Security+ Practice Test #5
Which of the following encryption standards is primarily used for securing data at rest and in transit through symmetric key cryptography?
AES
Which of the following statements about the role of Application Programming Interfaces (APIs) is NOT true?
APIs are primarily used to enhance the user interfaces of security applications, making training, daily use, and incident response significantly easier.
Which of the following statements BEST explains the importance of APIs for security of an organization?
APIs enable the automation and integration of diverse security tools and systems.
Which of the following explains the concept of Alert Tuning?
Alert tuning helps in reducing false positives, enhancing the accuracy of the alerting systems.
Lorna is reviewing the logs of a domain name system (DNS) server and notices that it has received many requests for non-existent subdomains of a legitimate domain. She also observes that the responses from these requests are much larger than the requests themselves. Which of the following network attacks is MOST likely occurring on the DNS server?
Amplififed
Which of the following BEST describes the term web reputation score?
Assessment of a website's trustworthiness.
In the onboarding process of a new employee, which of the following tasks does NOT accurately represent the responsibilities of the IT and HR functions in ensuring secure access for the individual?
Automatically assigning all possible privileges to the user for a trial period.
Which of the following is MOST crucial when determining the ongoing supportability of a newly introduced security automation tool in the organization's environment?
Availability of skilled personnel
Which of the following refers to standardized guidelines that provide best practices for securing various technologies and platforms?
Benchmarks by the Center for Internet Security.
Kelly, a disgruntled employee of Dion Innovations, threatens to release sensitive customer data unless the company agrees to pay her a hefty sum. What is Kelly's primary motivation for this act?
Blackmail
Mary purchased a new laptop. Upon booting it up for the first time, she noticed several pre-installed applications that she neither requested nor intended to use. These applications consumed a significant amount of system resources, causing noticeable slowdowns. Mary was annoyed because she felt she didn't need any of these programs and they were just taking up valuable space and resources on her new device. Which of the following types of malicious software is Mary MOST likely dealing with on her new laptop?
Bloatware
In which symmetric encryption method is plaintext divided into equal-sized parts, potentially requiring padding to fit the designated size, and then subjected to complex operations based on a specific key value?
Block cipher
Jamario, a systems administrator at Dion Training Solutions, has been asked to configure the company's firewall to allow FTP traffic for external users, but only secure HTTPS traffic should be allowed from the internal network to the internet. After implementing the rules, Jason, a manager, reports that he can't access an external FTP site. Which of the following firewall rules could be the cause of the issue?
Block inbound TCP traffic on port 21 (FTP) to all internal addresses.
Sweet as Thyme, a flavoring supplier, uses a peer to peer network which relies on a public ledger to ensure the integrity of transactions and to provide a permanent record of all transactions. What is this technology they are using called?
Blockchain
Which of the following is a physical security measure typically employed outside buildings or sensitive areas to prevent vehicles from causing damage or gaining unauthorized access?
Bollards
Which threat vector involves an attacker targeting high-ranking officials or departments within an organization, typically to fraudulently redirect financial transactions or obtain sensitive data?
Business email compromise
Initech has always provided employees with devices. Recently, Gregory, the Initech security analyst, became aware that many employees have been able to use their own devices. When he questioned the supervisors, he finds out they knew employees were using their own devices. The employees said they need devices that worked with more innovative software packages. None of the devices offered by Initech were robust enough to handle the software. Gregory says that having employees use their own devices isn't a possibility moving forward. He suggests that the company create a policy that prevents employees from putting their own software on devices and using their own devices. To address employee needs, he but suggests Initech provide a broader range of devices and purchase the software employees need. Initech will buy the devices for the employees. Which of the following deployment models is Gregory most likely suggesting?
CYOD
Which of the following BEST describes the proactive approach to ensure that an organization's IT infrastructure can meet future workload demands by analyzing current capabilities?
Capacity planning
At VegiCorps, the SOC team makes security policy decisions and directs other areas of the company to implement them so there is consistency across the company. What type of security governance model is being used?
Centralized governance
Dion Training Solutions is expanding its campus and setting up a new server room. Considering security principles for proper device placement, which of the following actions is MOST appropriate?
Centrally locating server rooms with limited access points.
When implementing changes in an IT system, which practice highlights the importance of attempting a trial run of most significant or major changes before full implementation?
Change management practices.
Dion Training recently concluded a month-long vulnerability assessment on their network infrastructure. To ensure that the management team understands the potential risks and required actions, which document is crucial to prepare and present?
Comprehensive vulnerability assessment report.
David, an IT manager at Dion Training, has been put in charge of labeling data. Which label would David use for sensitive client data to ensure the highest security?
Confidential
You are a security analyst tasked with investigating a suspected security breach incident. You decide to examine the Firewall logs. Which of the following pieces of information would be MOST valuable in this firewall log to investigate the incident?
Connection details including source and destination IPs, timestamps, and ports used in the last week.
Which of the following BEST characterizes the method of bundling an application and its environment for consistent behavior across platforms?
Containerization
Which of the following terms refers to a method that involves packaging an application and its dependencies into a lightweight and portable unit?
Containerization
Kelly Innovations LLC frequently develops and tests new software builds. Mary noticed that sometimes they need to revert to a previous build several times a day due to unexpected issues. Which backup frequency would be the MOST appropriate for their use case?
Continuous backups
Sasha at Kelly Innovations LLC is responsible for maintaining the financial records of several clients. Given the sensitivity and importance of this data, as well as compliance regulations, which backup strategy should she prioritize to ensure minimal data loss?
Continuous backups
At Dion Training, Jamario observed that the web server configurations permitted the use of the outdated SSL 3.0 encryption protocol. Aware of the inherent vulnerabilities tied to SSL 3.0, he recognized the risk of attackers forcing weaker encryption standards. With these concerns in mind, he planned to discuss the matter in the next security meeting. Which potential risk is associated with Jamario's observation at Dion Training?
Cryptographic downgrade attack
Which of the following statements BEST explains the importance of DLP in the context of vulnerability management?
DLP is a set of techniques and tools for preventing unauthorized transmission of data.
Which of the following statements is NOT TRUE concerning the significance of Data Loss Prevention (DLP)?
DLP systems are essential to the development of business systems that prevent malicious actors from accessing systems.
Mushy Pea Media wants to implement a system that will require that all users be assigned a unique identifier and that access to sensitive information be restricted based on the user's role or department. Who is responsible for ensuring that the appropriate access controls are in place and being followed?
Data owner
Ella works as an analyst for a company located in the United States. The company does business in Canada and is planning on conducting a survey of Canadian consumers. As she investigates plans for the survey, she discovers there are restrictions on how the data the survey collects is stored and used. What is this an example of?
Data sovereignty
Schyler is a network administrator. She is setting up a new Wi-Fi network for a branch of a multinational corporation. She is currently in the establish phase of creating secure baselines. What will she do FIRST in this phase?
Design a set of security configurations including encryption settings, firewalls, and access controls.
You are a security analyst tasked with investigating a suspected security breach in your organization's network. You decide to examine the Intrusion Prevention System/Intrusion Detection System (IPS/IDS) logs. Which of the following pieces of information would be MOST valuable in these logs to investigate the incident?
Details of detected suspicious activities for the past two weeks.
David, a security professional at Kelly Innovations LLC, is collaborating with the HR department to identify potential security threats that the company might face. Together, they outline policies on password management, insider threats, and the dangers of phishing. What phase of security awareness practices is David primarily involved in?
Development
Susan, the lead system administrator at Kelly Innovations LLC, is working on establishing a secure baseline for the company's servers. Part of her strategy is to ensure the servers aren't vulnerable to unnecessary exposure. Which action is MOST appropriate for her to take initially?
Disable TCP/UDP ports like 23 and 135.
In a small startup company, the access control mechanism allows individual users to have control over the access permissions of their files, folders, and resources. Each user can set access rights and determine who has access to their resources based on their own judgment. Which type of access control mechanism is being used in this scenario?
Discretionary
After the launch of their latest online campaign, customers of E-ShopHub reported being redirected to a different website with similar design but promoting different products. On investigation, the IT team discovered that the DNS entries were not modified, but the domain registration details were changed, making it point to a different web hosting service. Which of the following terms refers to this malicious act?
Domain hijacking
In a large financial institution, like Kelly Financial Solutions, which of the following BEST describes an example of a task that an IT technician might be prohibited from doing without special authorization due to security concerns?
Downloading and installing third-party software from the internet.
Which threat vector utilizes malicious attachments or hyperlinks within communications, requiring the attacker to convince the recipient to engage with the content for successful exploitation?
Which of the following terms refers to computer systems that are integrated into larger devices?
Embedded Systems
An organization deploys numerous specialized devices with software hard-coded into their firmware. These devices cannot be easily updated or patched. Which security concern is MOST directly associated with this type of system?
Embedded system
According to the most recent NIST guidelines on password policies, which of the following is NOT a recommended practice?
Enforcing specific password complexity rules.
Lucas, an executive at Kelly Innovations LLC, started observing some unusual behaviors on his office computer. The system sometimes seemed to be running tasks he hadn't initiated. Lucas asked the IT department to check the machine for signs of malware. IT couldn't find any suspicious files or traditional malware footprints on the system. However, they noticed unauthorized changes in the system's registry values and detected activity suggesting the use of PowerShell scripts to execute tasks. Further, these scripts were leveraging legitimate system scripting tools for scanning and configuration activities. Which type of malware is Lucas's computer MOST likely compromised with?
Fileless Malware
A security officer at Kelly Innovations LLC is reviewing recent security incidents to assess potential threats within the organization. Some behaviors have raised concerns about a possible insider threat. Which of the following is a sign of potential insider threat?
Frequent unauthorized access
An IT technician is implementing a method to encrypt the operating system, program files, user files, and other data on a drive. Which of the following encryption methods is being used?
Full-disk encryption
Neville, a security engineer, suggests his company create a fake document that appears to contain sensitive information in order to attract attackers. Which of the following is Neville suggesting be created?
Honeyfile
Which of the following BEST describes the consideration of staffing needs to align with future workload demands and project implementations?
Human resource capacity planning
Which of the following is the BEST example of a system that does not interact with the network traffic and primarily relies on detection?
IDS
You are chatting with your friend on Facebook Messenger. They send you a link to a funny video and ask you to watch it. You click on the link and it takes you to a website that looks like YouTube. However, the website then asks you to install a browser extension in order to play the video. You agree and install the extension. The extension then hijacks your browser and redirects you to malicious websites. What kind of threat vector was used for this attack?
IM
Jamario from Kelly Innovations LLC receives a call from someone claiming to be Enrique from the IT support team. The caller mentions that they need to adjust some settings on Jamario's system remotely and asks for his password. Which of the following social engineering techniques MOST accurately describes this scenario?
Impersonation
A cloud service provider recently underwent an audit to confirm their compliance with international data security standards. The final report provided by the auditors served as an attestation of the provider's security measures. What does this attestation signify to the cloud service provider's clients?
It assures that the provider's security controls comply with established standards.
Which of the following is NOT a consequence of non-compliance with regulations?
Layoffs
Which of the following BEST enhances the security by exponentially increasing possible combinations?
Longer key length
Which term describes the average duration needed to repair a system or component after a failure has occurred?
MTTR
Dion Training has encountered frequent advanced and sophisticated threats. They need an integrated firewall solution that surpasses traditional firewall capabilities. Which of the following would be BEST address the issue?
NGFW
Which of the following types of threat actors tend to know the most about how to hack a computer?
Nation-state Actors
Which of the following threat actors is MOST likely to be motivated by wanting to gain access to data to be used to gain a strategic advantage?
Nation-state actors
Which monitoring technology would be the MOST suitable to gain a comprehensive overview of the health and security status of foundational IT components, including network traffic and interactions between servers?
Network Intrusion Detection System (NIDS)
Dion Training is looking to enhance the security of their enterprise infrastructure by detecting and analyzing malicious activity on their network in real-time. They need a solution that can monitor traffic, identify suspicious patterns, and send alerts for immediate action. Which of the following would be the MOST appropriate solution to apply in this scenario?
Network sensors
Which of the following statements is NOT true regarding the security implications in the procurement process?
Once a vendor is selected for procurement, there is no ongoing need to periodically re-evaluate their suitability.
David, a project manager at Dion Training, ensures that details of his upcoming product release are shared only on a need-to-know basis, even within the company. He's wary of information leaks that could benefit competitors. Which of the following terms BEST describes David's approach?
Operational security
Montgomery County is conducting penetration tests of their systems. They have provided names and titles of all employees. They have also provided information about the operating systems and applications used in their offices. No other information has been given. What type of penetration testing is Montgomery County conducting?
Partially known environment
In an IoT architecture, which of the following is a critical consideration to secure connected devices from vulnerabilities?
Patch Availability
Which of the following mitigation techniques can help prevent unauthorized execution of programs or scripts on a system or device by requiring users or processes to have the appropriate level of access before allowing them to run the programs or scripts?
Permissions
A company wants to implement a system that can authenticate both users and devices before granting access to resources. For example, the system might check the user's credentials as well as the device's security posture before granting access. Which of the following components is responsible for making this decision?
Policy engine
Sarah, a junior developer, has been given access to the development environment. However, she finds that she doesn't have the ability to make changes in the production environment. The company's IT policy allows only senior developers and administrators to make changes in production to minimize risks. Which of the following BEST describes the security principle the company is adhering to?
Principle of least privlege
At SecureTech Solutions, the IT team is developing a comprehensive disaster recovery plan to ensure business continuity in case of disruptions. As part of this plan, they need to determine the maximum amount of data loss the organization can tolerate in the event of a disruption. What measurement are they determining?
RPO
You find a USB drive in the parking lot of your office. It looks like a USB drive your coworker has. You plug it into your computer to see if there are any documents that show it belongs to your coworker. You see a file named "resume.docx" and double-click on it. The file then launches a hidden program that installs a keylogger on your computer. What kind of threat vector was used in this attack?
Removable device
Which mitigation technique focuses on deleting software components that are not essential so the attack surface or potential vulnerabilities of a system are reduced?
Removal of unnecessary software.
YoYoDyne Toys recently implemented a firewall to protect its internal network from external threats. The organization wants to modify the firewall rules to enhance security and reduce potential attack surfaces. Which firewall rule modification would be the MOST appropriate for the organization to enhance security?
Restricting incoming traffic to specific necessary ports and sources.
Which of the following methodologies divides the creation and maintenance of software into discrete phases, emphasizing the integration of security throughout its stages?
SDLC
Which legislation mandates the implementation of risk assessments, internal controls, and audit procedures for ensuring transparency and accountability in financial reporting in the US?
SOX
Jamario, a sysadmin at Dion Training Solutions, wants to prevent unauthorized mail servers from sending emails on behalf of the company's domain. He needs a solution that allows him to specify which servers are allowed to send these emails. Which of the following is the MOST effective protocol he should implement?
SPF
When Dion Training is considering the deployment of a microservices architecture, which of the following factors is crucial to ensuring that the system can handle growth and increased demand efficiently?
Scalability
Reed is getting a new computer from his employer, Kelly Innovations LLC. He wants to remove all his personal data from his old computer ensuring it's irretrievable. Which of the following methods should he use?
Secure erase
At Kelly Innovations LLC, Sasha received an unexpected call from someone claiming to be from the IT department. The caller asked her to confirm her username and password for a system upgrade. Unsure, Sasha hesitated and asked the caller to provide some form of identification or a callback number. Which of the following terms BEST describes the scenario Sasha encountered?
Social Engineering
Cerys is investigating an incident. She found a hidden program that monitors the network traffic and captures sensitive information. Which of the following types of malware is MOST likely involved in this incident?
Spyware
Dion Training is implementing a solution to secure communication between their internal servers and external clients. They require an encryption protocol that provides secure communication over the internet. Which of the following would be the BEST choice for this requirement?
TLS
Which of the following activities BEST explains the eradication phase in the incident response process?
Taking steps to prevent and recurrence of the problem.
In a scenario where the company wants to provide network administrators with a read-only copy of network traffic for analysis without disturbing the actual data flow, which device attribute would be MOST applicable?
Tap/monitor
In the context of privacy compliance, which of the following describes the role of a data controller?
The entity responsible for determining why data is processed.
Maria, a cybersecurity analyst, is examining logs from a server with crucial financial data. She spots a few anomalies: a two-hour log gap without planned maintenance, a spike in outbound traffic to an unknown IP just before this gap, multiple failed logins from a foreign IP using valid usernames, and a higher CPU usage during the log gap despite no recorded actions. Which of these observations should Maria be MOST concerned with?
The sudden two-hour gap in the logs.
At Kelly Innovations Enterprises, Jessica, the IT manager, is reviewing the current network infrastructure for potential bottlenecks and areas to enhance performance. She pulls out the network diagram but realizes it hasn't been updated since two major software migrations and the introduction of new network equipment. Why is it crucial for Jessica to have an up-to-date network diagram?
To accurately assess and optimize the current network infrastructure.
You are browsing the web and you see an advertisement for a product that you have been looking for. You click on the link and it takes you to a website that looks like website of the product. However, you notice that the URL is slightly different and has a spelling error. What type of attack is this an example of?
Typosquatting
Which term BEST describes a systematic method used to detect weaknesses or potentially publicly identified compromises in a system or network, often utilizing automated tools to evaluate the security posture of the infrastructure?
Vulnerability scanning
You are working remotely and you need to access your company's network resources. You connect to a public Wi-Fi hotspot at a nearby coffee shop and use a VPN client to establish a secure connection. However, you notice that the VPN client is outdated. What type of vulnerability are you exposing yourself to?
Vulnerable software
Which of the following types of penetration tests provides the tester with comprehensive knowledge of the target environment, including the system's architecture, design, and source code, to identify hidden vulnerabilities?
White box
Which of the following techniques allows an attacker to eavesdrop on a wired network by connecting their device directly to the network cables?
Wiretapping