Final ITN260

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Which type of monitoring methodology looks for statistical deviations from a baseline?

Anomaly monitoring

Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use?

Only use compiled and not interpreted Python code

Which of the following will a BIA NOT help determine?

b. Percentage availability of systems

Which of the following types of hackers are strongly motivated by ideology?

c. Hacktivists

Which cloud model requires the highest level of IT responsibilities?

c. IaaS

Which of the following is a physical security measure?

c. Industrial camouflage

Which of these is a set of permissions that is attached to an object?

d. ACL

Which of these is used to send SMS text messages to selected users or groups of users?

Push notification services

What is the term used to describe the connectivity between an organization and a third party?

System integration

Giovanni is completing a report on risks. To which risk option would he classify the action that the organization has decided not to construct a new a data center because it would be located in an earthquake zone?

d. Avoidance

Which of the following is the most fragile and should be captured first in a forensics investigation?

d. CPU cache

Which human characteristic is NOT used for biometric identification?

d. Height

Which of the following is NOT a context-aware authentication?

On-body detection, Trusted places, and Trusted devices

Which of these is NOT a reason that users create weak passwords?

c. The length and complexity required force users to circumvent creating strong passwords.

Egor wanted to use a digital signature. Which of the following benefits will the digital signature NOT provide?

Verify the receiver

The mean time to recovery (MTTR) of a system is zero. What does this imply?

c. The system is highly resilient.

If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, which key does he use to encrypt the message?

Alice's public key

What is the difference between a Trojan and a RAT?

A RAT gives the attacker unauthorized remote access to the victim's computer

Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged?

CTR

In her job interview, Xiu asks about the company policy regarding smartphones. She is told that employees may choose from a limited list of approved devices but that she must pay for the device herself; however, the company will provide her with a monthly stipend. Which type of enterprise deployment model does this company support?

CYOD

What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection?

Certificate attributes

A centralized directory of digital certificates is called a(n) _____.

Certificate repository (CR)

Luka has been asked by his supervisor to monitor the dark web for any IOCs concerning their organization. The next week, Luca reports back that he was unable to find anything due to how looking for information on the dark web is different from using the regular web. Which of the following is not different about looking for information on the dark web?

Dark web search engines are identical to regular search engines

What type of analysis is heuristic monitoring based on?

Dynamic analysis

Which of the following attacks targets the external software component that is a repository of both code and data?

Dynamic-link library (DLL) injection attack

How is confidentiality achieved through IPsec?

ESP

Which of the following is NOT a means by which a bot communicates with a C&C device?

Email

What word is used today to refer to network-connected hardware devices?

Endpoint

Luna is reading a book about the history of cybercrime. She read that the very first cyberattacks that occured were mainly for what purpose?

Fame

Which of the following contains honeyfiles and fake telemetry?

High-interaction honeypot

Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect?

Host table and external DNS server

Which ISO contains controls for managing and controlling risk?

ISO 31000

Which of the following is NOT a reason that threat actors use PowerShell for attacks?

It can be invoked prior to system boot

Which of the following is NOT a characteristic of the Trusted Platform Module (TPM)?

It can easily be transported to another computer

Which of the following is FALSE about "security through obscurity"?

It can only provide limited security

What does containerization do?

It separates personal data from corporate data

Which of the following is NOT an advantage of crowdsourced penetration testing?

Less expensive

What does Windows 10 Tamper Protection do?

Limits access to the registry

Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this?

MAC flooding attack

Which tool manages the distribution and control of apps?

MAM

Cryptography can prevent an individual from fraudulently reneging on an action. What is this known as?

Nonrepudiation

Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use?

Online Certificate Status Protocol (OCSP)

Which of the following is an application protocol for exchanging cyberthreat intelligence over HTTPS?

TAXII

What is the result of an ARP poisoning attack?

The ARP cache is compromised

Lykke's supervisor is evaluating whether to use internal security employees to conduct a penetration test. Lykke does not consider this a good idea and has created a memo with several reasons they should not be used. Which of the following would NOT be part of that memo?

They would have to stay overnight to perform the test.

Which of the following is NOT a Microsoft defense against macros?

Trusted domain

Which of the following is NOT a general information source that can provide valuable in-depth information on cybersecurity?

Twitter

What is a collision?

Two files produce the same digest

Which of the following is NOT a NAC option when it detects a vulnerable endpoint?

Update Active Directory to indicate the device is vulnerable.

Which of the following refers to the method by which an iOS user can access root privileges on the device?

a. Jailbreaking

Bob is sending a message to John. Which algorithm should John use to ensure that Bob is the actual sender of the message and not anyone else?

b. Digital signature algorithm

Which attack creates false deauthentication management frames that appear to come from another client device, which causes the client to disconnect from AP?

b. Disassociation

Mary Alice has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this?

b. Disaster recovery planning

Rob made a physical security review report of his organization in which he proposed replacing physical locks with electronic ones. Which of the following is the best justification for Rob to include in his report?

b. Electronic locks keep track of the accessing time and user identity.

Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing?

b. Evil twin

Bob needs to create an agreement between his company and a third-party organization that demonstrates a "convergence of will" between the parties so that they can work together. Which type of agreement will Bob use?

b. MOU

Your firewall is configured to deny all packets from the address range 192.110.20.30-192.110.20.100, but you want to allow packets from 192.168.20.73. How should you resolve this issue?

b. Make a force allow rule for source address 192.168.20.73.

Which of the following is typically a monthly discussion of a scenario conducted in an informal and stress-free environment to evaluate an incident response plan?

b. Tabletop

Accounting is an important security concept in an enterprise environment. Which of the following best describes accounting in this context?

c. Accounting refers to recording actions of a user on enterprise resources.

Eros wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use?

cat

Which policy restricts the introduction of malicious programs into an enterprise network or server?

d. Acceptable use

John is appointed as a vulnerability assessment engineer in a financial organization. An audit report published by a third-party auditing firm revealed that most of the web servers have cross-site scripting and XML entity injection vulnerabilities. John has been told to perform a vulnerability assessment on these servers to verify if the audit report is valid. He is also told that he should not attempt to engage or exploit any vulnerabilities. By applying his knowledge of vulnerability assessment concepts, which type of vulnerability scanning should John use?

d. Credentialed

What is NOT a firewall feature?

d. Deceiving attackers

Simona needs to research a control that attempts to discourage security violations before they occur. Which control will she research?

d. Deterrent control

Which technique added to cryptographic algorithms can change a single character of plaintext into multiple characters of ciphertext?

d. Diffusion

Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?

d. EAP-FAST

Angelo has received notification that a business partner will no longer sell or update a specific product. What type of notification is this?

d. EOL

Which of the following threats would be classified as the actions of a hactivist?

d. External threat

Alicja is working on a project to deploy automated guided vehicles on the industrial shop floor of the manufacturing plant in which she works. What location of computing would be best for this project?

d. Fog

A BIA can be a foundation for which of the following?

d. Functional recovery plan

Which of the following is NOT true about data sovereignty?

d. Governments cannot force companies to store data within specific countries.

You are the security administrator for an enterprise that follows the bring your own device (BYOD) deployment model. What is the first action that you should take to protect sensitive enterprise data from exposure if an employee device is stolen and can't be located?

d. You should perform a remote wipe.

Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____.

through products, people, and procedures on the devices that store, manipulate, and transmit the information

Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use?

traceroute

Which of the following can a digital certificate NOT be used for?

To verify the authenticity of the CA

Which of the following does NOT describe an area that separates threat actors from defenders?

Containment space

Which of the following is NOT a symmetric cryptographic algorithm?

SHA

Which of these creates a format of the candidate password to significantly reduce the time needed to crack a password?

a. Mask

Which of these is NOT a response to risk?

a. Resistance

What is a list of potential threats and associated risks?

a. Risk register

Which configuration of WLANs has the following flaws?

b. WPS

Which of the following accounts is the least vulnerable to cyberattacks?

c. Personal account

Which of the following is NOT a threat classification category?

c. Tactical

What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption?

.P7B

Akira is explaining to his team members the security constraints that have made it a challenge for protecting a new embedded system. Which of the following would Akira NOT include as a constraint?

Availability

Which type of malware relies on LOLBins?

Fileless virus

Which of the following tries to detect and stop an attack?

HIPS

Which boot security mode sends information on the boot process to a remote server?

Measured Boot

_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.

Session keys

What is Bash?

The command-language interpreter for Linux/UNIX OSs

Which type of access control scheme uses predefined rules that makes it the most flexible scheme?

a. ABAC

What can be used to provide both filesystem security and database security?

a. ACLs

Which of the following is NOT part of the AAA framework?

a. Access

Pablo has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this?

a. Attestation

Which of the following data types has the highest level of data sensitivity?

a. Confidential

Which of the following data types have the highest level of data sensitivity?

a. Confidential

What does an incremental backup do?

a. Copies all files changed since the last full or incremental backup

Which of the following can be used to enhance privacy data protection?

a. Data anonymization

Which of the following uses data anonymization?

a. Data masking

Which of these is NOT used in scheduling a load balancer?

a. Data within the application message itself

For which of the following systems is resilience through redundancy the least important?

a. Desktops

Ella wants to research an attack framework that incorporates adversary, infrastructure, capability, and victim. Which of the following would she choose?

a. Diamond Model of Intrusion Analysis

Joseph, a black hat hacker, is approached by Sigma Technology to check the enterprise's security. He is told that the system is being checked to verify whether the higher-security mode of operations is moved automatically to another version during a cyberattack on the network, making it easier to attack. Which mode should Joseph use to test this vulnerability, and why?

a. Downgrade attack because, in a downgrade attack, an attacker forces the system to abandon the current mode of operation and instead move it to implement a less secure mode.

Which of the following is a valid biometric authentication method?

a. Gait recognition

Which of the following is not a legally enforceable agreement but is still more formal than an unwritten agreement?

b. MOU

Which of the following is the Microsoft version of EAP?

b. MS-CHAP

Which one-time password is event driven?

a. HOTP

Which of the following trust models has only one CA signing digital certificates?

a. Hierarchical trust model

Which of the following recovery sites is more expensive to maintain?

a. Hot site

Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?

a. Hot site

Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key?

a. IV

Thea has received a security alert that someone in London attempted to access the email account of Sigrid, who had accessed it in Los Angeles one hour before. What feature determined an issue and send this alert to Thea?

a. Impossible Travel

Why is the UEFI framework considered to be better than the BIOS framework?

a. It has a better user interface and supports remote troubleshooting.

Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP?

a. It is a framework for transporting authentication protocols.

Which of the following is NOT true about RAID?

a. It is designed primarily to backup data.

What is virtual desktop infrastructure?

a. It is the process of running a user desktop inside a VM residing on a server.

Which of the following is NOT correct about L2TP?

a. It must be used on HTML5 compliant devices.

Which of the following is true about secrets management?

a. It provides a central repository.

Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend?

a. OAuth

What device is always running off its battery while the main power runs the battery charger?

a. Online UPS

Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts?

a. Password spraying attack

Which of the following is a document that outlines specific requirements or rules that must be met?

a. Policy

Which of the following can a UPS NOT perform?

a. Prevent certain applications from launching that will consume too much power

What is the average amount of time that it will take a device to recover from a failure that is not a terminal failure?

b. MTTR

Which of the following virtualizes parts of a physical network?

a. SDN

Which of the following provides the highest level of security?

a. SFTP

What is a definition of RPO?

c. The maximum length of time that can be tolerated between backups

Typically, certain employees of an organization get texts that update them on various IT activities. If there is a support ticket or downtime, they will receive texts to let them know about the activity. They have started to receive some messages via text instructing them to call the IT help desk at the provided number. When they call the help desk number, a recording asks them for their employee ID.

a. Smishing

Which of these is NOT a factor in determining restoration order?

a. Speed of implementation

What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time?

a. Time offset

You are the security administrator in your organization and have been asked to choose a deployment method that ensures the utmost security, where the data is stored in a centralized server and can be accessed by authorized employees using their own devices. Which of the following should you choose?

a. Virtual desktop infrastructure (VDI)

In an interview, you are provided the following statements regarding virtualization security. Which statement should you identify as correct?

b. A software-defined network virtualizes parts of the physical network to be more quickly and easily reconfigured.

What is a thin client?

b. A thin client is a computer that runs from resources stored on a central cloud server.

Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be?

b. Bluesnarfing

What is a platform used to provide telephony, video, and web conferences that can serve as an entry point to a threat actor?

b. Call manager

For which of the following is the encapsulating security payload (ESP) protocol applied?

b. Confidentiality

Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC?

b. Controller AP

What is a disadvantage of biometric readers?

b. Cost

What is data masking?

b. Creating the copy of data by obfuscating sensitive elements

Which type of vulnerability scan mimics the work of a threat actor who has already exploited a vulnerability and compromised credentials to access the network?

b. Credentialed scan

Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider?

b. DNS sinkhole

Which of the following are country-specific requirements that apply to data?

b. Data sovereignty

Which wireless probe is designed exclusively to monitor the airwaves for RF transmissions?

b. Dedicated probes

Which application intercepts user requests from the secure internal network and then processes them on behalf of the user?

b. Forward proxy

Which part of the NIST Cybersecurity frameworks defines the activities needed to attain the different cybersecurity results?

b. Framework core

Which of the following is NOT used to identify or enforce what mobile devices can do based on the location of the device?

b. Geo-spatial

You have been instructed to set up a system in a conference room where only trusted employees can access both the secure internal corporate network and the internet, and public users are restricted from accessing the internet from the same network.

b. IEEE 802.1x

Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack?

b. IEEE 802.iw separate

Shaun is an external penetration testing consultant. The Chief Information Security Officer (CISO) of the organization he is working with indicated that none of the internal higher management executives should receive any kind of spear-phishing emails during Shaun's testing. Which part of the rules of engagement would cover this limitation?

b. Internal targets

How is key stretching effective in resisting password attacks?

b. It takes more time to generate candidate password digests.

Which of the following is a snooping malware?

b. Keylogger

Quinton has been asked to analyze the TTPs of an attack that recently occurred and prepare an SOP to hunt for future treats. When researching the recent attack, Quinton discovered that after penetrating the system, the threat actor moved through the network using elevated credentials. Which technique was the threat actor using to move through the network?

b. Lateral movement

Which of these is a vulnerability of MAC address filtering in a WLAN?

b. MAC addresses are initially exchanged unencrypted.

Which of the following systems combines the functions of a printer, copier, scanner, fax machine, and special-purpose computer with a CPU?

b. MFP

Linnea is researching a type of storage that uses a single storage device to serve files over a network and is relatively inexpensive. What type of storage is Linnea researching?

b. NAS

Which devices are used as a contactless alternative to cash or a credit card payment system?

b. NFC

Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate?

b. Near field communication (NFC)

Which of the following performs a real-time lookup of a certificate status?

b. Online certificate status protocol (OCSP)

Which of the following control categories includes conducting workshops to help users resist phishing attacks?

b. Operational

Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers?

b. Password crackers differ as to how candidates are created.

You want to use different passwords for different accounts by remembering just one password. Which of the following tools fits your need?

b. Password vault

Meta is a penetration testing engineer assigned to pen test the security firm's network. So far, she cannot tunnel through the network looking for additional systems accessible through advanced privileges. What should Meta do to gain repeated and long-term access to the system in the future?

b. Perform backdoor installation

What is a difference between NFC and RFID?

b. RFID is designed for paper-based tags while NFC is not.

Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust?

b. RFID spectrum

In a device driver manipulation attack, which of the following changes a device driver's existing code design?

b. Refactoring

Which of the following is NOT an element that should be part of a BCP?

b. Robustness

In WPA3, what is designed to increase security at the handshake, when keys are being exchanged, even if the password is small or weak?

b. SAE

Emiliano needs to determine the expected monetary loss every time a risk occurs. Which formula will he use?

b. SLE

Which of the below cryptographic protocol is an encrypted alternative to the Telnet protocol used to access remote computers?

b. Secure shell (SSH)

Which of the following should be performed in advance of an incident?

b. Segmentation

What does the term "serverless" mean in cloud computing?

b. Server resources of the cloud are inconspicuous to the end user.

Cheryl has been asked to set up a user account explicitly to provide a security context for services running on a server. What type of account will she create?

b. Service account

Which application protocol is used to exchange cyber threat intelligence over HTTP?

b. TAXII

Jennifer created an e-learning web application where a login form has to be filled by the user entering the application. Jennifer created an 8-byte buffer for the user name file while developing the application. One day, the application halted with denial of service. An attack on the web application due to the incorrect entry of input values in the login screen was then discovered.

b. This is due to a buffer overflow attack.

Which of the following only encrypts the IP packet data and leaves the header unencrypted?

b. Transport mode

Which of the following best describes password spraying?

b. Trying a common password on different user accounts

In a practical test, you are given a computer with a Windows host OS. You are asked to install a guest machine with Linux OS. What should you do?

b. Use Type II hypervisor program

Which of the following can be used to enforce strong credential policies for an organization?

b. Windows Active Directory

Which of these is NOT a risk when a home wireless router is not securely configured?

b. Wireless endpoints must be manually approved to connect to the WLAN.

Which of the following is an improvement of UEFI over BIOS?

b. enhanced boot security

Which of the following best describes attacks due to application vulnerabilities that trick the vulnerable application(s) into producing more executable files in the system?

c. Process spawning control

Which of the following is the safest authentication method?

c. Authentication using security keys

Which of the following is NOT a cloud computing security issue?

c. Bandwidth utilization

Which of the following is NOT an MFA using a smartphone?

c. Biometric gait analysis

Which of these attacks is the last-resort effort in cracking a stolen password digest file?

c. Brute force

Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate?

c. Brute force attack

Which of these is the encryption protocol for WPA2?

c. CCMP

Which of the following is a federal initiative that is designed to encourage organizations to address how critical operations will continue under a broad range of negative circumstances?

c. COOP

Aleksandra, the company HR manager, is completing a requisition form for the IT staff to create a type of cloud that would only be accessible to other HR managers like Aleksandra who are employed at manufacturing plants. The form asks for the type of cloud that is needed. Which type of cloud would best fit Aleksandra's need?

c. Community cloud

An enterprise's annual financial statement reported an overall profit when there was actually a loss. Which of the following risks has occurred?

c. Control risk

Which layer of the OSI model is targeted by the threat actors for layer 2 attack?

c. Data link layer

Which of the following is NOT a consequence to an organization that has suffered a data security breach?

c. De-escalation of reporting requirements

Nadia has been asked to perform dynamic resource allocation on specific cloud computing resources. What action is Nadia taking?

c. Deprovisioning resources that are no longer necessary

Which of the following will NOT protect a container?

c. Eliminate APIs.

Which of the following provides multiple forensic tools in a single interface?

c. FTK imager

The company that developed the office productivity software used on both static and mobile devices by your organization has audited some code and noticed a potential security issue. To address the issue, they have released and automatically scheduled an update to ensure that all users receive it.

c. Firmware

Which of the following is NOT a characteristic of cloud computing?

c. Invisible resource pooling

How does BPDU guard provide protection?

c. It detects when a BPDU is received from an endpoint.

Which statement about Rule-Based Access Control is true?

c. It dynamically assigns roles to subjects based on rules.

Which cryptography method provides cryptographic solutions uniquely customized to low-power devices that need to manage resources instead of security constraints?

c. Lightweight cryptography

Frank is authorized to issue mandatory security guidelines for IoT device manufacturers in the United States. Which of the following guidelines should Frank NOT issue?

c. The devices should present a cost-effective solution for consumers.

Which access control scheme is the most restrictive?

c. MAC

Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use?

c. Masking

Which agreement specifies how confidential material will be shared between certain parties but restricted to others?

c. Nondisclosure agreement

Which of these does not require authentication?

c. Open method

Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?

c. PIN method

Which of the following social engineering attacks continues to be a primary weapon used by threat actors?

c. Phishing

Which of the following should NOT be stored in a secure password database?

c. Plaintext password

Identifying the attack, containing its spread, recovering, and improving the defenses can be done by which of the following?

c. Preparing incident response plans

A zero-day vulnerability has been found in an e-commerce website used to purchase electronics. Neither the website owner nor the general public knows about the vulnerability; it was discovered by a computer security specialist making a purchase. What should the specialist do?

c. Privately share their findings regarding the zero-day vulnerability with the e-commerce company.

Which of the following approaches to risk calculation typically assigns a numeric value (1-10) or label (High, Medium, or Low) to represent a risk?

c. Qualitative risk calculation

When assessing risks, you found that a customer database in your enterprise has a higher risk calculation than a product database and allocated more resources to protect the customer database.

c. Quantitative risk assessment

Rachel has taken over as a systems administrator of Creative Network, which has a network of 300 computers in two different domains. Rachel has been instructed by the CEO to ensure all employees have access to a certain set of folders on the server. The individual workstations may have the personal data of employees in a particular folder. She was informed that there have been previous instances where employees misused the machines.

c. Rachel should set the least functionality for both servers and user desktops.

Which of these is NOT an incident response process step?

c. Reporting

Which WPA3 security feature is designed to increase security at the time of the handshake?

c. SAE

Which protocol can send cryptographic confirmation that an endpoint is who it claims to be so that ARP poisoning is hindered?

c. SEND

Which of the following protocols can protect network equipment from unauthorized access?

c. SNMP

Which of the following is a VPN protocol?

c. SSTP

Which of the following is NOT a feature of a next-generation SWG?

c. Send alerts to virtual firewalls

Your enterprise network's security was breached when a non-employee connected a device to the network. In a security review meeting, you were asked to employ appropriate measures to prevent this from happening in the future while, at the same time, continuing to allow outsiders to connect to the network. Which of the following actions should you take?

c. Set up a network access control

Which of the following is an authentication credential used to access multiple accounts or applications?

c. Single sign-on

Ricky entered a restricted lab by scanning his finger on the fingerprint scanner outside the door. Which type of authentication credential allowed Ricky to enter the lab?

c. Something you are.

Which of the following is NOT used for authentication?

c. Something you can find

Which of the following encrypts one character at a time?

c. Stream

David, a software engineer, recently bought a brand new laptop because his enterprise follows the BYOD (bring your own device) model. David was part of a software development project where the software code was leaked before its release. Further investigation proved that a vulnerability in David's laptop caused the exposure. David insists he never used the laptop to access any network or integrate any devices, and the laptop was kept in a vault while not in use. Which of the following attack vectors was used by the threat actor?

c. Supply chain

PDC Bank is working on creating an AI application that enables customers to send SMS to the AI application to allow banking activities from their registered ID. Jane, the project engineer, has taken bank customer data from the last few years from the server and is using it to train the ML to recognize and authenticate actual users and to ensure unauthorized users are barred from entering the application.

c. Tainted training data for ML

Which of the following best describes artifacts?

c. Technology devices that may contain evidence

Which of the following is NOT correct about high availability across zones?

c. They require that specific security appliances be located on-prem so that the local data center can be considered as a qualified Zone.

Which of the following is NOT a problem associated with log management?

c. Time-stamped log data

Wiktoria is frustrated that her company is using so many different cloud services that span multiple cloud provider accounts and even different cloud providers. She wants to implement a technology to give full control and visibility over all the cloud resources, including network routing and security. What product does Wiktoria need?

c. Transit gateway

Which type of hypervisor runs directly on the computer's hardware?

c. Type I

Hassan has been asked to choose a mobile management tool that can provide a single management interface for application, content, and device management. Which of the following is the best solution?

c. Unified environment management (UEM) tool

Which category of cybersecurity vulnerability is exploited by attackers before anyone else knows about it?

c. Zero day

Which of the following is a Linux utility that displays the contents of system memory?

c. memdump

Which of the following can be a log data source for investigating a security breach?

c. metadata

Which of the following is a packet sampling protocol that gives a statistical sample instead of the actual flow of packets?

c. sFlow

Which tool is an open source utility for UNIX devices that includes content filtering?

c. syslog-ng

Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered?

d. Captive portal

Margaux is reviewing the corporate policy that stipulates the processes to be followed for implementing system changes. Which policy is she reviewing?

d. Change control policy

_____ biometrics is related to the perception, thought processes, and understanding of the user.

d. Cognitive

Which of the following is NOT correct about containers?

d. Containers require a full OS whenever APIs cannot be used.

Enzo is reviewing the financial statements and has discovered a serious misstatement. What type of risk has he found?

d. Control risk

Which of the following is an attack that affects data availability?

d. DDoS attack

Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking?

d. Data custodian/steward

An attack where the threat actor changes the value of the variable outside of the programmer's intended range is known as _____________.

d. Integer overflow

Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability?

d. It allows an attacker to bypass network security configurations.

How is the Security Assertion Markup Language (SAML) used?

d. It allows secure web domains to exchange user authentication and authorization data.

Which statement regarding a demilitarized zone (DMZ) is NOT true?

d. It contains servers that are used only by internal network users.

The CEO is frustrated by the high costs associated with security at the organization and wants to look at a third party assuming part of their cybersecurity defenses. Nikola has been asked to look into acquiring requests for proposal (RFPs) from different third parties. What are these third-party organizations called?

d. MSSPs

Molly needs to access a setting in Microsoft Windows Group Policy to change the type of a network to which a computer is attached. Which setting must Molly change?

d. Network Location

In which of the following threat classifications would a power blackout be classified?

d. Operational

Oliwia has been given a project to manage the development of a new company app. She wants to use a cloud model to facilitate the development and deployment. Which cloud model will she choose?

d. PaaS

Blaise needs to create a document that is a linear-style checklist of required manual steps and actions needed to successfully respond to a specific type of incident. What does she need to create?

d. Playbook

Which keys are supposed to be kept confidential and not shared with anyone?

d. Private key

Sergio has been asked to make a set of data that was once restricted now available to any users. What data type will Sergio apply to this set of data?

d. Public

Zuzana is creating a report for her supervisor about the cost savings associated with cloud computing. Which of the following would she NOT include on her report on the cost savings?

d. Reduction in broadband costs

You want to install a non-biometric authentication method to reduce overall costs. Which of the following is the best fit?

d. Security keys

Which of the following is NOT a characteristic of a trusted platform module (TPM)?

d. TPM includes a pseudorandom number generator.

ABC Automobiles is a large manufacturing company based in Munich, Germany. To ensure productivity, all departments like Finance, Purchase, Sales, R&D, Management, etc., are using computers, and for security, each department is placed in different physical and logical networks while interconnected. Johnson, the Vice President of IT, has requested your service in identifying a problem.

d. This is most probably a bot attack.

Which of the following is NOT a concern for users regarding the usage of their privacy data?

d. Timeliness of data

You are working in a data center when you suddenly notice a fire in the server room. Which of the following measures should you take first to suppress the fire?

d. Use the stationary fire suppression system

Which of these is NOT created and managed by a microservices API?

d. User experience (UX)

Why are dictionary attacks successful?

d. Users often create passwords from dictionary words.

Which of these is NOT a type of wireless AP probe?

d. WNIC probe

Which utility sends custom TCP/IP packets?

hping

Which of the following is a third-party OS penetration testing tool?

sn1per

Which of the following is a standard for the handling of customer card information?

PCI DSS

Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need?

Policy-based firewall

Which stage conducts a test that will verify the code functions as intended?

Staging stage

What is a virtual firewall?

A firewall that runs in the cloud

Which is an IPsec protocol that authenticates that packets received were sent from the source?

AH

Which of the following is technology that imitates human abilities?

AI

What are the two limitations of private information sharing centers?

Access to data and participation

What is another name for footprinting?

Active reconnaissance

In which of the following configurations are all the load balancers always active?

Active-active

Which of these is the strongest symmetric cryptographic algorithm?

Advanced Encryption Standard

Which tool is most commonly associated with state actors?

Advanced Persistent Threat (APT)

Which firewall rule action implicitly denies all other traffic unless explicitly allowed?

Allow

Deo has been asked to explain RSA to his colleague. After his explanation, Deo is asked what, if any, weaknesses RSA has. How would Deo respond?

As computers become more powerful, the ability to compute factoring has increased

Which of the following is NOT a means by which a newly approved root digital certificate is distributed?

Application updates

Hisoka is creating a summary document for new employees about their options for different mobile devices. One part of his report covers encryption. What would Hisoka NOT include in his document?

Apple uses file-based encryption to offer a higher level of security

Agape has been asked to experiment with different hardware to create a controller for a new device on the factory floor. She needs a credit-card-sized motherboard that has a microcontroller instead of a microprocessor. Which would be the best solution?

Arduino

Which of the following is NOT a characteristic of a penetration test?

Automated

Oskar has been receiving emails about critical threat intelligence information from a public information sharing center. His team leader has asked him to look into how the process can be automated so that the information can feed directly into their technology security. What technology will Oskar recommend?

Automated Indicator Sharing (AIS)

What penetration testing level name is given to testers who have no knowledge of the network and no special privileges?

Black box

Gabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer?

Blocking ransomware

What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments?

Brokers

Which type of memory vulnerability attack manipulates the "return address" of the memory location of a software program?

Buffer overflow attack

What is the name of the device protected by a digital certificate?

CN

Which group is responsible for the Cloud Controls Matrix?

CSA

Which of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website?

CSRF

Which of these is NOT a characteristic of a secure hash algorithm?

Collisions should occur no more than 15 percent of the time

Which of the following ensures that only authorized parties can view protected information?

Confidentiality

What entity calls in crypto modules to perform cryptographic tasks?

Crypto service provider

Marius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation?

Cryptomalware can encrypt all files on any network that is connected to the employee's computer

Which is the final rule of engagement that would be conducted in a pen test?

Reporting

Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user?

DNS poisoning attack

Which of the following is NOT a characteristic of malware?

Diffusion

Which of the following is not to be decrypted but is only used for comparison purposes?

Digest

What is the strongest technology that would assure Alice that Bob is the sender of a message?

Digital certificate

What is the difference between a DoS and a DDoS attack?

DoS attacks use fewer computers than DDoS attacks

Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need?

Domain validation

Basil was reading about a new attack that forces the system to abandon a higher cryptographic security mode of operation and instead fall back to an older and less secure mode. What type of attack is this?

Downgrade attack

Which of the following functions does a network hardware security module NOT perform?

Fingerprint authentication

Which device intercepts internal user requests and then processes those requests on behalf of the users?

Forward proxy server

What enforces the location in which an app can function by tracking the location of the mobile device?

Geofencing

What is the process of identifying the geographical location of a mobile device?

Geolocation

Which of these provides cryptographic services and is external to the device?

Hardware Security Module (HSM)

Which of the following is not something that a SIEM can perform?

Incident response

Which of the following of the CIA Triad ensures that the information is correct, and no unauthorized person has altered it?

Integrity

Which of the following is FALSE about a quarantine process?

It holds a suspicious application until the user gives approval

Which of the following is NOT true about VBA?

It is being phased out and replaced by PowerShell

What is the advantage of a secure cookie?

It is sent to the server over HTTPS

An IOC occurs when what metric exceeds its normal bounds?

KRI

Which refers to a situation in which keys are managed by a third party, such as a trusted CA?

Key escrow

Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?

LOLBins

Which of these is NOT a security feature for locating a lost or stolen mobile device?

Last known good configuration

When researching how an attack recently took place, Nova discovered that the threat actor, after penetrating the system, started looking to move through the network with their elevated position. What is the name of this technique?

Lateral movement

Which of the following is not a basic configuration management tool?

MAC address schema

Which of the following is not used to describe those who attack computer systems?

Malicious agent

Which attack intercepts communications between a web browser and the underlying OS?

Man-in-the-browser (MITB)

What allows a device to be managed remotely?

Mobile Device Management (MDM)

Which of the following is not a reason why a legacy platform has not been updated?

No compelling reason for any updates

Which of the following is not a recognized attack vector?

On-prem

Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack?

Operational Technology

Randall's roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn't want the software because it slows down the computer. What type of software is this?

PUP

Which of these is considered the strongest type of passcode to use on a mobile device?

Password

Which of the following is not an issue with patching?

Patches address zero-day vulnerabilities

What are public key systems that generate different random public keys for each session?

Perfect forward secrecy

What is data called that is to be encrypted by inputting it into a cryptographic algorithm?

Plaintext

Ebba has received a new initiative for her security team to perform an in-house penetration test. What is the first step that Ebba should undertake?

Planning

What are the two concerns about using public information sharing centers?

Privacy and speed

Which of the following is false about the CompTIA Security+ certification?

Professionals who hold the Security+ certification earn about the same or slightly less than security professionals who have not achieved this certification.

Which of the following classifications of data is least important?

Proprietary

Which of the following sensors can detect an object that enters the sensor's field?

Proximity

Which of the following technologies can convert a texting app into a live chat platform?

RCS

Brielle is researching substitution ciphers. She came across a cipher in which the entire alphabet was rotated 13 steps. What type of cipher is this?

ROT13

Which type of OS is typically found on an embedded system?

RTOS

Linnea has requested to be placed on the penetration testing team that scans for vulnerabilities to exploit them. Which team does she want to be placed on?

Red Team

What term refers to changing the design of existing code?

Refactoring

Who verifies the authenticity of a CSR?

Registration authority

Which of the following are developed by established professional organizations or government agencies using the expertise of seasoned security professionals?

Regulations

What are documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas?

Requests for comments (RFCs)

Which of the following is NOT an important OS security configuration?

Restricting patch management

Which of these is NOT a basic security protection for information that cryptography can provide?

Risk

Banko's sister has just downloaded and installed an app that allows her to circumvent the built-in limitations on her Android smartphone. What is this called?

Rooting

Cicero is researching hash algorithms. Which algorithm would produce the longest and most secure digest?

SHA3-512

Which of the following can automate an incident response?

SOAR

Tuva's supervisor wants to share a recent audit outside the organization. Tuva warns him that this type of audit can only be read by those within the organization. What audit does Tuva's supervisor want to distribute?

SSAE SOC 2 Type II

Which of the following manipulates the trusting relationship between web servers?

SSRF

What prevents a mobile device from being used until the user enters the correct passcode?

Screen lock

Tilde is working on a contract with the external penetration testing consultants. She does not want any executives to receive spear-phishing emails. Which rule of engagement would cover this limitation?

Scope

Which of the following groups have the lowest level of technical knowledge?

Script kiddies

Which is a protocol for securely accessing a remote computer in order to issue a command?

Secure Shell (SSH)

Which of the following is true regarding the relationship between security and convenience?

Security and convenience are inversely proportional

Which of the following is not true regarding security?

Security is a war that must be won at all costs

After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and will be a supervisor over a group of security technicians. Which of these generally recognized security positions has she been offered?

Security manager

Which of these would NOT be considered the result of a logic bomb?

Send an email to Rowan's inbox each Monday morning with the agenda of that week's department meeting.

Which statement regarding a keylogger is NOT true?

Software keyloggers are generally easy to detect

Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose?

Split tunnel

Which of the following groups use Advanced Persistent Threats?

State actors

Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this?

Stateful packet filtering

Which of the following hides the existence of information?

Steganography

Which of the following is not an improvement of UEFI over BIOS?

Support of USB 3.0

Which privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information?

TLP

Which of the following is a tool for editing packets and then putting the packets back onto the network to observe their behavior?

Tcpreplay

What is low latency?

The time between when a byte is input into a cryptographic cipher and when the output is obtained

Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say?

The user's identity with their public key

Which is the first step in a key exchange?

The web browser sends a message ("ClientHello") to the server

Which of the following is NOT a limitation of a threat map?

They are difficult to vizualize

How do vendors decide which should be the default settings on a system?

Those settings that provide the means by which the user can immediately begin to use the product.

Which premise is the foundation of threat hunting?

Threat actors have already infiltrated our network

What race condition can result in a NULL pointer/object dereference?

Time of check/time of use race condition

What is the purpose of certificate chaining?

To group and verify digital certificates

What is an objective of state-sponsored attackers?

To spy on citizens

Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing?

Two-person integrity/control

Hakaku needs a tool with a single management interface that provides capabilities for managing and securing mobile devices, applications, and content. Which tool would be the best solution?

UEM

Enki received a request by a technician for a new subnotebook computer. The technician noted that he wanted USB OTG support and asked Enki's advice regarding its. Which of the following would Enki NOT tell him?

USB OTG is only available for connecting Android devices to a subnotebook

Which of these appliances provides the broadest protection by combining several security functions?

UTM

Which of the following is NOT an advantage to an automated patch update service?

Users can disable or circumvemt updates just as they can if their computer is configured to use the vendor's online update service

Which of the following is NOT a firewall rule parameter?

Visibility

Which model uses a sequential design process?

Waterfall model

Which type of hacker will probe a system for weaknesses and then privately provide that information back to the organization?

White hat hackers

Which of these is a list of preapproved applications?

Whitelist

Aoi has been asked to provide research regarding adding a new class of Android smartphones to a list of approved devices. One of the considerations is how frequently the smartphones receive firmware OTA updates. Which of the following reasons would Aoi NOT list in her report as a factor in the frequency of Android firmware OTA updates?

Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks

Which of the following is known as a network virus?

Worm

Which of the following attacks is based on a website accepting user input without sanitizing it?

XSS

Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network?

a. Wi-Fi Direct

Which of the following is the Windows network analysis tool that checks the connection to each hop between source and destination?

b. Pathping

Which commercial data classification level would be applied to a data set of the number of current employees at an organization and would only cause a small amount of harm if disclosed?

b. Public


Set pelajaran terkait

advanced accounting exam 1 ch 1-5

View Set

A&P - Chapter 2: "The Building Blocks of Matter"

View Set

Abeka 7th Grade Science Chapter 12

View Set

BIOL 2401 Unit #3 Lecture Exam Ch. 10

View Set

In the book The Lion the Witch and the Wardrobe,

View Set

Math 10 - Factors and Multiples of Whole Numbers

View Set

Leccion 14 Ortografía: Emparejar

View Set