Test Questions
ARP Poisoning / Spoofing
Address Resolution Protocol Poisoning, used with Man-in-the-Middle Attacks at workstations
Which of the following cryptographic algorithms is classified as symmetric?
Advanced Encryption Standard (AES)
Infrastructure as a Service (IaaS)
Blank hardware to use for whatever
DNS Poisoning
Changing IP Addresses on DNS Servers sending users to the wrong destination
What sanitization technique uses only logical techniques to remove data, such as overwriting a hard drive with a random series of ones and zeroes?
Clear
You are conducting an incident response and have traced the attack source to some compromised user credentials. After performing log analysis, you discover that the attack was successfully authenticated from an unauthorized foreign country. Your management is now asking for you to implement a solution to help mitigate this type of attack from occurring again. Which of the following should you implement?
Context-based authentication
XSRF / CSRF (Sea Surf)
Cross-site Request Forgery
Which of the following describes the overall accuracy of a biometric authentication system?
Crossover Error Rate (CER)
Sarah is working at a startup that is focused on making secure banking apps for smartphones. Her company needs to select an asymmetric encryption algorithm to encrypt the data being used by the app. Due to the need for high security of the banking data, the company needs to ensure that whatever encryption they use is considered strong, but also need to minimize the processing power required since it will be running on a mobile device with lower computing power. Which algorithm should Sarah choose to provide the same level of high encryption strength with a lower overall key length?
Elliptic curve cryptography (ECC)
Which law requires government agencies and other organizations that operate systems on behalf of government agencies to comply with security standards?
Federal Information Security Management Act (FISMA)
IoT
Internet of Things, Light bulbs, Cameras, Smartphones, eta.
Replay Attacks / Pass the Hash
It's replaying data a user sent earlier to gain access, salting prevents this.
You are the first forensic analyst to arrive on the scene of a data breach. You have been asked to begin evidence collection on the server while waiting for the rest of your team to arrive. Which of the following evidence should you capture first?
L3 Cashe
Salting
Makes passwords different every time on a network.
MTD
Maximum Tolerable Downtime
MTBF
Mean Time Between Failures
MTTF
Mean Time to Failure
Which operating system feature is designed to detect malware that is loaded early in the system startup process or before the operating system can load itself?
Measured boot
Which of the following tools is useful for capturing Windows memory data for forensic analysis?
Memdump
What tool can be used to scan a network to perform vulnerability checks and compliance auditing?
Nessus
Dion Training utilizes a wired network throughout the building to provide network connectivity. Jason is concerned that a visitor might plug their laptop into a CAT 5e wall jack in the lobby and access the corporate network. What technology should be utilized to prevent users from gaining access to network resources if they can plug their laptops into the network?
Network Access Control (NAC)
Your company is setting up a system to accept credit cards in their retail and online locations. Which of the following compliance types should you be MOST concerned with dealing with credit cards?
Payment Card Industry Data Security Standard (PCI DSS)
Your firewall is blocking outbound email traffic that is attempting to be sent. Which port should you verify is set to ALLOW in the firewall to ensure your emails are being sent?
Port 25
Which of the following cryptographic algorithms is classified as stream cipher?
RC4, or Rivest Cipher 4
Which of the following cryptographic algorithms is classified as symmetric?
RC4, or Rivest Cipher 4
RPO
Recovery Point Objective
RTO
Recovery Time Objective
Which party in a federation provides services to members of the federation?
Relying parties (RPs)
RAT
Remote Access Trojan
Pharming
Reroutes requests for legitimate websites to false websites
Which of the following hashing algorithms results in a 160-bit fixed output?
SHA-1
Cloud Access Security Broker (CASB)
Security for cloud servers and on-premise
You are troubleshooting a network connectivity issue and need to determine the packet's flow path from your system to the remote server. Which of the following tools would best help you identify the path between the two systems?
TRACERT (trace route)
Bluebugging
Taking over mobile/smartphone
Bluesnarfing
Theft of info from mobile/smartphone
Rogue Access Point (Rogue AP)
Unauthorized device on a network
Evil Twin
Unauthorized device pretending to be a known device
BlueJacking
Unauthorized texts sent to/from a mobile/smartphone
Session Hijacking
Using a similarly spelled Address
Every new employee at Dion Training must sign a document to show they understand the proper rules for using the company's computers. This document states that the new employee has read the policy that dictates what can and cannot be done from the corporate workstations. Which of the following documents BEST describes this policy?
acceptable use policy (AUP)
Sofware as a Service (SaaS)
access thru web like Gmail, Office 365
Platform as a Service (PaaS)
barrow a cloud server to make apps
Alexa is an analyst for a large bank that has offices in multiple states. She wants to create an alert to detect if an employee from one bank office logs into a workstation located at an office in another state. What type of detection and analysis is Alexa configuring?
behavior-based detection
During your annual cybersecurity awareness training in your company, the instructor states that employees should be careful about what information they post on social media. According to the instructor, if you post too much personal information on social media, such as your name, birthday, hometown, and other personal details, it is much easier for an attacker to conduct which type of attack to break your passwords?
cognitive password attack
A financial services company wants to donate some old hard drives from their servers to a local charity. The hard drives used in the servers are self-encrypting drives. Still, they are concerned about the possibility of residual data being left on the drives. Which of the following secure disposal methods would you recommend the company use?
cryptographic erase (CE)
A supplier needs to connect several laptops to an organization's network as part of their service agreement. These laptops will be operated and maintained by the supplier. Victor, a cybersecurity analyst for the organization, is concerned that these laptops could contain some vulnerabilities that could weaken the network's security posture. What can Victor do to mitigate the risk to other devices on the network without having direct administrative access to the supplier's laptops?
implement a jump box system
During a penetration test, you find a hash value related to malware associated with an APT. What best describes what you have found?
indicator of compromise
MTTR
mean time to repair / replace
You are performing a web application security test, notice that the site is dynamic, and must be using a back-end database. You decide you want to determine if the site is susceptible to a SQL injection. What is the first character that you should attempt to use in breaking a valid SQL request?
single quote
Which of the following is the most important feature to consider when designing a system on a chip?
space and power savings
Aymen is creating a procedure for the remediation of vulnerabilities discovered within his organization. He wants to ensure that any vendor patches are tested before deploying them into the production environment. What type of environment should his organization establish?
staging
You are conducting a routine vulnerability scan of a server when you find a vulnerability. You locate a patch for the vulnerability on the software vendor's website. What should you do next?
summit a Request fir Change using the change management process
Re-imaging
wiping a pc
What should be done NEXT if the final set of security controls does not eliminate all of the risks in a given system?
you should accept the risk if the residual risk is low enough
