283

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which of the following mobile device enterprise deployment models are implemented so that employees in an organization are offered a suite of security, reliability, and durability choices that the company has already approved? a.Virtual desktop infrastructure (VDI) b.Corporate-owned device c.Choose your own device (CYOD) d.Bring your own device (BYOD)

c.Choose your own device (CYOD)

A learning management system application has been written in Python. While running the application code, the specific program or application that converts the program into machine language is called what? a.Application software b.Operating system c.Compiler d.Antimalware

c.Compiler

What is the primary difference between credentialed and non-credentialed scans? a.Credentialed scans are legal, while non-credentialed scans are illegal. b.Credentialed scans use advanced scanning tools, while non-credentialed scans do not use tools. c.Credentialed scans use valid authentication credentials to mimic threat actors, while non-credentialed scans do not provide authentication credentials .d.Credentialed scans are performed by pen testers, while non-credentialed scans are performed by authorized officers.

c.Credentialed scans use valid authentication credentials to mimic threat actors, while non-credentialed scans do not provide authentication credentials

John has been appointed as a product manager at a large mobile device manufacturing company. He is designing the core features included in their flagship mobile device that will be launched during the holiday shopping season. Which of the following features should he primarily include? a.Microphone b.Digital camera c.Data synchronization with a remote server or separate device d.Global positioning system (GPS)

c.Data synchronization with a remote server or separate device

Which of the following is a physical social engineering technique? a.Hoaxes b.Watering hole c.Dumpster diving d.Pharming

c.Dumpster diving

Which of the following is a characteristic of a potentially unwanted program (PUP)? a.A PUP gives the threat agent remote access to the user's device using specially configured communication protocols. b.A PUP interferes and obstructs the user with web browsing and pop-up windows. c.A PUP pretends to perform natural activities while also performing malicious activities. d.A PUP gives access to the computer, program, or a service, circumventing the system's normal security protections.

b.A PUP interferes and obstructs the user with web browsing and pop-up windows.

Amaya is looking for a hardware chip or integrated circuit (IC) that can be programmed by the user to carry out one or more logical operations, can be reprogrammed when needed, and can be configured by either the user or designer. Which option should Amaya select? a.Raspberry Pi b.Arduino c.Field-programmable gate array (FPGA) d.8051 microcontroller

c.Field-programmable gate array (FPGA)

Which cookie is created by the website a user is currently browsing to store the customer's browsing preference information? a.Third-party cookie b.Session cookie c.First-party cookie d.Secure cookie

c.First-party cookie

Shanise is an IT security professional for a large private bank. She got an alert that the bank website received a funds transfer request that was correctly credentialed but flagged as being out of the account owner's usual pattern. If the alert is correct, what type of attack has likely occurred? a.SQL injection b.Replay attack c.CSRF attack d.XSS attack

c.CSRF attack

Sara is asked to create a controller for light sensors. When the light falls on the sensor, it needs to indicate when a particular object is moved from its original position. For this, she needs a credit card-sized motherboard with a microcontroller on it. Which option should she select? a.Raspberry Pi b.SoC c.FPGA d.Arduino

d.Arduino

Which of the following devices is similar to Raspberry Pi? a.Real-time operating system b.SoC c.FPGA d.Arduino

d.Arduino

What is the primary goal of penetration testing? a.Attempt to perform an automated scan to discover vulnerabilities b.Perform SYN DOS attack towards a server in a network c.Scan a network for open FTP ports d.Attempt to uncover deep vulnerabilities and then manually exploit them

d.Attempt to uncover deep vulnerabilities and then manually exploit them

While Andel is logging into his email through a browser, the login window disappears. Andel attempts to log in again and is successful. Days later, he goes to log into his email, and his attempt fails. He receives a message indicating that his username and/or password are invalid.What is Andel likely a victim of? a.Keyloggers b.Spyware c.RAT d.CSRF

d.CSRF

What is another term commonly used to define cross-site request forgery (CSRF): a.Client-server request forgery b.Server-side request forgery c.Cross-server request forgery d.Client-side request forgery

d.Client-side request forgery

Which type of threat actor would benefit the most from accessing your enterprise's new machine learning algorithm research and development program? a.Criminal syndicates b.Brokers c.Shadow IT d.Competitors

d.Competitors

Which of the following is part of the OS security configuration? a.Installing the latest version of OS b.Giving all users administrator privileges c.Enabling the most secure OS platform d.Disabling default passwords and unnecessary ports

d.Disabling default passwords and unnecessary ports

What is meant by "the chain of trust" in boot security? a.Each step in the boot sequence follows its own process independently, trusting the previous sequence step. b.Each step in the boot sequence relies on the operating system logs of the previous boot sequence for boot security. c.Each step in the boot sequence relies on the confirmation of the hardware root of trust. d.Each step in the boot sequence relies on the confirmation from the previous boot sequence step.

d.Each step in the boot sequence relies on the confirmation from the previous boot sequence step.

Which of the following is an attack vector used by threat actors to penetrate a system? a.Urgency b.Phishing c.Intimidation d.Email

d.Email

Which of the following is the most secure encryption solution to adopt for a Google Android mobile device? a.Asymmetric key encryption b.Symmetric key encryption c.Full disk encryption d.File-based encryption

d.File-based encryption

Which of the following is a feature of a fileless virus? a.Fileless viruses are easy to defend. b.Fileless viruses are persistent. c.Fileless viruses grant limited control. d.Fileless viruses are easy to detect.

d.Fileless viruses are easy to detect.

What is NOT a principle of agile development? a.Satisfy the customer through early and continuous delivery b.Business people and developers work together c.Pay continuous attention to technical excellence d.Follow rigid sequential processes

d.Follow rigid sequential processes

Kile is assigned a role as a grey box penetration tester in the financial sector. He has to conduct a pen testing attack on all the application servers in the network. Which of the following tasks should he perform first while conducting a penetration testing attack on a network? a.Vishing b.Phishing c.Tailgating d.Footprinting

d.Footprinting

Photoplethysmography uses which type of light to measure heart rate on a wearable device? a.Ultraviolet b.Infrared c.Red d.Green

d.Green

Your enterprise has played fast and loose with customer information for years. While there has been no significant breach of information that could damage the organization and/or their customers, many in the enterprise feel it is only a matter of time before a major leak occurs.Which type of threat actor is an employee who wishes to personally ensure that the enterprise is exposed and blocked from accessing their customers' information until they ensure more secure protocols? a.State actor b.Insider c.Script kiddy d.Hacktivist

d.Hacktivist

A federal appeals court recently made a judgment that caused significant public outrage. Soon after the ruling, the court's website was hacked, and the content was replaced with the text "Equal justice for all."Which of the following type of threat actors attacked the court's site? a.Insiders b.Cyberterrorists c.State actors d.Hacktivists

d.Hacktivists

An unauthorized person recently accessed your enterprise network. The security team had received a call from the threat actor claiming to be a higher official. They followed the attacker's instructions to log them onto a specific webpage, leading to the exposure of enterprise network credentials.Which of the following social engineering techniques was used here? a.Spam and phishing b.Hoaxes and impersonation c.Hoaxes and spam d.Impersonation and phishing

d.Impersonation and phishing

Which of the following is a disadvantage of the secure boot process? a.It slows down considerably, affecting the performance of the computer. b.It requires an operating system like Microsoft OS to ensure secure boot. c.It does not validate the boot process. d.It makes third party non-vendor-approved software difficult to implement.

d.It makes third party non-vendor-approved software difficult to implement.

Alpha Tech started a charitable competition in which every team is asked to submit a proposal for a public health contract asking for a new viral transmission mitigation app.Which team has selected the correct option? a.Team C has selected ABSN. b.Team A has selected MBSN. c.Team D has selected IR sensors. d.Team B has selected BAN.

d.Team B has selected BAN.

Which of the following is a primary difference between a red team and a white team? a.The red team uses an automated vulnerability scanning tool to find vulnerabilities, whereas the white team defines the rules of penetration testing. b.The red team uses an automated vulnerability scanning tool to find vulnerabilities, whereas the white team decides which tool to use in automated vulnerability scanning. c.The red team provides real-time feedback to enhance the threat detection capability, whereas the white team defines the rules of penetration testing. d.The red team scans for vulnerabilities and exploits them manually, whereas the white team defines the rules of the penetration testing.

d.The red team scans for vulnerabilities and exploits them manually, whereas the white team defines the rules of the penetration testing.

A few computers at a high-security software firm location have been compromised. The threat actor took user videos, confidential information like bank account IDs and passwords, email IDs and passwords, and computer screenshots. These confidential data have been shared every three hours from the computers to the threat actor. Which of the following is correct, based on the evaluation of the above observation? a.This is a hardware keylogger attack; it is only periodically sharing the information and is a manual transfer of information by a human agent. b.This is a software keylogger attack, as it is sharing the information every three hours to the attacker. c.This is a hardware keylogger attack, as video capture functionality and periodic transfer of data are not possible with a software keylogger. d.This is a software keylogger attack, as screenshots, video captures, and keystrokes have been routinely monitored and periodically shared.

d.This is a software keylogger attack, as screenshots, video captures, and keystrokes have been routinely monitored and periodically shared.

Which of the following tools can be used to scan 16 IP addresses for vulnerabilities? a.App Scan b.QualysGuard c.Nessus d.Nessus Essentials

.Nessus Essentials

Hacktivists and state actors are huge threats to government systems. What is the main difference between hacktivists and state actors? a.Hacktivists attack their own enterprise network for political revenge or personal gain, whereas state actors attack a nation's network and computer infrastructure to cause disruption and panic among citizens. b.Hacktivists misuse a computer system or network for socially or politically motivated reasons, whereas state actors are covertly sponsored by a government to attack its foes. c.Hacktivists attack a nation's network and computer infrastructure to cause disruption and panic among citizens, whereas state actors attack their own enterprise network for political revenge or personal gain. d.Hacktivists are covertly sponsored by a government to attack its foes, whereas state actors misuse a computer system or network for personal, social, or political reasons.

.b.Hacktivists misuse a computer system or network for socially or politically motivated reasons, whereas state actors are covertly sponsored by a government to attack its foes.

How can a configuration review reduce the impact of a vulnerability scan on the network's overall performance? a.It focuses the full scan by first comparing network configurations against known vulnerability databases .b.It ensures the scan is designed to meet its intended goals by defining scope and sensitivity levels .c.It identifies configuration and security postures within the network. d.It performs a fast initial scan that identifies open ports and responsive software.

.b.It ensures the scan is designed to meet its intended goals by defining scope and sensitivity levels

An attacker has changed the value of a variable used when copying files from one cloud server to a local drive. What is the most likely motive behind the attack? a.The attacker is using an integer overflow attack that will change the state of the local drive's memory. b.The attacker is using a buffer overflow to initiate an integer overflow attack that can allow access to private data on the local drive. c.The attacker is using an integer overflow attack to initiate a buffer overflow that can allow them to take over the machine. d.The attacker is using a buffer overflow to initiate an integer overflow attack that will give them access to the machine's OS code.

.c.The attacker is using an integer overflow attack to initiate a buffer overflow that can allow them to take over the machine.

Which of the following is the advantage of penetration testing over vulnerability scanning? a. Penetration testing uncovers and exploits deep vulnerabilities, while vulnerability scanning only discovers surface vulnerabilities. b. Penetration testing performs automated scans to discover vulnerabilities and prevent penetration, while vulnerability scanning requires manually scanning for vulnerabilities. c. Penetration testing scans a network for open FTP ports to prevent penetration, while vulnerability scanning only discovers versions of the running services. d. Penetration testing performs SYN DOS attacks towards a server in a network, while vulnerability scanning only discovers versions of the running services.

a. Penetration testing uncovers and exploits deep vulnerabilities, while vulnerability scanning only discovers surface vulnerabilities.

What is the name of the process where a website validates user input before the application uses the input? a. Sanitizing b. Eliminating c. Authorizing d. Tokening

a. Sanitizing

Which of the following mobile device features senses movements that it then uses to ensure the screen is always oriented upright? a.Accelerometer b.Haptic sensor c.Photodiode d.GPS

a.Accelerometer

Which of the following sensors help generate security alerts to physicians regarding patient health? a.BAN b.Proximity sensor c.SoC d.Accelerometer

a.BAN

Which penetration testing consultants are not given any knowledge of the network nor any elevated privileges? a.Black box b.Bug bounty c.Gray box d.White box

a.Black box

Which alert utility can identify theft in a smart meter? a.Meter readings b.Emergency communication c.Servicing d.Tamper protection

d.Tamper protection

Zyan works for ABC Technology. The enterprise wants to provide smartphones to all its employees. They can choose from a limited list of approved mobile devices. But they need to pay for the device themselves. The company will pay them a monthly stipend. Which deployment method should Zyan suggest to meet his company's needs? a.Choose your own device (CYOD) b.Corporate-owned personally enabled (COPE) c.Virtual desktop infrastructure (VDI) d.Corporate-owned device (COD)

a.Choose your own device (CYOD)

James is a black hat hacker employed as an authorized officer at Apple. He has credentials and signed a non-disclosure agreement to perform advanced penetration testing on the iOS 6.1.6 operating system, and has already gained low-level access to the mobile device using a backdoor. Which of the following actions should James take to design/create his own custom firmware to exploit underlying vulnerabilities and gain a higher level of access to a UNIX shell with root privileges, essentially allowing them to do anything on the device? a.Clone and inherit the source code of the open-source software "P0sixspwn" b.Copy the source code of open-source Mimikatz and build custom software from it c.Clone and inherit the source code of the open-source software "Pwnage" d.Copy the source code of the open-source BlackArch tool and build custom software from it

a.Clone and inherit the source code of the open-source software "P0sixspwn"b

Your company recently purchased routers with new and updated features and deployed them in the highly secure enterprise network without changing the default settings. A few days later, the enterprise network suffered a data breach, and you are assigned to prepare a report on the data breach. Which of the following vulnerabilities should you identify as the source of the breach? a.Configuration vulnerability b.Third-party vulnerability c.Zero-day vulnerability d.Platform vulnerability

a.Configuration vulnerability

Which of the following is the most common method for delivering malware? a.Email b.Social media c.Identity theft d.Removable media

a.Email

While going through the network log, Sarah, a network security administrator, noticed substantial outbound network traffic. Which activity did Sarah perform? a.IOC b.STIX c.HTTP d.Telnet

a.IOC

What additional measure should be enacted to increase the security on a computer network after secure boot, protective measures from attacks like antimalware, and intrusion detection systems are implemented in all the computers on the network? a.Implement hardening at endpoints with patch management and operating system safeguards b.Disable operating system patch updates to prevent malicious attacks c.Disable connections on the Wi-Fi network d.Implement an antivirus solution in all systems and servers

a.Implement hardening at endpoints with patch management and operating system safeguards

An organization is planning a revamp of the existing computer hardware with new ones. The IT manager has informed department heads that some computers have faced BIOS attacks in the past. He has requested help in preventing future BIOS attacks.As an expert, which of these solutions can you use to effectively improve boot security when the new computers are implemented in the network? a.Implement measured boot with UEFI b.Implement BIOS supplemented with CMOS c.Use computers with flash memory for booting instead of BIOS d.Implement a Norton Antivirus solution

a.Implement measured boot with UEFI

John is asked to design a specialized device that does not have any security features but operates on the basis of trust that assumes all other devices or users can be trusted. Which security constraint for the embedded system should John use? a.Implied trust b.Cryptography c.Inability to patch d.Weak defaults

a.Implied trust

Which of the following describes a memory leak attack? a.In a memory leak attack, the threat actor takes advantage of the programming error of not freeing the memory after executing a process, taking advantage of the device's low memory conditions to attack. b.In a memory leak attack, an attacker changes the variable's value to something outside the range the programmer had intended. c.A memory leak occurs when a process attempts to store data beyond a fixed-length storage buffer's boundaries. d.Memory leak attacks take advantage of the token generated and sent to the user's browser by the website as part of the authentication.

a.In a memory leak attack, the threat actor takes advantage of the programming error of not freeing the memory after executing a process, taking advantage of the device's low memory conditions to attack.

In which of the following mobile device connectivity methods are light waves used as a communication channel? a.Infrared b.Wi-Fi c.Cellular d.USB

a.Infrared

Jordan has been asked by his organization to help them choose a mobile device communication channel for their new mobile device build. Which of the following mobile device communication channels should Jordan NOT suggest to his company? a.Infrared b.Cellular c.Wi-Fi d.USB

a.Infrared

Which of the following computing platforms is highly vulnerable to attacks? a.Legacy b.Cloud c.Hybrid d.On-premises

a.Legacy

Which of the following types of platforms is known for its vulnerabilities due to age? a.Legacy platform b.On-premises platform c.Online platform d.Cloud platform

a.Legacy platform

Alice, a vulnerability assessment engineer at a bank, is told to find all the vulnerabilities on an internet-facing web application server running on port HTTPS. When she finishes the vulnerability scan, she finds several different vulnerabilities at different levels. How should she proceed? a.Look at the priority and the accuracy of the vulnerability b.Only look at the accuracy of the vulnerability c.Escalate the situation to a higher analyst d.Only look at the highest priority vulnerability

a.Look at the priority and the accuracy of the vulnerability

Which of the following is a subset of artificial intelligence? a.Machine learning b.Data science c.Artificial intelligence algorithm d.Machine intelligence

a.Machine learning

Which of the following are categories of vulnerabilities in mobile device connections that can also be exploited by threat actors? a.Tethering, USB-on-the-go (OTG), malicious USB cable, hotspots b.Tethering, USB-on-the-go (OTG), malicious USB cable, location tracking c.Tethering, USB-on-the-go (OTG), limited updates, hotspots d.Limited updates, USB-on-the-go (OTG), malicious USB cable, hotspots

a.Tethering, USB-on-the-go (OTG), malicious USB cable, hotspots

A company has approached you for their product testing, and you agree to do it. First, you have to install the necessary plugins for the software through the browser, install the software, and run the software again.What procedure should you adopt to ensure that you don't compromise the browser and the computer's operating system? a.Making sure that the OS's security options are deployed, run the antivirus/antispyware on the files downloaded, run the software on HSTS/HTTPS mode, and then send a secure cookie to the server. b.Deploy the OS securities, check for vulnerabilities in the plugins, quarantine the software before installing, and send a secure cookie to the server. c.Make sure that the browser's CSP policy is set, then quarantine the software file, then access the software using an active directory, use a sandbox to run the software. d.Make sure that the antivirus/antispyware is run on the plugins, run the software in the sandbox, check the CSP options before running the software, and send a secure cookie to the server.

a.Making sure that the OS's security options are deployed, run the antivirus/antispyware on the files downloaded, run the software on HSTS/HTTPS mode, and then send a secure cookie to the server.

What is the secure coding technique that organizes data within the database for minimum redundancy? a.Normalization b.Dead code c.Code signing d.Stored procedure

a.Normalization

John is a project manager with an IT firm, and his current project of developing an ERP application is in the development stage. Currently, the application is not yet mature or stable enough to be placed in a test environment. Which of the following secure coding review techniques is applicable for his project? a.Perform static code analysis b.Perform dynamic code analysis c.Perform a structured manual analysis of code d.Perform a static binary code analysis

a.Perform static code analysis

Social engineering is a means of eliciting information by relying on the weaknesses of individuals. How should you differentiate between the social engineering techniques of phishing and pharming? a.Phishing involves sending an email message or displaying a web announcement that falsely claims to be from a legitimate enterprise, whereas pharming is a redirection technique that attempts to exploit how a URL is converted into its corresponding IP. b.Phishing involves digging through trash receptacles to find information that can be useful in an attack, whereas pharming involves sending millions of unsolicited emails to a large volume of users. c.Phishing involves sending millions of generic email messages to a large volume of users, whereas pharming targets specific users by sending emails customized to the recipients, including their names and personal information. d.Phishing involves sending customized emails to recipients, including their names and personal information, to make the message appear legitimate, whereas pharming is a variant of phishing that specifically targets wealthy individuals or senior executives within a business.

a.Phishing involves sending an email message or displaying a web announcement that falsely claims to be from a legitimate enterprise, whereas pharming is a redirection technique that attempts to exploit how a URL is converted into its corresponding IP.

Ronald is a software architect at MindSpace Software. He has been approached to develop a critical application for a finance company. The company has asked him to ensure that the employed coding process is secure. They have also requested that the project be completed in a few months, with a minimum version of the identified functionalities provided. The other functionalities can be developed later and added to the software while the application is live.Which development process would be ideal for Ronald to employ to achieve this objective? a.Ronald can employ the SecDevOps model to meet the requirements of the client. b.Ronald can employ a waterfall model to meet the requirements by testing the code at every phase of development. c.Ronald can employ an agile development model to meet the requirements with penetration testing done on the modules. d.Ronald can employ the rapid development model to meet the requirements of the client.

a.Ronald can employ the SecDevOps model to meet the requirements of the client.

In cybersecurity, a threat actor is an individual or an entity responsible for cyber incidents against the technical equipment of enterprises and users. How should you differentiate an attack by a script kiddie from that of a gray hat hacker? a.Script kiddies use automated attack software created by other hackers for personal gain, whereas gray hat hackers create their own attack software to showcase vulnerabilities present in a system to the world. b.Script kiddies lack the technical knowledge to carry out attacks, so they hire a hacker to do it, whereas gray hat hackers violate computer security to fulfill their financial needs. c.Script kiddies construct efficient scripts to perform attacks to fulfill their own needs, whereas gray hat hackers construct scripts for attacking organizational competitors. d.Script kiddies are hired to probe systems for weaknesses and then privately provide that information back to the organization, whereas gray hat hackers break into systems for ideological or political reasons.

a.Script kiddies use automated attack software created by other hackers for personal gain, whereas gray hat hackers create their own attack software to showcase vulnerabilities present in a system to the world.

What is meant by "infrastructure as code" in SecDevOps? a.SecDevOps method of managing software and hardware using principles of developing code b.SecDevOps method of managing the infrastructure as a service c.SecDevOps method of managing the infrastructure as a software d.SecDevOps method of managing code as infrastructure

a.SecDevOps method of managing software and hardware using principles of developing code

Which of the following sets consists of only the core features of a mobile or computing device? a.Small form factor, mobile operating system, wireless data network interface for internet access, app stores, local non-removable data storage b.Small form factor, mobile operating system, wireless data network interface for internet access, global positioning system (GPS), local non-removable data storage c.Small form factor, mobile operating system, wireless data network interface internet access, app stores, removable storage media d.Small form factor, mobile operating system, microphone and/or digital camera, app stores, local non-removable data storage

a.Small form factor, mobile operating system, wireless data network interface for internet access, app stores, local non-removable data storage

Daniel accidentally installed a vulnerable application. Which of the following system exploitations would NOT be caused by the vulnerable application? a.Social engineering and phishing attacks b.Process spawning control c.System tampering d.Executable files attack

a.Social engineering and phishing attacks

ABC Technologies had its computer network compromised through a cybersecurity breach. A cybersecurity expert was employed to analyze and identify what caused the attack and the damage caused by the attack. He checked an available database for this purpose and found the threat actor behind the attack. He also found out the cybercriminal has been attempting to sell the company's valuable data on the internet.Which are the most probable methods used by the cybersecurity expert to get to this stage of the investigation? a.The cybersecurity expert checked with CISCP and also investigated the dark web. b.The cybersecurity expert checked the threat maps and used TAXII. c.The cybersecurity expert checked the threat maps and used the MAR report. d.The cybersecurity expert used STIX and checked with CISCP.

a.The cybersecurity expert checked with CISCP and also investigated the dark web.

A vulnerability assessment engineer performed vulnerability scanning on active directory servers and discovered that the active directory server is using a lower version of Kerberos. To alert management to the risk behind using a lower version of Kerberos, he needs to explain what an attacker can do to leverage the vulnerabilities in it. Which of the following actions can the attacker perform after exploiting vulnerabilities in Kerberos? a.Use privilege escalation b.Use DLL injection c.Use a vertical movement d.Use a lateral movement

a.Use privilege escalation

There is often confusion between vulnerability scanning and penetration testing. What is the best explanation of the difference between vulnerability scanning and penetration testing? a.Vulnerability scanning is performed using an automated tool to scan a network for known vulnerability signatures. Penetration testing involves attempting to manually uncover deep vulnerabilities just as a threat actor would, and then exploiting them. b.Vulnerability scanning checks a network for outdated versions of services. Penetration testing is attempting to manually uncover deep vulnerabilities just as a threat actor would, and then exploiting them. c.Vulnerability scanning checks a network for open ports and services. Penetration testing is attempting to manually scan a network for known vulnerability signatures using an advanced scanning tool. d.Vulnerability scanning is performed by manually scanning a network for known vulnerabilities. Penetration testing is attempting to manually scan a network for known vulnerability signatures using an advanced scanning tool.

a.Vulnerability scanning is performed using an automated tool to scan a network for known vulnerability signatures. Penetration testing involves attempting to manually uncover deep vulnerabilities just as a threat actor would, and then exploiting them.

Which of the following is the most efficient means of discovering wireless signals? a.War flying b.Wardriving c.War cycling d.War chalking

a.War flying

Your company is considering updating several electronic devices used in the enterprise network. The third-party service provider that your company approached says that they require access to the enterprise network in order to implement the updates. As the chief information security officer, you are asked to analyze the requirement and submit a report on potential vulnerabilities when giving a third-party access to the network.Which of the following vulnerabilities should you list as the most likely to affect the enterprise network? a.Weakest link b.Default settings c.Weak encryption d.Zero day

a.Weakest link

A company has its network compromised. As an expert professional, the organization has hired you to identify the probable cause of the attack and fix it. As a security professional, you have noticed the pattern of compromise is unlike anything previously seen. You are looking to find new information on vulnerabilities like the attack that occurred. Which of the following actions would help achieve this objective? a. Checking the surface web b. Checking the dark web c. Checking the green web d. Implementing TCP/IP protocol across the network

b. Checking the dark web

Marcus is an information security architect at a product-based IT firm. He is responsible for developing policies for the most-secure mobile device enterprise-deploying model. The company will decide the level of choice and freedom for employees. Employees are supplied company-chosen and paid-for devices that they can use for both professional and personal activities. This action is performed under which enterprise deployment model? a. Corporate-owned device (COD) b. Corporate-owned, personally enabled (COPE) c. Bring your own device (BYOD) d. Choose your own device (CYOD)

b. Corporate-owned, personally enabled (COPE)

Sean is an information security architect at a financial firm. As his first project, he must design and build an efficient, sure-shot, yet cost-effective solution to detect and prevent bank credit card fraud. How should Sean proceed? a. Design advanced credit card fraud detection solutions using data science and machine learning models trained with millions of historical credit card and debit card transaction data to better detect financial fraud. b. Design a solution that keeps track of dates, times, locations of transactions, and geolocation of the authorized cell phone. When a user makes a purchase at a store, the bank can immediately check that the cell phone and the bank card are in the same place. If they are, the purchase is considered legitimate. But if they are not, then the payment is rejected. c. Design a solution that is confined to and hardcoded with a specific place and specific time. If the user makes a transaction at a different place or time, it will be considered an outlier and trigger an alert. d. Design a security awareness training program to educate bank customers on phishing and vishing attacks and teach them how to avoid sharing sensitive debit and credit card information via unsolicited telephone calls or emails.

b. Design a solution that keeps track of dates, times, locations of transactions, and geolocation of the authorized cell phone. When a user makes a purchase at a store, the bank can immediately check that the cell phone and the bank card are in the same place. If they are, the purchase is considered legitimate. But if they are not, then the payment is rejected.

Juan, a cybersecurity expert, has been hired by an organization whose networks have been compromised by a malware attack. After analyzing the network systems, Juan submits a report to the company mentioning that the devices are infected with malware that uses a split infection technique on files. Which malware attack is Juan reporting? a. Cryptomalware b. Virus c. RAT d. Spyware

b. Virus

Attackers have taken over a site commonly used by an enterprise's leadership team to order new raw materials. The site is also visited by leadership at several other enterprises, so taking this site will allow for attacks on many organizations. Which type of malicious activity is this? a. Vishing b. Watering hole c. Hoax d. Spear phishing

b. Watering hole

Ian, a systems administrator, was checking systems on Monday morning when he noticed several alarms on his screen. He found many of the normal settings in his computer and programs changed, but he was sure no one had physically entered his room since Friday. If Ian did not make these changes, which of the events below is the most likely reason for the anomalies? a.The security administrator ran a penetration test over the weekend and did not tell anyone. b.A backdoor was installed previously and utilized over the weekend to access the computer and the programs. c.A firewall scan that was run over the weekend shut down the computer and the programs. d.The power went out over the weekend and caused the programs to move back to their default settings.

b.A backdoor was installed previously and utilized over the weekend to access the computer and the programs.

Which of the following is a characteristic of a vulnerability scan that is not a characteristic of a penetration test? a.A vulnerability scan is usually a manual process. b.A vulnerability scan is usually automated. c.A vulnerability scan identifies deep vulnerabilities. d.A vulnerability scan can be done when a regulatory body requires it or on a pre-determined schedule.

b.A vulnerability scan is usually automated.

Japan's cybercrime control center noticed that around 200,000 Tokyo computers are infected by bots, and all these bots are remotely controlled by a single attacker. What is this attacker referred to as? a.Zombie b.Bot herder c.Payload d.Botnet

b.Bot herder

In which of the following mobile device connectivity methods are transmitters connected through a mobile telecommunication switching office (MTSO) that controls all of the transmitters in the cellular network and serves as the link between the cellular network and the wired telephone world? a.Wi-Fi b.Cellular c.Infrared d.Bluetooth

b.Cellular

In an interview, the interviewer introduced the following scenario:An enterprise is hosting all its computing resources on a cloud platform, and you need to identify which vulnerability is most likely to occur.Which of the following should you choose? a.Third-party vulnerability b.Configuration vulnerability c.Physical access vulnerability d.Zero-day vulnerability

b.Configuration vulnerability

Which issue can arise from security updates and patches? a.Difficulty installing databases b.Difficulty patching firmware c.Difficulty resetting passwords d.Difficulty updating settings

b.Difficulty patching firmware

Which of the following is NOT an automated vulnerability scanning tool? a.W3AF b.ELK Stack c.Nikto d.OpenVAS

b.ELK Stack

Why was the BIOS framework relocated to flash memory from a complementary metal-oxide-semiconductor (CMOS) in later development? a.Unlike a CMOS, flash memory prevents malicious activities from taking place within the framework. b.Flash memory provides stability to the BIOS framework and makes update installation much easier than with CMOS. c.Using CMOS, when in ROM, BIOS could not correctly locate the address of the OS, which is not a problem with flash memory. d.Flash memory solves the problem of poor CMOS performance during the low-battery process, which hampered the BIOS function.

b.Flash memory provides stability to the BIOS framework and makes update installation much easier than with CMOS.

Which of the following sets only lists additional features of a mobile device or a computing device? a.Global positioning system (GPS), microphone and/or digital camera, wireless cellular connection for voice communications, wireless personal area network interfaces such as Bluetooth or near-field-communications (NFC), small form factor b.Global positioning system (GPS), microphone and/or digital camera, wireless cellular connection for voice communications, wireless personal area network interfaces such as Bluetooth or near-field-communications (NFC), removable storage media c.Local non-removable data storage, microphone and/or digital camera, wireless cellular connection for voice communications, wireless personal area network interfaces such as Bluetooth or near-field-communications (NFC), removable storage media d.App stores microphone and/or digital camera, wireless cellular connection for voice communications, wireless personal area network interfaces such as Bluetooth or near-field-communications (NFC), removable storage media

b.Global positioning system (GPS), microphone and/or digital camera, wireless cellular connection for voice communications, wireless personal area network interfaces such as Bluetooth or near-field-communications (NFC), removable storage media

Which of the following penetration testing consultants have limited knowledge of the network and some elevated privileges? a.Black box b.Gray box c.Bug bounty d.White box

b.Gray box

Terrence, an executive VP of IT at Sigma Bank, noticed that yesterday, there was a major attack on several thousands of bank employees' computers located at geographically different locations where files and data from the computers got deleted. It was also noticed that several confidential files containing customer data were deleted from the bank's server in multiple locations, and the CEO's emails were deleted from the mail server. Since the bank was compliant with cybersecurity measures, Terrence suspects an internal hand in this activity. While going through the records of all employees working in the IT security of the bank, both past and present, he notices that there is an employee, Chris, who has enough experience to launch this attack, was unhappy with his annual review last year, and had left the bank three months ago.If Terrence were able to single Chris out as the one responsible for the attack, what kind of an attack would this be? a.Spyware b.Logic-bomb c.Backdoor d.Keylogger

b.Logic-bomb

Which one of the following is the most appropriate explanation of photoplethysmography? a.Measuring heart rate by tracking changes in UV light absorption, since human blood absorbs UV light b.Measuring heart rate by tracking changes in green light absorption, since human blood absorbs green light c.Measuring blood pressure by tracking changes in green light absorption, since human blood absorbs green light d.Measuring blood pressure by tracking changes in infrared light absorption, since human blood absorbs infrared light

b.Measuring heart rate by tracking changes in green light absorption, since human blood absorbs green light

Several websites use URLs similar to one of the most globally popular websites, attempting to attract traffic if a user misspells the popular website's URL. What is this social engineering technique called? a.Tailgating b.Typo squatting c.Pharming d.Spam

b.Typo squatting

What is the fastest-running vulnerability scan, and why does this type of scan run so fast? a.Intrusive scans can provide a deeper insight into the system by accessing the installed software by examining the software's configuration settings and current security posture. b.Non-credentialed scans perform fundamental actions such as looking for open ports and finding software that will respond to requests. c.Credentialed scans perform fundamental actions such as looking for open ports and finding software that will respond to requests. d.Non-intrusive scans find deep vulnerabilities that would have otherwise gone unnoticed.

b.Non-credentialed scans perform fundamental actions such as looking for open ports and finding software that will respond to requests.

Which of the following techniques is a method of passive reconnaissance? a.Port scanning b.Open Source Intelligence (OSINT) c.War flying d.War driving

b.Open Source Intelligence (OSINT)

Khalid joins a security team where he is assigned an SOC developer role and has to build different teams under SOC. Which of the following teams should he build to deal with providing real-time feedback related to security incidents and threat detections, which can then be utilized to facilitate better prioritization of threats and a mature way of detecting threats? a.Red team b.Purple team c.White team d.Blue team

b.Purple team

Which of the following is a form of malware attack that uses specialized communication protocols? a.Spyware b.RAT c.Keylogger d.Bot

b.RAT

Which standardized framework was developed by NIST to be used as a guidance document designed to help organizations assess and manage risks to their information and systems, and are also used as a comprehensive roadmap that organizations can use to seamlessly integrate their cybersecurity? a.Cybersecurity framework (CSF) b.Risk management framework (RMF) c.CIS Controls d.ISO 27001

b.Risk management framework (RMF)

Which type of malware can hide its agenda inside other processes, making it undetectable, and what is it usually used for? a.Backdoor, which gives access to a computer, program, or service that overrides any normal security protections b.Rootkit, a malware that uses the lower layers of the operating system or undocumented functions to make alterations to the operating system's processes c.RAT, an executable program that gives unauthorized remote access to a user's computer d.Trojan, an executable program that pretends to perform a harmless activity while doing something malicious

b.Rootkit, a malware that uses the lower layers of the operating system or undocumented functions to make alterations to the operating system's processes

Which of the following technologies can be used together for data management in security infrastructure and collecting and analyzing data. a.Firewall and IDS b.SIEM and SOAR c.SOAR and packet sniffer d.SIEM and IPS

b.SIEM and SOAR

Smitha, an employee working in the accounts department, reported to the information security officer that she could not access her computer. James, the security officer, noticed the following on Smitha's system:On booting the computer, the following message was flashing on the computer screen with the IRS logo:"This computer is locked by the Internal Revenue Service. It has come to our attention that you are transferring funds to other agencies using this computer without compliance with the local income tax laws. As per section 22 of the U.S. Income Tax Act, the transmission of funds without applicable taxes is prohibited. Your IP address is identified in this fraudulent transaction and is locked to prevent further unlawful activities. This offense attracts a penalty of $400.00 for the first offense. You are hereby given 16 hours to resolve this issue, failing which you shall be prosecuted to the full extent of the law. You may make a secure payment by clicking on the following link. If you face any issues, you may reach out to us at [email protected]."The message will not close, nor is there access to applications or files on the computer; however, James can open shared files and folders on Smitha's computer through the network.What is your inference about the problem faced by Smitha on her computer? a.Smitha's computer is compromised by a PUP. b.Smitha's computer is compromised by ransomware. c.Smitha's computer is compromised by cryptomalware. d.Smitha's computer is compromised by spyware.

b.Smitha's computer is compromised by ransomware.

What is a variation of a common social engineering attack targeting a specific user? a.Spam b.Spear phishing c.Watering holes d.Redirection

b.Spear phishing

Which of the following uses vulnerable applications to modify Microsoft registry keys? a.Process spawning control b.System tampering c.Quarantine d.Executable files attack

b.System tampering

Natasha, a network security administrator for an online travel portal, noticed that her website was the victim of an SQL injection. She decided to study the SQL queries to find which one made this vulnerability in the database, and she noticed the following SQL code piece executed on the database:'whatever' AND email IS NULL;What has been accessed by the attacker running this SQL injection? a.The attacker accessed the entirety of email address data from all users in the database. b.The attacker has determined the names of different types of fields in the database. c.The attacker has used the SQL injection to delete the table in the database. d.The attacker accessed the data of specific users.

b.The attacker has determined the names of different types of fields in the database.

The files in James's computer were found spreading within the device without any human action. As an engineer, you were requested to identify the problem and help James resolve it. During file code inspection, you noticed that certain types of files in the computer have similar codes.You found that the problem is coming from a set of codes that are not part of the actual files, appended at the bottom of the file. You also noticed a transfer control code written at the beginning of the files giving control to the code at the bottom of the file.Which type of infection is this a characteristic of? a.This is a typical characteristic exhibited by files attacked by ransomware in the device. b.This is a typical characteristic of an endpoint device infected with a file-based virus attack. c.This is a typical characteristic of files infected by keystrokes in an endpoint. d.This is a typical characteristic of a spyware infection in the endpoint device.

b.This is a typical characteristic of an endpoint device infected with a file-based virus attack.

Which operation is carried out by proactively searching security logs for cyber threats that have thus far gone undetected. a.Vulnerability scanning b.Threat hunting c.Data hunting d.Vulnerability hunting

b.Threat hunting

What is the most accurate explanation of sentiment analysis, and what kind of a tool or product can be utilized to perform this operation? a.Using Cisco Firepower for computationally identifying and categorizing opinions, usually expressed in response to textual data, to determine the writer's attitude toward a particular topic b.Using text analysis techniques and IBM QRadar to interpret and classify emotions (positive, negative, and neutral) within text data c.Using Wireshark for detecting hidden and persistent threats from a network d.Using SIEM for combining many logs into one record based on IP addresses, usernames, and port numbers

b.Using text analysis techniques and IBM QRadar to interpret and classify emotions (positive, negative, and neutral) within text data

A machine where the operating system runs an application on top of an operating system is called _______. a.a sandbox b.a virtual machine c.a quarantine d.application whitelisting

b.a virtual machine

Which threat actors violate computer security for personal gain? a.Red hat hackers b.Gray hat hackers c.Black hat hackers d.White hat hackers

c.Black hat hackers

Which endpoint application runs on an endpoint device that only detects an attack in an endpoint device? a. Cookies b. HIPS c. HIDS d. EDR

c. HIDS

Dillip is assigned the role of a SOC developer who must build different teams under the SOC. He must build a new team that will put security defenses in place to prevent another team from penetrating the network. Which team should he build to monitor the other team's attacks and shore up security defenses as necessary? a.Purple team b.Red team c.Blue team d.White team

c.Blue team

Walter's organization is in the beginning stages of a new project. His team is tasked with finding a tool that must have the following features, allowing it to be remotely managed by the organization: 1. It must be able to apply default device settings. 2. It must be able to approve or quarantine new mobile devices. 3. It must be able to configure emails, calendars, contacts, and Wi-Fi profile settings. 4. It must be able to detect and restrict jailbroken and rooted devices. Which tool should Walter's team suggest, and why? a. UEM, because it allows remote management and works best across all mobile OSs. b. MCM, because it allows management over hundreds of devices at once. c. MDM, because it allows remote management and over the air updates. d. MAM, because it provides a high level of control over apps.

c. MDM, because it allows remote management and over the air updates.

Which threat actors sell their knowledge to other attackers or governments? a.Criminal syndicates b.Competitors c.Brokers d.Cyberterrorists

c.Brokers

Which of the following is an example of a request forgery malware? a.SQL injection b.DLL injection c.CSRF d.Ransomware

c.CSRF

Which of the following statements correctly describes the disadvantage of a hardware-based keylogger? a.A hardware-based keylogger can easily be detected in a network by an antivirus. b.A hardware-based keylogger's data can be easily erased by the antimalware software installed in the device. c.A hardware-based keylogger must be physically installed and removed without detection. d.A hardware-based keylogger can be detected by an antivirus when it scans for ports.

c.A hardware-based keylogger must be physically installed and removed without detection.

Zero-day vulnerabilities and configuration vulnerabilities can heavily impact a system if exploited. How should you differentiate between a zero-day vulnerability and a configuration vulnerability? a.A zero-day vulnerability results from users improperly configuring software, whereas a configuration vulnerability results from the developers improperly configuring the software. b.A zero-day vulnerability is an easily fixable vulnerability recognized by a software developer, whereas a configuration vulnerability is a major vulnerability present in a system exploited by a threat actor before the software developer can fix it. c.A zero-day vulnerability is an unknown vulnerability in released software that is found and exploited by a threat actor, whereas a configuration vulnerability is caused by improper settings in hardware or software. d.A zero-day vulnerability results from improper hardware configurations, whereas a configuration vulnerability results from improper software configuration.

c.A zero-day vulnerability is an unknown vulnerability in released software that is found and exploited by a threat actor, whereas a configuration vulnerability is caused by improper settings in hardware or software.

Which of the following can be used to mitigate a limitation of public sharing centers in OSINT? a.KRI b.TTP c.AIS d.HTTPS

c.AIS

What are the primary features of a security information event management (SIEM) tool? a.Aggregation, deep packet investigation, and policy creation b.Filtering, alerting, packet dropping, packet capturing, and traffic analyzing c.Aggregation, correlation, event deduplication, time synchronization, and alerting d.Bandwidth monitoring, alerting, and volume measuring

c.Aggregation, correlation, event deduplication, time synchronization, and alerting

You have been assigned to decide the process used for software application development at your company. Since the products need to be developed and deployed as each module is completed, you chose to go with agile application development. Your manager has requested you consider SecDevOps.Which of the following is a significant and key feature of using SecDevOps that can be considered for selecting this project's development model? a.Quarantine b.Rigid process c.Automation d.Reuse of code

c.Automation

Makayla has created software for automating the accounting process at ABL Manufacturing. She completed the software development, with testing done during development at individual stages. Before putting the software into production, Mary, who is in charge of the testing software, ran the application using tools and generated a report giving the various inputs and corresponding exceptions generated by the application.What process did Mary use? a.Dead coding b.Camouflaged coding c.Fuzzing d.Code signing

c.Fuzzing

Which of the following is considered an industry-specific cybersecurity regulation? a.Gramm-Leach-Bliley Act (GLB) b.Personal Information Protection and Electronic Documents Act (PIPEDA) c.Health Insurance Portability and Accountability Act of 1996 (HIPAA) d.Sarbanes-Oxley Act of 2002 (SOX)

c.Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Threat actors focused on financial gain often attack which of the following main target categories? a.Product lists b.REST services c.Individual users d.Social media assets

c.Individual users

A company monitors the network activity of the organization and stores the logs in a database. You have been asked to identify whether there are any malicious activities in the network. Which of the following can denote the upper and lower bounds of their various network activities? a.TTP b.OSI model c.KRI d.Threat maps

c.KRI

Keily is a vulnerability assessment engineer. She is told to find surface vulnerabilities on all internet-facing web servers in the network. Which of the following are surface vulnerabilities that she should initially chase? a.Lack of OS hardening, network design flaw, lack of application hardening, weak passwords, misconfigurations, and SQL Injections b.Lack of OS hardening, network design flaw, lack of application hardening, misconfigurations, and brute force c.Missing patches, lack of OS hardening, network design flaw, lack of application hardening, weak passwords, and misconfigurations d.Lack of OS hardening, network design flaw, weak passwords, and misconfigurations

c.Missing patches, lack of OS hardening, network design flaw, lack of application hardening, weak passwords, and misconfigurations

Simon is working in a telecom firm. Being an HOD, he was asked to suggest a lock pattern for their mobile devices with the following features:The device should have a prerecord of its user's walking and other body movement patterns, and on sensing any change in the regular movements, should be able to lock the device.Which lock pattern should Simon suggest? a.Trusted face b.Trusted devices c.On-body detection d.Trusted places

c.On-body detection

Sheena wants to make sure that her browser activity is safe and prevent others from intercepting her data as it is transmitted over the browser. What should Sheena do to achieve this objective? a.Fill all her forms through hidden fields only b.Make sure that the content security policy is in place c.Only visit websites that are hosted over HTTPS or HSTS d.Send a secure cookie over the browser to the server

c.Only visit websites that are hosted over HTTPS or HSTS

What type of attack occurs when the threat actor snoops and intercepts the digital data transmitted by the computer and resends that data, impersonating the user? a.Buffer overflow b.Device driver manipulation c.Replay d.Trojan

c.Replay

A cyber analyst needs to quickly do a vulnerability scan on an enterprise network with many devices. Which approach should the analyst take? a.Scan all endpoint devices b.Scan all devices, each for a very short time c.Scan the most important devices for as long as it takes for each device d.Scan only infrastructure devices for a very short time

c.Scan the most important devices for as long as it takes for each device

Which of the following describes the action of an SQL injection into a database server? a.The SQL injection is specially created code inserted into a legitimate program, which then lies dormant unless a special logical event triggers it. b.The SQL injection inserts specially created extensible markup language to manipulate the database taking control of the database giving control to the attacker to manipulate the database. c.The SQL injection inserts specially created structured query language statements to manipulate the database server, giving control of the database to the attacker, who can then manipulate the database. d.The SQL injection inserts code into the DLL running process, causing the program to function differently than intended.

c.The SQL injection inserts specially created structured query language statements to manipulate the database server, giving control of the database to the attacker, who can then manipulate the database.

Which of the following vulnerabilities involves connecting a flash drive infected with malware to a mobile device? a.Malicious USB cable b.Tethering c.USB-on-the-go (OTG) d.Hotspots

c.USB-on-the-go (OTG)

Your enterprise experienced several technical issues over the last few days. There were multiple instances of passwords needing to be changed and other issues causing downtime. Management has started receiving voicemails regarding fraudulent activities on their accounts. While the voicemails sound authentic, the help desk concludes that they are fake.What type of malicious activity will this be considered? a.Whaling b.Spamming c.Vishing d.Spimming

c.Vishing

Which HTTP response header should be used to prevent attackers from displaying their content on a website? a.HSTS b.CSP c.X-Frame-Option d.X-XSS

c.X-Frame-Option

What is a risk to data when training a machine learning (ML) application? a. Improper exception handling in the ML program b. API attack on the device c. ML algorithm security d. Tainted training data for machine learning

d. Tainted training data for machine learning

Kate decides to download an extension to her favorite browser to quickly store links on her spreadsheet software. While downloading the software, she ignores the opt-out check box that allows the extension to download a search toolbar.What has occurred here? a.Kate has installed a Trojan. b.Kate has installed a backdoor. c.Kate has installed an injection. d.Kate has installed a potentially unwanted program (PUP).

d.Kate has installed a potentially unwanted program (PUP).

Kia recently noticed that when she browses her favorite online shopping site, she is immediately redirected to a competitor's site. What is happening here, and what is the best option for Kia to fix this situation? a.Kia has accidentally installed a virus. She must close the browser and run a good antivirus program before browsing the website for shopping again. b.Kia must reinstall a fresh copy of the operating system and all applications. c.Kia has installed spyware, and she has to close the browser and reboot the system to correct the problem. d.Kia must uninstall the toolbar software and the accompanying components she has recent installed on her browser.

d.Kia must uninstall the toolbar software and the accompanying components she has recent installed on her browser.

Which of the following tools allow a mobile device to be managed remotely by an organization and typically involve a server sending out management commands to mobile devices? a.DLP b.Threat hunting c.SIEM d.MDM

d.MDM

Dan uses his personal laptop for writing the script for an upcoming high-budget, highly anticipated movie. To keep the script private, he decided not to connect his laptop to any network and updated his system with the latest virus definitions and security patches. Which of the following is Dan's laptop still vulnerable to? a.Cross-site scripting b.DNS poisoning c.DDoS d.Malicious USB

d.Malicious USB

Which of the following offensive tools can be used by penetration testers post-exploitation or successful compromise of a user account in a network that dumps passwords from memory and hashes, PINs, and Kerberos tickets, and thus are used for privilege escalation attacks? a.Tor and NMAP b.Powershell and procdump c.Ophcrack and John-the-Ripper d.Mimikatz and hashcat

d.Mimikatz and hashcat

Which of the following compliance standards was introduced to provide a minimum degree of security to organizations who handle customer information such as debit card and credit card details daily? a.SOX b.FISMA c.GLB d.PCIDSS

d.PCIDSS

What is an officially released software security update intended to repair a vulnerability called? a.Firmware b.Vector c.Default d.Patch

d.Patch

Peter is a design engineer at a mobile device manufacturing company. He is designing the core components included in their flagship mobile device being launched during year-end 2020. Peter wants to design a tablet component that would detect vibrations and movements and determine the device's orientation so that the screen image is always displayed upright. Which of the following are materials he should use for developing this component? a.MOSFET (MOS field-effect transistor) amplifiers b.Silicon layered with tantalum and palladium transistors c.Silicon transducer d.Piezoelectric, piezoresistive, and capacitive components

d.Piezoelectric, piezoresistive, and capacitive components

You work for an enterprise that provides various cybersecurity services. You are assigned to examine an enterprise's network and suggest security measures modifications, if necessary. On examining the network, you find that the enterprise hosts most of its computing resources on a cloud platform and few resources on-premises, and both seem to have secure settings implemented. You also find that the enterprise computers use the Windows XP operating system.Which of the following vulnerabilities should you insist on fixing first? a.Third-party vulnerability b.Configuration vulnerability c.Zero-day vulnerability d.Platform vulnerability

d.Platform vulnerability

Which of the following is a social engineering method that attempts to influence the subject before the event occurs? a.Watering hole b.Redirection c.Spear phishing d.Prepending

d.Prepending

What does ransomware do to an endpoint device? a.Ransomware gets accidentally installed in the endpoint device as software along with other programs during the installation process. This happens when the user's installation and download options are overlooked, thus affecting the user application adversely. b.Ransomware attacks the endpoint device without the consent of the user or the device, discreetly collecting and transmitting information, causing harm to the end user. c.Ransomware infects the endpoint devices and launches attacks on the infected endpoint and other devices connected to the network. d.Ransomware attacks the endpoint device holding it hostage by preventing it from functioning unless the user fulfills the ransom payment demanded.

d.Ransomware attacks the endpoint device holding it hostage by preventing it from functioning unless the user fulfills the ransom payment demanded.

Robert is a black box penetration tester who conducted pen testing attacks on all of the network's application servers. He was able to exploit a vulnerability and gain access to the system using a mimikatz tool. Which of the following activities did he perform using mimikatz, and which task should he perform next? a.Robert used mimikatz for phishing, and should perform lateral movement next. b.Robert used mimikatz for footprinting, and should install a backdoor next. c.Robert used mimikatz for tailgating, and should perform phishing next. d.Robert used mimikatz for credential harvesting, and should perform privilege escalation using a high-privileged account next.

d.Robert used mimikatz for credential harvesting, and should perform privilege escalation using a high-privileged account next.

A web application with an SQL server database is found to be compromised by an attacker. On examination, the email IDs of the database have been found modified. This was due to improper validation in the input fields exploited by the attacker.What is the probable attack in the above scenario? a.XSS b.XML Injection c.SSRF d.SQL Injection

d.SQL Injection

Which attack embeds malware-distributing links in instant messages? a.Phishing b.Spam c.Tailgating d.Spim

d.Spim

Over the last few days, several employees in your enterprise reported seeing strange messages containing links in their company's IM account. Even though no one has clicked on the messages, they are spreading throughout the network.Which type of malicious activity is this? a.Vishing b.Whaling c.Spear phishing d.Spimming

d.Spimming

Zeda Corporation provides online training solutions to global customers. To provide e-learning solutions, it integrates with multiple vendor platforms. This ensures seamless transfer to multiple operators' solutions through sign on. Joe, an IT security administrator, noticed that a threat actor has attacked the platform and stolen the user data. The source of this vulnerability was identified as one of the integrated external applications.What type of attack is this? a.This is a backdoor attack. b.This is an AI attack. c.This is a device driver manipulation attack. d.This is an API attack.

d.This is an API attack.

Kelly is asked to choose a mobile management tool that provides a single management interface for all applications, content, and device management. Which of the following is the best one-step solution? a.Mobile content management (MCM) tool b.Mobile device management (MDM) tool c.Mobile application management (MAM) tool

d.Unified environment management (UEM) tool

Anola is the security administrator in XYZ consulting. She is asked to suggest a deployment method where the data is stored in a completely secure, centralized server and accessed by authorized employees using their own devices. Which deployment should Anola choose? a.Corporate-owned personally-enabled (COPE) b.Corporate-owned device (COD) c.Choose your own device (CYOD) d.Virtual desktop infrastructure (VDI)

d.Virtual desktop infrastructure (VDI)

In an application development model, which of the following uses a sequential development process? a.DevOps deployment b.Rapid application development c.Agile development d.Waterfall development

d.Waterfall development

William downloaded some free software to help him with photo editing. A few days later, William noticed several personal photographs were modified and posted to various social media pages with obscene comments. He also noticed that there were videos of him that were morphed and circulated on adult websites. The videos were obviously taken using his webcam.What should William do to fix his problem and prevent it from happening again in the future? a.William should run an antivirus program and scan for all known worms, then download a worm-removal program to ensure all infected files are fully removed from his system. To prevent this in the future, he should run the backdoor check every time he installs a new program. b.William should disable his network devices, then run an antimalware program to scan for keyloggers while his computer is not connected to the internet and delete all infected files. To prevent this in the future, William should never download free software off the internet. c.William should run an antivirus program and scan for all known backdoor viruses, then remove the infected file(s). To prevent this in the future, he should run the backdoor check every time he installs a new program. d.William should run an antimalware program and scan for all known RATs, then quarantine and remove the infected file(s). To prevent this in the future, he should only download software from trusted websites.

d.William should run an antimalware program and scan for all known RATs, then quarantine and remove the infected file(s). To prevent this in the future, he should only download software from trusted websites.

What is the inbuild application available to prevent threat actors from modifying the registry in a Windows 10 operating system? a.Window 10 user interface b.Windows 10 registry editor c.Windows 10 command prompt d.Windows 10 tamper protection

d.Windows 10 tamper protection

A cybercriminal attempts to trick a computer's user into sharing their personal information by implementing content to discreetly capture user information over the actual webpage.What should the user implement to avoid this situation? a.X-XSS b.CSP c.HSTS d.X-Frame

d.X-Frame


Set pelajaran terkait

Eco2023 Public Goods and Common Resources

View Set

Chapter 20 - Problem of Moral Hazard

View Set