departments but he wants the IT organizations to manage the access control for all of them. Which type of administration is best for his organization?
Centralized
Policies
Compliance with policies is mandatory, approved highest level within organizations
What are the main things a cyberattacker will try to learn from running scans against a range of IP addresses
Identify systems, open ports, operating systems, and known vulnerabilities
CIDR
It provides more flexibility for splitting IP address space , Classless Inter-Domain Routing -Technique supported by the BGP4 protocol and based on route aggregation. -CIDR enables a router to group routes together to reduce the quantity of routing information carried by the core routers. -With CIDR, a group of IP networks appear to be a single entity to networks outside of the group.
A security engineer installs fingerprint scanners on all of the organization's laptop in order to control laptop authentication. Employees must scan their fingerprints in order to login to their work laptops. What type of security control is this an example of?
Technical
Which of the following items best describes the principle of availability?
The ability to access data and resources without interruption or delay
Which of the following is not true regarding UDP?
UDP is a connection-oriented protocol
Differential
back backup files that have changed since the last full backup. To restore the data, the last full back
Exfiltration
breach of confidentiality
which of the following terms describes the process of transforming plaintext into ciphertext?
encryption
which of the following describes a door system that is configured to automatically close and lock during a power outage
fail- secure
what type of control functionality does fence provide?
preventive
SSH `
22
Dynamic ports
49152-65535
DNS
53
HTTP
80
public
A cloud consists of cloud computing resources operated by a third party that are deployed for use
What is a botnet?
A network of infected computers controlled by a remote hacker
Spear phishing
A phishing attack that targets only specific users.
what is a buffer overflow?
A programming error that allows an attacker to write to memory outside of a buffer
In the context of access controls, what does an access control matrix represent?
A table containing a set of subjects, objects, and permissions
Which of the following best describes DAC?
Access control model that provides the owner of the resource (typically the creator) complete control to configure which subjects can access an object
Which of the following involves a sophisticated attack in which a hacker maintains a stealthy long term presence in a victim's network
Advanced persistent threat
Incremental
An incremental backup backs up all files that have changed since the last backup of any type
What Layer of the OSI model does a WAF operate
Application
watering hole attacks
Attempts to discover which web sites employees are likely to visit and then infects those web sites with malware that can infect the visitors.
Which of the following is an example of an administrative control?
Background checks
which of the following would not occur during the post- incident activity phase of the incident response process?
Begin training staff on the incident response plan
what is the most effective way to ensure that the only changes made to server settings are ones that have been formally approved
By implementing a change management policy
which of the following is a term used to describe a design technique focused of preventing crime by leveraging environmental design elements that discourage criminal activity by changing human behavior
CPTED Crime prevention through environment design
Two organizations have decided to form a partnership to develop and operate a cloud environment shared between their organizations that is not available to the general public. Which type of cloud service model is being used in this example?
Community
Which of the following is not an example of protecting data in-transit?
Database Encryption
A data center technician needs to securely dispose of several hard drives for systems that are being decommissioned. Which of the following techniques is not sufficient to ensure the data is not recoverable?
Erasure
Which of the following describes a door system that is configured to open and remain unlocked during a power outage
Fail- Safe
Which of the following describes a door system that is configured to open and remain unlocked a power outage
Fail-safe
ISC2 members are required to report violations of the code of ISC2 for investigation
Failure to report a violation is a violation of the code itself
Code of Ethics
Four Canons 1. Protect society, the common good, necessary public trust, and the infrastructure 2. Act honorably, honestly, justly, responsibly, and legally 3. Provide diligent and competent service to principals 4. Advance and protect the profession
which of the following is a key benefit of using a SIEM?
Greater security visibility and monitoring
which of the following is considered an insecure protocol?
HTTP
scareware
Malicious software of no benefit that is sold using scare tactics software that uses fear to manipulate people into sharing confidential information or downloading
A cyberattacker hack into a system and steals data they are not authorized to access. This is an example of what type of situation
Malicious unauthorized access
which of the following is not a category of social engineering?
Mantrap
A systems administrator wants to ensure that all of the organization's system and network devices are utilizing a common time synchronization service to facilitate tracing of events and system activity. Which of the following protocols would facilitate this?
NTP (Network Time Protocol)
A security engineer is trying to decide on the best course of action to take to block internet traffic from specific IP addresses at the perimeter of the company network. Which of the following controls would allow the security engineer to configure such rules?
Network Firewall
Joe is a network engineer who wants to deploy the most basic and least expensive firewall. All he needs is to set up Access Control Lists to accomplish his goals. Which type of firewall is best for his needs.
Packet filter
Paas
Platform as a Service. Provides cloud customers with an easy-to-configure operating system and on-demand computing capabilities. Compare to IaaS and SaaS.
which cloud development model consists of cloud resources that are available for purchase and consumption by the general public?
Public
Mary is conducting a risk analysis for her organization. Her boss, the CISO, feels strongly that the organization's biggest risk is from hackers trying to steal intellectual property from their engineering database server so that is where their defensive focus should lie. This is an example of what kind of analysis
Qualitative risk analysis
Tailgating
The act of unauthorized individuals entering a restricted-access building by following an authorized user.
which of the following is not an example of a biometric authentication factor
USB hardware token
vishing
a phone scam that attempts to defraud people by asking them to call a bogus telephone number to confirm their account information
CEO Fraud
a scam in which cybercriminals spoof company email accounts and impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers, or sending out confidential tax information
Which of the following is also referred to as soft controls?
administrative
which of the following would not occur during the preparation phase of the incident response process?
conduct a lessons learned
Which of the following attacks causes a victim's browser to execute malicious scripts?
cross-site scripting
LaaS
demand access to computing resources such as servers, storage, networking, and virtualization.
pretexting
occurs when someone deceives by pretending to be someone else sophisticated type of social engineering attack in which a scammer creates a pretext or fabricated scenario—pretending to be an IRS ...
Baiting
of social engineering attack that lures victims into providing sensitive information or credentials by promising something of value for ...
which of the following methods is not commonly used to launch ransomware attacks?
ping attack attacker floods the victim system with ping requests
In the context of data security, which of the following best describes the primary objective of cytography
protecting data integrity and confidentiality
which of the following can be used as a countermeasure against fraud because it causes two employees to collude to accomplish fraudulent act?
segregation of duties
Community
shared between multiple communities, oragnizations, or businesses typically for a specific purpose or mission.
which type of access card has a microprocessor in the card and is capable of both storing and processing information
smart card
Phishing
social engineering technique in which an attacker sends fraudulent emails, claiming to be from a reputable and trusted source
quid pro quo
something given in exchange or return for something else when two parties agree to exchange goods or services
standards
specific details of security controls the organizations must follow. Compliance with standards is mandatory
Procedures
step-by-step instructions
whaling
targets someone with a high social status
which of the following is not an example of a physical destruction method for media sanitization?
zeroization- when data is overwritten with other data such as binary 1's and 0's.