Security Plus 3

Which switch port security initiative is referred to as port-based network access control (PNAC)?

802.1X

Concatenates files and displays the output to the standard output (usually the shell)

Cat

What technique improves certificate security by only trusting certificates issues by specific certificate authorities, such as Chrome only trusting Google?

Certificate Pinning

Changes the access permissions of files and folders

ChMod

Authenticates the source and integrity of device drivers

Code signing certificate

What tool is commonly used as a better substitute for the Task Manager in Windows systems?

Process Hacker

What type of cryptography derives its power from the fact that qubits can represent numerous possible combinations of 1 and 0 at the same time?

Quantum Cryptography

Which of these IPsec mechanisms are used for origin authentication?

RSA Signatures

What is the final section of an after-action report?

Reccommendations

Trust anchor for digital certificates in the chain of trust

Root certificate

What technique grants full access to an Android device, where every line of code in the Linux-based device becomes editable, with options that are only restricted by coding skills?

Rooting

Signs and encrypts email messages

S/MIME Certificate

What represents the software used to collect and send data to other systems in a power plant?

SCADA

What is a type of hard drive that automatically and continuously encrypts the data on the drive without any user interaction?

SED

What is a collection of contrasting technologies that empowers enterprises to collect data and alerts from various sources?

SOAR

What browser security policy forces the client to get another web page on a site from the same source server?

SOP

What service uses UDP port 1434?

SQL

Which of these mitigating features on a WAF WebACL will look for attackers attempting to modify the back-end database of a front-end web server?

SQL Injection

Signed by the entity it certifies, such as the root CA

Self-signed certificate

What type of account would be a privileged domain account used under the context of a facility to interact with the network operating system?

Service Account

Defines quality and availability commitments between a provider and external consumer

Service level agreement (SLA)

Focuses on specific scenarios and areas using real DRP resources like recovery sites

Simulation

Examination of documented plans, diagrams, and virtual walkthroughs to eliminate gaps/errors

Tabletop

Passes the name of a file and will show you the last ten lines from that file

Tail

What is a well-known write-blocking data preview and imaging tool?

FTK Imager

Which service in AWS is generated by an application elastic load balancer?

Flow logs

Takes messages from various sources then filters and forwards them

Syslog-NG

Which of these are characteristics of block ciphers?

- Must include padding - Messages bigger than key size are broken up into size of key - Uses counter modes - 3DES and AES are common

Which of these are activities of a cyber forensic investigation?

-Analyzing indicators of compromise -Reporting on the findings of the analysis -Examining electronic evidence -Collecting the available evidence

What are valid activities when designing a wireless LAN?

-Antenna strength and placement -Detecting interference -WAP placement -RF channel selection

Which technologies represent valid IoT devices?

-Facility automation -Appliance sensors -Smart meters -Medical systems

Which of these protocols is commonly load balanced?

-HTTP -TCP -UDP -TLS

Which of these are common attributes for labeling and handling data?

-Monetary value -Age -Utility -Personal association

Which of these are common inputs to next-generation SIEM systems?

-Network devices -Appliances -Users -Threat intelligence feeds

Which of these are exploitation frameworks and kits?

-Rig EK - GreenFlash Sundown - Ransomware EKs - GrandSoft EK

What is used to remotely generate, back up, restore and utilize RSA and ECC cryptographic keys on a lightweight HSM?

COPE

Which of these security frameworks is focused on cloud computing security?

CSA

In the change management lifecycle, what step comes directly after the "Submitting" phase?

Approving

What is an open-source electronic prototyping platform that enables users to create interactive electronic objects?

Arduino

Logs command execution on RedHat and SE Linux

Auditd

Which specialty appliance would be used to make SSH2 connections to a backend database or directory service to perform secure dedicated management and administration as opposed to direct connections?

Bastion host

What is a technique to improve an organization's information security management by establishing an original standard starting point?

Benchmark

Declares the contributions, rights, and responsibilities of each business associate

Business partners agreement (BPA)

According to NIST SP 800-34, Revision 1, which of these activities will happen earliest in the incident response life cycle?

Conduct the business impact analysis (BIA)

What technology involves orchestrating the packaging, isolation, and encapsulation of apps and work data into a separate segmented user-space within the device?

Containerization

What is a suite of tools used to identify and report on fraudulent, illegal, or other undesirable behavior concerning data in transit or at rest?

DAM

What service engine is used to prevent the leakage of corporate intellectual property?

DLP

To facilitate signature validation, DNSSEC adds a few new DNS record types. Which record contains the hash of a DNSKEY record?

DS

What 4-phased innovative technology has emerged over the last decade to lower the risks and costs associated with big data, especially in litigation and internal corporate and government investigations?

E-Discovery

Which EAP variant uses a Protected Access Credential (PAC) file?

EAP-FAST

Which of these versions of Diffie-Hellman is commonly used in TLS and uses elliptic-curve public/private key pairs and forward secrecy?

ECDHE

What tools are primarily focused on detecting and investigating suspicious activities and indicators of compromise (IoCs) on workstations, laptops, and mobile devices?

EDR

Which of these IPsec protocols offers additional confidentiality services?

ESP

What type of key is used for only one single key establishment process and is never stored in memory or retained?

Ephemeral Key

What is a network with resources under the control of another organization such as a strategic partner in which your organization also needs access?

Extranet

Cost-prohibitive, real-world drill that ceases all business activities

Full interruption

Searches a regular expression against text in a file, multiple files, or a stream of input

GREP

Prints the top N number of data of the given input

Head

Which of these is a non-regulatory framework?

ITIL

What phase of an incident response plan implements techniques for categorizing and prioritizing the incident based on an established risk register or risk ledger?

Identification

Which type of mobile communication uses either point-to-point or diffuse methods?

Infrared

Which cryptographic service ensures that the original sender cannot deny sending data or engaging in a digital transaction based on the usage of a secret or private key?

Non-repudiation

Documents the security and technical aspects of connections between two organizations

Interconnection security agreement (ISA)

What emerging solution will protect new areas such as sensor networks, healthcare, distributed control systems, and IoT, in which highly constrained devices are interconnected?

Lightweight Cryptography

According to the "order of volatility", which of these is MOST volatile?

Logged data to a remote location

Adds log files to /var/log/syslog from the command line, scripts, or other files

Logger

Offers automatic rotation, compression, disposal, and emailing of log files

Logrotate

Which of these cryptographic hashing algorithms should not be used in a new modern implementation?

MD5

What device is a combination of email, fax, photocopier, printer, and scanner?

MFP

What is a knowledge base composed of assertive attack methods and practices based on real-world interpretations?

MITRE Attack

A typically non-binding declaration of intent of further relationships between two parties

Memorandum of understanding (MOU)

What is used to remotely generate, back up, restore and utilize RSA and ECC cryptographic keys on a lightweight HSM?

MicroSD

What type of agreement identifies confidential information that two parties wish to share with each other but not with external entities?

NDA (Non-disclosure)

Which of these secure protocols would be used for synchronizing clocks on network infrastructure devices?

NTPv3

What tool has been called the "Swiss Army Knife" of tools?

Netcat

Visualizes TCP connections

Netstat

What initiative defines a hierarchy of security management standards to secure data from theft and tampering by unauthorized persons who can access a storage device or host system where the storage device resides?

OPAL

What common cryptographic feature is an aspect of white-box cryptography where keys are protected from extraction when under the control of the penetration tester or attacker?

Obfuscation

Defines responsibilities and support levels between a provider and an internal business unit often through a service desk

Organizational level agreement (OLA)

What is a configuration for Layer 2 isolation from other ports within the same broadcast domain or subnet called?

PVLAN

Real-world drill while still operating business

Parallel

When presenting reports to executive management, what format should be avoided in lieu of other visibility tools?

Pie charts

Group discussion, plan auditing, Delphi, and brainstorming sessions with stakeholders

Plan Review (Read-through)

What is a task automation and configuration management framework created by Microsoft?

Powershell

What is the term for the process of permissively allowing certain traffic and implicitly denying the rest?

Whitelisting

Used with multiple subdomains

Wildcard Certificate

What tool was originally named Ethereal?

Wireshark

What database security technique involves sending sensitive data through an API call to a provider that replaces the data with non-sensitive placeholders?

Tokenization

Shows the Linux processes in real-time

Top

What interface replaced the legacy BIOS on older system boards?

UEFI

How is the public key of the customer's digital certificate signed?

Using the private key of the CA

What is a Wi-Fi Alliance standardized method for simplifying station setup and initial configuration?

WPS

Planned rehearsals and drills performed in stages and by department/building only

Walkthrough (exercise)