1300 Test 2
In a security review meeting, you proposed a demilitarized zone for one of your company's data centers. You were then asked to explain the objective of having a DMZ in the data centers. Which of the following should be your answer?
A DMZ will separate the secure facilities from unknown and potentially hostile outsiders.
Which of the following best describes a host-based firewall?
A host-based firewall is a software firewall that protects a single endpoint device.
What is a Type I hypervisor?
A hypervisor that runs directly on computer hardware
Wilson has requested your help to suggest an encryption method that will provide the highest security against attacks. Which encryption process should you suggest?
AES
Which of the following is a layer 2 attack?
ARP poisoning
You are asked to configure your firewall in such a way that the traffic from source address range 117.112.10.25 through 117.112.15.100 is allowed, while traffic from 117.112.12.25 through 117.112.13.25 is denied, and traffic from 117.112.12.200 through 117.112.13.10 is allowed. How should you configure the firewall?
Allow 117.112.10.25 through 117.112.15.100; deny 117.112.12.25 through 117.112.13.25; force-allow 117.112.12.200 through 117.112.13.10
Which of the following is a major objective of packet analysis?
Assess and secure networks
Which of the following is an external perimeter defense method?
Barrier
Which of the following best describes bash?
Bash is a command language interpreter.
A new e-commerce startup with global operations is looking for a method to manage its supply-chain data for production. Instead of using bar codes, scanners, paper forms, and individual databases, making the system difficult to use, which method should be used to quickly track shipments?
Blockchain
Sigma Technology is a company based in Singapore, with branches in 24 countries. It needs multiple CAs in different locations to verify and sign digital certificates for the company. They are looking for an option where, even in the absence of a CA, other CAs can issue the certificates. Additionally, they are also looking for CAs who will overlook other CAs in different locations. In such a scenario, which PKI trust model should they use?
Bridge trust mode
Which of the following best describes the cloud access security broker?
CASB ensures the security policies of the enterprise comply with the cloud.
Star Technology is working on a project that needs a communication mode specializing in encryption, where only authorized parties should understand the information. The company also requires accuracy, completeness, and reliability of data throughout the project. The company has contacted you for an ideal cipher mode solution without using a counter. Which mode should you suggest?
CBC
Tyler is a cybersecurity expert assigned to look after the security of a public DNS server. One day, during his usual inspection of the DNS server, he found that the DNS table has been altered, resulting in URL redirection for some users. What type of attack has Tyler discovered?
DNS hijacking
In an interview, you are asked to change the permissions of a file on a Linux system so that the file can only be accessed by its owner. Which of the following tools should you use?
Chmod
Fatima is responsible for conducting business transactions for XYZ Company, and she only had the stored private key. She is on leave and currently unavailable, and the organization needs to complete an urgent business transaction. Which of the following methods should enable the organization to access Fatima's private key and digital certificate?
Cipher suite
Wireless data networks are particularly susceptible to which type of attack?
Ciphertext attack
You are the security manager of an ISP, and you are asked to protect the name server from being hijacked. Which of the following protocols should you use?
DNSSEC
Alex needs to find a method that can change a single character of plaintext into multiple characters of ciphertext. Which method should Alex use?
Diffusion
Which attack sees an attacker attempt to determine the hash function's input strings that produce the same hash result?
Collision attack
You are a security consultant. An enterprise client contacted you because their mail domain is blocked due to an unidentified entity using it to send spam. How should you advise them to prevent this from happening in the future?
Configure the SMTP relay to limit relays to only local users
Which of the following is a state of data, where data is transmitted across a network?
Data in transit
Which of the following is a virtualization instance that uses OS components for virtualization?
Container
In a practical test, Steve was asked to securely connect different on-premises computing devices with a database deployed in the cloud. What action is Steve taking?
Creating a virtual network
Which of the following best describes DLP?
DLP is used to prevent leakage of confidential data.
You are a security expert asked to protect the webservers hosted in your building from exposure to anyone other than server admins. Which of the following physical security method should you implement to achieve this?
Demilitarized zones
ABC Enterprises plans to upgrade its internal confidential communication channel for the senior management team, which is geographically spread out, to enhance communication speed and security. They have decided to use cryptography to achieve this but can't decide on which model. The CEO has come to you for your suggestion on whether to use RSA or ECC. What should you recommend to the CEO, and why?
ECC, as it uses sloping curves to generate keys. This makes it very secure for smaller key sizes making it secure and the communication exchange extremely fast.
A company has multiple CAs and intermediate CAs issuing digital certificates in different departments, with no one cross-checking their work. Which PKI trust model should the company use?
Distributed trust model
Under which of the following modes does the ciphertext depend only on the plaintext and the key, independent of the previous ciphertext blocks?
ECB
Kane was transferring files from a file transfer protocol (FTP) server to his local machine simultaneously. He sniffed the traffic to find that only the control port commands are encrypted, and the data port is not encrypted. What protocol did Kane use to transfer the files?
FTPS
Which of the following is physical security equipment for computer hardware?
Faraday cage
Which of the following tools can be used to secure multiple Vms?
Firewall virtual appliances
Which encryption method in BitLocker prevents attackers from accessing data by booting from another OS or placing the hard drive in another computer?
Full disk encryption
You have been asked to implement a block cipher mode of operation that requires both the sender and receiver of the message to have access to a synchronous counter that adds an AAD to the transmission. Which operating block cipher mode should you use?
GCM
Which monitoring methodology will trigger the IDS if any application tries to scan multiple ports?
Heuristic monitoring
Which of the following is a network set up with intentional vulnerabilities?
Honeynet
Which of the following protocol can be used for secure routing and switching?
IPsec
You decided to test a potential malware application by sandboxing. However, you want to ensure that if the application is infected, it will not affect the host operating system. What should you do to ensure that the host OS is protected?
Implement virtual machine escape protection
Which type of intrusion detection system can also block attacks?
Inline
In an interview, you are asked to analyze the following statements regarding secure network designs and choose the correct one. Which of the following should you choose?
Load balancers can detect and stop protocol attacks directed at a server or application.
Which of the following is a process where a key is divided into a specific number of parts and distributed to multiple people, with some of them having the same parts of the key?
M-of-N control
Max found someone is impersonating him after discovering that data sent to him was always being received by someone else in his enterprise network. He informed the network administrator about the issue. While inspecting the switch, the administrator discovered that the threat actor was another employee at the same enterprise. As a senior security consultant, which of the following attacks should you mention in the charge sheet?
MAC cloning attack
In an interview, you were asked to briefly describe how emails containing malware or other contents are prevented from being delivered. Which of the following should be your reply?
Mail gateways prevent unwanted mails from being delivered.
Spectrum Technologies uses SHA 256 to share confidential information. The enterprise reported a breach of confidential data by a threat actor. You are asked to verify the cause of the attack that occurred despite implementing secure cryptography in communication. Which type of attack should you consider first, and why?
Misconfiguration attack; the company should have configured a higher security hash algorithm rather than using the less-secure SHA 256.
Which characteristic of cryptography makes information obscure or unclear, and by which the original information becomes impossible to be determined?
Obfuscation
Which of the following is a third-party network analysis tool?
Nmap
Which feature of cryptography is used to prove a user's identity and prevent an individual from fraudulently reneging on an action?
Nonrepudiation
Which of the following uses hardware encryption technology to secure stored data and ensures the inseparability of SEDs among vendors?
Opal
Which of the following best describes an extranet?
Private network only accessed by an authorized party
Symmetric cryptographic algorithm
Qubit
Fatima is responsible for conducting business transactions for XYZ Company, and she only had the stored private key. She is on leave and currently unavailable, and the organization needs to complete an urgent business transaction. Which of the following methods should enable the organization to access Fatima's private key and digital certificate?
Recovery
What is a jump box used for?
Restricting access to a demilitarized zone
Which of the following digital certificates are self-signed and do not depend on the higher-level certificate authority (CA) for authentication?
Root digital certificates
Which of the following protocols can be used for secure video and voice calling?
SRTP
Amtel University decides to keep a record of their student data in a backup server. The administrator contacts you to identify the right command interface protocol to be used in this. Which command interface protocol should you advise?
SSH
Which of the following is a deception instrument?
Sinkhole
In an interview, Max was asked to tell one difference between a software firewall and a virtual firewall. How should Max answer?
Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.
Which of the following is associated with port security?
Spanning-tree protocol
Which function in cryptography takes a string of any length as input and returns a string of any requested variable length?
Sponge
Which algorithm encrypts and decrypts data using the same key?
Symmetric cryptographic algorithm
David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed?
Take a snapshot of the virtual machine before testing the configuration
Mike, an employee at your company, approached you seeking help with his virtual machine. He wants to save the current state of the machine to roll back to the saved state in case of a malfunction. Which of the following techniques can help Mike?
Take snapshots to save the virtual machine state
Robert has two cryptographic keys, and he needs to determine which of them is less prone to being attacked. The cryptoperiod is limited and equal for both the keys. The first key has a length of 2 and uses 16 characters, while the other key has a length of 3 and uses 15 characters. Which of the following is the best conclusion for Robert to come to?
The second key is more secure than the first key.
Which of the following best describes trusted location in MS Office?
Trusted location allows you to run macros-enabled files with no security restrictions.
Which encryption is a chip on the motherboard of a computer that provides cryptographic services?
Trusted platform module
Which encryption device you can use that has the following features? 1. It should allow administrators to remotely prohibit accessing the data on a device until it can verify the user status. 2. It can lock user access completely or even instruct the drive to initiate a self-destruct sequence to destroy all data.
USB device encryption
Alex is working for Alpha Technology as a system administrator. The enterprise's sales team uses multiple external drives, often containing confidential data, that they carry between their offices and their clients' offices. What should Alex do to ensure that data is secure if it is stolen or lost, and why?
Use encrypted USBs in the enterprise because they automatically encrypt the information and give Alex remote access to the drive to monitor and disable the user.
Maze must establish a communication channel between two data centers. After conducting a study, she came up with the idea of establishing a wired connection between them since they have to communicate in unencrypted form. Considering the security requirements, Maze proposed using an alarmed carrier PDS over a hardened carrier PDS. Why would Maze make this suggestion in her proposal?
Using a hardened carrier PDS would require someone to conduct periodic visual inspections.
Which of the following best describes VBA?
VBA is an event-driven programming language.
Mail gateways prevent unwanted mails from being delivered.
Virtual machine manager
After encountering a network attack in your enterprise network, the chief network security engineer assigned you a project. The project was to create a vulnerable network that is similar to your enterprise network and entices the threat actor to repeat the attack. This is to analyze the behavior and techniques the attacker is using to ensure better defenses to your enterprise network in the future. Which of the following appliances should you use?
You should use a honeypot.
Which of the following is the most versatile cloud model?
IaaS
You are asked to transfer a few confidential enterprise files using the file transfer protocol (FTP). For ensuring utmost security, which variant of FTP should you choose?
SFTP
You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal?
Use private subnets for backend servers
Which of the following best describes a faraday cage?
A Faraday cage is an enclosure used to block electromagnetic fields.
Which of the following correctly differentiates between a man-in-the-middle (MITM) attack and a man-in-the-browser (MITB)?
A MITM attack occurs between two endpoints, whereas a MITB attack occurs between a browser and underlying computer.
Which of the following best describes a mantrap?
A mantrap is a small space with two separate sets of interlocking doors.
Which of the following best describes a network hardware security module?
A network hardware security module is a trusted network computer that performs cryptographic operations.
Which of the following statements describe a quantum computer?
A quantum computer is a computer that relies on qubits that can be both 0 and 1 at the same time.
You oversee your company's physical security, and you are asked to protect their CCTV cameras. The cameras are installed along the pathway, mounted on poles. They need protection from being physically handled by potential intruders. Which of the following fencing deterrents should you use?
Anti-climb collar
John and Sarah are working for Star Alliance. John had to send certain confidential data and messages to Sarah online. The use of which of the following will ensure that the message's sender is, in fact, John?
Digital Certificate
Malik and Chris are shopping for shoes on an e-commerce website and need to enter their credit card details. Which of the following can assure them that they are using the retailer's authentic website and not an imposter's look-alike site that will steal their credit card details?
Digital certificate
John receives an encrypted document using asymmetric cryptography from Alex. Which process should Alex use along with asymmetric cryptography so that John can be sure that the received document is real, from Alex, and unaltered?
Digital signature algorithm
XYZ University wants to set up a VPN network to connect to the internet and ensure that all their data is safe. They have asked you to recommend the correct communication protocol to use. Which of the following protocols should you recommend and why?
IPsec, because it authenticates that the packets received were sent from the source and ensures that no other party can view the contents. It manages the keys to ensure that they are not intercepted or used by unauthorized parties.
In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply?
If the virtual machine's load increases, the virtual machine can be migrated to another physical machine with more capabilities.
You are working as a cloud administrator, and are asked to migrate a virtual machine to a more capable physical machine, as the demand for the service hosted on the VM increased past its limit. As your enterprise still uses conventional switches, migration took time and resulted in customer dissatisfaction. How should you mitigate this issue in the future?
Implement a software-defined network
Alliance Consulting, a company based in France, is shutting down. Louis, the owner of the company, applied to revoke his digital certificate. He is very busy with the other details of shutting the company down and needs to be able to check the certificate's status quickly and easily. Which of the following will help him get a real-time lookup of the certificate's status?
OCSP
Sarah needs to send an email with important documents to her client. Which of the following protocols ensures that the email is secure?
S/MIME
Which of the following is a Linux/UNIX-based command interface and protocol?
SSH
During an investigation, it was found that an attacker did the following: Intercepted the request from the user to the server and established an HTTPS connection between the attacker's computer and the server while having an unsecured HTTP connection with the user. This gave the attacker complete control over the secure webpage. Which protocol helped facilitate this attack?
SSL
Which of the following is the earliest and most general cryptographic protocol?
SSL
Which of the following sensors is best suited for fire detection?
Temperature detection sensor
Samira is developing a virtual private chat application for ABC Consulting. The following are requirements provided by the organization while making the application: 1. All the communications should happen within the same network, host-to-host. 2. The information shared through this app should be kept confidential. Hence, the whole IP packet should be encrypted, giving access to only authorized personnel. 3. There should be a private network for host-to-host communication Which of the following modes should Sara consider for encryption in this project?
Tunnel mode
Which of the following outlines the process of a proxy server?
User - forward proxy - Internet - reverse proxy - user
Which technology allows scattered users to be logically grouped even when they are connected to different physical switches?
VLAN
Your enterprise is hosting a web app that has limited security. As a security administrator, you are asked to take appropriate measures to restrict threat actors from hijacking users' sessions. Which of the following is the most appropriate action for you to take?
You should implement cryptography using OpenSSL.
An employee at your enterprise is caught violating company policies by transferring confidential data to his private email. As a security admin, you are asked to prevent this from happening in the future. Which of the following actions should you perform?
You should set up a DLP.
As a cybersecurity expert, you are asked to take adequate measures to mitigate DDoS attacks on your enterprise servers. Which of the following techniques should you apply?
You should set up a DNS sinkhole.
In a security review meeting, you are asked to take appropriate security measures to mitigate IP spoofing attacks against the enterprise network. Which of the following methods should you apply?
You should set up an ACL.
You are asked to configure your enterprise network in such a way that the customer support team gets a higher priority in the network and can conduct customer video calls without any connectivity issues. Which of the following methods should you apply?
You should set up quality of service to give higher priority to the customer support team.