NDE - Exam Practice - Final
Given below are the different steps involved in creating a data retention policy. 1. Build a data retention policy development team 2. Inform all employees about the data retention policy 3. Specify the types of data to be included in your data retention policy 4. Develop a data retention policy 5. Identify the types of regulatory compliances applicable to your business Identify the correct sequence of steps.
1 -> 5 -> 3 -> 4 -> 2
Identify the output size of the message digest MD5 algorithm that is used in digitally signed applications, file integrity checking mechanisms, and password storage.
128 bits
Given below are the different steps to start capturing packets with Wireshark. 1. An overview of the available interfaces can be obtained using the Capture Interface dialog box. 2. Double-click on an interface in the main window. 3. Start a capture from this dialog box using the Start button. 4. A capture can be immediately started using the current settings by selecting Capture → Start or by clicking the first toolbar button. Identify the correct sequence of steps involved.
2 -> 1 -> 3 -> 4
Given below is the order of preference for choosing a Wi-Fi security method. 1. WPA2 + AES 2. WPA3 3. WPA + TKIP/AES 4. WPA + AES 5. WPA + TKIP 6. Open Network 7. WEP Identify the correct order of preference to secure the wireless communication.
2 -> 1 -> 4 -> 3 -> 5 -> 7 -> 6
Given below are the steps involved in the access control mechanism. 1. Once the identification is successful, the system provides the user access to use the system 2. A user provides their credentials while logging into the system 3. The system then allows the user to perform only those operations for which the user has been authorized 4. The system validates the user with the database on the basis of the provided credentials
2 -> 4 -> 1 -> 3
Given below are the steps involved in asymmetric encryption. 1. This public key is used for encrypting a message that is sent to the intended recipient 2. The receiver uses the private key to decrypt the message for reading it 3. An individual finds the public key of the person they want to contact in a directory What is the correct sequence of steps involved?
3 -> 1 -> 2
TACACS+ authentication involves the following steps: 1. The router and the user exchange authentication parameters 2. The server responds with the REPLY message based on the provided information 3. A user initiates the connection for authentication 4. The router sends the parameters to the server for authentication
3 -> 1 -> 4 -> 2
Given below are the various steps involved in enabling standard BitLocker encryption. 1. Select Turn on BitLocker 2. Under BitLocker Drive Encryption, choose Manage BitLocker 3. Sign in with an administrator account 4. Choose Control Panel, then click on System and Security 5. Select the Start button Identify the correct sequence of steps involved in enabling standard BitLocker encryption.
3 -> 5 -> 4 -> 2 -> 1
Given below are the different steps involved in data backup strategy. 1. Selecting the backup types 2. Choosing the right backup solution 3. Identifying the critical business data 4. Selecting a backup technology 5. Selecting the backup media 6. Conducting a recovery drill test 7. Selecting the appropriate RAID levels 8. Selecting an appropriate backup method Identify the correct sequence of steps involved.
3 -> 5 -> 4 -> 7 -> 8 -> 1 -> 2 -> 6
Given below are the various steps involved in the shared key authentication process. 1. The station connects to the network 2. The AP sends a challenging text to the station 3. The station encrypts the challenge text using its configured 128-bit key and sends the encrypted text to the AP 4. The station sends an authentication frame to the AP 5. The AP uses its configured WEP key to decrypt the encrypted text. The AP compares the decrypted text with the original challenge text. If they match, the AP authenticates the station What is the correct sequence of steps involved?
4 -> 2 -> 3 -> 5 -> 1
Given below is the list of different cryptographic modes from stronger to weaker encryption. 1. WPA2 Enterprise 2. WPA Enterprise 3. WPA2 Enterprise with RADIUS 4. WPA 5. WEP 6. WPA2 PSK 7. WPA3
7 -> 3 -> 1 -> 6 -> 2 -> 4 -> 5
Identify the 802.11 standard that corresponds to WLANs and uses FHSS or DSSS as the frequency hopping spectrum
802.11 (Wi-Fi): This standard corresponds to WLANs and uses FHSS or DSSS as the frequency hopping spectrum. It allows an electronic device to connect to the internet using a wireless connection that is established in any network.
Which of the following IEEE standard defines the Quality of Service (QoS) for wireless applications and maintains the quality of video and audio streaming, real-time online applications, and VoIP?
802.11e
Which of the following encryption algorithms is used on WPA2 wireless network encryption mechanism to provide stronger data protection and network access control?
AES-CCMP
Identify the component of access management that involves tracking the actions performed by a user on a network and keeps track of who, when, and how the users access the network.
Accounting
Brenda, an encryption specialist, wants to use an advanced algorithm to encrypt the digital information in her organization. For this purpose, she uses a symmetric-key algorithm in which the encryption as well as decryption is performed using the same key and has a 128-bit block size. Identify the encryption algorithm used by Brenda in the above scenario.
Advanced Encryption Standard (AES): An AES consists of a symmetric-key algorithm in which the encryption as well as decryption is performed using the same key. It is an iterated block cipher that works by repeating the defined steps multiple times. It has a 128-bit block size, having key sizes of 128, 192, and 256 bits respectively for AES-128, AES-192, and AES-256.
Elijah, a network specialist at an organization, employed Wireshark for observing network traffic. Elijah navigated on to the Wireshark menu icon that contains items to manipulate, display and apply filters, enable, or disable the dissection of protocols, and configure user-specified decodes. Identify the Wireshark menu Elijah has navigated in the above scenario.
Analyze: This menu contains items to manipulate, display and apply filters, enable or disable the dissection of protocols, configure user-specified decodes, and follow a different stream including TCP, UDP, and Secure Sockets Layer (SSL).
Which of the following components of Wireshark contains Follow TCP, UDP, and SSL stream options?
Analyze: This menu contains items to manipulate, display and apply filters, enable or disable the dissection of protocols, configure user-specified decodes, and follow a different stream including TCP, UDP, and Secure Sockets Layer (SSL).Follow TCP stream: This option displays all the captured TCP segments that are on the same TCP connection as a selected packet.Follow UDP stream: This option displays all the captured UDP segments that are on the same UDP connection as a selected packet.Follow SSL stream: This option displays all the captured SSL segments that are on the same SSL connection as a selected packet.
Which of the following types of proxy does not transfer information about the IP address of its user, thereby hiding information about the user and their surfing interests?
Anonymous Proxy: An anonymous proxy does not transfer information about the IP address of its user, thereby hiding information about the user and their surfing interests. A user can surf the Internet privately by using an anonymous proxy.
Jack, an employee at an organization, was using his mobile device for enterprise purposes. The mobile device contained a vulnerable program that looked like a legitimate browsing app, which was downloaded from third-party website. The vulnerable program was exploited by an attacker to gain remote access and steal sensitive data. Identify the mobile device security risk demonstrated in the above scenario.
Application-based Risks: Vendors may not release timely app updates and support for older OS versions or users may not update their apps regularly. Attackers can exploit the vulnerabilities in applications and attempt to steal data, download other malware, or control the device remotely, thereby resulting in financial loss and risk the reputation of an organization.
Identify the SIEM solution that performs user activity monitoring across multiple systems and applications in real-time and provides protection from various internal and external threats.
ArcSight ESM: ArcSight Enterprise Security Manager (ESM) is a powerful, adaptable SIEM that delivers real-time threat detection and native SOAR technology to your SOC.
Aaron, a security professional, is given a task to detect the signature patterns and analyze the attack signatures. However, Aaron does not have any knowledge about past or future activities to detect these signature patterns. For this reason, he uses a technique where he analyzes a single packet to determine whether the signature includes malicious patterns. Identify the attack signature analysis technique employed by Aaronin theabove scenario.
Atomic-signature-based analysis: To detect an atomic signature, security professionals need to analyze a single packet to determine whether the signature includes malicious patterns. Security professionals do not require any knowledge of past or future activities to detect these signature patterns.
Sam, a security professional, was assigned to perform signature-based analysis on his organization's network traffic. He analyzed each packet separately to determine whether the signature includes malicious patterns. To perform this type of analysis, Sam does not require any knowledge of past or future activities. Identify the type of attack signature analysis performed by Sam in the above scenario.
Atomic-signature-based analysis: To detect an atomic signature, security professionals need to analyze a single packet to determine whether the signature includes malicious patterns. Security professionals do not require any knowledge of past or future activities to detect these signature patterns.
Which of the following components of technical network security controls examines the network devices and identifies weaknesses in the network?
Auditing
James, a network specialist joined an organization. He was provided with administrator privileges, through which he can access the files and servers and perform administrative activities. Which of the following information assurance principles authorizes James to access the server or system files?
Authentication
Which of the following objectives of cryptography assures that the receiver received the document or that the data is genuine?
Authentication: Assurance that the communication, document, or data is genuine.
Which of the following feature of Kubernetes enables the user to change the actual state of the container to the desired state of the container at a controlled rate?
Automated rollouts and rollbacks
Which of the following practices helps security professionals strengthen the physical security of an organization?
Avoid storing confidential information on mobile devices
Which of the following practices is to be considered by a user while creating or updating their password?
Avoid using personal information
Which of the following tools helps security professionals encrypt and decrypt files using 128-bit or 256-bit encryption?
AxCrypt: It provides file security with 128-bit or 256-bit encryption.
Which of the following tools helps users compress, encrypt, and convert plaintext data into ciphertext using symmetric and public-key algorithms?
BCTextEncoder
Identify the term that refers to the data transfer rate and is measured in bits per second (bps).
Bandwidth
James, a network defender, was appointed to secure the organization's private network from unauthorized entries. To achieve this, James configured an intermediary computer system that receives requests on public interface from external network and provides controlled access to resources in the private network. This mediatory system serves as scapegoat when attacks are initiated on the intranet. Which of the following security controls James has configured to secure the internal network?
Bastion Host: A bastion host is designed for defending a network against attacks. It acts as a mediator between inside and outside networks. A bastion host is a computer system designed and configured to protect network resources from attacks. It provides a limited range of services such as website hosting, and mail to ensure security.
Sam, a network administrator, implemented an IoT architecture for the industrial sector, which includes several layers that are connected to save and process data. The architecture implemented by Sam has a main functional building block that stores context information about the things and devices. Identify the functional building block discussed in the above scenario.
Big Data Warehouses: Big data warehouses contain only cleaned, structured, and matched data. They can store the following: Context information about the things and devices; examples include the locations of sensors, Commands sent by control applications to things.
Jack, a security specialist was appointed by an organization to implement a highly secured authentication method at the entrance of their science and research center. To accomplish the responsibility, Jack created an authentication method that identifies a person based on the facial features from an image or a video source. Which of the following authentication methods Jack has implemented in the above scenario?
Biometric authentication
Ronnie, a security professional got many tickets stating that certain miscreants have been accessing the files with the credentials of the employees and they are creating havoc in the organization. To prevent such incidents, Ronnie implemented an authentication mechanism that identifies human characteristics for authenticating people. Which of the following types of authentication did Ronnie implement in the above scenario?
Biometric authentication
Identify the physical barrier that may be defined as a short vertical post which controls and restricts motor vehicles to the parking areas, offices etc. and are mainly used in building entrances, pedestrian areas and areas that require safety and security.
Bollards
Richard, a network engineer, performs advanced monitoring and detection of wireless network anomalies. He employed a Wi-Fi security auditing tool to detect, analyze, and identify wireless threats. Identify the tool employed by Richard in the above scenario.
BoopSuite: Wi-Fi security auditing tools ability to detect, analyze, and identify wireless threats.
Identify the policy that allows employees to bring their devices such as laptops, smartphones, and tablets to the workplace and use them for accessing the organizational resources based on their access privileges.
Bring Your Own Device (BYOD): Bring Your Own Device (BYOD)/Bring Your Own Technology (BYOT)/Bring Your Own Phone (BYOP)/Bring Your Own PC (BYOPC) refers to a policy that allows employees to bring their devices such as laptops, smartphones, and tablets to the workplace and use them for accessing the organizational resources based on their access privileges.
John, a network specialist, was instructed to secure the physical environment of an organization. He installed a CCTV camera to cover a certain distance over the main entrance, doorways, and other entry points. The CCTV camera also allows John to use different lenses to cover areas beyond specific distances. Which of the following types of CCTV camera was installed by John in the above scenario?
C-Mount CCTV Camera: It consists of detachable lenses, which provide surveillance for more than 40.ft. Other CCTV camera lenses provide only 35 - 40 ft. coverage. C-Mount allows different lenses to be used according to the distance to be covered.
Teena, a security administrator, plans to tighten the physical security of the organization to protect against malicious intruders. She deployed video surveillance cameras that consist of detachable lenses, provide surveillance for more than 40 ft, and use different lenses according to the distance to be covered. Which of the following types of video surveillance camera is mentioned in the above scenario?
C-Mount CCTV Camera: It consists of detachable lenses, which provide surveillance for more than 40.ft. Other CCTV camera lenses provide only 35 - 40 ft. coverage. C-Mount allows different lenses to be used according to the distance to be covered.
Bob, an IT administrator, was instructed to make changes in the current mobile usage policy that allows employees to select a device from a preapproved set of organization's devices to access company data according to the given access privileges. Which of following policies Bob needs to add in the existing mobile usage policies of the organization?
CYOD (Choose Your Own Device): Choose Your Own Device (CYOD) refers to a policy in the employees select their device of choice from a preapproved set of devices (laptops, smartphones, and tablets) to access company data according to the access privileges of an organization.
In an organization, CyberSol.org, the administrator implemented an authorization method that contains a single database. Using this method, the administrator can allow or deny access to the applications and resources to their employees based on the policies. Identify the authorization technique implemented by the administrator in the above scenario.
Centralized authorization
Kristen, a security professional, implements firewall in his organization to trace the incoming and outgoing traffic. He deploys a firewall that works at the session layer of the OSI model and monitors the TCP handshake between hosts to determine whether a requested session is legitimate or not. Identify the firewall technology implemented by Kristen in the above scenario.
Circuit-Level Gateway: Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP.They monitor the TCP handshake between packets to determine whether a requested session is legitimate or not. Information passed to a remote computer through a circuit-level gateway appears to have originated from the gateway
Which of the following firewall technologies works at the session layer of the OSI model or the TCP layer of TCP/IP model and filters the traffic based on specified session rules?
Circuit-level gateway
Which of the following components of an IoT framework is referred to as the central point of data aggregation for most of the data in the ecosystem?
Cloud Platform: In an IoT ecosystem, the cloud component is referred to as the central aggregation and data management point. Access to the cloud must be restricted. The cloud component is usually at higher risk, as it is the central point of data aggregation for most of the data in the ecosystem.
Identify the actor in NIST cloud computing architecture who performs an independent examination of cloud service controls to express an opinion thereon and evaluates the services provided by a CSP based on security controls, privacy impact, and performance.
Cloud auditor
Which of the following entities in the NIST cloud deployment reference architecture acts as an intermediary and provides connectivity and transport services between CSPs and cloud consumers?
Cloud carrier
Williams has created an IoT environment for his home by connecting all the devices such as lights, temperature controllers, and CCTVs. These devices constantly send sensed data over the network for processing. The data collected from these devices is sent to a remote storage location where it undergoes analysis. Identify the component of IoT technology that performs analysis over the data collected from IoT devices.
Cloud server/data storage: The collected data, after traveling through the gateway, arrives at the cloud, where it is stored and subjected to data analysis. The processed data is then transmitted to the user, who takes actions based on the information received.
In which of the following IoT communication models the data from the IoT devices can be accessed by authorized third parties?
Cloud-to-cloud
Ronnie, a network engineer, implemented a IoT communication model in his organization to reduce the company's expenditure on energy. For this purpose, he used a communication model that extends device-to-cloud communication such that the data from the IoT devices can be accessed by authorized third parties so that they can analyze the energy consumption periodically and employ any energy-harvesting techniques. Which of the following IoT communication models was utilized by Ronnie in the above scenario?
Cloud-to-cloud
Which of the following types of cable is made up of a single copper conductor at its center, a plastic layer providing an insulated center conductor, and a braided metal shield?
Coaxial cable
Which of the following backup methods is also called an offline backup that can take place when the system is not working or is not accessible by users?
Cold backup: A cold backup is also called an offline backup. A cold backup can take place when the system is not working or is not accessible by users.
Identify the stack-wise IoT security layer in which the user must enforce lightweight message-based protocols for IoT devices that consist of options for double encryption, filtering, and queuing.
Communication Layer: Inherent security of a message - where all communications with IoT devices should be carefully handled. The user must enforce lightweight message-based protocols for IoT devices that consist of options for double encryption, filtering, queuing, etc.
Brian, a cloud architect, plans to share a pool of resources with another organization through the Internet to reduce costs. For this reason, he uses a cloud deployment model where the infrastructure is shared among organizations with common computing concerns, such as security, regulatory compliance, performance requirements, and jurisdiction. Which of the following cloud deployment models helps Brian in the above scenario?
Community Cloud: It is a multi-tenant infrastructure shared among organizations from a specific community with common computing concerns, such as security, regulatory compliance, performance requirements, and jurisdiction.
Which of the following solutions are trusted entities that issue digital certificates?
Comodo: Comodo offers a range of PKI digital certificates with strong SSL encryption (128/256 available) with Server-Gated Cryptography (SGC). It ensures standards of confidentiality, system reliability, and pertinent business practices as judged via qualified independent audits.
Jack, a security professional, was hired to prevent the organization data from external leakage. He implemented a mobile usage policy that allows employees to use the devices purchased by the organization and prevents users from accessing any applications other than those provided by the organization. Identify the type of policy implemented by Jack in the above scenario.
Company Owned, Business Only (COBO): Company Owned, Business Only (COBO) refers to a policy that allows employees to use and manage the devices purchased by the organization but restrict the use of the device for business use only. COBO is used to describe a device that runs a single application.
Which of the following policies allows employees to use and manage the devices purchased by the organization but restricts the use of the device for business use only?
Company Owned, Business Only (COBO): Company Owned, Business Only (COBO) refers to a policy that allows employees to use and manage the devices purchased by the organization but restrict the use of the device for business use only. COBO is used to describe a device that runs a single application.
Which of the following types of physical security controls are known as alternative controls that are used when the intended controls fail or cannot be used?
Compensating controls
Which of the following elements of cloud security allows organizations to have a clear idea about the regulation standards that needs to be achieved along with the associated requirements and allows the organizations to benefit from the business agility and growth?
Compliance: A clear understanding of the requirements of an organization and how compliance is achieved can enable the organizations to benefit from business agility and growth. Compliance failure can lead to regulatory fines, lawsuits, cyber security incidents, and reputational damage.
In which of the following types of attack signature analysis, security professionals need to analyze a series of packets over a long period of time to detect attack signatures?
Composite-signature-based analysis: In contrast to atomic signatures, security professionals need to analyze a series of packets over a long period of time to detect composite attack signatures. Detecting these attack patterns is exceedingly difficult. ICMP flooding is an example of an attack performed using composite signatures. In this attack, multiple ICMP packets are sent to a single host so that the server remains busy responding to the requests.
Which of the following tools helps security professionals encrypt and decrypt information, files, etc. using strong encryption algorithms?
Concealer
Which of the following objectives of cryptography ensures that the information is accessible only to those who are authorized to access it?
Confidentiality: Assurance that the information is accessible only to those authorized to access it.
An organization has recently leased an online cloud service. Using these services, subscribers can develop rich, scalable containerized applications through the cloud or on-site data centers. Identify the type of cloud computing service deployed by the organization in the above scenario.
Container-as-a-Service (CaaS): This cloud computing model provides containers and clusters as a service to its subscribers. It provides services such as virtualization of container engines, management of containers, applications, and clusters through a web portal, or an API. Using these services, subscribers can develop rich scalable containerized applications through the cloud or on-site data centers. CaaS inherits features of both IaaS and PaaS (e.g., Amazon AWS EC2, Google Kubernetes Engine (GKE)).
Which of the following techniques separates the personal and organizational data in employee's mobile devices and also helps in improving the security of organizational data?
Containerization: Containerization is a technique in which all personal and organizational data are segregated on an employee's mobile device. With the increasing adoption of BYOD policies, using this technique substantially helps in improving the security of organizational data.
Which of the following types of service enables the deployment of containers and container management through orchestrators and using which subscribers can develop rich, scalable containerized applications through the cloud or on-site data centers?
Containers as a service (CaaS): This refers to services that enable the deployment of containers and container management through orchestrators. Using CaaS, subscribers can develop rich, scalable containerized applications through the cloud or on-site data centers.
Which of the following attack signature analysis techniques allows network defenders to detect suspicious activity by analyzing the data in the payload and matching a text string to a specific set of characters?
Content-based signature analysis: Content-based signatures are detected by analyzing the data in the payload and matching a text string to a specific set of characters.
James, a system administrator, was assigned to prevent the organization data being accessed by outside entities. He implemented an enhanced security technique that allows employees to access the organizational data within the office perimeter and denies access when a device is connected to a public Wi-Fi network. Identify the mobile device management mechanism employed by James in the above scenario.
Context-aware authentication
Scarlet, a network administrator, tries to allow employees of her organization to access the network within the office perimeter and deny access when it is connected to the public network. She employs a technique that depends on employee data such as geolocation, identity, requests made, and behavior for enhancing data security decisions and to thwart attackers accessing the organizational data. Identify the technique employed by Scarlet in the above scenario.
Context-aware authentication: Context-aware authentication is a type of enhanced security technique that uses the contextual information of a user such as geolocation, identity, and behavior for enhancing data security decisions. It also uses the data about the user, requests made, connection, and location. All this data help in preventing malicious users from accessing the organizational data. This technique also allows employees to access the organizational network within the office perimeter and denies access when a device is connected to a public Wi-Fi network.
Simon, a system administrator working in a large organization, purchases laptops, notebooks, smartphones, and tablets to make them available for the employees based on their preferences. Before handing over the devices to the employees, Simon implements stringent policies to protect the devices from malicious attacks. Which of the following policies was utilized by Simon in the above scenario?
Corporate Owned, Personally Enabled (COPE): Corporate Owned, Personally Enabled (COPE) refers to a policy that allows employees to use and manage the devices purchased by the organizations. The devices include laptops, notebooks, smartphones, tablets, and/or software services. Larger enterprises are more likely to employ the COPE model.
Bob wants to transmit a confidential file to his teammates that contains details related to their next project. He employed asymmetric cryptography to encrypt the file and sent it over the network. Which of the following keys can be used to decrypt the confidential file and read its content?
Corresponding private key
Identify the tool that allows security professionals to encrypt critical files stored on the computer and the cloud.
CryptoForge: It is software solution that allows individuals and organizations to secure their sensitive data with professional encryption.
John, an employee at an organization, was working on an important task on his laptop. Suddenly, his system crashed and he requested Alice to provide her laptop for few hours. Before sharing her laptop with John, Alice locked all the confidential files and folders on her laptop. Which of the following tools helped Alice to encrypt the files on her laptop?
Cryptomator: Cryptomator offers multi-platform transparent client-side encryption of files.
Austin, a software developer at an organization, is working on a prestigious project. His manager, Jose, asked Austin to share confidential documents about the project through an email. For this purpose, Austin used a tool to encrypt the documents and sent the encrypted documents via an email to his manager. On the other hand, Jose downloaded the encrypted documents and used the same tool to decrypt them. Identify the tool employed by Austin in the above scenario.
Cyphertop: Cyphertop is the most secure encryption software, efficient and fast quantum encryption software.
Bob, a policy management member, has decided to modify and add new designs to protect the original design according to the Vessel Hull Design Protection Act (VHDPA). Bob was provided with the right to design hulls (including the decks) of vessels only up to 200 feet using a duplicate of the original design. Which of the following acts was demonstrated in the above scenario?
DMCA
Which of the following acts is the American copyright law that implements two 1996 treaties from the World Intellectual Property Organization (WIPO) such as the WIPO copyright treaty and the WIPO performances and phonograms treaty?
DMCA
Finch, a network administrator in the process of securing the internal network, segregated the LAN creating an independent subnetwork. The newly created subnetwork has been placed between the organization's internal network and the outside public network to enable high-level protection for the LAN. Identify the independent network created by Finch in the above scenario to protect the LAN.
DMZ: A Demilitarized Zone (DMZ) is a small network which is placed in between the organization's private network and an outside public network.
Which of the following acts allows a provision for the regulation of the processing of information relating to individuals and to make provision in connection with the Information Commissioner's functions under certain regulations relating to information?
DPA
Which of the following IoT functions helps security professionals find trends and obtain actionable insights by using the data in the big data warehouse?
Data Analytics: Data analytics help data analysts find trends and obtain actionable insights by using the data in the big data warehouse. The analysis of the data in the form of schemas, diagrams, and infographics reveals the Device performance and Inefficiencies of the IoT system and ways to enhance it.
Don, an attacker, targeted John's confidential file that is being shared via email with Bob. Before mailing the file, John converted it into an unreadable format in such a way that only Bob can view it. Although Don managed to intercept the communication, he failed to read the file. Which of the following data security technologies prevented Don from reading the confidential file in the above scenario?
Data Encryption: Protecting information by transforming it in such a way that it cannot be read by an unauthorized party.
Identify the IoT function that stores the data produced by the connected devices in the natural format, which will be then extracted and loaded to a big data warehouse.
Data Lakes: Data lakes store the data produced by the connected devices in the natural format. If the data are required for meaningful insights, the data will be extracted from a data lake and loaded to a big data warehouse.
John visited an electronic store and purchased a new laptop using his debit card "1010 1000 1110 0101". After successful payment, John received a transaction alert via an SMS from his bank stating, "You have made a transaction of USD 3000 using your debit card ending with XXXX 0101 at e-store". Identify the data security technology employed by the bank to hide the debit card number in the transaction alert message.
Data Masking: Protecting information by obscuring specific areas of data with random characters or codes.
Which of the following data security methods protects information by obscuring specific areas of data with random characters or codes?
Data Masking: Protecting information by obscuring specific areas of data with random characters or codes.
Identify the data security technology that allows security professionals to makes a duplicate copy of critical data to be used for restoring and recovery purposes when the primary copy is lost or corrupted.
Data Resilience and Backup: Making a duplicate copy of critical data to be used for restoring and recovery purposes when the primary copy is lost or corrupted, either accidentally or on purpose. Data resilience allows the data to remain available to the applications if there is any failure in the hosted data.
James, a security specialist, at an organization was recruited to implement an appropriate policy for safeguarding stored data and secure removal of stored data complying with business requirements. He developed certain policies and procedures for data removal that showed a tremendous impact on data security. Which of the following data security technologies was implemented by James in the above scenario?
Data Retention: Storing data securely for compliance or business requirements. An organization should have policies and processes for retention and removal of data. Data retention programs have a tremendous impact on data security and can meet the expectations of customers and governments in safeguarding privacy.
Which of the following features of an IoT-enabled IT environment involves the exchange of data between IoT-enabled organizations using different communication protocols?
Data collection: Data collection involves the exchange of data between IoT-enabled organizations using different communication protocols. These protocols should be lightweight and should provide low-network-bandwidth functionality.
In which of the following states of data is it encrypted before being carried through the encrypted connections such as HTTPS, SSL, TLS and FTPS?
Data in transit: This data actively moves from one location to another across the network, or is encrypted before moving and/or being transmitted through encrypted connections such as HTTPS, SSL, transport layer security (TLS), FTPS, etc.
In which of the following states of data is it stored or processed by RAM, CPUs, or databases and is not passively stored on the system, but actively moves across IT infrastructure?
Data in use: This data is stored or processed by RAM, CPUs, or databases. It is not passively stored on the system, but actively moves across IT infrastructure. It is updated, erased, processed, accessed, and/or read by the system.
Harvey, a system administrator, is assigned a task to create access permissions for users as well as verify the access permissions created for each employee in his organization. For this purpose, he used a type of authorization that maintains a separate database for each resource. Further, for better flexibility, it also enables the employees to provide access to other employees. Which of the following types of authorization was employed by Harvey in the above scenario?
Decentralized authorization
Identify the type of authorization that maintains a separate database for each resource and the database contains the details of all users who are permitted to access a particular resource.
Decentralized authorization
Which of the following types of suspicious traffic signatures indicates a large number of requests being made from single or multiple sources to disrupt services?
Denial of Service (DoS): This type of traffic may contain a large number of requests from a single source or multiple sources, which are sent as an attempt to perform a DoS attack. This type of attack is performed to disrupt the service of the target organization.
John, a new employee at an organization, has completed his training. His work involves dealing with important documents of the organization. On one Sunday, he connected to the corporate server from his residence, accessed and updated the important documents, and saved them on to the cloud. Subsequently, David (the manager) accessed and edited (approved) John's documents from a different location. Which of the following types of virtualization was demonstrated in the above scenario?
Desktop Virtualization: In this virtualization technology, the operating system instance, representing the user's desktop, is located within a central server on the cloud. Enables the user to control the desktop on the cloud and use any device to access it. The data and files are not stored on the system with which the user accesses the desktop but are instead stored in the cloud
Jack, a security inspector, was assigned to install a physical security control in the company premises to defend against intrusion attempts. He implemented a security control that contains motion sensors connected with video surveillance to monitor and identify illegitimate intrusion attempts. Which of the following types of physical security control Jack has implemented in the above scenario?
Detective Controls: These controls detect security violations and record any intrusion attempts. These controls act when preventive controls fail. Examples include motion detector, alarm systems and sensors, video surveillance, etc.
Richard, a security professional, implements physical security controls according to the needs of the organization. As part of this, he implemented controls that do not prevent access directly but can discourage the attackers by sending warning messages about an intrusion attempt. Which of the following types of physical security controls was implemented by Richard in the above scenario?
Deterrent controls
Which of the following types of physical security controls is used to discourage attackers and send warning messages to them to discourage against intrusion attempts?
Deterrent controls
In which of the following communication model IoT devices first communicate with the remote server rather than directly communicating with the client to send or receive data or commands?
Device-to-Cloud Communication Model: In this type of communication, devices communicate with the cloud directly, rather than directly communicating with the client to send or receive data or commands.
Bob, a patient with a paralyzed, wanted to turn on smart lights and AC in his room. As he cannot stand, Bob requested the hospital management to connect those device sensors to his mobile so that he can turn on/off the smart devices whenever he wants. Which of the following IoT communication models was demonstrated in the above scenario?
Device-to-Device Communication Model: In this type of communication, inter-connected devices interact with each other through the Internet, but they predominantly use protocols such as ZigBee, Z-Wave or Bluetooth.
Jack implemented an IoT environment at his home by connecting all the IoT devices to an intermediate device, which in turn communicates with the cloud service and also provides security features and data translation functions. Which of the following IoT communication models is demonstrated in the above scenario?
Device-to-Gateway Communication Model: In the device-to-gateway communication model, the IoT device communicates with an intermediate device called a gateway, which in turn communicates with the cloud service. This gateway device could be a smartphone or a hub that is acting as an intermediate point, which also provides security features and data or protocol translation.
The organization TechSoft Solutions has deployed smart smoke detection and extinguisher system on every floor of the building. The embedded sensors within the smart system detect smoke and send emergency alerts to the security teams to take immediate actions. Which of the following tiers of an IoT-enabled IT environment gathers an outbreak of smoke on the organization floor?
Devices Tier: The things/devices tier include smartphones, wearable devices, autonomous machines, and tags (RFID, NFC, QR codes) that can gather data using their embedded sensors, which can track key parameters related to the physical environment.
Steve, a professional in an organization, targeted his colleague James to access his mobile device and steal all the data stored in it. When James left the mobile on his desk, Steve tried to access it but failed to do so as the device was asking either for a fingerprint or valid PIN number to authenticate. Which of the following types of physical lock system James has implemented on his device?
Digital lock
Which of the following types of antenna is a straight electrical conductor measuring half a wavelength from end to end, and it is connected at the center of the RF feed line and is used for supporting client connections rather than site-to-site applications?
Dipole antenna
Which of the following techniques multiplies the original data signal with a pseudo-random noise-spreading code and protects signals against interference?
Direct-Sequence Spread Spectrum (DSSS): DSSS is a spread spectrum technique that multiplies the original data signal with a pseudo-random noise-spreading code. Also referred to as a data transmission scheme or modulation scheme, the technique protects signals against interference or jamming.
Bob has recently joined an organization. He was provided with his access card to access only the third and ground floors of the organization building. When Bob tried to access the second floor by swiping his access card against the reader near the entrance, he was unable to open the door. Which of the following high-level security requirements the organization has employed in the above scenario?
Discipline Security Requirements: Actions to be taken for various components that need to be secured such as computer security, operations security, network security, personnel security, and physical security
Which of the following access control models can be termed as need-to-know access model where the decision can be taken by an owner to provide or deny access to specific user or a group of users?
Discretionary access control
Axel, an employee of an organization, is using his personal mobile device to access the organizational resources. He was unsatisfied with the management, so he decided to sell the confidential corporate data stored on his device to the competitors. Identify the risk associated with BYOD in the above scenario.
Disgruntled employees: Disgruntled employees in an organization can misuse the corporate data stored on their mobile devices. They may also leak sensitive information to competitors.
Identify the RAID system feature that improves the read/write performance of data by dividing it into small chunks and spreading it over multiple disks.
Disk striping: Disk striping improves the read/write performance of data. The data is divided into small chunks and spread over multiple disks.
Which of the following sections of typical policy document content ensures that policies are conveyed correctly throughout?
Distribution: It ensures that policies are conveyed correctly throughout.
Which of the following components of Docker engine manages the Docker images, containers, networks, and storage volume, and processes the requests of the Docker API?
Docker Daemon: This manages the Docker images, containers, networks, and storage volume, and processes the requests of the Docker API. It is responsible for container-related actions and communicates with other daemons in order to manage its services.
Sam, a professional hacker, targeted a cloud server to damage the reputation of an organization. He performed an image forgery attack to change the image files and a replay attack to provide outdated content to legitimate users. Which of the following types of attack Sam has performed in the above scenario?
Docker registry attacks
Stella, a security team member, was instructed to train new employees on securing the organization from unwanted issues. As a primary part of training, she instructed employees not to throw sensitive documents in the trash, and also trained them on how to shred documents and erase magnetic data before putting them into the trash. Which of the following attacks were mitigated by grooming employees on the above techniques?
Dumpster diving
Stephen, a security professional, was instructed to design a secure IoT framework for an organization. In the IoT framework implemented by Stephen, one of the physical devices is configured to interact with surroundings that contain various components such as sensors, actuators, operating systems, hardware and network, and communication capabilities. Which of the following physical devices in the IoT ecosystem is described in the above scenario?
Edge: The edge is the main physical device in the IoT ecosystem that interacts with its surroundings and contains various components like sensors, actuators, operating systems, hardware and network, and communication capabilities. It is heterogeneous and can be deployed anywhere and in any condition.
Which of the following Wireshark menu contains items to find a packet, time reference, and mark one or more packets and handle configuration profiles and set preferences?
Edit: This menu contains items to find a packet, time reference, and mark one or more packets. It handles configuration profiles and sets preferences.
In which of the following locking systems is locking and unlocking achieved by supplying and eliminating power and the locking system mainly uses motors to activate or deactivate the locks?
Electromagnetic locks
Which of the following types of light system is used during power failures or when normal lighting systems do not operate properly?
Emergency lighting
Which of the following practices should be followed by users to protect their data stored on mobile devices?
Enable over-the-air encryption using SSL, TLS, VPN, and WPA2
Identify the VPN core functionality in which packets over a VPN are enclosed within another packet that has a different IP source and destination because concealing the source and destination of the packets can protect the integrity of the data sent.
Encapsulation: Packets over a VPN are enclosed within another packet (encapsulation) which has a different IP source and destination. Concealing the source and destination of the packets protects the integrity of the data sent.
Which of the following components of technical security controls protects the information passing through the network and preserves the privacy and reliability of the data?
Encryption and protocols
Identify the best practice that helps cloud providers in securing a cloud environment from malicious activity.
Enforce legal contracts in employee behavior policy.
Which of the following practices should be adopted by security teams to successfully implement DLP solutions?
Enhance the DLP policies to support effective DLP operations and eliminate false positives.
Which of the following practices should be followed by a cloud administrator to secure the container environment?
Ensure the authenticated access to registries including sensitive images and data.
Which of the following points should be considered while designing the infrastructure and architecture for an organization or industry?
Establish procedures explaining how they should be protected
Which of the following acts provides the public with the right to request access to records from any federal agency and is often described as the law that keeps citizens informed about their government?
FOIA
Which of the following protocols uses port 21 for transmitting data in a cleartext format and transfers files over TCP?
FTP: FTP sends data in a cleartext format and is used to transfer files over TCP, and its default port is 21. FTP does not provide encryption in the data transfer process, and the data transfer between the sender and receiver is in plain text.
Which of the following levels of virtualization makes the virtual devices independent of the physical computer hardware and creates a massive pool of storage areas for different virtual machines running on the hardware?
Fabric Virtualization: This level of virtualization makes the virtual devices independent of the physical computer hardware. It creates a massive pool of storage areas for different virtual machines running on the hardware. Storage area network (SAN) technology is used to achieve fabric level virtualization.
Which of the following types of cable is made of glass or plastic and is least susceptible to wiretapping threats?
Fiber optic
Which of the following tools assists administrators in performing disk encryption to ensure confidentiality of information stored on the disk?
FileVault: It is used to encrypt a disk partition to provide confidentiality to the information stored on it.
Identify the advantage of monitoring network traffic.
Finding unnecessary and vulnerable applications
Sam, an employee at organization, works in a file storage facility that manages the company's documents and files. Due to a short circuit in the storage facility, a small fire broke out at the corner of the room. As Sam is already located on the site, he used a manual fire-suppression system that discharges an agent from a cylindrical vessel to stop the initial fire from spreading to other rooms. Identify the type of fire-suppression system Sam has used in the above scenario
Fire Extinguisher: Fire extinguishers deal with extinguishing fires at the initial stage. These may not be used in case of a fire covering a large area. A fire extinguisher normally consists of an agent that is discharged, inside a cylindrical vessel.
Which of the following techniques is used for transmitting radio signals by rapidly switching a carrier among many frequency channels and decreases the efficiency of unauthorized interception or jamming of telecommunications?
Frequency-hopping spread spectrum (FHSS): FHSS, also known as frequency-hopping code-division multiple access (FH-CDMA), is a method of transmitting radio signals by rapidly switching a carrier among many frequency channels. It decreases the efficiency of unauthorized interception or jamming of telecommunications.
Identify the virtualization approach in which the guest OS is not aware that it is running in a virtualized environment and sends commands to the virtual machine manager (VMM) to interact with the computer hardware.
Full Virtualization: In this type of virtualization, the guest OS is not aware that it is running in a virtualized environment. It sends commands to the virtual machine manager (VMM) to interact with the computer hardware. The VMM then translates the commands to binary instructions and forwards them to the host OS. The resources are allocated to the guest OS through the VMM.
Hannes, a cloud security professional in an organization was instructed to deploy a cloud service for developing applications for microservices. He leased a cloud computing service that provides a platform for developing, running, and managing application functionalities. Identify the type of cloud computing service deployed by Hannes in the above scenario.
Function-as-a-Service (FaaS): Provides a platform for developing, running, and managing application functionalities for microservices.
An organization, CyberSol.org, developed a software product and implemented key exchange algorithms to share its resources with customers. The organization also handed over a copy of keys to the law enforcement agency or a trusted third party to keep them in escrow. These keys can be used during crises or after an incident to decipher digital evidence under authorization or a warrant from a court of law. Which of the following concepts was demonstrated in the above scenario?
GAK: Government Access to Keys (GAK) refers to the statutory obligation of individuals and organizations to disclose their cryptographic keys to government agencies. Law enforcement agencies around the world acquire and use these cryptographic keys to monitor suspicious communication and collect evidence of cybercrimes in the interests of national security.
Identify the act that is a United States federal law that requires financial institutions to explain how they share and protect their customers' private information.
GLBA
Identify the tier of an IoT-enabled IT environment that focuses on communication, offload processing functions, and facilitates efficient communication through a PAN, LAN, Bluetooth, Zigbee, MQTT/TCP, and micro-computing.
Gateway/Control Tier: The gateway/control tier focuses on communication, offload processing functions, and the driving of required actions. The gateway pre-processes the huge amount of data generated by sensors before sending it to the cloud tier; thus, it reduces the amount of unwanted data forwarded to the cloud tier. This process can reduce the costs of network transmission and allow the application of rules based on incoming data. A typical control tier facilitates efficient communication through a personal area network (PAN), a local area network (LAN), Bluetooth, Zigbee, Message Queuing Telemetry Transport (MQTT)/TCP, etc., and micro-computing (micro-multi core chips).
Jack, a security specialist, implemented an IoT network in his organization; it includes a communication aggregator in one of the parts of network that communicates with a trusted local network as well as with an untrusted public network through a secure connection. Which of the following devices in the IoT ecosystem was demonstrated in the above scenario?
Gateway: The gateway acts as the first step for an edge into the world of the Internet as it connects smart devices to cloud components. It is referred to as a communication aggregator that allows communication with a secure and trusted local network as well as a secure connection with an untrusted public network. Wherever possible, the gateway should be designed in such a way that it authenticates multi-directionally to carry out trusted communication between the edge and the cloud. Automatic updates should also be provided to the device for countering vulnerabilities.
Which of the following devices in the IoT ecosystem is designed in such a way that it authenticates multi-directionally to carry out trusted communication between the edge and the cloud?
Gateway: The gateway acts as the first step for an edge into the world of the Internet as it connects smart devices to cloud components. It is referred to as a communication aggregator that allows communication with a secure and trusted local network as well as a secure connection with an untrusted public network. Wherever possible, the gateway should be designed in such a way that it authenticates multi-directionally to carry out trusted communication between the edge and the cloud. Automatic updates should also be provided to the device for countering vulnerabilities.
Which of the following sections of the typical policy document lists the different terms and abbreviations used in the policy?
Glossary/Acronyms: List the different terms and abbreviations used in the policy.
Which of the following items in the main menu of Wireshark contains options to navigate to a specific packet, including a previous packet, the next packet, the corresponding packet, the first packet, and the last packet?
Go: This menu contains options to navigate to a specific packet including a previous packet, the next packet, the corresponding packet, the first packet, and the last packet.
Which of the following features in AWS IAM initially provides minimum permissions to the user to ensure security and the permissions can be extended based on the requirement?
Grant Least Privilege: The policies should be formulated according to the roles of users. Initially, minimum permissions should be provided to ensure security; the permissions can be extended in the future.
Which of the following acts contains the simplification standard known as National Provider Identifier (NPI), which is a unique identification number assigned to each beneficiary?
HIPAA
Which of the following algorithms uses a cryptographic key along with a cryptographic hash function to verify the integrity of data and authentication of a message?
HMAC
Which of the following points an organization should NOT consider while designing their infrastructure and architecture?
Have a single location for the server and storage rooms
Which of the following points need be considered by the organization while designing the infrastructure and architecture?
Have emergency exits
Which of the following types of fire detection system is used to detect and respond to the thermal energy generated due to fire incidents?
Heat Detectors: Heat detectors are used to detect and respond to thermal energy generated due to fire incidents.
Which following is NOT an advantage of monitoring network traffic?
Hiding data flows in a network
Williams, an infrastructure designer, was assigned to design the arrangement of servers in a data center. The requirement is that the arrangement of equipment should maintain airflow to save energy. The arrangement designed by Williams can save the hardware from humidity and heat and increases hardware performance. Which of the following options was employed by Williams in the above scenario?
Hot and Cold Aisles: It is a systematic arrangement of equipment to maintain air flow and to save energy. Many organizations follow hot and cold aisle alignment, mostly used in server rooms, data centers, etc. where heavy electronic equipment comes into use. It saves the hardware from humidity and heat, increases hardware performance and maintains consistent room temperature.
Lucas, a network specialist at an organization, implemented a backup mechanism that continues to perform the backup even when the user is accessing the system. However, the changes made to the data during this backup process are not reflected in the final backup file. Which of the following types of backup method was implemented by Lucas in the above scenario?
Hot backup: A hot backup is a popular backup method. It is also called as dynamic backup or active backup. In a hot backup, the system continues to perform the backup even when the user is accessing the system. Implementation of a hot backup in an organization avoids downtime. However, changes made to the data during the backup process is not reflected in the final backup file.
Which of the following cloud deployment models is a combination of two or more clouds that remain unique entities but are bound together, where an organization makes available and manages certain resources in-house and provides other resources externally?
Hybrid cloud
In which of the following types of virtualization approach, the guest OS adopts the functionality of para virtualization and uses the VMM for binary translation to different types of hardware resources?
Hybrid virtualization
Which of the following components of virtualization is an application or firmware that enables multiple guest operating systems to share a host's hardware resources?
Hypervisor
John, a network specialist at an organization, was monitoring the IDS screen. He identified a suspicious activity performed by an attacker and subsequently performed pre-configured or automated counter-action such as restarting the network traffic, and blocked the hacker's further activity on the organizations network. In which of the following intrusion detection step does an IDS take pre-configured counter-action against the hacker?
IDS responds
Identify the type of cloud computing service that offers authentication services to the subscribed enterprises and is managed by a third-party vendor to provide identity and access management services.
IDaaS
Which of the following ISO/IEC standards provides ISMS implementation guide for the telecom industry that was developed jointly by ITU Telecommunication Standardization Sector (ITU-T) and ISO/IEC JTC1/SC 27?
ISO/IEC 27011
Williams, a network administrator, was assigned a duty to configure network security devices such as intrusion detection system (IDS) and intrusion prevention system (IPS) to protect the organization network from intrusion and block hackers' traffic from entering the network. Which of the following ISO/IES standards Williams must follow while configuring or modifying these security devices?
ISO/IEC 27039
Which of the following measures is the best practice for a successful DLP implementation?
Identify sensitive data for protection.
Williams, a cloud administrator, was assigned a task to deploy a cloud computing service that provides role-based access control to the employees of an organization for accessing critical information within the enterprise.
Identity and access management
Hoshea, a security professional, has adopted cloud computing technology that provides authentication services such as single-sign-on, multi-factor-authentication, identity governance and administration, access management, and intelligence collection to the subscribed enterprises. Identify the type of cloud computing service deployed by Hoshea in the above scenario.
Identity-as-a-Service (IDaaS): This cloud computing service offers authentication services to the subscribed enterprises and is managed by a third-party vendor to provide identity and access management services. It provides services such as Single-Sign-On (SSO), Multi-Factor-Authentication (MFA), Identity Governance and Administration (IGA), access management, and intelligence collection
Roger, a security professional, wants to implement DLP in his organization to prevent sensitive data leakage. He assigns this task to Anna by training her and explaining to her certain security best practices for the successful implementation of the DLP. Anna found that one of the practices can cause data exposure. Identify the practice found by Anna that suffers from this issue.
Implement DLP with a minimal base to reduce false positives and enhance the base gradually by identifying sensitive data.
Which of the following measures is NOT a best practice for a successful DLP implementation?
Implement DLP with a minimal base to reduce false positives and enhance the base gradually by identifying sensitive data.
Which of the following practices should be adopted by network defenders to secure smart devices from IoT threats?
Implement IPS and IDS in the network
Which of the following countermeasures can help a user defeat WPA cracking attempts?
Implement a NAC or NAP solution for additional control
Which of the following practices should be adopted by individuals to protect their mobile applications?
Implement jailbreak protection
Which of the following types of backup method backups only files that have been changed or created after the last backup is copied to the backup media?
Incremental backup: Backups only files that have been changed or created after the last backup are copied to the backup media. The last backup can be of any type.
Which of the following categories of traffic signature appear to be suspicious but might not always be malicious?
Informational: Traffic containing certain signatures that may appear suspicious but might not be malicious.
Which of the following guidelines helps security professionals in choosing the appropriate locations for APs and in achieving the maximum coverage, performance, and speed?
Install an AP on the ceiling
Which of the following information assurance principles ensures that the information is not modified or tampered by any unauthorized parties?
Integrity
Bob had sent an email to John's email address by attaching a confidential project file to the mail. Before sending the project file, Bob created a digital signature, encrypted the digital signature with a strong key, and attached the signature to the file to prevent improper and unauthorized changes. Which of the following objectives of cryptography was achieved in the above scenario?
Integrity: Trustworthiness of data or resources in terms of preventing improper and unauthorized changes.
Which of the following header attributes allows the firewall to check whether the packet is coming from an unreliable site?
Interface: This allows the firewall to check whether the packet is coming from an unreliable site.
James, a software engineer, is working from a remote location and connects his laptop to the company's server through a VPN. The company has implemented a security protocol that provides authentication as well as encryption of the data passing through the VPN tunnels. Identify the network security protocol implemented by the company for secure communication.
Internet Protocol Security (IPsec)
John wanted to recharge his smart TV using an app installed on the smart TV. He initiated the process by clicking on proceed to recharge option; then, he was navigated to the payment page. During the payment process, John received an OTP on his mobile, entered it on the payment gateway, and the recharge was successful. Which of the followingstack-wise IoT security layersallowed John to successfully recharge his smart TV?
IoT Security Principle on the Cloud Layer: Identification, authentication, and encryption for machines, rather than humans.
Steve, a security specialist at a cement manufacturing plant, was monitoring the functioning of the plant from the control room. Suddenly, Steve received an emergency alert regarding small fire incident within the plant that was detected by the SIEM system interfaced with the IoT monitoring system. John immediately activated an automatic water sprinkler system to bring down the plant's temperature. Which of the followingstack-wise IoT security layersallowed Steve to remotely activate the sprinkler system in the plant?
IoT Security Principle on the Process Layer: The remote control of an IoT device allows the user to perform remote diagnostics of the device, set new configurations, retrieve files, etc.
Which of the following practices helps network defenders in protecting mobile devices when they are connecting to a wireless network?
Isolate a group of users using different SSIDs and segment the traffic for these groups to different VLANS
Identify the type of security policy that directs the audience on the usage of technology-based systems with the help of guidelines and also defines remote access and wireless policies, incident response plan, password policies, and policies for personal devices.
Issue-specific security policy (ISSP)
Jackson, a security analyst at an organization, was instructed to strengthen the security of their intranet. He deployed a honeypot solution the monitors attackers' tricks and exploits by logging all their activity. As a result, Jackson can respond to such exploits quickly before the attacker can misuse or compromise the system. Identify the honeypot solution that helps Jackson in the above scenario.
KFSensor: KFSensor is a host-based IDS that acts as a honeypot to attract and detect hackers and worms by simulating vulnerable system services and Trojans. By acting as a decoy server, it can divert attacks from critical systems and provide a higher level of information than that achieved using firewalls and NIDS alone.
Sally, a security professional, implemented a protocol for authenticating requests in computer networks. The protocol implemented by Sally is based on the client-server model, and uses encryption technology and a "ticket" mechanism to prove the identity of a user on a non-secure network. Identify the protocol implemented by Sally in the above scenario.
Kerberos
Kevin, a cloud security architect, was planning to automate the deployment, scaling, and management of containerized applications. He deployed a platform that groups different containers into several logical units for easy management and discovery. Which of the following technologies was utilized by Kevin in the above scenario?
Kubernetes: Kubernetes, also known as K8s, is an open-source, portable, extensible, orchestration platform developed by Google for managing containerized applications and microservices. Kubernetes provides a resilient framework to manage distributed containers, generate deployment patterns, and perform failover and redundancy for the applications.
Identify the VPN encapsulation protocol that permits multiprotocols to be encrypted and sent across any medium supporting point-to-point delivery.
L2TP: Permits multiprotocol to be encrypted and sent across any medium supporting point-to-point delivery. L2TP is installed using the TCP/IP protocol.
Identify the layer of the IoT architecture that includes the hardware that constitutes IoT devices such as sensors, microcontroller units, and mobile devices.
Layer 1: Device Layer: The device or thing layer of IoT includes the hardware that constitutes IoT devices. All the connected devices are the endpoint for an IoT ecosystem, and they acquire data based on a particular use case.
Which of the following layers of the IoT architecture provides information dashboards for administrators to monitor, analyze, and implement proactive decisions?
Layer 3: Cloud Layer: Servers hosted in the cloud accept, store, and process the sensor data received from IoT gateways. Many IoT solutions are integrated with cloud services. With a comprehensive set of integrated services and solutions, IoT cloud provides the required insights and perspectives for customers. It provides dashboards for monitoring, analyzing, and implementing proactive decisions.
Identify the SIEM function that stores logged data in a central repository for long periods to meet compliance and regulatory requirements and for conducting forensic analysis, investigation, and internal audits.
Log Retention: SIEM stores logged data in a central repository for long periods to meet compliance and regulatory requirements and for conducting forensic analysis, investigation, and internal audits.
Identify the risk associated with enterprises' mobile usage policies BYOD, CYOD, COPE, and COBO.
Lost or stolen devices: Owing to their small size, mobile devices are often lost or stolen. When an employee loses their mobile device that is used for both personal and official purposes, the organization might face a security risk because the corporate data on the lost device may be compromised.
Which of the following types of honeypot simulates only a limited number of services and applications of a target system or network and if the attacker does something that the emulation does not expect, the honeypot will simply generate an error?
Low-interaction honeypot
Which of the following Docker native network driver helps in creating a network connection between container interfaces and its parent host interface or sub-interfaces?
MACVLAN
James sent an email to Mary containing a confidential document. For the purpose of message integrity, the email application used by James implemented a one-way hashing algorithm that takes a message of arbitrary length as input and outputs a 128-bit fingerprint of the input. Which of the following algorithms was implemented by the email application in the above scenario?
MD5
Samuel, a network defender at an organization, employed Wireshark for observing network activity. Samuel was reviewing multiple network-related statuses at a time by accessing multiple icons provided by Wireshark. Samuel wanted to speed up his analysis process using the quick access feature, which could assist him in quickly accessing the frequently used items from the menu. Which of the following Wireshark menu assisted Samuel in the above scenario for quick access?
Main toolbar: The main toolbar provides quick access to frequently used items from the menu. This toolbar cannot be customized by the user.
Which of the following measures allows security professionals to protect mobile data from unauthorized access?
Maintain access control for devices and data
James, a network administrator, was assigned a task to create a standard access control model for the organization's confidential data. He implemented an access control model that determines the usage and access policies for the users. After its implementation, only users with appropriate access rights can access the resource. Which of the following access control models James has implemented in the above scenario?
Mandatory access control (MAC)
Which of the following anti-malware tools helps network defenders identify and prevent malicious Trojans or malware from infecting computer systems or electronic devices?
McAfee LiveSafe: Anti-Trojan software is a tool or program that is designed to identify and prevent malicious Trojans or malware from infecting computer systems or electronic devices.
John, a security guard at an organization, was instructed to lock the server room and handover the keys to the administrative department. As the administrative team was in meeting with the manager, John kept the keys with him and handed them over after completion of the meeting. Which of the following lock systems is demonstrated in the above scenario?
Mechanical lock
Sofy, a cyber security analyst, plans to develop a more secure network infrastructure by implementing a honeypot. She deploys a honeypot that simulates a real OS as well as applications and services of their network. Further, the deployed honeypot can also log and analyze more complex attacks and helps in capturing more useful data. Identify the type of honeypot implemented by Sofy in the above scenario.
Medium-interaction Honeypots: Medium-interaction honeypots simulate a real OS as well as applications and services of a target network. They provide greater misconception of an OS than low-interaction honeypots. Therefore, it is possible to log and analyze more complex attacks. These honeypots capture more useful data than low-interaction honeypots.
Laura, a security specialist in an organization, was assigned the task of implementing a BYOD policy and mobile device management solution that helps manage devices, mitigate security risks, and reduce business discontinuity. She installed a cloud-based service on the devices connected to the organization's network. The solution deployed by Laura provides efficient mobile device management and mobile application management. Identify the solution deployed by Laura in the above scenario.
Microsoft Intune: It is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). The organization controls how the organization's devices are used, including mobile phones, tablets, and laptops. It also allows configuration of specific policies to control applications.
Which of the following advantages of network traffic monitoring will be achieved by establishing SLAs and compliance applicable to users or consumers by providing complete infrastructure information while drafting the SLA?
Minimizing risk: Network monitoring techniques are necessary for establishing service level agreements (SLAs) and compliance applicable to users or consumers. Complete infrastructure information is required when drafting SLAs.
Identify the mobile device management solution that encrypts all confidential data, separates business and personal use, enforces safe passcodes and screen locks, and prevents the use of unwanted applications
Miradore: Miradore helps ensure device and data security as well as data compliance across an organization. It can easily encrypt all confidential data, separate business and personal use, enforce safe passcodes and screen locks, and prevent the use of unwanted applications.
John, a network specialist at an organization, was instructed to monitor unusual behaviors in the network. He implemented an IDS system that first creates models of possible intrusions and then compares these models with incoming events to make a detection decision. Identify the type of IDS detection method employed by John in the above scenario.
Misuse detection: Signature recognition, also known as misuse detection, tries to identify events that indicate an abuse of a system or network. This technique involves first creating models of possible intrusions and then comparing these models with incoming events to make a detection decision. The signatures for IDS were created under the assumption that the model must detect an attack without disturbing normal system traffic. Only attacks should match the model; otherwise, false alarms could occur.
Which of the following solutions involves encrypting important information and allowing accessing, transmitting, or storing important information on only authorized apps using strong password protection policies?
Mobile Content Management Solutions: Mobile content management (MCM) or mobile information management (MIM) solutions provide secure access to corporate data (documents, spreadsheets, email, schedules, presentations, and other enterprise data) on mobile devices across the organizational networks without compromising with the speed. MCM involves encrypting important information and allowing accessing, transmitting, or storing important information on only authorized apps using strong password protection policies.
Sam, a security professional, implemented a mobile policy in his organization to prevent phishing and malware attacks. He deployed a solution that uses machine learning and real-time analysis to protect mobile endpoints and also generates alerts for the enterprise mobility management solutions to perform appropriate actions. Identify the solution deployed by Sam in the above scenario.
Mobile Threat Defense Solutions: Mobile threat defense (MTD)/mobile threat management (MTM)/mobile threat prevention (MTP) protects organizations and their employees from threats on iOS and Android mobiles using different security technologies. The agents installed on the devices scan them for various mobile attacks using advanced threat intelligence. It uses machine learning and real-time analysis to protect mobile endpoints. MTD generate alerts for the enterprise mobility management (EMM) solutions to perform appropriate actions (switching mobiles into the quarantine state).
James, an IT administrator, installed an agent in both the enterprise-owned devices and personal mobile devices that are being used for organization's business. These agents frequently scan for various vulnerabilities and attack surfaces by performing real-time analysis using machine learning algorithms. Which of the following solutions James had employed in the above scenario?
Mobile threat defense solution
Sam is trying to create a complete IoT network at his office building and wanted to monitor and control the environment from remote locations. He connected the network with an interface that can help him access and communicate with edge devices from anywhere. Which of the following devices in the IoT ecosystem helps Sam in monitoring the IoT network from a remote location?
Mobile: In an IoT ecosystem, the mobile interface plays an important part, particularly where the data needs to be collected and managed. Using mobile interfaces, users can access and interact with the edge in their home or workplace from miles away.
Which of the following ciphers can resist a wide range of attacks and provides message secrecy and integrity and uses a one-way mathematical function that is capable of factoring large prime numbers?
Modern Ciphers
Identify the cloud deployment model that is a dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed via one proprietary interface to achieve long-term business goals.
Multi Cloud: It is a dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed via one proprietary interface to achieve long-term business goals. Multi cloud environments are mostly all-private, all-public or a combination of both.
Identify the type of data storage that provides dedicated shared storage space for a LAN and resides on every node on the LAN having its own IP address.
NAS
Which of the following components of VPN is also called as media gateway and is responsible for setting up and maintaining each tunnel in a remote access VPN?
Network access server (NAS): It is also called a media gateway or a remote-access server (RAS). It is responsible for setting up and maintaining each tunnel in a remote-access VPN. Users need to connect to the NAS to use a VPN.
James, a security team member, was assessing the security across organizational assets. He identified sudden fluctuations in the bandwidth consumption and repeated login attempts being made from remote hosts. Which of the following types of intrusion attempt James has identified in the above scenario?
Network intrusions
Bob has recently purchased a new laptop and enabled all the required security controls. The next day while verifying whether all the security mechanisms were enabled on his system or not, he found that the "firewall" was disabled. He immediately enabled the firewall option on his laptop. Identify the component of technical security controls that Bob enabled to protect his laptop from network-related threats.
Network security devices
James, a certified hacker, was appointed by an agency to perform a cyberattack against the rival company's servers with the intention of making the services unavailable to their customers. James performed a DoS attack on the servers but he could not make the services unavailable. Which of the following components of technical security controls protected the servers from the DoS attack?
Network security devices
Which of the following practices is NOT a measure for strengthening the physical security of an organization?
Never follow copyright rules and licensing restrictions
Which of the following types of bastion host operates with multiple network connections but the network connections do not interact with each other?
Non-routing Dual-homed Hosts: A non-routing bastion host has a dual-homed host with multiple network connections that do not interact with each other. This type of the host is completely a firewall, or it might be a component of a multi-faceted firewall. If the host is a firewall, one must be careful that the configuration and the bastion host's instructions must be followed with concern.
Hannah, a security professional, plans to deploy a proxy server in her organization in order to intercept any malicious content in the client requests. For this purpose, she deploys a proxy that modifies the request or response and provides services such as group annotation, protocol reduction, and anonymity filtering. Identify the type of proxy used by Hannah in the above scenario.
Non-transparent proxy
Which of the following information assurance principles ensures that a party in a communication cannot deny sending the message?
Nonrepudiation
Which of the following objectives of cryptography guarantees that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message?
Nonrepudiation: Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.
Identify the access control terminology that is referred to as an explicit resource on which an access restriction is imposed.
Object
Which of the following types of antenna features a 360° horizontal radiation pattern and is used in radio stations?
Omnidirectional antenna
Which of the following types of authentication uses a null authentication algorithm that does not verify whether it is a user or a machine requesting network access and uses cleartext transmission to allow the device to associate with an AP?
Open system authentication process
Kayden, a network administrator, is monitoring network traffic to gather network infrastructure information. The gathered information helps him take the required actions before the situation worsens and helps identify applications that prove vulnerable to the network. Identify the advantage of network monitoring demonstrated in the above scenario.
Optimization: Network monitoring techniques gather network infrastructure information in a timely manner and save it for the security professionals. Security professional can then take the required actions before the situation worsens. These techniques identify applications that prove vulnerable to the network.
Which of the following techniques is a method of digital modulation of data in which a signal, at a chosen frequency, is split into multiple carrier frequencies that are orthogonal to each other?
Orthogonal frequency-division multiplexing (OFDM): An OFDM is a method of digital modulation of data in which a signal, at a chosen frequency, is split into multiple carrier frequencies that are orthogonal (occurring at right angles) to each other.
Which of the following acts is a proprietary information security standard for organizations that handles cardholder information for major debit, credit, prepaid, e-purse, ATM, and POS cards?
PCI-DSS
Which of the following PCI-DSS regulatory requirements do not allow unauthorized outbound traffic from the cardholder data environment to the Internet?
PCI-DSS Requirement No 1.3.5
ApTech Sol Inc., an MNC company, is following a regulatory requirement that states that every system should have antivirus software particularly in personal computers and servers to ensure that it is actively running and cannot be disabled or altered by users, unless specifically authorized by management. Which of the following PCI-DSS requirement states the above regulatory requirement?
PCI-DSS requirement no 5.1 and no 5.3
Which of the following types of HVAC system are used in locations where the space required for fixing all the components of a split system is available?
Packaged Heating and Air-Conditioning System: Most appropriate air conditioning system used mainly in locations where the space required for fixing all the components of a split system is available.
Which of the following components of Wireshark displays complete information about the captured packets at a granular level?
Packet details panel: Displays detailed information about the captured packets at a granular level.
Mateo, a network specialist at an organization, has installed Wireshark to capture network traffic. During the packet capturing process, Mateo accessed a main menu that displays captured packets with different colors based on the protocol. Identify the Wireshark menu Mateo has selected in the above scenario.
Packet list panel: This panel displays a list of packets in the current capture file. It colors the packets based on the protocol. Each line in the packet list corresponds to one packet in the capture file. If a line in this pane is selected, more details will be displayed in the Packet Details and Packet Bytes panes.
David has recently joined an organization and was assigned a company's laptop. One day, David tried to access his social media account from the organization's laptop but was not able to access it as the company had blocked access to all social media sites. Which of the following types of Internet access policy was implemented by the organization in the above scenario?
Paranoid Policy: A paranoid policy forbids everything. There is a strict restriction on all company computers, whether it is system or network usage. There is either no Internet connection or severely limited Internet usage.
Don, a professional hacker, targeted Bob's email account to access his emails. He initiated brute-force and dictionary attacks from two different systems with an impression that any one of these methods can compromise the Bob email account at the earliest possible time. Which of the following types of authentication method Don has been trying to bypass in the above scenario?
Password authentication
Which of the following types of Internet policy accepts a majority of Internet traffic and only blocks known dangerous services/attacks?
Permissive Policy: This policy is wide open, and only known dangerous services/attacks or behaviors are blocked. For example, in a permissive Internet policy, the majority of Internet traffic is accepted, except for several well-known and dangerous services/attacks.
Manuel, a security trainer, was hired by an organization to provide social engineering awareness among their employees. Manuel initiated the training by explaining to them various defensive measures against fake emails and malicious attachments. He gave instructions on how to differentiate legitimate email and a targeted fake email. Which of the following attacks were mitigated by grooming employees on the above techniques?
Phishing
Which of the following layers in the OSI model includes all cabling and network systems, power support for cables and systems, and environment supporting the systems?
Physical layer
Which of the following layers of the OSI model cannot be protected by any firewall technology?
Physical layer
Johana, an employee at an organization, left for a coffee break leaving her laptop without locking the screen. Don, a malicious insider noticed from a distance that Johana's laptop was not locked. He immediately walked toward the table and secretly installed a keylogger on her laptop before she returned. Which of the following types of mobile device security risk was demonstrated in the above scenario?
Physical risks
Jeffry, an IT administrator wants to monitor, manage the IoT devices to detect flaws and diagnose operational issues and update the firmware remotely. He installed a solution that can perform the above-mentioned functions.Which of the following solutions was utilized by Jeffry for the IoT device management?
Predix: Predix helps you develop, deploy, and operate industrial apps at the edge and in the cloud. Securely connect machines, data, and analytics to improve operational efficiency.
Which of the following protocols is an application layer protocol that provides cryptographic privacy and authentication for network communication and enhances the security of emails?
Pretty Good Privacy (PGP) protocol
John, an employee at an organization, was provided with an access ID card to access only specific portions of the organization's building. He can enter specific areas by swiping his ID card against the card reader at the entrance. One day, John wanted to meet his friend Bob who works on the second floor of the same building where he has no access to enter. John swiped his ID card against the access reader on the second floor but the door remained closed. Which of the following types of physical security controls prevented John from entering the second floor?
Preventive controls
Which of the following components of RAID architecture allows the RAID controller to enable direct, faster read and write access to the storage system?
Primary RAID memory cache: The RAID controller has a direct access to the cache memory, enabling faster read and write access to the storage system. The cache is used to store the changing data.
Don, an amateur hacker, targeted an organization and attempted to gain access to organization's cloud infrastructure. Don made multiple attempts but failed to gain access to it as the cloud environment was implemented within a corporate firewall. Identify the type of cloud deployment model used by the organization in the above scenario.
Private cloud
The network traffic monitoring detects applications that consume the maximum bandwidth and reduces the bandwidth. It manages server bottleneck situations and other systems connected to the network. Identify the advantage of monitoring network traffic based on the above statements.
Proactive: Network monitoring proactively detects applications that consume the maximum bandwidth and reduces the bandwidth. It manages server bottleneck situations and other systems connected to the network.
Which of the following goals provided by security policies forms the foundation of a security infrastructure?
Protect confidential and proprietary information from theft or modification
Which of the following network security controls is an application that can serve as an intermediary when connecting with other computers and is used to intercept malicious and offensive web content hidden in the client requests?
Proxy Server: A proxy server is an application that can serve as an intermediary when connecting with other computers. Security professionals should deploy a proxy server to intercept malicious, offensive web content, computer viruses, etc., hidden in the client requests.
Peter, a network administrator, restricts the actions and Internet usage of certain employees based on their job roles and responsibilities. He implements a policy that provides maximum security and logs all activity such as system and network activities and all the nonessential services/procedures that cannot be made safe are not allowed. Which of the following types of Internet access policy was employed by Peter in the above scenario?
Prudent Policy: A prudent policy starts with all services blocked. The Network defender enables safe and necessary services individually. This provides maximum security and logs all activity such as system and network activities. According to this policy, nonessential services/procedures that cannot be made safe are not allowed.
Which of the following Internet access policy starts with all services blocked and enables safe and necessary services individually?
Prudent Policy: A prudent policy starts with all services blocked. The Network defender enables safe and necessary services individually. This provides maximum security and logs all activity such as system and network activities. According to this policy, nonessential services/procedures that cannot be made safe are not allowed.
Steve, HR of an organization, wants to send an important file containing employee data to the payroll department. He digitally signs the file and attaches a digital certificate to it before sending to the payroll team. The payroll team verify the signature and add the employee' details to the database. Identify the attribute of the digital certificate that helped the payroll team verify the digital signature of Steve.
Public key: It is used for encrypting a message or verifying the signature of the owner.
Which of the following types of honeypot emulates the real production network of a target organization and causes attackers to devote their time and resources toward attacking the critical production system of the company?
Pure Honeypots: Pure honeypots emulate the real production network of a target organization. They cause attackers to devote their time and resources toward attacking the critical production system of the company.
Which of the following protocols provides centralized authentication, authorization, and accounting (AAA) for remote access servers to communicate with a central server?
RADIUS
Identify the protocol used in a centralized authentication server to send authentication keys to both the AP and the clients that attempt to authenticate with the AP.
RADIUS: In this Wi-Fi authentication process, a centralized authentication server known as Remote Authentication Dial-in User Service (RADIUS) sends authentication keys to both the AP and the clients that attempt to authenticate with the AP.
An organization divided its IT infrastructure into multiple departments and provided secured connections to access the data. To provide high-speed data access, the administrator implemented a RAID level that breaks data into sections and writes across multiple drives. The storage capacity of RAID level is equal to the sum of the disks' capacities in the set. Which of the following RAID levels was implemented by the administrator in the above scenario?
RAID Level 0: RAID 0 deals with data performance. In this level, data is broken into sections and written across multiple drives. The storage capacity of RAID 0 is equal to the sum of the disks' capacities in the set. RAID 0 does not provide fault tolerance. It requires a minimum of two drives. It does not provide data redundancy. A failure of one disk can lead to the failure of all disks in a level 0 volume. The probability of recovering data from a RAID level 0 is minimal.
Which of the following levels in RAID contains an exact copy of the data on two or more disks and failure of one drive does not affect the data on other drives?
RAID Level 1 - Disk Mirroring: A typical RAID 1 contains an exact copy of the data on two or more disks. RAID 1 writes data on multiple drives and multiple mirror drives at the same time. The failure of one drive does not affect the data on other drives.
Which of the following RAID levels blocks the interleaved distributed parity and includes a block-level striping with a distributed parity?
RAID Level 5: RAID level 5 involves a block-interleaved distributed parity; it includes a block-level striping with a distributed parity.
Austin, a system administrator, started facing frequent system crashes with the data getting lost, thereby interrupting the normal work procedure. To prevent this situation, he used a data backup technique that sustains the reliability of data even if a disk fails as it uses the hot swapping or hot plugging feature, and the data can be replaced without affecting the network. Identify the technique employed by Austin in the above scenario.
RAID Systems: RAID technology increases the read/write performance of the data on disks. RAID sustains the reliability of data even if a disk fails. Failed components can be replaced in a RAID system without shutting the system down. This feature is called hot swapping or hot plugging . The replacement process does not affect the network or how the other disks function.
Which of the following components of RAID storage architecture manages an array of physical disk drives and presents them to the computer as logical units?
RAID controller
Which of the following components of a RAID architecture has the permission to access multiple copies of files present on multiple disks, thereby preventing damage and increasing system performance?
RAID controller: This is either hardware- or software-based and contains the HDDs or solid state drives as a single logical unit. A RAID controller has the permission to access multiple copies of files present on multiple disks, thereby preventing damage and increasing the system performance.
An organization, CyberSol.org, has implemented a technology embedded within the employee's ID card that can automatically identify the employees entering the company premises. This system works only within a small range of 20 ft and uses electromagnetic waves to transfer data for identification. Identify the technology implemented by CyberSol.org in the above scenario.
RFID: The radio-frequency identification (RFID) technology uses radio frequency (RF) electromagnetic waves to transfer data for automatic identification and for tracking tags attached to objects. RFID devices work within a small range of up to 20 ft.
Clark, a network security specialist, was assigned to secure an organization's network. Clark implemented a network defense approach that can tackle network attacks such as DoS and DDoS and includes security monitoring methods such as IDS, SIMS, TRS, and IPS. Which of the following network defense approaches did Clark implement in the above scenario?
Reactive approach
Which of the following network defense techniques examines the causes for attacks in networks by using fault-finding mechanisms, security forensics techniques, and post-mortem analysis?
Reactive approach
Toney, a security professional, regularly monitors his organization's network traffic to prevent any type of sophisticated attacks. While doing so, he noticed that there are certain suspicious traffic signatures caused by ping sweep, port scan, and DNS query attempts in the network. Identify the category of suspicious traffic signature detected by Toney in the above scenario.
Reconnaissance: Reconnaissance traffic consists of signatures that indicate an attempt to scan the network for possible weaknesses. Reconnaissance is an unauthorized discovery of vulnerabilities, which maps of systems and services. For example, reconnaissance traffic signatures may include the following: ping sweep attempts, port scan attempts, and DNS query attempts
Daniel, a network investigator was analyzing the network traffic in the organization. During the analysis, he identified traffic from an IP address containing signatures that indicate an attempt to scan the network for identifying possible weaknesses. Daniel verified that traffic and concluded that it is an port scanning attempt. Which of the following types of suspicious traffic signature Daniel has identified in the above scenario?
Reconnaissance: Reconnaissance traffic consists of signatures that indicate an attempt to scan the network for possible weaknesses. Reconnaissance is an unauthorized discovery of vulnerabilities, which maps of systems and services. For example, reconnaissance traffic signatures may include the following: ping sweep attempts, port scan attempts, and DNS query attempts.
Which of the following types of wireless antennas are used for concentrating electromagnetic energy that is radiated or received at a focal point and are generally in parabolic shape?
Reflector antennas
Bob, an employee at an organization, lost his mobile phone that he was using for both personal and company purposes. After informing, the IT administrator sent a command to the lost mobile device that erased all the data stored in the Bob's device. Which of the following techniques is implemented by the IT administrator in the above scenario?
Remote wipe: It is a technique used for securing and protecting data from miscreants if a mobile device used by an employee was lost. This feature allows the administrator to send a command that can erase all the device data.
Ruben, a security engineer, received a complaint from an employee stating his mobile device has been misplaced by a miscreant, which contains certain confidential organizational data. For this reason, Ruben used a technique that allows him to erase all the device data by remotely executing a command. Identify the technique used by Ruben in the above scenario.
Remote wipe: Remote wipe is a technique used for securing and protecting data from miscreants if a mobile device used by an employee was stolen or lost. This feature allows the device owner or the organization's administrator to send a command that can delete or erase all the device data. This helps prevent perpetrators from compromising sensitive personal data or confidential organizational assets.
Which of the following security labels is given to a data or object that is only accessible by few people in the organization because of its technical, business, and personal issues?
Restricted: Only a few people can access the data or object. Sensitive data may be restricted for use in an organization because of its technical, business, and personal issues.
Danny, a security professional, wants to safeguard his organization's network from hacking attempts and virus attacks. For this reason, he follows a network defense approach that examines the causes for attacks in the network and includes fault finding, security forensics, and post-mortem analysis techniques. Which of the following network defense approaches was followed by Danny in the above scenario?
Retrospective approach
John wants to send an email to Bob by attaching a confidential encrypted file. He employs an Internet encryption and authentication standard that uses modular arithmetic and elementary number theory for performing computations. Identify the cryptographic algorithm employed by John in the above scenario.
Rivest Shamir Adleman (RSA): Ron Rivest, Adi Shamir, and Leonard Adleman formulated RSA, a public-key cryptosystem for Internet encryption and authentication. RSA uses a modular arithmetic and elementary number theory for performing computations using two large prime numbers.
Identify the access control model in which the access permissions are beyond the user control, which implies that users cannot amend the access policies created by the system.
Role Based Access Controls
Benson, a security professional plans to implement more stringent security practices in his organization. For this reason, he uses a protocol that provides cryptographic security by encrypting the email messages and digitally signing them to ensure confidentiality, integrity, and nonrepudiation of messages. Which of the following protocols was employed by Benson in the above scenario?
S/MIME
Which of the following protocols is an application layer protocol used for sending digitally signed and encrypted email messages?
S/MIME
Identify the algorithm that uses the sponge construction in which the message blocks are XORed into the initial bits of the state, which the algorithm then invertibly permutes.
SHA-3
Identify the security control that performs real-time security operations center (SOC) functions like identifying, monitoring, recording, auditing, and analyzing security incidents and performs threat detection and security incident response activities.
SIEM: Security incident and event management (SIEM) is also known as security information and event management which performs real-time security operations center (SOC) functions like identifying, monitoring, recording, auditing, and analyzing security incidents. It performs threat detection and security incident response activities. SIEM provides security by tracking suspicious end-user behavior activities within a real-time IT environment.
Which of the following acts contains Title IV as a key requirement for financial disclosures to describe enhanced reporting requirements for financial transactions, including off-balance-sheet transactions, pro-forma figures, and the stock transactions of corporate officers?
SOX
James, a security professional, was instructed to protect the organization network from evolving cyber threats. He implemented high-level security requirements for the organization that included protective measures for access control, malware protection, audit, availability, confidentiality, integrity, cryptography, identification, and authentication. Identify the security policy requirement implemented by James in the above scenario.
Safeguard Security Requirements: Protective measures required such as protective measures for access control, malware protection, audit, availability,
Which of the following objects of a container network model contains the configuration of a container's network stack such as routing table, management of container's interfaces, and DNS settings?
Sandbox: This contains the configuration of a container's network stack such as routing table, management of container's interfaces, and DNS settings. CNM sandbox can be implemented for Windows HNS, Linux network namespace, or a FreeBSD jail.
Calvin, a network engineer, was getting frequent alerts that the critical information of the organization was affected by brute-force collision and inversion attacks. To defend against such attacks, he implemented a strong algorithm that can generate a cryptographically secure one-way hash and prevents brute-force collision and inversion attacks. Which of the following algorithms was employed by Calvin in the above scenario?
Secure Hashing Algorithm (SHA): The NIST has developed the Secure Hash Algorithm (SHA), specified in the Secure Hash Standard (SHS) and published as a federal information-processing standard (FIPS PUB 180). It generates a cryptographically secure one-way hash. Rivest developed the SHA, which is similar to the message digest algorithm family of hash functions. It is slightly slower than MD5, but its larger message digest makes it more secure against brute-force collision and inversion attacks.
Which of the following HIPAA rules requires appropriate administrative, physical, and technical safeguards to ensure confidentiality, integrity, and security of electronically protected health information?
Security Rule
Which of the following cloud computing service provides services such as penetration testing, authentication, intrusion detection, and anti-malware?
Security-as-a-Service (SECaaS): Provides penetration testing, authentication, intrusion detection, anti-malware, security incident, and event management services.
Jack, a cloud administrator, was using Kubernetes resilient framework to manage the applications running in a container. Due to certain technical issues, the container failed to restart and also stopped responding to the user-defined health checks. The Kubernetes that Jack was using has automatically replaced and rescheduled the containers. Which of the following feature of Kubernetes has solved the container issue in the above scenario?
Self-healing
Bob, a fitness freak, often wears a smartwatch on his wrist to track his health. Bob has interfaced the smart watch with a health monitoring application installed on his mobile phone via Bluetooth and left the Bluetooth enabled all day, which allowed other devices to connect with his device. Which of the following security guidelines should have been followed by Bob when he is in public places?
Set Bluetooth-enabled devices to non-discoverable mode
Annie, a security professional, has been tasked to implement Wi-Fi authentication in her organization to secure the wireless communication. For this purpose, she implemented an authentication process in which the station and AP use the same WEP key to provide authentication, and Annie enabled and configured the key manually on both the AP and client. Identify the Wi-Fi authentication method employed by Annie in the above scenario.
Shared key authentication process
In which of the following Wi-Fi authentication methods, each wireless station receives a secret key over a secure channel that is distinct from the 802.11 wireless network communication channels to establish a network connection?
Shared key authentication process: In this process, each wireless station receives a shared secret key over a secure channel that is distinct from the 802.11 wireless network communication channels.
Freddy, a network engineer, detects that the network cabling of his organization was flawed and insecure. To implement secure network cabling, he installed a type of cable where each pair of wires is individually guarded with foil and is less susceptible to external interference. Identify the type of cable utilized by Freddy in the above scenario.
Shielded twisted pair cable
Which of the following types of IDS detection method involves first creating models of possible intrusions and then comparing these models with incoming events to make a detection decision?
Signature Recognition: Signature recognition, also known as misuse detection, tries to identify events that indicate an abuse of a system or network. This technique involves first creating models of possible intrusions and then comparing these models with incoming events to make a detection decision
John purchased a new Apple phone and added his Apple ID and password to access the device. John can now access multiple Apple application services such as App Books, Apple fitness+, and Siri through his Apple device using the ID. John can access all these application services without providing individual credentials for each application. Which of the following types of authentication method was demonstrated in the above scenario?
Single sign-on authentication
Williams, a programmer, has developed an authentication mechanism for his eCommerce application by using Google services. This allows the application users to access the website through their Google account. Which of the following authentication methods Williams has implemented in the above scenario?
Single sign-on authentication
Which of the following types of bastion host is a firewall device with only one network interface and all the traffic is routed through the bastion host?
Single-homed Bastion Host: A single-homed bastion host is a firewall device with only one network interface. All the traffic, both incoming and outgoing, is routed through the bastion host. It tests data against security guidelines and acts accordingly.
Benila, a security professional, implemented cryptography-based authentication to ensure strong authentication in her organization. She employed an authentication mechanism that needs a device embedded with a small computer chip that stores personal information of the employee for identification. Identify the type of authentication employed by Benila in the above scenario.
Smart card authentication
In an organization, employees' incoming and outgoing status is being tracked and monitored via a small computer chip implanted on their ID card, which stores their personal information for identification. Which of the following authentication methods the organization has implemented in the above scenario?
Smart card authentication
John, an employee at an organization, was provided with a physical badge that provides access only for the second floor out of five floors in the organization building and that physical badge also tracks John's working hours and break times on the floor based on a record of swipes made by him. Which of the following types of authentication method allowed the organization to record John's total working hours on the floor in the above scenario?
Smart card authentication
Identify the type of employee awareness and training that includes training the employees on differentiating between legitimate email and a targeted phishing email, not downloading malicious attachment, and shredding document before putting into the trash.
Social engineering
Smith, a professional hacker, has decided to perform an attack on the target organization's employees. He tricked the employees to access specific links, which when clicked redirected the victim to a malicious page. The victim is lured to enter their personal information on the malicious page; this information is then retrieved by Smith. Identify the type of attack performed by Smith in the above scenario.
Social engineering
Johana, the HR of a renowned consultancy, was hired to recruit right candidates online for their clients. Her work involves scheduling interviews online and shortlisting candidates. Johana, often schedules interviews using web-based applications such as Calendar that automatically notifies her when and which candidate is supposed to be interviewed. Which of the following types of cloud computing service Johana has employed in the above scenario?
Software-as-a-Service (SaaS): This cloud computing service offers application software to subscribers on-demand over the Internet. The provider charges for the service on a pay-per-use basis, by subscription, by advertising, or by sharing among multiple users (e.g., web-based office applications like Google Docs or Calendar, Salesforce CRM, and Freshbooks).
Identify the type of honeypots that are specifically designed to trap web crawlers.
Spider Honeypots
Which of the following tools is an analytics-driven SEIM solution that automates the collection, indexing, and alerting of real-time machine data that are critical to an organization's operations?
Splunk Enterprise: The Splunk Enterprise Security (ES) is an analytics driven SEIM solution that provides you with what you need to detect and respond to internal and external attacks quickly. It automates the collection, indexing, and alerting of real-time machine data that are critical to an organization's operations.
Identify the fire-fighting system that provides a pre-piped water system for organizations and provides water supply to hose lines in certain locations.
Sprinkler system
Which of the following security solutions is a caching proxy for the web that reduces the bandwidth and improves the response times by caching and reusing frequently requested web pages?
Squid
Identify the type of UPS used for server rooms as it supplies power below 10 kVA.
Standby on-line hybrid
Which of the following UPS systems is no longer commonly used as it could become unstable when operating a modern computer power supply load?
Standby-Ferro
Mason, a network specialist at an organization, used Wireshark to perform network analysis. He selected a Wireshark menu that provides a summary of the captured packets, IO graphs, and flow graph. Identify the Wireshark menu Mason has selected in the above scenario.
Statistics: This menu contains options to display various statistic windows, including a summary of the packets that have been captured, display protocol hierarchy statistics, IO graphs, and flow graphs.
Which of the following IoT functions ensures that no data can be lost or corrupted by handling an effective input data transition and application control?
Streaming data processors: They ensure that no data can be lost or corrupted by providing the features such as effective input data transition to a data lake and application control.
Alice had sent a digital signed copy of the project file to Bob, who decrypted the digitally signed copy at his end and wanted to verify the owner of the certificate. Which of the following attributes of a digital certificate can assist Bob in verifying the owner of the certificate?
Subject: Represents the owner of the certificate which may be a person or an organization.
Jack wants to send an encrypted message to James. He implements a classic cipher method that replaces single letters, pairs of letters, or combinations of them according to a regular system and James needs to reverse the same operations to decrypt the message. Which of the following types of cipher has Jack used to encrypt the message?
Substitution cipher: The user replaces units of plaintext with ciphertext according to a regular system. The units may be single letters, pairs of letters, or combinations of them, and so on.
David, a network specialist at an organization, was monitoring incidents on an IDS solution. The IDS solution detected suspicious activity performed by a threat actor over the organization's network and had sent an email alert to David operating at the control room. David immediately took the pre-configured counter-action and blocked the attacker from further attempts on the organization's network. Identify the tool that helped David detect intrusion attempts in the above scenario.
Suricata: Suricata is a robust network threat detection engine capable of real-time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM), and offline pcap processing.
Which of the following mobile security risks will arise due to manufacturers unintentionally introducing vulnerabilities in SwiftKey keyboards?
System-based Risks: Mobile device management (MDM) solutions are used to deploy, secure, monitor, and manage company and employee-owned devices.
Lauriel, a system administrator, wants to implement a policy that can direct the employees to configure and maintain a system and to increase overall security in an organization. He implements a policy that also focuses on DMZ policy, encryption policy, acceptable use policy, policies for secure cloud computing, policies for intrusion detection and prevention, and access control policy. Identify the type of security policy implemented by Lauriel in the above scenario.
System-specific security policy
Sam, a system administrator, was assigned to configure the information security policy that focuses on the overall security of a particular system in an organization. Jack selected a security policy that includes DMZ policy, encryption policy, policies for IDS/IPS implementation, and acceptable use policy. Which of the following security policies Jack has implemented in the above scenario?
System-specific security policy (SSSP)
Margaret, a system administrator, regularly administers the devices connected to the organizational network. She found that certain devices are vulnerable to sniffing attacks. To protect the device from such attacks, Margaret employed a protocol that encrypts the entire communication between the client and the server, including the user's password, which protects it from sniffing attacks. Identify the protocol employed by Margaret in the above scenario.
TACACS+
Which of the following media is considered as the best media for data backup and facilitates data backup at an enterprise level, has no storage capacity limits, and can be used to store large amounts of data?
Tape Drives: A Tape drive is considered as the best media for data backup. It facilitates data backup at an enterprise level. Tape drives are used for storing programs and data. There is no limit in storage capacity and can be used to store large amounts of data.
Merlin, a security professional, is assigned a task to monitor and sniff the network traffic to detect any suspicious activities beforehand to avoid attacks. For this purpose, she used a command-line network analyzer for capturing and analyzing the network traffic. Identify the tool utilized by Merlinin theabove scenario.
Tcpdump: tcpdump is a command-line network analyzer or a packet sniffer. Security professionals can use this utility for network monitoring and analysis.
Which of the following environmental threats affects electrical and electronic appliances, can lead to issues such as corrosion and short-circuits, and damages magnetic tapes and optical storage media?
Temperature and humidity
Which of the following types of physical threat involves activities such as planting a vehicle bomb, human bomb, or a postal bomb in and around the organization's premises that impacts the physical security of the organization?
Terrorism
Bob, a network defender, at an organization was observing the network behavior by deploying a firewall on the organization's network. He examined whether the firewall rules are set according to the actions performed by the firewall or whether it has any bugs. In which of the following steps of firewall implementation was Bob in the above scenario?
Testing: Testing a firewall involves examining it for any bugs. The firewall implementation test mainly focuses on whether the firewall rules are set according to the actions performed by the firewall. Firewall testing increases the reliability of the products using the firewall.
bob, an employee at an organization, was assigned with responsibilities of training and monitoring guards, assisting guards during crisis situations, handle crowds, and maintaining facilities such as keys and locks. Identify the position held by Bob in the above
The plant's security officer
Which of the following attributes in a digital certificate specifies the hashing algorithm used for digital signatures?
Thumbprint algorithm
Identify the attribute of a digital certificate that specifies the hash value for the certificate, which is then used for verifying the certificate's integrity.
Thumbprint: Specifies the hash value for the certificate, which is used for verifying the certificate's integrity.
Which of the following titles of the Sarbanes Oxley Act consists of nine sections and establishes the Public Company Accounting Oversight Board (PCAOB) to provide independent oversight of public accounting firms that provide audit services?
Title I
Which of the following types of security controls can be used to protect the data at rest?
Tokenization
Identify the proxy through which a client system connects to a server without its knowledge and is configured to be entirely invisible to an end user.
Transparent proxy
Identify the type of cipher where the letters in the plaintext are rearranged according to a regular system to produce the ciphertext.
Transposition cipher: Here, letters in the plaintext are rearranged according to a regular system to produce the ciphertext. For example, "CRYPTOGRAPHY" when encrypted becomes "AOYCRGPTYRHP." Examples include the rail fence cipher, route cipher, and Myszkowski transposition.
Identify the VPN component that is a computer that accepts VPN connections from VPN clients.
Tunnel terminating device (or VPN server): A computer that accepts VPN connections from VPN clients.
Smith, a security specialist, was appointed by an organization to set a physical security barrier at the organization entrance. He installed a physical security control that allows only one employee at a time via the insertion of a coin, ticket, or a pass provided to them. Identify the type of physical security control implemented by Smith in the above scenario.
Turnstiles: This type of physical barrier allows entry to only one person at a time. Entry may be achieved only by the insertion of a coin, ticket, or a pass.
Alice, a shopping freak, logged into an ecommerce app and added certain favorite items to her cart list. Before placing the order, she added her shipping address and debit card details along with the CVV number on the app. After adding her card details, Alice clicked on the proceed option to pay the bill. During the bill payment, Alice received an OTP on her mobile phone. Upon providing a valid OTP on the payment gateway, Alice's order was successfully accepted. Which of the following types of authentication method was demonstrated in the above scenario?
Two-factor authentication
Rachel, a security professional plans to implement an added layer of defense to protect critical assets from sophisticated cyberattacks. She implemented an authentication technique that uses a physical entity such as a security token as one of the credentials and the other credential can include security codes. Identify the type of authentication implemented by Rachel in the above scenario.
Two-factor authentication
Smith, a developer in a software company, has designed a banking application. For security reasons, he created an authentication mechanism that requires logging-in with user credentials as well as an OTP, which is sent to the user's mobile number. Which of the following authentication methods Smith has implemented in the above scenario?
Two-factor authentication
Which of the following types of technical control collects user activity details from multiple sources and uses artificial intelligence and machine learning algorithms to perform user behavior analysis to prevent and detect various threats before the fraud is perpetrated?
UEBA
Don, a professional hacker, targeted manager Ethan working for an organization. He launched a brute-force attack on Ethan's official email account to steal the organization's confidential data. John, the network administrator, identified suspicious login attempts from an external network and asked Ethan to change the password immediately. Which of the following types of suspicious network traffic signatures John has identified in the above scenario?
Unauthorized Access: Traffic containing certain signatures that indicate an attempt to gain unauthorized access.
Which of the following types of suspicious traffic signature indicates that an attacker is making sniffing, brute forcing, or password cracking attempts to break into the network?
Unauthorized access: Traffic may contain signs of someone attempting to gain unauthorized access, unauthorized data retrieval, system access or privilege escalation, etc. For example, unauthorized access traffic signatures may include the following: password cracking attempts, sniffing attempts, and brute-force attempts.
Which of the following security labels requires no access permissions to access the documents, which means that any person at any level can access these documents?
Unclassified
Which of the following countries holds the "Online Copyright Infringement Liability Limitation Act"?
United States
Which of the following mobile connection methods enables wired communication for devices and can be used for power supply and serial data transmission between devices?
Universal Serial Bus (USB): USB enables wired communication for devices. It can be used for power supply and serial data transmission between devices.
Which of the following features of a good security policy describes that the policies must be written and designed appropriately, so they can be accessed easily across various sections of an organization?
Usable: Policies must be written and designed, so they may be used easily across various sections of an organization. Well-written policies are easy to manage and implement.
Jack, an AWS IAM administrator, was assigned a task to categorize the users based on their job roles and define specific rights or permissions for each category to reduce the access management complexity for a subscribed organization that has multiple departments. Which of the following features of AWS IAM Jack has employed in the above scenario?
Use Groups to Assign Permissions to IAM Users: Granting permissions to each IAM user can be a difficult task. Therefore, create groups and define specific rights and permissions for each group.
Which of the following activities is a physical security measure implemented for maintaining servers and backup devices?
Use rack mount servers
Which of the following practices helps network administrators overcome the risks associated with network cabling?
Use transparent conduits for cabling in highly sensitive areas
Which of the following technical controls offers an attractive solution for security professionals to connect their organization's network securely over the Internet and uses a tunneling process to transport encrypted data over the Internet?
VPN: A virtual private network (VPN) offers an attractive solution for security professionals to connect their organization's network securely over the Internet. VPN is used to connect distant offices or individual users to their organization's network over a secure channel. VPN uses a tunneling process to transport encrypted data over the Internet.
Identify the type of man-made threat that includes former employees who try to compromise the system by willingly harming the system components.
Vandalism
Which of the following practices help security professionals in protecting the cloud environment?
Vendors should regularly undergo AICPA SAS 70 Type II audits
David, a system administrator, was assigned a task to secure the organization's data. He employed a data encryption tool that establishes and maintains an on-the-fly-encrypted volume, which means the tool automatically encrypts the data just before it is saved and decrypts just after it is loaded. Identify the tool employed by David in the above scenario.
VeraCrypt: VeraCrypt is a software for establishing and maintaining an on-the-fly-encrypted volume (data storage device). On-the-fly encryption means that data is automatically encrypted just before it is saved and decrypted just after it is loaded without any user intervention.
Which of the following types of bastion host is useful in testing new applications whose security flaws are not yet known and for running services that are not secure?
Victim Machines: In cases where there is a necessity to run services that are not secure and certain new applications whose security flaws are not yet known; you can use a machine (a victim machine) to install them. Such machines allow any user to log in. There is no issue, even if such machines are compromised. A victim machine is disposable in the sense that it is only used for the applications with security implications and for no other purpose. The important factor that must be considered is that it is not reusable.
Norman, a security professional, was instructed to enhance the security of wireless network in the organization. Norman thus implemented a wireless encryption technology that uses RADIUS for centralized client authentication using multiple authentication methods, such as token cards, Kerberos, and certificates.
WPA2-Enterprise: WPA2-Enterprise uses EAP or RADIUS for centralized client authentication using multiple authentication methods, such as token cards, Kerberos, and certificates. WPA-Enterprise assigns a unique ciphered key to every system and hides it from the user in order to provide additional security and to prevent the sharing of keys. Users are allocated login credentials by a centralized server, which they must present when connecting to the network.
Smith, a network administrator, was assigned a task to maintain the authenticity and confidentiality of data being shared over the wireless network. Smith implemented a wireless technology that uses GCMP-256 for encryption and the 384-bit hash message authentication code with HMAC-SHA-384 for authentication.
WPA3 Encryption: It is a third-generation Wi-Fi security protocol that provides new features for personal and enterprise usage. It uses Galois/Counter Mode-256 (GCMP-256) for encryption and the 384-bit hash message authentication code with the Secure Hash Algorithm (HMAC-SHA-384) for authentication.
Alice, a fitness freak, always wears a fitness watch on her hand to track her daily fitness report both on watch and mobile. The smartwatch that Alice wore on her hand was interfaced with her mobile app via Bluetooth. At the end of the day, Alice opens the mobile app and views her daily report clearly so that she can improve on her fitness status further. Which of the following types of network allowed Alice to view her daily health report on her mobile and watch in the above scenario?
WPAN
Which of the following types of wireless network handles cellular network technology such as CDMA, GSM, GPRS, and CDPD for data transmission and has a built-in cellular radio that helps users send or receive data?
WWAN: WWAN covers an area larger than the WLAN. It handles cellular network technology such as code-division multiple access (CDMA), global system for mobile communications (GSM), general packet radio service (GPRS), and cellular digital packet data (CDPD) for data transmission. This technology can cover a particular region, nation, or even the entire globe. The system has a built-in cellular radio (GSM/CDMA) which helps users to send or receive data.
In which of the following wireless encryption techniques messages pass through a message integrity check using the TKIP to provide stronger encryption and authentication?
Wi-Fi Protected Access (WPA) Encryption: It is an advanced wireless encryption protocol using TKIP and Message Integrity Check (MIC) to provide strong encryption and authentication.
Which of the following wireless encryption algorithm employs "AES-GCMP 256" and key management "ECDH and ECDSA" to defend against network attacks?
Wi-Fi Protected Access 3 (WPA3) Encryption: WPA3 protects sensitive data using many cryptographic algorithms. It provides authenticated encryption using GCMP-256. It uses HMAC-SHA-384 to generate cryptographic keys, and ECDSA-384 for exchanging keys.
Which of the following technologies belongs to the IEEE 802.16 family of wireless networking standards whose signals can function over several miles with data rates reaching up to 75 Mbps?
WiMAX: The worldwide interoperability for microwave access (WiMAX) technology uses long distance wireless networking and high-speed Internet. It belongs to the IEEE 802.16 family of wireless networking standards. WiMAX signals can function over a distance of several miles with data rates reaching up to 75 Mbps.
Noah, a system administrator, wants to separate the corporate and personal data in the BYOD devices for security purpose and to protect the data from leakage. He deploys a DLP solution that can perform the required functions and protects the local data at rest on endpoint devices and reinforces data protection for existing line-of-business applications. Which of the following solutions was deployed by Noah in the above scenario?
Windows Information Protection (WIP): Windows Information Protection (WIP) has an endpoint DLP capability that can be helpful for protecting local data at rest on endpoint devices. WIP can be configured to store business data only on approved devices/within approved applications. It reinforces the data protection for existing line-of-business applications.
Identify the component of a wireless network that combines the functions of wireless APs and routers and includes the feature of network address translation.
Wireless gateway: A wireless gateway is a key component of a wireless network. It is a device that allows Internet-enabled devices to access the network. It combines the functions of wireless APs and routers. Wireless gateways have the feature of network address translation (NAT), which translates the public IP into a private IP and DHCP. An Internet connection can be shared between multiple stations.
Bob, a network specialist at an organization, suddenly received a call from his senior manager located in remote area to immediately connect online and join a client's meeting to have a discussion on new updates related to the project on which Bob was currently working. Bob immediately interfaced a USB stick to his laptop and accessed the Internet directly through the USB stick to attend the meeting. Which of the following components of wireless network did Bob use to access the Internet in the above scenario?
Wireless modem: A wireless modem is a device that allows PCs to connect to a wireless network and access the Internet connection directly with the help of an ISP. The common types of wireless modems include USB sticks.
Which of the following tools is a packet sniffer that is used for network troubleshooting to investigate the security issues and to analyze the network protocols?
Wireshark: Wireshark is a packet sniffer that can be used for network troubleshooting to investigate security issues and to analyze and understand network protocols. It can exploit information passed in plain text.
Identify the 802.15.4 standard that has a low data rate and complexity and transmits long distance data through a mesh network.
Zigbee: The 802.15.4 standard has a low data rate and complexity. It transmits long distance data through a mesh network.
Which of the following components in a Kubernetes cluster architecture is a backing store for the data in the Kubernetes cluster?
etcd
Which of the following components of IoT technology is used to bridge the gap between an IoT device and the end user, thereby allowing them to communicate with each other?
iot gateway: Gateways are used to bridge the gap betewen iot device(internal network) and the end user(external network), therby allowing them to connect and communicate with each other
Matthew, a security professional, is capturing traffic on his organizational network by using various filters in Wireshark. He used a display filter that filters by multiple IP addresses.
ip.addr == 10.0.0.4 or ip.addr == 10.0.0.5: Filtering by Multiple IP Addresses
Identify the Wireshark filter that displays only traffic in the LAN and between the workstations and servers with no Internet.
ip.src==192.168.0.0/16 and ip.dst==192.168.0.0/16: Displays only traffic in the LAN (192.168.x.x), between workstations and servers—no Internet
Thomas, a security professional, implements security policies to thwart cyberattacks and keep malicious users at bay from the organization. As part of this, he implements an aspect of security policy that focuses on mission, communications, encryption, user and maintenance rules, idle time management, privately owned versus public domain, shareware software rules, and virus protection policy. Which of the following aspect of security policy was implemented by Thomas in the above scenario?
security concept of operation
Which of the following Wireshark filters helps network administrators view only SMTP traffic over the network?
tcp.port eq 25: Displays only SMTP (port 25)
Which of the following physical security barriers can affect the fast evacuation of occupants in case of a fire emergency as it allows entry of only one person at a time?
turnstiles