W10 Milestone Exam (Part 4, Modules 8-11)
In a security review meeting, you proposed a demilitarized zone for one of your company's data centers. You were then asked to explain the objective of having a DMZ in the data centers. Which of the following should be your answer?
A DMZ will separate the secure facilities from unknown and potentially hostile outsiders.
Which of the following correctly differentiates between a man-in-the-middle (MITM) attack and a man-in-the-browser (MITB)?
A MITM attack occurs between two endpoints, whereas a MITB attack occurs between a browser and underlying computer.
Which of the following attacks is considered easy, allowing threat actors to access user data and read through passwords and PINs, and why is it considered so?
A WLAN consumer attack, because many users fail to properly configure security on their home WLANs.
Which of the following differentiates an access point probe and a dedicated probe?
A dedicated probe only monitors RF transmissions, while an access probe can serve as both a probe and an access point that can provide roaming to wireless users.
What is a virtual firewall?
A firewall that runs in the cloud
What is a Type I hypervisor?
A hypervisor that runs directly on computer hardware
Which of the following best describes a network address translation?
A network address translation (NAT) enables a private IP network to connect to the internet.
Which of the following best describes a network hardware security module?
A network hardware security module is a trusted network computer that performs cryptographic operations.
You are analyzing the settings for your network's firewall. There is currently a log-only rule set for the source address 112.101.2.4. Which of the following has created a log entry in the firewall?
A rule is set to allow all packets from 112.101.2.1 through 112.101.2.22.
In which of the following configurations are all the load balancers always active?
Active-active
Suzanne is a cybersecurity expert. She was approached by Alex with a complaint that his payment information has leaked even though he has not made any online payments or shared information with anyone. Suzanne concluded that attackers most likely bumped a portable reader against Alex's smartphone to make an NFC connection and steal the payment information stored on the phone.What should Suzanne suggest to Alex to prevent this type of attack from happening in the future?
Alex should always turn the NFC off while he's in a crowded area.
Which firewall rule action implicitly denies all other traffic unless explicitly allowed?
Allow
You are asked to configure your firewall in such a way that the traffic from source address range 117.112.10.25 through 117.112.15.100 is allowed, while traffic from 117.112.12.25 through 117.112.13.25 is denied, and traffic from 117.112.12.200 through 117.112.13.10 is allowed. How should you configure the firewall?
Allow 117.112.10.25 through 117.112.15.100; deny 117.112.12.25 through 117.112.13.25; force-allow 117.112.12.200 through 117.112.13.10
Which of the following statements correctly defines jamming?
An attacker intentionally floods the RF spectrum with extraneous RF signal "noise" that creates interference and prevents communications.
Which of the following is a major objective of packet analysis?
Assess and secure networks
Which type of attack can give an attacker access to a device and allow them to copy personal information using an unauthorized radio frequency connection?
Bluesnarfing
Shawn is approached by a medical staff team with a request to research and introduce a type of device that will help them record and transmit specific patient details.Which technology would help the team measure and monitor blood pressure and then send those patient details from the smartphone to a phone as a message in case of emergencies?
Bluetooth
Sherry needs to suggest a technology that can enable smartphones or laptops to control multiple devices like speakers, mice, etc., within a 100-meter distance. The device should also be connected without any wired connection.Which technology should Sherry suggest?
Bluetooth technology can be used to connect devices without any wired connection
Which of these is the encryption protocol for WPA2?
CCMP
Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered?
Captive portal
Which of the following protects SNMP-managed devices from unauthorized access?
Community string
Sansa is a network security administrator at an enterprise. She is asked to take appropriate steps to defend against a MAC address spoofing attack in the enterprise network. Which of the following methods should Sansa apply?
Configure the switch so that only one port can be assigned per MAC address
Which of the following does NOT describe an area that separates threat actors from defenders?
Containment space
What type of APs can be managed by wireless LAN controllers (WLCs)?
Controller AP
In a practical test, Steve was asked to securely connect different on-premises computing devices with a database deployed in the cloud. What action is Steve taking?
Creating a virtual network
Which of the following best describes DLP?
DLP is used to prevent leakage of confidential data.
During an interview, you are provided the following scenario: The enterprise that you recently joined is using the ISP DNS server to resolve domain names. You are asked which specific attack will need to be mitigated first to secure the enterprise network. Which of the following attacks should you choose?
DNS hijacking
During an interview, you are provided the following scenario: The enterprise that you recently joined is using the ISP DNS server to resolve domain names. You are asked which specific attack will need to be mitigated first to secure the enterprise network. Which of the following attacks should you choose?
DNS hijacking
Tyler is a cybersecurity expert assigned to look after the security of a public DNS server. One day, during his usual inspection of the DNS server, he found that the DNS table has been altered, resulting in URL redirection for some users. What type of attack has Tyler discovered?
DNS hijacking
Under which vulnerability can an attacker steal information from a user's phone using a device to connect to the phone without physically touching it?
Data theft
Which of these is NOT used in scheduling a load balancer?
Data within the application message itself
You are a security expert asked to protect the webservers hosted in your building from exposure to anyone other than server admins. Which of the following physical security method should you implement to achieve this?
Demilitarized zones
Which of the following statements about domain reputation is correct?
Domain reputation will be low if the domain is used for distributing malware or launching attacks.
Which of the following contains the field that indicates the function of the packet and an identifier field used to match requests and responses and the type of data being transported along with the data itself?
EAP
Which type of wireless attack is designed to capture wireless transmissions coming from legitimate users?
Evil twin
Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing?
Evil twin
Kane was transferring files from a file transfer protocol (FTP) server to his local machine simultaneously. He sniffed the traffic to find that only the control port commands are encrypted, and the data port is not encrypted. What protocol did Kane use to transfer the files?
FTPS
Which of the following is physical security equipment for computer hardware?
Faraday cage
Which of the following tools can be used to secure multiple VMs?
Firewall virtual appliance
Which device intercepts internal user requests and then processes those requests on behalf of the users?
Forward proxy server
Which of the following contains honeyfiles and fake telemetry?
High-interaction honeypot
Which of the following is a network set up with intentional vulnerabilities?
Honeynet
Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect?
Host table and external DNS server
Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack?
IEEE 802.iw separate
Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key?
IV
Which of the following is the most versatile cloud model?
IaaS
In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply?
If the virtual machine's load increases, the virtual machine can be migrated to another physical machine with more capabilities.
You decided to test a potential malware application by sandboxing. However, you want to ensure that if the application is infected, it will not affect the host operating system. What should you do to ensure that the host OS is protected?
Implement virtual machine escape protection
Which of the following is NOT a characteristic of cloud computing?
Invisible resource pooling
Which of the following is NOT true about VBA?
It is being phased out and replaced by PowerShell.
Zara has been instructed to organize an event where top companies will come and give a webinar. Since the event is large and the number of people attending is substantial, Zara needs to ensure that there are no disturbances. She thinks preventing devices from communicating and calls from being made or received is the easiest solution.Which factor should Zara use to achieve this?
Jamming
Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this?
MAC flooding attack
In an interview, you were asked to briefly describe how emails containing malware or other contents are prevented from being delivered. Which of the following should be your reply?
Mail gateways prevent unwanted mails from being delivered.
Which of these does not require authentication?
Open method
You are a security administrator asked to create a certificate signing request (CSR) to secure your enterprise's website. Which of the following tools should you use to accomplish this?
OpenSSL
Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack?
Operational Technology
Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?
PIN method
Oliwia has been given a project to manage the development of a new company app. She wants to use a cloud model to facilitate the development and deployment. Which cloud model will she choose?
PaaS
Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need?
Policy-based firewall
Which of the following techniques is the best fit for monitoring traffic on switches with large volumes of traffic?
Port TAP
Which of the following best describes an extranet?
Private network only accessed by an authorized party
Which of the following sensors can detect an object that enters the sensor's field?
Proximity
What is a difference between NFC and RFID?
RFID is designed for paper-based tags while NFC is not.
Zuzana is creating a report for her supervisor about the cost savings associated with cloud computing. Which of the following would she NOT include on her report on the cost savings?
Reduction in broadband costs
What is a jump box used for?
Restricting access to a demilitarized zone
Which WPA3 security feature is designed to increase security at the time of the handshake?
SAE
Which of the following virtualizes parts of a physical network?
SDN
Which of the following provides the highest level of security?
SFTP
You are asked to transfer a few confidential enterprise files using the file transfer protocol (FTP). For ensuring utmost security, which variant of FTP should you choose?
SFTP
Which of the following protocols can be used for secure video and voice calling?
SRTP
Which of the following tools can be used to protect containers from attack?
Security-Enhanced Linux
Which of the following is NOT a feature of a next-generation SWG?
Send alerts to virtual firewalls
What does the term "serverless" mean in cloud computing?
Server resources of the cloud are inconspicuous to the end user.
In an interview, Max was asked to tell one difference between a software firewall and a virtual firewall. How should Max answer?
Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.
Which technology under wireless communication is an integrated circuit that securely stores information used to identify and authenticate the IoT device?
Subscriber identity module
David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed?
Take a snapshot of the virtual machine before testing the configuration
Mike, an employee at your company, approached you seeking help with his virtual machine. He wants to save the current state of the machine to roll back to the saved state in case of a malfunction. Which of the following techniques can help Mike?
Take snapshots to save the virtual machine state
Which of the following correctly differentiates between Tcpreplay and Tcpdump?
Tcpdump can only be used to analyze the packets, whereas Tcpreplay can analyze, edit, and load the edited packet back to the network.
What is the result of an ARP poisoning attack?
The ARP cache is compromised.
How do NACs ensure that a device is safe to connect to a secure network?
The NAC issues a health certificate, only allowing healthy devices to connect to the secured network.
What action does a BPDU guard take when a BPDU is received from an endpoint and not a switch?
The port is disabled, and no traffic will be sent or received by the port.
Why are jamming attacks generally rare?
They require expensive, sophisticated equipment
Wiktoria is frustrated that her company is using so many different cloud services that span multiple cloud provider accounts and even different cloud providers. She wants to implement a technology to give full control and visibility over all the cloud resources, including network routing and security. What product does Wiktoria need?
Transit gateway
Which of the following best describes trusted location in MS Office?
Trusted location allows you to run macros-enabled files with no security restrictions.
Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing?
Two-person integrity/control
In an interview, the interviewer asks you to boot a PC. Before the boot process begins, an interface asks you to choose between Windows 10 and Ubuntu Linux. The interviewer then asks you to identify the type of VR monitor program being used. What should your reply be?
Type I hypervisor
Which of the following is NOT a NAC option when it detects a vulnerable endpoint?
Update Active Directory to indicate the device is vulnerable.
You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal?
Use private subnets for backend servers
Which of these is NOT created and managed by a microservices API?
User experience (UX)
Maze must establish a communication channel between two data centers. After conducting a study, she came up with the idea of establishing a wired connection between them since they have to communicate in unencrypted form. Considering the security requirements, Maze proposed using an alarmed carrier PDS over a hardened carrier PDS. Why would Maze make this suggestion in her proposal?
Using a hardened carrier PDS would require someone to conduct periodic visual inspections.
Which of the following best describes VBA?
VBA is an event-driven programming language.
Which technology allows scattered users to be logically grouped even when they are connected to different physical switches?
VLAN
Which of these is NOT a type of wireless AP probe?
WNIC probe
Sam is asked to help his company design a wireless network for their new location.Which of the following protocols has the strongest wireless security, supports a longer bit of encryption, and improved interaction capabilities with the internet of things (IoT) devices?
WPA3
In which of the following attacks do attackers use intentional interference to flood the RF spectrum with enough interference to prevent a device from effectively communicating with the AP?
Wireless denial of service attacks
Which wireless probe is designed to scan and record wireless signals within its range at regular intervals and report the information to a centralized database?
Wireless device probe
Your enterprise is hosting a web app that has limited security. As a security administrator, you are asked to take appropriate measures to restrict threat actors from hijacking users' sessions. Which of the following is the most appropriate action for you to take?
You should implement cryptography using OpenSSL.
As a cybersecurity specialist, you are asked to defend the web app hosted by your enterprise from web application attacks like cross-site scripting, SQL injections, etc. Which of the following actions should you take?
You should install a WAF.
As a cybersecurity expert, you are asked to take adequate measures to mitigate DDoS attacks on your enterprise servers. Which of the following techniques should you apply?
You should set up a DNS sinkhole.
After encountering a network attack in your enterprise network, the chief network security engineer assigned you a project. The project was to create a vulnerable network that is similar to your enterprise network and entices the threat actor to repeat the attack. This is to analyze the behavior and techniques the attacker is using to ensure better defenses to your enterprise network in the future. Which of the following appliances should you use?
You should use a honeypot.
In an interview, you are asked to change the permissions of a file on a Linux system so that the file can only be accessed by its owner. Which of the following tools should you use?
chmod
Which of the following is a deception instrument?
sinkhole