IT 330 Exam 2
What is a Type I hypervisor?
A hypervisor that runs directly on computer hardware
Which of the following best describes a network address translation?
A network translation (NAT) enables a private IP network to connect to the internet
How is a network-based MITM attack executed?
A network-based MITM attack involves a threat actor who inserts himself into a conversation between two parties. The actor impersonates both parties to gain access to information they are sending to each other. Neither of the legitimate parties is aware of the presence of the threat actor and thus communicate freely, thinking they are talking only to the authentic party.
What type of network access control uses Active Directory to scan a device to verify that it is in compliance?
Agentless NAC
What process links several certificates together to establish trust between all the certificates involved?
Certificate Chaining
Which of the following protects SNMP-managed devices from unauthorized access?
Community String
In an interview, Tom was asked to give a brief on how containers perform virtualization. How should Tom reply?
Containers use OS components for virtualization
The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done?
Create a VLAN and add the users' computers / ports to the correct VLAN
What type of attack is being performed when multiple computers overwhelm a system with fake requests?
DDoS
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
DNS poisoning
Which of the following is a feature of secrets management?
Default Encryption
A digital certificate is a technology used to associate a user's identity to a private key.
False
Which of the following tools can be used to secure multiple VMs?
Firewall Virtual appliance
What is the name of a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?
Forward proxy Server
What term is used to describe the software agents that are used by NAC and installed on devices to gather information?
Host health agents
Which type of intrusion detection system can also block attacks?
Inline
As a cybersecurity specialist, you are asked to defend the web app hosted by your enterprise from web application attacks like cross-site scripting, SQL injections, etc. Which of the following actions should you take?
Install WAF
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is transparent to the end users?
Load Balancing
What type of additional attack does ARP spoofing rely on?
MAC Spoofing
Which of the following are considered to be interception attacks?
Man-in-the-middle, replay attacts
Which of the following is a valid way to check the status of a certificate?
Online Certificate Status Protocol, Certificate Revocation List
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?
Privilege Escalation
A framework for all of the entities involved in digital certificates for digital certificate management is known as:
Public Key Infrastructure
What is a jump box used for?
Restricting access to a demilitarized zone
An attack that takes advantage of the procedures for initiating a session is known as what type of attack?
SYN Flood Attatack
Which of the following tools can be used to protect containers from attack?
Security Enhanced Linux
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
Session Hijacking
Which of the following is a deception instrument?
Sinkhole, Honeypot
In an interview, Max was asked to tell one difference between a software firewall and a virtual firewall. How should Max answer?
Software firewalls are locally installed on a device, whereas virtual firewalls run in the cloud.
In _____, VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet.
Split Tunneling
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?
Stateful packet filtering
David is asked to test a new configuration on a virtual machine; if it does not work, it should roll back to the older state. What should David do before testing the new configuration so he can roll it back to the previous state if needed?
Take a screenshot of the virtual machine before testing the configuration
A certificate repository (CR) is a publicly accessible centralized directory of digital certificates.
True
You are a cloud administrator, and you are asked to configure a VPC such that backend servers are not publicly accessible. What should you do to achieve this goal?
Use private subnets for backend servers
In a practical test, Steve was asked to securely connect different on-premises computing devices with a database deployed in the cloud. What action is Steve taking?
Using next-generation secure web gateway
The head of cybersecurity at your enterprise has asked you to set up an IDS that can create the baseline of all system activities and raise an alarm whenever any abnormal activities take place, without waiting to check the underlying cause. Which of the following actions should you take?
You should set up an IDS with anomaly based monitoring methodology.
If a MAC address is permanently "burned" into a network interface card, how can an attacker change the MAC address to perform an ARP poisoning attack?
because the MAC address is stored in a software ARP cache, it can be changed there, which would then result in the corresponding IP address pointing to a different computer.
Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected?
data loss prevention
What process will remove all private and public keys along with the user's identification information in the CA?
destruction
Which of the following certificates verifies the identity of the entity that has control over the domain name?
domain validation digital certificate
Which of the following best describes the cloud access security broker?
ensures the security policies of the enterprise comply with the cloud.
At what stage can a certificate no longer be used for any type of authentication?
expiration
Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs?
host-based intrusion detection system
The process by which keys are managed by a third party, such as a trusted CA, is known as?
key escrow
What two locations can be a target for DNS poisoning?
local host table, external DNS server
What type of attack intercepts communication between parties to steal or manipulate the data?
man-in-the-browser
What role does a key recovery agent fulfill in an enterprise environment?
responsible for recovering lost or damaged digital certificates
Which of the following certificates are self-signed?
root digital certificates
In an interview, you are asked about the role played by virtual machines in load balancing. Which of the following should be your reply?
the virtual machine can be migrated to another physical machine with more capabilities.