Sec +
A collection and distribution of information about exposed computer security exposures A:Vulnerability databases B:STIX C:Dark web D:OSINT E:IoC
A
A prank that takes advantage of sending contact information automatically without authentication A:Bluejacking B:Bluesnarfing C:Dragonblood D:Evil twin E:Disassociation
A
A special form of self-replicating malware that typically spreads without user action A:Worms B:Spyware C:Keyloggers D:RAT E:Ransomware
A
Attacker poisons a DNS server to re-direct users to unintentionally go to a fake site ChoicesA:PharmingB:Spear phishingC:SmishingD:Business email compromiseE:Whaling
A
Can steal data from a wireless device using a Bluetooth connection A:Bluesnarfing B:Dragonblood C:Evil twin D:Bluejacking E:Disassociation
A
Choose not to undertake actions that introduce risk A:Avoidance B:Mitigation C:Acceptance D:Transference
A
Client and server handshake before the server generates two cryptographic A:Ransomware B:Keyloggers C:Worms D:RAT E:Spyware
A
Defines responsibilities and support levels between a provider and an internal business unit often through a service desk A:Organizational level agreement (OLA) B:Interconnection security agreement (ISA) C:Memorandum of understanding (MOU) D:Business partners agreement (BPA) E:Service level agreement (SLA)
A
It is also known as a "dot slash" attack A:Directory traversal B:Session replay C:Time-of-Check D:Buffer overflow E:Integer overflow E:Integer overflow
A
It is an open authorization framework that lets third-party applications get limited access to HTTP services A:OAuth B:Shibboleth C:OIDC D:Kerberos E:SAML
A
How is the public key of the customer's digital certificate signed? Using the private key of the CA Using the public key of the CA Using the customer's secret key Using the customer's private key
A
In the change management lifecycle, what step comes directly after the "Submitting" phase? Approving Documenting Implementing Testing
A
Issued to rectify or correct a problem A:Corrective B:Compensating C:Deterrent D:Preventive E:Detective
A
PENETRATION TESTING: Agreeing to the target customers bug bounty program A:Rules of engagement B:Reconnaissance C:Privilege escalation D:Persistence E:Lateral movement F:Cleanup
A
Prints the top N number of data of the given input A:Head B:Tail C:Grep D:Chmod E:Cat F:Logger
A
Real-world drill while still operating business A:Parallel B:Plan Review (Read-through) C:Full interruption D:Simulation E:Tabletop F:Walkthrough (Exercise
A
Removing all footprints and artifacts of the attack chain A:Cleanup B:Lateral movement C:Privilege escalation D:Rules of engagement E:Persistence F:Reconnaissance
A
Takes messages from various sources then filters and forwards them A:Syslog-NG B:Auditd C:Top D:Logrotate E:Netstat
A
Targets high-level employee or someone in senior manage A:Whaling B:Spear phishing C:Smishing D:Business email compromise E:Pharmingment
A
Trust anchor for digital certificates in the chain of trust A:Root certificate B:Self-signed certificate C:Wildcard certificate D:S/MIME certificate E:Code signing certificate
A
Verifies if the outline of ridges and valleys matches patterns in pre-scanned images A:Fingerprint B:Retina scan C:Facial recognition D:Voice recognition E:Iris scan
A
What are varied access control technologies used to control usage of proprietary hardware and copyrighted works? DRM CIA CMDB DLP
A
What browser security policy forces the client to get another web page on a site from the same source server? SOP HSTS Obfuscation Normalization
A
What cloud-based software service acts as a gatekeeper to help enforce enterprise security policies while cloud applications are being accessed? CASB Transit gateway IaaS iPaaS
A
What component will typically store the instances of all organizational configuration items? CMDB APT SCADA CASB
A
What data privacy enhancement removes directly identifying elements in raw data and replaces it with randomly generated pseudonyms? Tokenization Obfuscation Masking Deduplication
A
What does AWS use to assign permissions to groups and/or users in IAM? Managed policies Roles Password policies Programmatic access
A
What emerging solution will protect new areas such as sensor networks, healthcare, distributed control systems, and IoT, in which highly constrained devices are interconnected? Lightweight cryptography Asymmetric cryptography Steganography Homomorphic cryptography
A
What entity has the responsibility to protect the federated identity's stored credentials and then provide them when requested? Identity provider Service provider Social media Consumer
A
What interface replaced the legacy BIOS on older system boards? UEFI IMAPS LDAPS SIEM
A
What is a configuration for Layer 2 isolation from other ports within the same broadcast domain or subnet called? PVLAN DLP URL MDM
A
What is a development technique in which two or more functionally identical variants of a program are developed from the same specification by different programmers with the intent of providing error detection? Software diversity Mobile security testing Stored procedures Continuous validation
A
What is a strict non-discretionary model defining relationships between subjects and objects? MAC DAC ABAC RBAC
A
What is a task automation and configuration management framework created by Microsoft? PowerShell Sn1per Hping Secure Shell
A
What is the amount of time available to recover a resource, service, or function? RTO MTTR RPO MTBF
A
What is the process of ensuring there is no redundancy in data and that similar components are stored together? Normalization Stored procedures Camouflage Obfuscation
A
What penetration testing technique would involve having some level of limited knowledge of the internal workings of the target? Gray box Black box Blue box White box
A
What service engine is used to prevent the leakage of corporate intellectual property? DLP MDM PVLAN URL
A
What service uses UDP port 1434? SQL DNS ESMTP Kerberos
A
What technology offers a common language in a file format that defines the cloud deployment of the infrastructure resources in a secure and repeatable manner? Infrastructure as code Fog computing Cloud access security broker Software as a service
A
What tool is commonly used as a better substitute for the Task Manager in Windows systems? Process Hacker Event Viewer Auditd Wireshark
A
What tool was originally named Ethereal? Wireshark Tcpdump Nessus Nmap
A
What tools are primarily focused on detecting and investigating suspicious activities and indicators of compromise (IoCs) on workstations, laptops, and mobile devices? EDR AUP WSUS DNSSEC
A
What type of attack involves infiltrating a system through an outside partner, vendor, or provider with access to your systems and/or data? Supply chain attack Shoulder surfing attack Collision attack Model stealing
A
What type of backup is an immediate point-in-time virtual copy of source typically to on-premise or cloud object storage? Snapshot Full Differential Incremental
A
What type of cryptography derives its power from the fact that qubits can represent numerous possible combinations of 1 and 0 at the same time? Quantum cryptography Lightweight cryptography Symmetric cryptography Homomorphic cryptography
A
Which EAP variant uses a Protected Access Credential (PAC) file? EAP-FAST EAP-TTLS PEAP EAP-TLS
A
Which RAID level needs at least three drives and has relatively low read/write performance? RAID 5 RAID 6 RAID 1 RAID 0
A
Which of these attacks takes advantage of inadequate mechanisms to stop clients from automated attempts through credential stuffing? Login attacks DDoS attacks MITM attacks Input validation attacks
A
Which of these authentication technologies is most likely to use a SHA-1 HMAC? HOTP TOTP SMS Push
A
Which of these cryptographic hashing algorithms should not be used in a new modern implementation? MD5 SHA3 SHA2 RIPEMD
A
Which of these disasters would be considered environmental? Landslide Epidemic Arson Outage
A
Which of these is more related to an on-premise provider as opposed to a cloud-based provider? More experience and familiarity with systems Better availability, resiliency, and durability Better physical separation Higher technical expertise
A
Which of these scanning techniques would decide if a system is configured in agreement with a recognized governance or regulatory policy?
A
Which of these third-party risks would most likely occur due to the use of unsecure coding practices and lack of testing? Outsourced container development System integration Data storage Supply chain activities
A
Which of these would commonly not be considered a benign usage of a man-in-the-middle? ARP proxy Web proxy server Network address translator Application layer gateway
A
Which role will offer initiatives and information sharing between teams to improve the organizational security posture? Purple team Blue team White team Red team
A
Which services integration method is the best choice when a large portfolio of complex integrations needs to be managed and the data must be transformed when it passes between the applications? Integration platform software iPaaS Custom coding SaaS vendor tooling
A
Which variant of XSS attacks leverages an insecurely written HTML page on an end user's system or endpoint gadgets and widgets? DOM-based Stored Persistent Reflected
A
Which of these are common inputs to next-generation SIEM systems? Appliances Users Network devices Cloud storage Database views Threat intelligence feeds
ABCF
Which of these represents passive reconnaissance instead of active reconnaissance? Using a network tap Less-intrusive process to daily operations Nessus vulnerability scan Conducting packet tracing Grabbing HTTP banners Leaving no footprints
ABCDF
Which of these are valid examples of weak configuration vulnerabilities? Defaults passwords Open ports and services Weak cryptosystems Privileged insiders Zero-day code deployments Unhardened systems and protocols
ABCF
Which of these are activities of a cyber forensic investigation? Collecting the available evidence Examining electronic evidence Analyzing indicators of compromise Performing the role of first responder Reporting on the findings of the analysis Determining an event from an incident
ABCE
What are valid activities when designing a wireless LAN? Antenna strength and placement RF channel selection Detecting interference Configuring the distribution frame Deploying 802.1q WAP placement
ABCF
Which if these control types would an armed security guard fall under? Preventative Detective Deterrent Recovery Corrective
ABC
Which of these are valid recovery control activities? Determining recovery time objectives for an email system Testing a business continuity plan Restoring a database from a snapshot Installing an uninterruptible power supply Conducting a remote mobile discovery and wipe function Setting up an intrusion detection service sensor
ABCDE
What solutions are provided by AAA accounting services? Auditing Billing Encapsulation Chargeback Reporting Non-repudiation
ABDE
Which of these protocols is commonly load balanced? UDP TLS ARP TCP HTTP ICMP
ABDE
Which of these are valid examples of weak configuration vulnerabilities? Open ports and services Defaults passwords Zero-day code deployments Unhardened systems and protocols Privileged insiders Weak cryptosystems
ABDF
Which of these represents active reconnaissance instead of passive reconnaissance? OSAWP web scanning May be illegal on the Internet Collecting metadata unobtrusively Can impact employee productivity Using a wireless packet sniffer Actions can be traced back to attacker
ABDF
Which technologies represent valid IoT devices? Facility automation Appliance sensors Intrusion prevention sensor Smart meters Multilayer switches Medical systems
ABDF
What technologies with learning, reasoning, and decision-making abilities are rapidly being incorporated into security, analysis, defense, and military systems? Artificial intelligence Machine learning Skimming and cloning Rainbow tables Robotic technologies
ABE
Which of these represents an attribute of a structured attack? Organized Multi-phased Benign Accidental Persistent Planned
ABEF
Which of these are characteristics of block ciphers? Must include padding Plaintext bits are XORed with keystream bits 3DES and AES are common Messages bigger than key size are broken up into size of key Faster and less complex Uses counter modes
ACDF
Which of these are exploitation frameworks and kits? Ransomware EKs John the Ripper GrandSoft EK GreenFlash Sundown OpenSSL RIG EK
ACDF
Which of these represents active reconnaissance instead of passive reconnaissance? Actions can be traced back to attacker Collecting metadata unobtrusively Can impact employee productivity OSAWP web scanning Using a wireless packet sniffer May be illegal on the Internet
ACDF
Which of these represents a likely primary or secondary loss due to using unsecure and unpatched legacy platforms? Data exfiltration Loss of employee skillsets Identity theft Increased costs Loss of reputation Loss of availability
ACEF
What is the term for the process of permissively allowing certain traffic and implicitly denying the rest? Remediation Whitelisting Blacklisting Static filtering
B
Which of these secure protocols would be used for synchronizing clocks on network infrastructure devices? HTTPS SNMPv3 NTPv3 SFTP
C
What is used to remotely generate, back up, restore and utilize RSA and ECC cryptographic keys on a lightweight HSM? SELinux MicroSD/ RFID SEAndroid
B
Which is a term describing a serious threat where a process running in the guest VM interacts directly with the host OS? VM native VM escape VM sprawl VM bare metal
B
When presenting reports to executive management, what format should be avoided in lieu of other visibility tools? Scatterplots Bubble charts Pie charts Density plots
C
A timing-based side-channel attack against WPA3 A:Bluesnarfing B:Dragonblood C:Evil twin D:Bluejacking E:Disassociation
B
According to GDPR, what is a public document provided by an organization that explains how they will process personal data and how the organization applies data protection principles? Non-disclosure agreement Privacy notice Impact assessment Memorandum of understanding
B
According to NIST SP 800-34, Revision 1, which of these activities will happen earliest in the incident response life cycle? Create after-action report Conduct the business impact analysis (BIA) Create contingency strategies Establish plan testing, training, and exercises
B
An enterprise has distributed a mobile device to an employee who may use it as if it were their personal equipment. What EMM model is being used by this enterprise? CYOD COPE BYOD NOPE
B
Augments controls that are already in place A:Corrective B:Compensating C:Deterrent D:Preventive E:Detective
B
Can steal data from a wireless device using a Bluetooth connection A:Bluejacking B:Bluesnarfing C:Dragonblood D:Evil twin E:Disassociation
B
Documents the security and technical aspects of connections between two organizations A:Organizational level agreement (OLA) B:Interconnection security agreement (ISA) C:Memorandum of understanding (MOU) D:Business partners agreement (BPA) E:Service level agreement (SLA)
B
Group discussion, plan auditing, Delphi, and brainstorming sessions with stakeholders A:Parallel B:Plan Review (Read-through) C:Full interruption D:Simulation E:Tabletop F:Walkthrough (Exercise
B
Implement safeguards that will reduce risk A:Avoidance B:Mitigation C:Acceptance D:Transference
B
In a Linux-based privilege escalation attack what is the typical first step? Check the available users and the current user privileges Check the OS release of the vulnerable system List the SUID files View its kernel version
B
In a Linux-based privilege escalation attack what is the typical first step? View its kernel version Check the OS release of the vulnerable system List the SUID files Check the available users and the current user privileges
B
In a disaster recovery plan order of restoration, which action will typically come first for most organizations? Maintain financial stability Protect people and critical assets Sustain ongoing operational viability Deliver value proposition profitably
B
In a distributed denial-of-service account what does the zombified system communicate with? A feed A C2C server A bot An agent
B
In what phase of the change management lifecycle is the proposed change analyzed and optionally validated? Approving Submitting Testing Documenting
B
It is popular with colleges and universities A:OAuth B:Shibboleth C:OIDC D:Kerberos E:SAML
B
KeyGhost captures passwords, credit card numbers, and other personal information A:Ransomware B:Keyloggers C:Worms D:RAT E:Spyware
B
Logs command execution on RedHat and SE Linux A:Syslog-NG B:Auditd C:Top D:Logrotate E:Netstat
B
Malware that can show advertisements, track information, and make changes to endpoints without user knowledge A:Worms B:Spyware C:Keyloggers D:RAT E:Ransomware
B
Network or host-based cyber observables or artifacts of an incursion A:Vulnerability databases B:STIX C:Dark web D:OSINT E:IoC
B
PENETRATION TESTING: Conducting planning, preparation, and information gathering A:Rules of engagement B:Reconnaissance C:Privilege escalation D:Persistence E:Lateral movement F:Cleanup
B
Passes the name of a file and will show you the last ten lines from that file A:Head B:Tail C:Grep D:Chmod E:Cat F:Logger
B
Pivoting from one domain or VLAN to another A:Cleanup B:Lateral movement C:Privilege escalation D:Rules of engagement E:Persistence F:Reconnaissance
B
Scans a thin tissue of neural cells in the back part of the eye A:Fingerprint B:Retina scan C:Facial recognition D:Voice recognition E:Iris scan
B
Signed by the entity it certifies, such as the root CA A:Root certificate B:Self-signed certificate C:Wildcard certificate D:S/MIME certificate E:Code signing certificate
B
Targets certain employees in certain departments, roles, and responsibilities A:Whaling B:Spear phishing C:Smishing D:Business email compromise E:Pharming
B
Targets certain employees in certain departments, roles, and responsibilities Answer ChoicesA:PharmingB:Spear phishingC:SmishingD:Business email compromiseE:Whaling
B
Web application allows reusing old session credentials for authorization A:Directory traversal B:Session replay C:Time-of-Check D:Buffer overflow E:Integer overflow
B
What Amazon Web Services offering gives app developers the ability to create SSO solutions from a custom user pool or service providers like Apple and Facebook? Dynamo Cognito EC2 S3
B
What are centralized logical routed hubs in the cloud that enable consumers to connect their virtual networks and on-premises networks to a single component? Bastion servers Transit gateways NAT gateways VPN concentrators
B
What are dedicated crypto processors consisting of hardened, tamper-resistant devices and virtual appliances for key management? DRM HSM DLP DAM
B
What cloud computing model allows the customer to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages and tools supported by the provider? IaaS PaaS MaaS SaaS
B
What cloud security service can help mitigate SQL injection and cross-sire scripting attacks? CASB WAF ACL NAT
B
What controls are also known as "administrative" controls? Technical Managerial Physical Operational
B
What database security technique involves sending sensitive data through an API call to a provider that replaces the data with non-sensitive placeholders? Hashing Tokenization Peppering Salting
B
What device would most likely perform TLS inspection? Microsoft Exchange servers Web application firewall Cloud-based SIEM service Database activity monitor
B
What entity offers outsourced security monitoring and management for applications, systems, and devices from the cloud? SAAS MSSP PAAS CASB
B
What is a SOAP extension published by OASIS used to enforce web confidentiality and integrity security? Linux IMA WS-Security NIST SP 800-155 Trusted platform module
B
What is a Wi-Fi Alliance standardized method for simplifying station setup and initial configuration? WEP WPS MD5 WPA
B
What is a comprehensive publication for mobile app security testing and reverse engineering the iOS and Android platforms? NVD OWASP MSTG OWASP Top 10 CIS Top 20 Controls
B
What is a suite of tools used to identify and report on fraudulent, illegal, or other undesirable behavior concerning data in transit or at rest? VPN DAM IPS AVC
B
What is a technique to improve an organization's information security management by establishing an original standard starting point? Metric Benchmark Threshold Indicator
B
What is a type of hard drive that automatically and continuously encrypts the data on the drive without any user interaction? SSD SED BSD LED
B
What is a well-known write-blocking data preview and imaging tool? Winhex FTK Imager Memdump dd
B
What lock attack uses a device with a wide tip inserted all the way to the back of the plug, then pulled out quickly, so that all the pins are bounced up? Picking Raking Hacking Brute force
B
What phase of an incident response plan implements techniques for categorizing and prioritizing the incident based on an established risk register or risk ledger? Containment Identification Recovery Preparation
B
What process involves changing an application's source code without modifying the characteristics? Driver manipulation Refactoring Request forgery Shimming
B
What process uses a device to remove the magnetic field of a physical drive? Pulping Degaussing Wiping Purging
B
What represents the software used to collect and send data to other systems in a power plant? Programmable Logic Controller SCADA FPGA Raspberry Pi
B
What service allows organizations to aggregate threat management, incident response, and repeatable security operations? OWASP SOAR Syslog SIEM
B
What technique uses devices that overlay an ATM machine or point-of-sale scanner to steal the information from the victim? Cloning Skimming Lightning cable Malicious USB
B
What technology involves orchestrating the packaging, isolation, and encapsulation of apps and work data into a separate segmented user-space within the device? MCM Containerization FDE SEP
B
What term describes a thin, stateless systems where the user cannot retain data or configure a desktop instance as it is deleted at the end of the session? Live boot media Non-persistent VDI Persistent VDI Type 2 hypervisor
B
What term describes the technique or method used to exploit a vulnerability or deliver a malware payload? Threat actor Threat vector Threat agent Threat category
B
What term would describe towers carrying cell phone and other equipment that are covered by fake trees? Camera surveillance Industrial camouflage Faraday cage Robot sentry
B
What tool has been called the "Swiss Army Knife" of tools? Curl Netcat The Harvester Dnsenum
B
What type of attack is also known as SOAP injection? SQL injection XML injection DLL injection LDAP injection
B
What type of service is AWS Lambda? Database as a Service Function as a Service Infrastructure as a Service Software as a Service
B
Which is an advantage of on-premise database solution as opposed to a cloud service provider? You will often leverage a cloud access security broker The threat actors are typically internal privileged users Many accounts will reduce the attack surface The public API calls are likely protected with digital signatures
B
Which of these IPsec mechanisms are used for origin authentication? SHA256 RSA signatures ECDHE AES-256
B
Which of these access modes is for the purpose of configuration or query commands on the device? Network mode Character mode Transport mode Packet mode
B
Which of these attacks is most likely to be conducted with a cell phone camera? Watering hole Shoulder surfing Tailgating Piggybacking
B
Which of these attacks triggers a certain event occurs such as mouse movement or file access? Stegomalware Logic bomb Rootkits Polymorphic packer
B
Which of these has the role of the keeper of information from a technical standpoint such as maintaining confidentiality, integrity, and availability? Owner Custodian Processor Steward
B
Which of these is a characteristic of AAA services deployed at a cloud provider as opposed to on-premises? The customer must provide layer 1 and 2 security The customer typically has programmatic and/or console access The customer has complete control over cloud protocols and services The customer determines the IAM features and options
B
Which of these is an AEAD that has built-in hash authentication and integrity with its symmetric encryption? SHA1 AES-256-GCM RC4 3DES
B
Which of these is more related to an on-premise provider as opposed to a cloud-based provider? Better availability, resiliency, and durability More experience and familiarity with systems Better physical separation Higher technical expertise
B
Which of these password attacks tries to access many accounts using a few commonly used passwords with a "low-and-slow" methodology? Offline brute force Spraying Rainbow tables Dictionary attack
B
Which of these refers to malicious scripts as opposed to malicious code? It is rarely sent through email attachments It affects only those applications for which it has been written It is an unwanted and unsolicited malicious program It is another generic term for malware
B
Which of these scanning techniques would decide if a system is configured in agreement with a recognized governance or regulatory policy? Web application scan Compliance scan Network scan Vulnerability
B
Which of these security frameworks is focused on cloud computing security? NIST CSA SOC 2 CIS
B
Which of these third-party risks would most likely occur due to the use of unsecure coding practices and lack of testing? Supply chain activities Outsourced container development System integration Data storage
B
Which source of research would be published by the IEEE? Twitter RFC TTP OSINT
B
Which specialty appliance would be used to make SSH2 connections to a backend database or directory service to perform secure dedicated management and administration as opposed to direct connections? IPS sensor Bastion host SIEM appliance NAC server
B
a break in electrical circuit A:Passive infrared B:Electro-mechanical C:Photoelectric D:Acoustical E:Vibration F:Microwave
B
hat 4-phased innovative technology has emerged over the last decade to lower the risks and costs associated with big data, especially in litigation and internal corporate and government investigations? Write blocking E-discovery Cyber kill chain Cyber forensics
B
Attempting to get root or administrative credentials of a database A:Cleanup B:Lateral movement C:Privilege escalation D:Rules of engagement E:Persistence F:Reconnaissance
C
Which of these solutions would best be described as a "mirrored" site that duplicates the entire enterprise running in parallel within minutes or hours? Hybrid cloud Cold site Hot site Mobile site
C
What is often used to provide access for management apps and browsers that need interactive read/write access to an X.500 or Active Directory service? IMAP SLIP LDAP TFTP
C
Which of these are common attributes for labeling and handling data? Warranty Personal association Utility Age Monetary value Format
BCDE
Which of these are provisioning and deprovision enablers? Patch management Automation Auto-scaling Kubernetes Infrastructure as code Waterfall developmenting
BCDE
Question : Which of these are terms that describe an attacker sitting on sites under someone else's brand and targeting Internet users who erroneously type into their browser address bar? Result: Partially correct. The correct answers are indicated. Detailed Results A Spim . B Sting sites C Spam D URL hijacking . E Fake URL F Typosquatting
BCDEF
Which of these are part of the automation life cycl Continuous improvement Continuous deployment Continuous delivery Continuous scripting Continuous monitoring Continuous validation
BCDEF
Which of these represents a likely primary or secondary loss due to using unsecure and unpatched legacy platforms? Increased costs Data exfiltration Loss of availability Loss of employee skillsets Identity theft Loss of reputation
BCEF
Which of these represents practical reasons for the effectiveness of social engineering? No buy-in from management Outdated anti-virus tools and utilities No policy enforcement Using augmented reality features Too many Facebook "likes" Lack of acceptable use policy
BCF
A condition when an attacker tries to gain privilege to a system by racing it to a resource A:Directory traversal B:Session replay C:Time-of-Check D:Buffer overflow E:Integer overflow
C
A cyber attack that uses SMS texting as the vector A:Whaling B:Spear phishing C:Smishing D:Business email compromise E:Pharming
C
A cyber attack that uses SMS texting as the vector ChoicesA:PharmingB:Spear phishingC:SmishingD:Business email compromiseE:Whaling
C
A special form of self-replicating malware that typically spreads without user action A:Ransomware B:Keyloggers C:Worms D:RAT E:Spyware
C
A timing-based side-channel attack against WPA3 A:Bluejacking B:Bluesnarfing C:Dragonblood D:Evil twin E:Disassociation
C
A typically non-binding declaration of intent of further relationships between two parties A:Organizational level agreement (OLA) B:Interconnection security agreement (ISA) C:Memorandum of understanding (MOU) D:Business partners agreement (BPA) E:Service level agreement (SLA)
C
According to the "order of volatility", which of these is LEAST volatile? Temporary file systems, swap/slack space Disk drives and volumes Logged data to a remote location Attached removable drives
C
An overlay network that is not indexed by search engines A:Vulnerability databases B:STIX C:Dark web D:OSINT E:IoC
C
Cost-prohibitive, real-world drill that ceases all business activities A:Parallel B:Plan Review (Read-through) C:Full interruption D:Simulation E:Tabletop F:Walkthrough (Exercise
C
Discourages you from performing attack A:Corrective B:Compensating C:Deterrent D:Preventive E:Detective
C
Do not implement any safeguards A:Avoidance B:Mitigation C:Acceptance D:Transference
C
In a distributed denial-of-service account what does the zombified system communicate with? A feed A bot A C2C server An agent
C
It is a basic identity layer on top of the OAuth 2.0 protocol A:OAuth B:Shibboleth C:OIDC D:Kerberos E:SAML
C
KeyGhost captures passwords, credit card numbers, and other personal information A:Worms B:Spyware C:Keyloggers D:RAT E:Ransomware
C
PENETRATION TESTING: Attempting to get root or administrative credentials of a database A:Rules of engagement B:Reconnaissance C:Privilege escalation D:Persistence E:Lateral movement F:Cleanup
C
Replaces an existing wireless service set so that users will connect to a fake one A:Bluesnarfing B:Dragonblood C:Evil twin D:Bluejacking E:Disassociation
C
Searches a regular expression against text in a file, multiple files, or a stream of input A:Head B:Tail C:Grep D:Chmod E:Cat F:Logger
C
Shows the Linux processes in real-time A:Syslog-NG B:Auditd C:Top D:Logrotate E:Netstat
C
The main method for modeling is Principal Component Analysis A:Fingerprint B:Retina scan C:Facial recognition D:Voice recognition E:Iris scan
C
To facilitate signature validation, DNSSEC adds a few new DNS record types. Which record contains the hash of a DNSKEY record? CDS RRSIG DS NSEC3
C
Used with multiple subdomains A:Root certificate B:Self-signed certificate C:Wildcard certificate D:S/MIME certificate E:Code signing certificate
C
What are most often used to catch a privileged insider during a structured attack? Honeynet Honeycomb Honeyfile Honeypot
C
What are threat hunters attempting to quickly recognize to counter cyber criminals and mitigate threats? RFCs SOARs IoCs SIEMs
C
What component will typically store the instances of all organizational configuration items? SCADA CASB CMDB APT
C
What cryptographic attack takes advantage of an application's ability to give up a more secure method of communication and revert to an older, less-optimal mode? Ciphertext-only attack Known-plaintext attack Downgrade attack Birthday attack
C
What data designation refers to information that, though unclassified, often requires strict controls over its distribution? Top secret Private Sensitive but unclassified Confidential
C
What initiative defines a hierarchy of security management standards to secure data from theft and tampering by unauthorized persons who can access a storage device or host system where the storage device resides? BitLocker TPM OPAL Registry editor
C
What is a recent privacy law that governs the EU and their partners? PCI-DSS HIPPA GDPR CIS
C
What is a tamper-resistant security chip installed on the device or built into PCs, tablets, and phones? HSM SED TPM FDE
C
What is an enclosure that blocks electromagnetic fields emanating from EMI and EMP? Mantrap Carrington box Faraday cage Distribution frame
C
What is an open-source electronic prototyping platform that enables users to create interactive electronic objects? FPGA RTOS Arduino SoC
C
What is another term used to describe an influence campaign? Watering hole Identity fraud Misinformation operation Credential harvesting
C
What is most likely the first step in a scam or hoax attack? Blackstortion E-mail phishing IP spoofing Masquerading
C
What technique can overwhelm the content addressable memory tables on Layer 2 switches? ARP poisoning MAC cloning MAC flooding ARP spoofing
C
What technique grants full access to an Android device, where every line of code in the Linux-based device becomes editable, with options that are only restricted by coding skills? Jailbreaking Bluejacking Rooting Sideloading
C
What technique improves certificate security by only trusting certificates issues by specific certificate authorities, such as Chrome only trusting Google? OCSP stapling Certificate revocation list Certificate pinning Domain validation
C
What term describes the technique or method used to exploit a vulnerability or deliver a malware payload? Threat actor Threat category Threat vector Threat agent
C
What type of account would be a privileged domain account used under the context of a facility to interact with the network operating system? Shared account Root account Service account User account
C
What type of key is used for only one single key establishment process and is never stored in memory or retained? Static key Stretched key Ephemeral key Session key
C
What type of smart card is most likely to be used by active duty military? Badge TOTP CAC ATM
C
Which attacks takes advantage of Windows Safe Mode? SSL stripping Race conditions Pass the hash Path traversal
C
Which cryptographic service ensures that the original sender cannot deny sending data or engaging in a digital transaction based on the usage of a secret or private key? Confidentiality Integrity Non-repudiation Origin authentication
C
Which of these SYSLOG messages would have the code number "4"? Informational Error Warning notice
C
Which of these SYSLOG messages would have the code number "4"? Informational Notice Warning Error
C
Which of these factors would be categorized as "something you have"? Password Fingerprint Smart card PIN
C
Which of these statements is true regarding containers? Containers are built for waterfall deployment methods Containers are always installed on a server platform Containers function like a virtual machine for application code Containers contribute to constantly changing code versions
C
Which of these statements is true regarding zero-day attacks? The CVE is months behind in identifying these vulnerabilities The "zero" refers to the threat level on a scale of 0-10 All malware and exploits were a zero-day at one time or another Most malicious code is accounted for today
C
Which of these would commonly not be considered a benign usage of a man-in-the-middle? Application layer gateway Network address translator ARP proxy Web proxy server
C
Which switch port security initiative is referred to as port-based network access control (PNAC)? 802.3 802.11 802.1X 802.5
C
Which type of mobile communication uses either point-to-point or diffuse methods? Bluetooth NFC Infrared 5G cellular
C
a break in a light beam A:Passive infrared B:Electro-mechanical C:Photoelectric D:Acoustical E:Vibration F:Microwave
C
detecting infrared light A:Passive infrared B:Electro-mechanical C:Photoelectric D:Acoustical E:Vibration F:Microwave
C
Which of these are other terms used for DNS domain hijacking? Domain reputation attack DNS poisoning Clickjacking UI redressing User interface redress
CDE
Which of these are attributes of a structured attack? Drive-by Not following AUP Multi-phased Planned Persistent Organized
CDEF
Which of these are terms that describe an attacker sitting on sites under someone else's brand and targeting Internet users who erroneously type into their browser address bar? Spam Spim Sting sites URL hijacking Fake URL Typosquatting
CDEF
Which of these is considered a primary or secondary loss from a data breach? Magnitude Residuals Replacement Productivity Reputation Response
CDEF
Which variant of XSS attacks leverages an insecurely written HTML page on an end user's system or endpoint gadgets and widgets? Stored Persistent Reflected DOM-based
D
Which service in AWS is generated by an application elastic load balancer? GuardDuty findings CloudTrail APIs Logrotate output Flow logs
D
A prank that takes advantage of sending contact information automatically without authentication A:Bluesnarfing B:Dragonblood C:Evil twin D:Bluejacking E:Disassociation
D
Changes the access permissions of files and folders A:Head B:Tail C:Grep D:Chmod E:Cat F:Logger
D
Classified as a behavioral biometric A:Fingerprint B:Retina scan C:Facial recognition D:Voice recognition E:Iris scan
D
Which type of fire extinguisher is used on electrical equipment and wires and consists of gas, dry powders, or carbon dioxide? Type B Type D Type A Type C
D
A structured language for cyber threat intelligence A:Vulnerability databases B:STIX C:Dark web D:OSINT E:IoC
D
Declares the contributions, rights, and responsibilities of each business associate A:Organizational level agreement (OLA) B:Interconnection security agreement (ISA) C:Memorandum of understanding (MOU) D:Business partners agreement (BPA) E:Service level agreement (SLA)
D
ALE = _______ x ARO AV EF MTD SLE
D
Which type of threat actor has some level of information about the target but often needs more? White hat Black hat Blue hat Gray hat
D
Agreeing to the target customers bug bounty program A:Cleanup B:Lateral movement C:Privilege escalation D:Rules of engagement E:Persistence F:Reconnaissance
D
Attacker sends larger than expected input and a server accepts it and writes to memory areas A:Directory traversal B:Session replay C:Time-of-Check D:Buffer overflow E:Integer overflow
D
Focuses on specific scenarios and areas using real DRP resources like recovery sites A:Parallel B:Plan Review (Read-through) C:Full interruption D:Simulation E:Tabletop F:Walkthrough (Exercise
D
Which type of threat actor has some level of information about the target but often needs more? White hat Blue hat Black hat Gray hat
D
In the IEEE 802.1X architecture, which component is the most likely to send the initial EAPOL frames? Client NAD Authentication server Supplicant
D
Infected PC serves a session back to C2C server acting as client A:Ransomware B:Keyloggers C:Worms D:RAT E:Spyware
D
Infected PC serves a session back to C2C server acting as client A:Worms B:Spywareterm-15 C:Keyloggers D:RAT E:Ransomware
D
It uses a Ticket Granting Server (TGS) A:OAuth B:Shibboleth C:OIDC D:Kerberos E:SAML
D
Offers automatic rotation, compression, disposal, and emailing of log files A:Syslog-NG B:Auditd C:Top D:Logrotate E:Netstat
D
PENETRATION TESTING: Forcing the exploit to remain even with a reboot or network disconnect A:Rules of engagement B:Reconnaissance C:Privilege escalation D:Persistence E:Lateral movement F:Cleanup
D
Pass the risk to a third-party A:Avoidance B:Mitigation C:Acceptance D:Transference
D
Replaces an existing wireless service set so that users will connect to a fake one A:Bluejacking B:Bluesnarfing C:Dragonblood D:Evil twin E:Disassociation
D
Signs and encrypts email messages A:Root certificate B:Self-signed certificate C:Wildcard certificate D:S/MIME certificate E:Code signing certificate
D
Stops you from performing attack A:Corrective B:Compensating C:Deterrent D:Preventive E:Detective
D
Targets companies who outsource, conduct wire transfers, and have suppliers abroad A:Whaling B:Spear phishing C:Smishing D:Business email compromise E:Pharming
D
Which is an advantage of on-premise database solution as opposed to a cloud service provider? Many accounts will reduce the attack surface The public API calls are likely protected with digital signatures You will often leverage a cloud access security broker The threat actors are typically internal privileged users
D
What advanced authorization method can be used to put restrictions on where a mobile device can be actively used based on GPS? Geotagging Geolocation Geography Geofencing
D
What are threat hunters attempting to quickly recognize to counter cyber criminals and mitigate threats? RFCs SOARs SIEMs IoCs
D
What class of gate is typically used for limited access and industrial sites like warehouses, factories, and docks? IV I II III
D
What common cryptographic feature is an aspect of white-box cryptography where keys are protected from extraction when under the control of the penetration tester or attacker? Non-repudiation Confidentiality Authentication Obfuscation
D
What concept is concerned with the ownership, custodianship, stewardship, and usage of data based on jurisdictional, legal, and governmental directives? Data deduplication Data in use Data masking Data sovereignty
D
What cryptographic attack takes advantage of an application's ability to give up a more secure method of communication and revert to an older, less-optimal mode? Birthday attack Ciphertext-only attack Known-plaintext attack Downgrade attack
D
What device is a combination of email, fax, photocopier, printer, and scanner? RTOS SoC HVAC MFP
D
What is a collection of contrasting technologies that empowers enterprises to collect data and alerts from various sources? LOGGER MDM PVLAN SOAR
D
What is a knowledge base composed of assertive attack methods and practices based on real-world interpretations? Cyber kill chain Diamond Model of Intrusion Analysis Chain of custody MITRE ATT&CK
D
What is a network with resources under the control of another organization such as a strategic partner in which your organization also needs access? Intranet Honeynet MAN Extranet
D
What is a software service implemented between cloud customers and software-as-a-service providers to provide visibility, compliance, data security, and threat protection? DLP DRP CMDB CASB
D
What is most likely the first step in a scam or hoax attack? E-mail phishing Masquerading Blackstortion IP spoofing
D
What is the ability of a system to increase the workload on its current and additional dynamically added, on demand hardware resources? Availability Durability Scalability Elasticity
D
What is the final section of an after-action report? Stated objectives Analysis of results Summary Recommendations
D
What is the recommended cryptosystem to secure data at rest in the cloud? 3DES RC4 Diffie-Helman AES
D
What service allows organizations to aggregate threat management, incident response, and repeatable security operations? Syslog OWASP SIEM SOAR
D
What term describes a situation when the number of VMs overtakes the administrator's ability to manage them? VM escape VM sprawl Hosted VM Bare metal VM
D
What type of agreement identifies confidential information that two parties wish to share with each other but not with external entities? OPM SOP AUP NDA
D
What type of attack is also known as SOAP injection? SQL injection DLL injection LDAP injection XML injection
D
Which area of enterprise diversity would specifically involve using defense in depth to secure access to the safe in the company CEO's office? Cryptosystems Vendors Technology Controls
D
Which attacks takes advantage of Windows Safe Mode? Race conditions SSL stripping Path traversal Pass the hash
D
Which of these attacks takes advantage of inadequate mechanisms to stop clients from automated attempts through credential stuffing? DDoS attacks MITM attacks Input validation attacks Login attacks
D
Which of these is a non-regulatory framework? SOX GDPR HIPAA ITIL
D
Which of these mitigating features on a WAF WebACL will look for attackers attempting to modify the back-end database of a front-end web server? Cross-site request forgery Buffer overflows Cross-site scripting SQL injection
D
Which of these password attacks tries to access many accounts using a few commonly used passwords with a "low-and-slow" methodology? Rainbow tables Offline brute force Dictionary attack Spraying
D
Which of these statements is true regarding zero-day attacks? Most malicious code is accounted for today The "zero" refers to the threat level on a scale of 0-10 The CVE is months behind in identifying these vulnerabilities All malware and exploits were a zero-day at one time or another
D
Which of these states are the result of an erroneous action triggering from a benign event? True positive False negative True negative False positive
D
Which of these versions of Diffie-Hellman is commonly used in TLS and uses elliptic-curve public/private key pairs and forward secrecy? DHKE DHE ECDH ECDHE
D
You are configuring a Cisco router for centralized AAA with a RADIUS server cluster. What type of account would you create to get administrative access if the RADIUS servers are temporarily unavailable due to a network issue? Shared account Application account Guest account Emergency account
D
a change in high-frequency radio waves A:Passive infrared B:Electro-mechanical C:Photoelectric D:Acoustical E:Vibration F:Microwave
D
noise detection of a change in sound waves A:Passive infrared B:Electro-mechanical C:Photoelectric D:Acoustical E:Vibration F:Microwave
D
a change in the level of pulsation A:Passive infrared B:Electro-mechanical C:Photoelectric D:Acoustical E:Vibration F:Microwave
E
An error when the result of a math operation does not fit within the allocated memory space A:Directory traversal B:Session replay C:Time-of-Check D:Buffer overflow E:Integer overflow
E
Attacker poisons a DNS server to re-direct users to unintentionally go to a fake site A:Whaling B:Spear phishing C:Smishing D:Business email compromise E:Pharming
E
Authenticates the source and integrity of device drivers A:Root certificate B:Self-signed certificate C:Wildcard certificate D:S/MIME certificate E:Code signing certificate
E
Client and server handshake before the server generates two cryptographic keys A:Worms B:Spyware C:Keyloggers D:RAT E:Ransomware
E
Compromises various control and management frames when MPP is not used A:Bluejacking B:Bluesnarfing C:Dragonblood D:Evil twin E:Disassociation
E
Compromises various control and management frames when MPP is not used A:Bluesnarfing B:Dragonblood C:Evil twin D:Bluejacking E:Disassociation
E
Concatenates files and displays the output to the standard output (usually the shell) A:Head B:Tail C:Grep D:Chmod E:Cat F:Logger
E
Data or information that can be collected legally from free, public sources concerning an individual or organization A:Vulnerability databases B:STIX C:Dark web D:OSINT E:IoC
E
Defines quality and availability commitments between a provider and external consumer A:Organizational level agreement (OLA) B:Interconnection security agreement (ISA) C:Memorandum of understanding (MOU) D:Business partners agreement (BPA) E:Service level agreement (SLA)
E
Examination of documented plans, diagrams, and virtual walkthroughs to eliminate gaps/errors A:Parallel B:Plan Review (Read-through) C:Full interruption D:Simulation E:Tabletop F:Walkthrough (Exercise
E
Forcing the exploit to remain even with a reboot or network disconnect A:Cleanup B:Lateral movement C:Privilege escalation D:Rules of engagement E:Persistence F:Reconnaissance
E
Identifies an attack that is happening A:Corrective B:Compensating C:Deterrent D:Preventive E:Detective
E
It is an XML-based open-source SSO standard used by many organizations A:OAuth B:Shibboleth C:OIDC D:Kerberos E:SAML
E
Malware that can show advertisements, track information, and make changes to endpoints without user knowledge A:Ransomware B:Keyloggers C:Worms D:RAT E:Spyware
E
PENETRATION TESTING: Pivoting from one domain or VLAN to another A:Rules of engagement B:Reconnaissance C:Privilege escalation D:Persistence E:Lateral movement F:Cleanup
E
Question : Which of these types of phishing variants matches the proper definition? Answer ChoicesA:PharmingB:Spear phishingC:SmishingD:Business email compromiseE:Whaling
E
The more widely accepted commercial ocular-based modality A:Fingerprint B:Retina scan C:Facial recognition D:Voice recognition E:Iris scan
E
Visualizes TCP connections A:Syslog-NG B:Auditd C:Top D:Logrotate E:Netstat
E
Adds log files to /var/log/syslog from the command line, scripts, or other files A:Head B:Tail C:Grep D:Chmod E:Cat F:Logger
F
Conducting planning, preparation, and information gathering A:Cleanup B:Lateral movement C:Privilege escalation D:Rules of engagement E:Persistence F:Reconnaissance
F
Planned rehearsals and drills performed in stages and by department/building only A:Parallel B:Plan Review (Read-through) C:Full interruption D:Simulation E:Tabletop F:Walkthrough (Exercise
F
Removing all footprints and artifacts of the attack chain A:Rules of engagement B:Reconnaissance C:Privilege escalation D:Persistence E:Lateral movement F:Cleanup
F
What term describes when the custom or outsourced application is developed with security integrated into the entire SDLC. Security by obscurity Security by design Security by default Security by deployment
b
Which of these attacks is most likely to be conducted with a cell phone camera? a Tailgating b Watering hole c Shoulder surfing d Piggybacking
c
Which of these IPsec protocols offers additional confidentiality services? IKE AH VPN ESP
d