COMP
SOMETHING YOU KNOW
A Which of the following include passwords, PINs, or the answer to a security question?
SOMETHING YOU ARE
A biometric factor is an example of what type of factor?
Urgency
A caller reached a member of the IT support person at Carlos's company and told them that the chairman of the company's board was traveling and needed immediate access to his account but had been somehow locked out. They told the IT support person that if the board member did not have their password reset, the company could lose a major deal. If Carlos receives a report about this, which of the principles of social engineering should he categorize the attacker's efforts under?
ATTRIBUTES
A person's name, age, location, or job title are all examples of what?
2
Acme Widgets has 10 employees and they all need the ability to communicate with one another using the asymmetric encryption system. The system should allow any two employees to securely communicate without other employees eavesdropping. If an 11th employee is added to the organization, how many new keys must be added to the system?
10
Acme Widgets has 10 employees and they all need the ability to communicate with one another using the symmetric encryption system. The system should allow any two employees to securely communicate without other employees eavesdropping. If an 11th employee is added to the organization, how many new keys must be added to the system?
Static code analysis
Adam is conducting software testing by reviewing the source code of the application. What type of code testing is Adam conducting?
Spam over Instant Messaging
Alaina suspects that her organization may be targeted by a SPIM attack. What technology is she concerned about?
Shoulder surfing
Alan reads Susan's password from across the room as she logs in. What type of technique has he used?
Homomorphic encryption
Alan's team needs to perform computations on sensitive personal information but does not need access to the underlying data. What technology can the team use to perform these calculations without accessing the data?
A supply chain attack
Alex discovers that the network routers that his organization has recently ordered are running a modified firmware version that does not match the hash provided by the manufacturer when he compares them. What type of attack should Alex categorize this attack as?
CAN bus
Amanda is assessing a vehicle's internal network. What type of bus is she most likely to discover connecting its internal sensors and controllers?
Command-and-control
Amanda notices traffic between her systems and a known malicious host on TCP port 6667. What type of traffic is she most likely detecting?
Degaussing
Amanda wants to securely destroy data held on DVDs. Which of the following options is not a suitable solution for this?
Identity provider
Angela has chosen to federate with other organizations to allow use of services that each organization provides. What role does Angela's organization play when they authenticate their users and assert that those users are valid to other members of the federation?
Use Bash's restricted mode
Angela wants to limit the potential impact of malicious Bash scripts. Which of the following is the most effective technique she can use to do s without a significant usability impact for most users?
Ransomware
Ben is a security administrator of his company. Ana, a team member, reports Ben about an e-mail that displays a message demanding a fee to be paid for his system to work again. Which type of threat is described in the scenario?
Dumpster diving
Ben searches through an organization's trash, looking for sensitive documents, internal notes, and other useful information. What term describes this type of activity?
Raid 10
Ben wants to implement a Redundant Array of Independent (RAID) array that combines both read and write performance while retaining data integrity if a drive fails. Cost is not a concern compared to speed and resilience. What RAID type should he use?
Steganography
Brian discovers that a user suspected of stealing sensitive information is posting many image files to a message board. What technique might the individual be using to hide sensitive information in those images?
SCADA
Brian has deployed a system that monitors sensors and uses that data to manage the power distribution for the power company that he works for. Which of the following terms is commonly used to describe this type of control and monitoring solution?
API-based CASB
Brian is selecting a cloud access security broker (CASB) for his organization and he would like to use an approach that interacts with the cloud provider directly. Which CASB approach is most appropriate for his needs?
Integrity
Brian ran a penetration test against a school's grading system and discovered a flaw that would allow students to alter their grades by exploiting a SQL injection vulnerability. What type of control should he recommend to the school's cybersecurity team to prevent students from engaging in this type of activity?
Resource policy
Brian would like to limit the ability of users inside his organization to provision expensive cloud server instances without permission. What type of control would best help him achieve this goal?
White-box test
Bruce is conducting a penetration test for a client. The client provided him with details of their systems in advance. What type of test is Bruce conducting?
A DIRECTORY SERVICE
Charles has implemented LDAP for his organization. What type of service has he enabled?
Performing user input validation
Charles is worried about users conducting SQL injection attacks. Which of the following solutions will best address his concerns?
Elicitation
Charles wants to find out about security procedures inside his target company, but he doesn't want the people he is talking to should realize that he is gathering information about the organization. He engages staff members in casual conversation to get them to talk about the security orocedurec without noticing that they have done so. What term describes this process in social engineering efforts?
Tail
Charles wants to monitor changes to a log file via a command line in real-time. Which of the following command-line Linux tools will let him see the last lines of a log file as they change?
Integrity
Chris is responding to a security incident that compromised one of his organization's web servers. He believes that the attackers defaced one or more pages on the website. What cybersecurity objective did this attack violate?
UEFI/Measured boot
Chris wants systems that connect to his network to report their boot processes to a server where they can be validated before being permitted to join the network. What technology should he use to do this on the workstations?
TAXII
Cindy wants to send threat information via a standardized protocol specifically designed to exchange cyber threat information. What should she choose?
Ransomware
Crypto malware is a type of which malware?
Snapshot
Cynthia wants to clone a virtual machine. What should she do to capture a live machine, including the machine state?
MIKES PUBLIC KEY
David would like to send Mike a message using an asymmetric encryption algorithm. What key should he use to encrypt the message?
Patch management
During A vulnerability scan, Brian discovered that a system on his network contained this vulnerability: THREAT: Microsoft Server Message Block (SMB) Protocol is a Microsoft network file sharing protocol used in Microsoft Windows. The Microsoft SMB Server is vulnerable to multiple remote code execution vulnerabilities due to the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. This security update is rated Critical for all supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012 and 2012 R2, Windows 8.1 and RT 8.1, Windows 10 and Windows Server 2016. IMPACT: A remote attacker could gain the ability to execute code by sending crafted messages to a Microsoft Server Message Block 1.0 (SMBv1) server. SOLUTION: Customers are advised to refer to Microsoft Advisory MS17-010 for more details. Patch: Following are links for downloading patches to fix the vulnerabilities: FIG A What security control, if deployed, would likely have addressed this issue?
Lateral movement
During a penetration test, Patrick deploys a toolkit on a compromised system and uses it to gain access to other systems on the same network. What term best describes this activity?
Improper error handling
During a web application test, Ben discovers that the application shows the Structured Query Language (SQL) code as part of an error provided to application users. What should he note in his report?
Insider, Hacktivist
Edward Snowden was a government contractor who disclosed sensitive government documents to journalists to uncover what he believed were unethical activities. Which two of the following terms best describe Snowden's activities? Each correct answer represents a complete solution. Choose two
RADIUS
Elaine wants to implement an AAA system. Which of the following is an AAA system she could implement?
Use a degausser.
Elaine wants to securely erase the contents of a tape used for backups in her organization's tape library. What is the fastest secure erase method available to her that will allow the tape to be reused?
Continuous delivery
Every time Susan checks code into her organization's code repository, it is tested and validated, and then if accepted, it is immediately put into production. What is the term for this?
An Air Gap
Florian wants to ensure that systems on a protected network cannot be attacked via the organization's network. What design technique should he use to ensure this?
Buffer overflow
Frank is investigating a security incident where the attacker entered a very long string into an input field, which was followed by a system command. What type of attack likely took place?
Implement and use a data classification scheme.
Frank's organization is preparing to deploy a data loss prevention (LP) system. What key process should they undertake before they deploy it?
Restore from a backup if available
Fred receives a call to respond to a malware-infected system. When he arrives, he discovers a message on the screen that reads "Send .5 Bitcoin to the following address to recover your files. What is the most effective way for Fred to return the system to normal operation?
RAID 1
Gabby wants to implement a mirrored drive solution. What RAID level does this describe?
Geographic dispersal
Gary identifies a third-party datacenter provider over 90 miles away to run his redundant datacenter operations. Why has he placed the datacenter that far away?
dev.www.mydomain.com
Glenn recently obtained a wildcard certificate for *. mydomain. com. Which one of the following domains would not be covered by this certificate?
Footprinting
Grace would like to determine the operating system running on a system that she is targeting in a penetration test. Which one of the following techniques will most directly provide her with this information?
SUPPLY CHAIN
Greg believes that an attacker may have installed malicious firmware in a network device before it was provided to his organization What type of threat vector best describes this attack?
Preventive
Greg recently conducted an assessment of his organization's security controls and discovered a potential gap: the organization does not use full- disk encryption on laptops. What type of control gap exists in this case?
CSA CCM
Greg would like to find a reference document that describes how to map cloud security controls to different regulatory standards. What document would best assist with this task?
Logic bomb
Gurvinder has been asked to assist a company that recently fired one of its developers. After the developer was terminated, the critical application that they had written for the organization stopped working and now displays a message reading, "You shouldn't have fired me!" If the developer's access was terminated and the organization does not believe that they would have had access to any systems or code after they left the organization, what type of malware should Gurvinder look for?
MASKING
Gwen is exploring a customer transaction reporting system and discovers the table shown here. What type of data minimization has most likely been used on this table? 1023 $46.438 11/3/2020 ******* 1858 1024 $83,007 9/22/2020 ******* 8925 1025 $42,289 7/19/2020 ****9194 1026 $10,119 8/4/2020 **** 5660 1027 $24,223 7/16/2020 ** 8823 1028 $57,657 7/8/2020 ****** 2691 1029 $94.558 2/10/2020 ********* 8371 1030 33,570 5/17/2020 1031 $96.829 3/20/2020 ****** 3711....... TABLE A: DATA FOR CREDIT CARD
SaaS
Helen designed a new payroll system that she offers to her customers. She hosts the payroll system in AWS and her customers access it through the web. What tier of cloud computing best describes Helen's service?
If a single vendor goes out of business, the company does not need to replace its entire infrastructure. It ensures that a vulnerability in a single company's product will not impact the entire infrastructure It means that a misconfiguration will not impact the company's entire infrastructure.
How does technology diversity help ensure cybersecurity resilience?
Data sovereignty
Howard is assessing the legal risks to his organization based upon its handling of PIl. The organization is based in the United States, handles the data of customers located in Europe, and stores information in Japanese datacenters. What law would be most important to Howard during his assessment?
DAVIDS PRIVATE KEY
If David wishes to digitally sign the message that he is sending Mike, what key would he use to create the digital signature?
laaS and PaaS
In which of the following cloud categories are customers typically charged based on the number of virtual server instances dedicated to their use?
Compliance
Jade's organization recently suffered a security breach that affected stored credit card data. Jade's primary concern is the fact that the organization is subject to sanctions for violating the provisions of the Payment Card Industry Data Security Standard (PCI DSS). What category of risk is concerning Jade?
A user intentionally enabled macros for an infected file
James notices that a macro virus has been detected on a workstation in his organization. What was the most likely path for the infection?
When the machine is off
Jim configures a Windows machine with the built-in BitLocker full disk encryption tool. When is the machine least vulnerable to have data stolen from it?
John the Ripper
Joanna recovers a password file with passwords stored as MD5 hashes. What tool can she use to crack the passwords?
Timing-based SQL injection
Joe is examining the logs for his web server and discovers that a user sent input to a web application that contained the string WAITFOR. What type of attack was the user likely attempting?
Degaussing
Kathleen wants to discourage potential attackers from entering the facility she is responsible for. Which of the following is not a common control used for this type of preventive defense?
Internet RFCs
Ken is conducting threat research on Transport Layer Security (TLS) and would like to consult the authoritative reference for the protocol's technical specification. What resource would best meet his needs?
Vertical scaling
Kevin discovered that his web server was being overwhelmed by traffic, causing a CPU bottleneck. Using the interface offered by his cloud service provider, he added another CPU to the server. What term best describes Kevin's action?
CERTIFICATE STAPLING
Kevin is configuring a web server to use digital certificates. What technology can he use to allow clients to quickly verify the status of that digital certificate without contacting a remote server?
Red team
Kevin is participating in a security exercise for his organization. His role in the exercise is to use hacking techniques to attempt to gain access to the organization's systems. What role is Kevin playing in this exercise?
MEDIUM
Kevin recently identified a new security vulnerability and computed its Common Vulnerability Scoring System (CVSS) base score as 6.5. Which risk category would this vulnerability fall into?
Elasticity
Kevin would like to ensure that his software runs on a platform that is able to expand and contract as needs change. Which one of the following terms best describes his goal?
White-hat
Kolin is a penetration tester who works for a cybersecurity company. His firm was hired to conduct a penetration test against a healthcare system, and Kolin is working to gain access to the systems belonging to a hospital in that system. What term best describes Kolin's work?
Persistence
Kyle is conducting a penetration test. After gaining access to an organization's database server, he installs a backdoor on the server to grant himself access in the future. What term best describes this action?
Rules of engagement
Lila is working on a penetration testing team and she is unsure whether she is allowed to conduct social engineering as part of the test. What document should she consult to find this information?
Deterrent
Lou mounted the sign below on the fence surrounding his organization's datacenter. What control type best describes this control? "BEWARE OF DOG" FIG. A
A Raspberry Pi
Luca is prototyping an embedded system and wants to use a device that can run a full Linux operating system so that he can install and use a firewall and other security software to protect a web service he will run on it. Which of the following solutions should he use?
Phishing
Lucca's organization runs a hybrid datacenter with systems in Microsoft's Azure cloud and in a local facility. Which of the following attacks is one that he can establish controls for in both locations?
Motion recognition
Maddy wants to implement a camera system but is concerned about the amount of storage space that the video recordings will require. What technology can help with this?
Managerial
Matt is updating the organization's threat assessment process. What category of control is Matt implementing?
LOW CER
Melissa is planning on implementing biometric authentication on her network. Which of the following should be a goal for any biometric solution she selects?
SOMETHING YOU CAN DO
Michelle enables the Windows 10 picture password feature to control logins for her laptop. Which type of attribute will it provide?
An Air Gap
Michelle wants to ensure that attackers who breach her network security perimeter cannot gain control of the systems that run the industrial processes her organization uses as part of their business. What type of solution is best suited to this?
Allow list application
Michelle wants to prevent unauthorized applications from being installed on a system. What type of tool can she use to allow only permitted applications to be installed?
Backdoor
Mike discovers that attackers have left software that allows them to have remote access to systems on a computer in his company's network. How should he describe or classify this malware?
SHARED SECRET KEY
Mike is sending David an encrypted message using the symmetric encryption algorithm. What key should he use to encrypt the message?
Bollard
Mike wants to stop vehicles from traveling toward the entrance of his building. What physical security control should he implement?
Keyboard and other input from the user
Nancy is concerned that there is a software keylogger on the system she is investigating. What data may have been stolen?
PowerShell
Naomi believes that an attacker has compromised a Windows workstation using a fileless malware package. What Windows scripting tool was most likely used to download and execute the malware?
21, 23, and 80
Naomi has discovered the following TCP ports open on a system she wants to harden. Which ports are used for unsecure services and thus should be disabled to allow their secure equivalents to continue to be used? 21 22 23 80 443
Text message-base phishing
Naomi receives a report of smishing. What type of attack should she be looking for?
Load Balancer
Naomi wants to deploy a tool that can allow her to scale horizontally while also allowing her to patch systems without interfering with traffic to her web servers. What type of technology should she deploy?
Require third-party review for bias in ML algorithms.
Naomi wants to provide guidance on how to keep her organization's new machine learning tools secure. Which of the following is not a common means of securing machine learning algorithms?
Typosquatting
Nicole accidentally types www.smazon.com into her browser and discovers that she is directed to a different site loaded with ads and pop-ups. Which of the following is the most accurate description of the attack she has experienced?
Weak encryption
Nina's organization uses SSH keys to provide secure access between systems. Which of the following is not a common security concern when using SSH keys?
Confidentiality
Nolan is writing an after-action report on a security breach that took place in his organization. The attackers stole thousands of customer records from the organization's database. What cybersecurity principle was most impacted in this breach?
CONFIDENTIALITY
Norm is using full-disk encryption technology to protect the contents of laptops against theft. What goal of cryptography is he attempting to achieve?
Of the threat vectors listed here, which one is most commonly exploited by attackers who are at a distant location?
A host-based intrusion detection system
Olivia wants to install a host-based security package that can detect attacks against the system coming from the network, but she does not want to take the risk of blocking the attacks since she fears that she might inadvertently block legitimate traffic. What type of tool could she install that will meet this requirement?
Account Policies
Password complexity, password history, and password reuse are all examples of what?
Parameterized Queries
Precompiled SQL statements that only require variables to be input are an example of what type of application security control?
Gray-hat hacking
Renee is a cybersecurity hobbyist. She receives an email about a new web-based grading system being used by her son's school and she visits the site. She notices that the URL for the site looks like this: https://www.myschool.edu/grades.php&studentID=102342 She realizes that 1023425 is her son's student ID number and she then attempts to access the following similar URLS: https://www.myschool.edu/grades.php&studentID=1023423 https://www.myschool.edu/grades.php&studentID=1023424 https://www.myschool.edu/grades.php&studentID=1023426 https://www.myschool.edu/grades.php&studentID=1023427 When she does so, she accesses the records of other students. She closes the records and immediately informs the school principal of the vulnerability. What term best describes Renee's work?
Read-onlv
Renee is configuring her vulnerability management solution to perform credentialed scans of servers on her network. What type of account should she provide to the scanner?
Mount the drive on another system and scan it that way.
Rick believes that a system he is responsible for has been compromised with malware that uses a rootkit to obtain and retain access to the system. When he runs a virus scan, the system doesn't show any malware. If he has other data that indicates the system is infected, what should his next step be if he wants to determine what malware may be on the system?
A differential backup
Rick performs a backup that captures the changes since the last full backup. What type of backup has he performed?
Run the scan in a test environment.
Ryan is planning to conduct a vulnerability scan of a business-critical system using dangerous plug-ins. What would be the best approach for the initial scan? Run the
Third-party control
Ryan is selecting a new security control to meet his organization's objectives. He would like to use it in their multicloud environment and would like to minimize the administrative work required from his fellow technologists. What approach would best meet his needs?
The Restoration order Document
Sally is working to restore her organization's operations after a disaster took her datacenter offline. What critical document should she refer to as she restarts systems?
Geofencing
Samantha wants to set an account policy that ensures that devices can be used only while the user is in the organization's main facility. What type of account policy should she set?
Bot
Scott notices that one of the systems on his network contacted a number of systems via encrypted web traffic, downloaded a handful of files, and then uploaded a large amount of data to a remote system. What type of infection should he look for?
Offline
Scott sends his backups to a company that keeps them in a secure vault. What type of backup solution has he implemented?
OPEN ID
Scott wants to allow users to bring their own credentials to his website so that they can log in using a Google or Microsoft account without giving him their passwords. What protocol can he use that will allow those users to grant the website access to their information?
Watering hole
Selah infects the ads on a website that users from her target company frequently visit with malware as part of her penetration test. What technique has she used?
Invoice scam
Sharif receives a bill for services that he does not believe his company requested or had performed. What type of social engineering technique is this?
False positive
Tara recently analyzed the results of a vulnerability scan report and found that a vulnerability reported by the scanner did not exist because the system was actually patched. What type of error occurred?
A race condition
The application that Scott is writing has a flaw that occurs when two operations are attempted at the same time, resulting in unexpected results when the two actions do not occur in the expected order. What type of flaw does the application have?
A microcontroller, and on physical security
The company that Hui works for has built a device based on an Arduino and wants to standardize its deployment across the entire organization. What type of device has Hui's organization deployed, and where should Hui place her focus on securing it?
Attackers may steal the SIM cards from the devices and use them for their own purposes.
The company that Theresa works for has deployed loT (Internet of Things) sensors that have built- in cellular modems for communication back to a central server. What issue may occur if the devices can be accessed by attackers?
RTOS
The organization that Lynn works for wants to deploy an embedded system that needs to process data as it comes in to the device without processing delays or other interruptions. What type of solution does Lynn's company need to deploy?
RBAC
Theresa wants to implement an access control scheme that sets permissions based on what the individual's job requires. Which of the following schemes is most suited to this type of implementation?
Technical
Tina is tuning her organization's intrusion prevention system to prevent false-positive alerts. What type of control is Tina implementing?
Code signing
Tom is a software developer who creates code for sale to the public. He would like to assure his users that the code they receive actually came from him. What technique can he use to best provide this assurance?
Development
Tom is working on a change to a web application used by his organization to fix a known bug. What environment should he be working in?
Unavailability of future patches
Tom's organization recently learned that the vendor is discontinuing support for their customer relationship management (CRM) system. What should concern Tom the most from a security perspective?
Strategic
Tony is reviewing the status of his organization's defenses against a breach of their file server. He believes that a compromise of the file server could reveal information that would prevent the company from continuing to do business. What term best describes the risk that Tony is considering?
Public cloud
Tony purchases virtual machines from Microsoft Azure and uses them exclusively for use by his organization. What model of cloud computing is this?
Deterrent
Tonya is concerned about the risk that an attacker will attempt to gain access to her organization's database server. She is searching for a control that would discourage the attacker from attempting to gain access. What type of security control is she seeking to implement?
She should run the ML algorithm on the network only if she believes it is secure.
Tracy is concerned about attacks against the machine learning algorithm that her organization is using to assess its network. What step should she take to ensure that her baseline data is not tainted?
TIME BASED ONE TIME PASS
Trevor is deploying the Google Authenticator mobile application for use in his organization. What type of one-time password system does Google Authenticator use in its default mode?
Insecure direct object reference
Upon further inspection, Joe finds a series of thousands of requests to the same URL coming from a single IP address. Here are a few examples: http://www.mycompany.com/servicestatus.php?serviceID=1 http://www.mycompany.com/servicestatus.php?serviceID=2 http://www.mycompany.com/servicestatus.php?serviceID=3 http://www.mycompany.com/servicestatus.php?serviceID=4 http://www.mycompany.com/servicestatus.php?serviceID=5 http://www.mycompany.com/servicestatus.php?serviceID=6 What type of vulnerability was the attacker likely trying to exploit?
Shadow IT
Ursula recently discovered that a group of developers are sharing information over a messaging tool provided by a cloud vendor but not sanctioned by her organization. What term best describes this use of technology?
Transit gateway
Ursula would like to link the networks in her on-premises datacenter with cloud VPCs in a secure manner. What technology would help her best achieve this goal?
AES
Vince is choosing the symmetric encryption algorithm for use in his organization. He would like to choose the strongest algorithm from the choices below. What algorithm should he choose?
Ioc
Vince recently received the hash values of malicious software that several other firms in his industry found installed on their systems after a compromise. What term best describes this information?
Edge computing
Wanda is responsible for a series of seismic sensors placed at remote locations. These sensors have low-bandwidth connections and she would like to place computing power on the sensors to allow them to preprocess data before it is sent back to the cloud. What term best describes this approach?
Session Cookie
Wendy is a penetration tester who wishes to engage in a session hijacking attack. What information is crucial for Wendy to obtain if her attack will be successiul!
API keys
Wendy is scanning cloud-based repositories for sensitive information. Which one of the following should concern her most, if discovered in a public repository?
HIPAA
What compliance regulation most directly affects the operations of a healthcare provider?
Hypervisor
What component of a virtualization platform is primarily responsible for preventing VM escape attacks?
Tokenization
What data minimization technique replaces personal identifiers with unique identifiers that may be cross-referenced with a lookup table?
Cost
What factor is a major reason organization do not use security guards?
To generate, manage, and securely store cryptographic keys
What is an HSM used for?
XML
What language is STIX based on?
ISAC's
What organizations did the U.S. government help create to help share knowledge between organizations in specific verticals?
PowerShell
What scripting environment is native to Windows systems?
Distributing them in parking lots as though they were dropped
What technique is most commonly associated with the use of malicious flash drives by penetration testers?
Data encryption
What technology uses mathematical algorithms to render information unreadable to those lacking the required key?
Control objectives
What term best describes an organization's desired security state?
Data in motion
What term best describes data that is being sent between two systems over a network connection?
EDR
What term is used to describe tools focused on detecting and responding to suspicious activities occurring on endpoints like desktops, laptops, and mobile devices?
DAC
What type of access control scheme best describes the Linux filesystem?
Behavioral
What type of assessment is particularly useful for identifying insider threats?
BRUTE FORCE
What type of attack does an account lockout policy help to prevent?
Man-in-the-middle
What type of attack places an attacker in the position to eavesdrop on communications between a user and a web server?
STEAM CIPHER
What type of cipher operates on one character of text at a time?
DOM-based XSS
What type of cross-site scripting (XSS) attack would not be visible to a security professional inspecting the Hypertext Markup Language (HTML) source code in a browser?
DOWNGRADE
What type of cryptographic attack attempts to force a user to reduce the level of encryption that they use to communicate with a remote server?
EV
What type of digital certificate provides the greatest level of assurance that the certificate owner is who they claim to be?
Nation-state
What type of malicious actor is most likely to use hybrid warfare?
Bot
What type of malware connects to a command-and-control system, allowing attackers to manage, control, and update it remotely?
PUP
What type of malware is adware typically classified as?
Remote access Trojans
What type of malware is frequently called stalkerware because of its use by those in intimate relationships to spy on their partners?
Macro viruses
What type of malware is the VBA code most likely to show up in?
Spear phishing
What type of phishing targets specific groups of employees, such as all managers in the financial department of a company?
An access control vestibule
What type of physical security control is shown here? FIG A
A Warm Site
What type of recovery site has some or most systems in place but does not have the data needed to take over operations?
HSM
What type of security solution provides a hardware platform for the storage and management of encryption keys?
DAVIDS PUBLIC KEY
When Mike receives the digitally signed message from David, what key should he use to verify the digital signature?
MIKES PRIVATE KEY
When Mike receives the message that David encrypted for him, what key should he use to decrypt the message using an asymmetric encryption algorithm?
Authoritv
When a call was recently directed to Amanda, who is a junior IT employee at her company, the caller informed her that they were the head of IT for her organization and that she needed to immediately disable the organization's firewall due to an ongoing issue with their e-commerce website. After Amanda made the change, she discovered that the caller was not the head of IT and that it was actually a penetration tester hired by her company. Which social engineering principle best matches this type of attack?
Vishing
When you combine phishing with Voice over IP, it is known as which of the following?
Hybrid Cloud
Which cloud computing deployment model requires the use of a unifying technology platform to tie together components from different providers?
CVE
Which element of the SCAP (Security Content Automation Protocol) framework can be used to consistently describe vulnerabilities?
Bug bounty
Which of the following assessment techniques is designed to solicit participation from external security experts and reward them for discovering vulnerabilities?
Cloning
Which of the following attacks occurs after a skimmer captures card information?
Fingerprint scanner
Which of the following biometric technologies is most broadly deployed due to its ease of use and acceptance from end users?
cat
Which of the following can be used to output files to standard output (your console) or to append files to other files?
Two-person control
Which of the following controls helps prevent insider threats?
Active reconnaissance
Which of the following directly engages the target in intelligence gathering?
Spam
Which of the following employs social engineering techniques to attempt to get recipients to open the message or to click on links inside of it?
VIRUS
Which of the following is a malicious program that self-copies and self-replicates?
Cloud access security broker
Which of the following is a software tool that serves as intermediaries between cloud service users and cloud service providers?
Rootkit
Which of the following is malware that is specifically designed to allow attackers to access a system through a backdoor?
Form factor
Which of the following is not a common constraint of an embedded system?
Allocation
Which of the following is not a common goal of a cybersecurity attacker?
Avoiding use of other organizations' IP addresses
Which of the following is not a typical reason to use an IP addressing schema in an enterprise?
MSP
Which of the following is service organization that provides information technology as a service to their customer?
Following someone, through a door, they just unlocked
Which of the following is the best description of tailgating?
OSINT
Which of the following is the practice of collecting information from published or otherwise publicly available sources?
chmod
Which of the following lets you set permissions on files and directories, using either a symbol or a numeric representation of the permissions that you want to set?
Detail
Which of the following measures is not commonly used to assess threat intelligence?
Confidentiality
Which of the following metrics describes the type of information disclosure that might occur if an attacker successfully exploits the vulnerability?
laaS
Which of the following offerings allow customers to purchase and interact with the basic building blocks of a technology infrastructure?
Also known as bare-metal hypervisors, operate directly on top of the underlying hardware
Which of the following statements is not true about type Il hypervisor?
Password complexity requirements
Which of the following technologies is the least effective means of preventing shared accounts?
Nation-state actors
Which of the following threat actors typically has the greatest access to resources?
Web application vulnerability scanner
Which of the following tools is most likely to detect an XSS vulnerability?
Host-based
Which of the following uses software agents installed on systems that search those systems for the presence of sensitive information?
Privileges required
Which one of the CVSS metrics would contain information about the type of account access that an attacker must have to execute an attack?
PFX
Which one of the following certificate formats is closely associated with Windows binary certificate files?
Frequent flyer number
Which one of the following data elements is not commonly associated with identity theft?
Tokenization
Which one of the following data protection techniques replaces sensitive values with a unique identifier using a lookup table?
Preventing injection attacks
Which one of the following is not an advantage of database normalization?
Using a cloud provider's web interface to provision resources
Which one of the following is not an example of infrastructure as code?
Anonymous
Which one of the following is the best example of a hacktivist group?
Nonrepudiation
Which one of the following objectives is not one of the three main objectives that information security professionals must achieve to protect their organizations against cybersecurity threats?
Threat hunting
Which one of the following security assessment techniques assumes that an organization has already been compromised and searches for evidence of that compromise?
ROOT CA
Which one of the following servers is almost always an offline CA in a large PK deployment?
Agile
Which one of the following software development models focuses on the early and continuous delivery of software?
Cloud computing customers provision resources through the service provider's sales team.
Which one of the following statements about cloud computing is incorrect?
All cryptographic keys should be kept secret.
Which one of the following statements about cryptographic keys is incorrect?
Controls used to fulfill one PCI DSS requirement may be used to compensate for the absence of control needed to meet another requirement.
Which one of the following statements is not true about compensating controls under PCI DSS?
THREAT MAP
Which one of the following threat research tools is used to visually display information about the location of threat actors?
LOW
Which one of the following values for the CVSS attack complexity metric would indicate that the specified attack is simplest to exploit?
CRM
Which one of the following would not be available as an laas service offering?
SMS
Which type of multifactor authentication is considered the least secure?
To prevent EMI
Why are Faraday cages deployed?
Parameter pollution
joe checks his web server logs and sees that someone sent the following query string to an application running on the server: http://www.mycompany.com/servicestatus.php?serviceID=892&serviceID=892' ; DROP TABLE Services; What type of attack was most likely attempted?
Directory traversal
loe's adventures in web server log analysis are not yet complete. As he continues to review the logs, he finds the request http://www.mycompany.com/.../ /.. /etc/passwd What type of attack was most likely attempted?