it chapter 10
You're the security administrator for a small consulting firm. To ensure that clients' information is secure when emailing, you require that all emails be encrypted. To accomplish this, each consultant has a public encryption key that they share with their clients. The clients are instructed to use that key to encrypt any electronic communications. The consultants then use their private keys to decrypt the communication. Which type of encryption are you using in this scenario?
Asymmetric
You're the security administrator for the local hospital, and you've discovered that the hospital's network was the target of a recent cyberattack. During the investigation, you discover that the hacker gained initial access to the network through a user account. Now you need to continue your forensics investigation to discover where else the hacker gained access to and what damage they may've caused. You decide to enlist the help of some IT personnel. You give them temporary administrator access to help with the investigation and to secure any affected systems. Which type of user account are you creating?
Emergency account
You're the security administrator for a small consulting firm, whose network has been the victim of a ransomware attack. The firm decided to pay the ransom to regain their data, but you've been tasked with investigating the attack so that the vulnerabilities can be patched to hopefully prevent scenarios like this in the future. During your investigation, you discover that the hacker gained initial access to the network through a user account. From there, the hacker was able to gain access to a domain service account. From this account, they ran some custom scripts that exploited vulnerabilities in the network and gave them access to a domain administrator account. With this privileged account, the attacker was able to execute their ransomware attack. You've decided to implement a zero-trust policy to help prevent this type of attack from occurring in the future. You need to make sure that you apply the policy across all six foundational elements. Which of the following elements includes users, services, applications, and IoT devices? Correct Answer:
Identities
You're the security administrator for a small consulting firm, whose network has been the victim of a ransomware attack. The firm decided to pay the ransom to regain their data, but you've been tasked with investigating the attack so that the vulnerabilities can be patched to hopefully prevent scenarios like this one in the future. During your investigation, you discover that the hacker gained initial access to the network through a user account. From there, they were able to gain access to a domain service account. From this account, the hacker ran some custom scripts that exploited vulnerabilities in the network and gave them access to a domain administrator account. With this privileged account, the attacker was able to execute their ransomware attack. You've decided to implement a zero-trust policy to help prevent this type of attack from occurring in the future. Which of the following security measures should you implement for the identities across the network?
Multi-factor authentication
You're the network administrator for a small research firm that's based in Alaska. Your office consists of 20 users and 35 Windows 10 machines. The firm relies on specialized software to perform the needed tasks. When this software is installed, a special account is created that grants the software the required permissions, which uses a digital certificate to validate itself with Windows. The firm has just renewed the software subscription, and you need to update the certificates on each Windows device using the Certificate Manager tool. Which of the following would you perform to open the correct Certificate Manager tool? Correct Answer:
Select Run from the Start menu and type certlm.msc
You're the network administrator for a small research firm based in Alaska. Your office consists of 20 users and 35 Windows 10 machines. The firm relies on specialized software to perform the needed tasks. When this software is installed, a special account is created that grants the software the required permissions, which uses a digital certificate to validate itself with Windows. The firm has just renewed the software subscription, and you need to update the certificates on each Windows device. Which certificate store are these certificates most likely stored in?
Service Account store
You're the security administrator for Contoso Inc., a small consulting firm. Part of your responsibilities include managing the organization's digital certificates. Contoso Inc. is getting ready to launch a new website. As part of the certificate signing request (CSR), you want to include the hostnames: Sales.contoso.com Login.contoso.com Support.contoso.com Which section of the CSR should you include these in?
Subject alternative name
You're the security administrator for a small consulting firm, whose network has been the victim of a ransomware attack. The firm decided to pay the ransom to regain their data, but you've been tasked with investigating the attack so that the vulnerabilities can be patched to hopefully prevent scenarios like this one in the future. During your investigation, you discover that the hacker gained initial access to the network through a user account. From there, they were able to gain access to a domain service account. From this account, the hacker ran some custom scripts that exploited vulnerabilities in the network and gave them access to a domain administrator account. With this privileged account, the attacker was able to execute their ransomware attack. To prevent this type of attack from occurring again, you've decided to implement a new security policy. Which of the following should you implement to protect your network?
Zero-trust security model
