ITN 260 Module 15 Review, ITN 260 Module 13 Review, ITN 260 Module 12 Review
Which of the following is NOT part of the AAA framework? a. Authorization b. Authentication c. Accounting d. Access
Access
Which of the following is NOT a consequence to an organization that has suffered a data security breach? a. Reputation damage b. Monetary fine c. De-escalation of reporting requirements d. IP theft
De-escalation of reporting requirements
Which of the following threats would be classified as the actions of a hactivist? a. Environmental threat b. External threat c. Compliance threat d. Internal threat
External Threat
Which of the following is a packet sampling protocol that gives a statistical sample instead of the actual flow of packets? a. IPFIX b. sFlow c. NetFlow d. journalctl
sFlow
Which tool is an open source utility for UNIX devices that includes content filtering? a. nxlog b. syslog c. rsyslog d. syslog-ng
syslog-ng
Which type of access control scheme uses predefined rules that makes it the most flexible scheme? a. DAC b. ABAC c. NAC d. MAC
ABAC
Which of these is a set of permissions that is attached to an object? a. Object modifier b. Entity attribute (EnATT) c. ACL d. SRE
ACL
What can be used to provide both filesystem security and database security? a. LDAPs b. RBASEs c. CHAPs d. ACLs
ACLs
Pablo has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this? a. Authorization b. Authentication c. Attestation d. Accountability
Attestation
Giovanni is completing a report on risks. To which risk option would he classify the action that the organization has decided not to construct a new a data center because it would be located in an earthquake zone? a. Transference b. Prevention c. Avoidance d. Rejection
Avoidance
Which of the following is the most fragile and should be captured first in a forensics investigation? a. Kernel statistics b. CPU cache c. ARP cache d. RAM
CPU cache
Which of the following is NOT an MFA using a smartphone? a. SMS text message b. Authentication app c. Biometric gait analysis d. Automated phone call
Biometric gait analysis
Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate? a. Hybrid attack b. Brute force attack c. Custom attack d. Dictionary attack
Brute Force Attack
Which of these attacks is the last-resort effort in cracking a stolen password digest file? a. Brute force b. Rule list c. Hybrid d. Mask
Brute force
What is a platform used to provide telephony, video, and web conferences that can serve as an entry point to a threat actor? a. SIP b. IP voice c. Call manager d. VoIP
Call Manager
_____ biometrics is related to the perception, thought processes, and understanding of the user. a. Behavioral b. Intelligent c. Cognitive d. Standard
Cognitive
Which of the following data types has the highest level of data sensitivity? a. Sensitive b. Confidential c. Secure d. Private
Confidential
Enzo is reviewing the financial statements and has discovered a serious misstatement. What type of risk has he found? a. Financial risk b. Reporting risk c. Monetary risk d. Control risk
Control Risk
What is a disadvantage of biometric readers? a. Standards b. Cost c. Weight d. Speed
Cost
Which of the following uses data anonymization? a. Data masking b. Data minimization c. Tokenization d. Data obfuscation sanitization (DOS)
Data Masking
Simona needs to research a control that attempts to discourage security violations before they occur. Which control will she research? a. Preventive control b. Detective control c. Deterrent control d. Corrective control
Deterrent Control
Ella wants to research an attack framework that incorporates adversary, infrastructure, capability, and victim. Which of the following would she choose? a. Cyber Kill Chain b. Mitre ATT&CK c. Basic-Advanced Incident (BAI) Framework d. Diamond Model of Intrusion Analysis
Diamond Model of Intrusion Analysis
Angelo has received notification that a business partner will no longer sell or update a specific product. What type of notification is this? a. EOP b. EOL c. EOS d. EOA
EOL
Which of the following is NOT true about data sovereignty? a. Governments cannot force companies to store data within specific countries. b. Data sovereignty is a concept that until recently was less of an issue. c. Generally, data is subject to the laws of the country in which it is collected or processed. d. Regulations are not necessarily on where an organization is headquartered.
Governments cannot force companies to store data within specific countries.
Which one-time password is event driven? a. HOTP b. ROTP c. TOTP d. POTP
HOTP
Which human characteristic is NOT used for biometric identification? a. Retina b. Height c. Fingerprint d. Iris
Height
How is the Security Assertion Markup Language (SAML) used? a. It is no longer used because it has been replaced by LDAP. b. It is an authenticator in IEEE 802.1x. c. It allows secure web domains to exchange user authentication and authorization data. d. It serves as a backup to a RADIUS server.
It allows secure web domains to exchange user authentication and authorization data.
How is key stretching effective in resisting password attacks? a. It does not require the use of salts. b. It requires the use of GPUs. c. The license fees are very expensive to purchase and use it. d. It takes more time to generate candidate password digests.
It takes more time to generate candidate password digests.
Which access control scheme is the most restrictive? a. DAC b. MAC c. Role-Based Access Control d. Rule-Based Access Control
MAC
Bob needs to create an agreement between his company and a third-party organization that demonstrates a "convergence of will" between the parties so that they can work together. Which type of agreement will Bob use? a. ISA b. SLA c. BPA d. MOU
MOU
Which of the following is not a legally enforceable agreement but is still more formal than an unwritten agreement? a. MOU b. BPA c. SLA d. MSA
MOU
Which of the following is the Microsoft version of EAP? a. AD-EAP b. PAP-Microsoft c. EAP-MS d. MS-CHAP
MS-CHAP
Which of these creates a format of the candidate password to significantly reduce the time needed to crack a password? a. Rainbow b. Overlay c. Mask d. Pass the hash
Mask
Which of the following is a Linux utility that displays the contents of system memory? a. memdump b. WinHex c. dd d. Autopsy
Memdump
Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend? a. NTLM b. Shibboleth c. OAuth d. Open ID
OAuth
In which of the following threat classifications would a power blackout be classified? a. Operational b. Technical c. Strategic d. Managerial
Operational
Which of the following control categories includes conducting workshops to help users resist phishing attacks? a. Technical b. Operational c. Managerial d. Administrative
Operational
Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts? a. Role attack b. Online brute force attack c. Password spraying attack d. Offline brute force attack
Password spraying attack
Which of the following should NOT be stored in a secure password database? a. Iterations b. Password digest c. Salt d. Plaintext password
Plaintext password
Blaise needs to create a document that is a linear-style checklist of required manual steps and actions needed to successfully respond to a specific type of incident. What does she need to create? a. ARC Codebook b. Runbook c. Playbook d. SIEM-book
Playbook
Sergio has been asked to make a set of data that was once restricted now available to any users. What data type will Sergio apply to this set of data? a. Unrestricted b. Open c. Public d. Available
Public
Which of the following approaches to risk calculation typically assigns a numeric value (1-10) or label (High, Medium, or Low) to represent a risk? a. Quantitative risk calculation b. Rule-based risk calculation c. Policy-based risk calculation d. Qualitative risk calculation
Qualitative risk calculation
Which of these is NOT an incident response process step? a. Eradication b. Reporting c. Lessons learned d. Recovery
Reporting
Which of these is NOT a response to risk? a. Mitigation b. Transference c. Resistance d. Avoidance
Resistance
What is a list of potential threats and associated risks? a. Risk matrix b. Risk portfolio c. Risk register d. Risk assessment
Risk Register
Emiliano needs to determine the expected monetary loss every time a risk occurs. Which formula will he use? a. ALE b. AV c. SLE d. ARO
SLE
Which of the following should be performed in advance of an incident? a. Isolation b. Capture c. Containment d. Segmentation
Segmentation
Cheryl has been asked to set up a user account explicitly to provide a security context for services running on a server. What type of account will she create? a. User account b. Service account c. Privilege account d. Generic account
Service Account
Which of the following is an authentication credential used to access multiple accounts or applications? a. Federal login b. Identification authentication c. Credentialization d. Single sign-on
Single sign-on
Which of the following is NOT used for authentication? a. Something you can do b. Something you exhibit c. Somewhere you are d. Something you can find
Something you can find
Which of the following is typically a monthly discussion of a scenario conducted in an informal and stress-free environment to evaluate an incident response plan? a. Simulation b. Incident Response Plan Evaluation (IRP-E) c. Tabletop d. Walkthrough
Tabletop
Which of the following is NOT a threat classification category? a. Financial b. Compliance c. Strategic d. Tactical
Tactical
Which of these is NOT a reason that users create weak passwords? a. The length and complexity required force users to circumvent creating strong passwords. b. Having multiple passwords makes it hard to remember all of them. c. A security policy requires a password to be changed regularly. d. A lengthy and complex password can be difficult to memorize.
The length and complexity required force users to circumvent creating strong passwords.
What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time? a. Daylight savings time b. Time offset c. Greenwich Mean Time (GMT) d. Civil time
Time Offset
Which of the following is NOT a problem associated with log management? a. Different log formats b. Multiple devices generating logs c. Time-stamped log data d. Large volume of log data
Time-stamped log data
Which of the following is NOT a concern for users regarding the usage of their privacy data? a. Individual inconveniences and identity theft b. Statistical inferences c. Timeliness of data d. Associations with groups
Timeliness of data
Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers? a. Due to their advanced capabilities, they require only a small amount of computing power. b. Password crackers differ as to how candidates are created. c. Most states prohibit password crackers unless they are used to retrieve a lost password. d. A password cracker attempts to uncover the type of hash algorithm that created the digest because once it is known, the password is broken.
Unknown
Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking? a. Data custodian/steward b. Data privacy officer c. Data processor d. Data controller
Unknown
Which statement about Rule-Based Access Control is true? a. It requires that a custodian set all rules. b. It is considered a real-world approach by linking a user's job function with security. c. It is no longer considered secure. d. It dynamically assigns roles to subjects based on rules.
Unknown
Why are dictionary attacks successful? a. Password crackers using a dictionary attack require less RAM than other types of password crackers. b. Users often create passwords from dictionary words. c. They use pregenerated rules to speed up the processing. d. They link known words together in a "string" for faster processing.
Users often create passwords from dictionary words.