Javonne week 10
Bring your own device
A BYOD policy allows employees to use personal devices for work related tasks.
Subscriber identity module (SIM) card
A SIM card encrypts data transmission and stores information.
Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on their personal tablets. The chief information officer worries that one of these users might also use their tablet to steal sensitive information from the organization's network. Your job is to implement a solution that prevents insiders from accessing sensitive information stored on the organization's network from their personal devices while still giving them access to the internet. Which of the following should you implement?
A guest wireless network that is isolated from your organization's production network
Memory leak
A leak that happens when dynamic memory is allocated in a program, but no pointers are connected to it causing it to never be returned when requested.
API attacks
A malicious use of an API (application programming interface).
Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on company-owned tablets. These tablets contain sensitive information. If one of these tablets is lost or stolen, this information could end up in the wrong hands. The chief information officer wants you to implement a solution that can be used to keep sensitive information from getting into the wrong hands if a device is lost or stolen. Which of the following should you implement?
A mobile device management (MDM) infrastructure
Secure Shell (SSH)
A protocol that allows for secure interactive control of remote systems.
Secure Sockets Layer (SSL)
A protocol that secures messages being transmitted on the internet.
Transport Layer Security (TLS)
A protocol that secures messages being transmitted on the internet. It is the successor to SSL 3.0.
Encapsulating Security Payload (ESP)
A protocol within IPsec that provides all the security of AH plus confidentiality.
Authentication Header (AH)
A protocol within IPsec that provides authenticity, non-repudiation, and integrity.
Hyper Text Transfer Protocol Secure (HTTPS)
A secure form of HTTP that uses either SSL or TLS to encrypt sensitive data before it is transmitted.
Race conditions
A sequence of events with dependencies that a system is programmed to run in a certain order which can lead to a time-of-check to time-of-use bug vulnerability.
Internet Protocol Security (IPsec)
A set of protocols that provides secure data transmission over unprotected TCP/IP networks.
Which of the following could be an example of a malicious insider attack?
A user uses the built-in microphone to record conversations.
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.)
AH ESP
Which of the following is a policy that defines appropriate and inappropriate usage of company resources, assets, and communications?
Acceptable use policy (AUP)
Acceptable use policy
An AUP determines the rules for using corporate resources, such as internet access, computers, etc.
Which of the following defines an acceptable use agreement?
An agreement that identifies employees' rights to use company property, such as internet access and computer equipment, for personal use.
Secure Hypertext Transfer Protocol (S-HTTP)
An alternate protocol that is not widely used because it is not as secure as HTTPS.
Pass the hash
An attack in which an attacker obtains a hashed password and uses it to gain unauthorized access.
Buffer overflow
An attack that exploits an operating system or an application that does not properly enforce boundaries for inputting data such as the amount of data or the type of data.
Resource exhaustion
An attack that focuses on depleting the resources of a network to create a denial of service to legitimate users.
Driver manipulation
An attack that focuses on device drivers. The attack uses refactoring or shimming.
SSL stripping
An attack that focuses on stripping the security from HTTPS-enabled websites.
Replay attack
An attack that happens when network traffic is intercepted by an unauthorized person who then delays or replays the communication to its original receiver, acting as the original sender. The original sender is unaware of this occurrence.
Pointer/object dereferencing
An attack that retrieves a value stored in memory that can be exploited through a NULL pointer dereference.
Which of the following is an open-source hardware and software company that designs and manufactures single-board microcontrollers as well as kits to build digital devices?
Arduino
Arduino
Arduino is an open-source hardware and software platform for building electronic projects.
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?
Buffer overflow attack
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
Buffer overflow attack
Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target?
Buffer overflow attack
Which device deployment model gives businesses significant control over device security while allowing employees to use their devices to access both corporate and personal data?
COPE
What is the primary function of the IKE Protocol used with IPsec?
Create a security association between communicating partners.
Which rights management category is applied to music, videos, and software that is sold to consumers?
DRM
Which of the following is a technology that tries to detect and stop sensitive data breaches, or data leakage incidents, in an organization?
Data loss prevention
Why do attackers prefer to conduct distributed network attacks in static environments? (Select two.)
Devices tend to employ much weaker security than traditional network devices Devices are typically more difficult to monitor than traditional network devices
Which of the following protocols can TLS use for key exchange? (Select two.)
Diffie-Hellman RSA
Your organization is having a third party come in and perform an audit on the financial records. You want to ensure that the auditor has access to the data they need while keeping the customers' data secure. To accomplish this goal, you plan to implement a mask that replaces the client names and account numbers with fictional data. Which masking method are you implementing?
Dynamic
Which Amazon device can be used to control smart devices (such as lights) throughout a home using voice commands?
Echo
Which of the following DLP implementations can be used to monitor and control access to physical devices on workstations or servers?
Endpoint DLP
Field Programmable Gate Array (FPGA)
FPGA is an integrated circuit that the customer configures.
DLP can be used to identify sensitive files in a file system and then embed the organization's security policy within the file. Which of the following DLP implementations travels with sensitive data files when they are moved or copied?
File-level DLP
Which TCP/IP protocol is a secure form of HTTP that uses SSL as a sub-layer for security?
HTTPS
Which of the following protocols uses port 443?
HTTPS
You have been offered a position as a security analyst for Acme, Inc. The position will be remote. Acme Inc. has sent you your employment contract using a system that only allows you to open and digitally sign the contract. Which rights management method is being used?
IRM
Your organization allows employees to bring their own devices into work, but management is concerned that a malicious internal user could use a mobile device to conduct an insider attack. Which of the following should be implemented to help mitigate this threat?
Implement an AUP that specifies where and when mobile devices can be possessed within the organization.
An attacker inserts SQL database commands into a data input field of an order form used by a web-based application. When submitted, these commands are executed on the remote database server, causing customer contact information from the database to be sent to the malicious user's web browser. Which practice would have prevented this exploit?
Implementing client-side validation
While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value he or she entered is so large that it exceeds the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is credited with a large sum of money. Which practices would have prevented this exploit? (Select two.)
Implementing server-side validation Implementing client-side validation
Corporate owned, personally enabled
In a COPE system, the company provides a list of approved devices for an employee to choose from. The company owns the device; the employee uses and manages the device.
Choose your own device
In a CYOD system, the company provides a list of approved devices for an employee to choose from. The ownership and management of devices varies by organization.
Which of the following functions does a single quote (') perform in an SQL injection?
Indicates that data has ended and a command is beginning
Which of the following is specifically meant to ensure that a program operates on clean, correct, and useful data?
Input validation
You notice that a growing number of devices, such as environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections. Which of the following labels applies to this growing ecosystem of smart devices?
Internet of Things (IoT)
Which of the following BEST describes dynamic data masking? (Select two.)
It replaces original information with a mask that mimics the original in form and function. It can be used to control which users can see the actual data.
Which DLP method works by replacing sensitive data with realistic fictional data?
Masking
The IT manager has tasked you with implementing a solution that ensures that mobile devices are up to date, have anti-malware installed, and have the latest definition updates before being allowed to connect to the network. Which of the following should you implement?
NAC
DLP can be implemented as a software or hardware solution that analyzes traffic in an attempt to detect sensitive data that is being transmitted in violation of an organization's security policies. Which of the following DLP implementations analyzes traffic for data containing such things as financial documents, social security numbers, or key words used in proprietary intellectual property?
Network DLP
As you browse the internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can you implement to prevent these windows from showing?
Pop-up blocker
Which of the following BEST describes a virtual desktop infrastructure (VDI)?
Provides enhanced security and better data protection because most of the data processing is provided by servers in the data center rather than on the local device.
Which of the following serves real-time applications without buffer delays?
RTOS
Raspberry Pi
Raspberry Pi is a low-cost device the size of a credit card that's powered by the Python programming language. It's manufactured into a single system on a chip (SoC).
Tokenization is another effective tool in data loss prevention. Tokenization does which of the following? (Select two.)
Replaces actual data with a randomly generated alphanumeric character set Protects data on its server with authentication and authorization protocols
Which of the following devices are special computer systems that gather, analyze, and manage automated factory equipment?
SCADA
Supervisory control and data acquisition (SCADA)
SCADA is an industrial computer system that monitors and controls a process.
As a network administrator, you are asked to recommend a secure method for transferring data between hosts on a network. Which of the following protocols would you recommend? (Select two.)
SCP SFTP
You have a website that accepts input from users for creating customer accounts. Input on the form is passed to a database server where the user account information is stored. An attacker is able to insert database commands in the input fields and have those commands execute on the server. Which type of attack has occurred?
SQL injection
SFTP uses which mechanism to provide security for authentication and data transfer?
SSH
Which of the following do Raspberry Pi systems make use of?
SoC
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
TLS SSL
Which of the following tools allow remote management of servers? (Select two.)
Telnet SSH
If a user's BYOD device (such as a tablet or phone) is infected with malware, that malware can be spread if that user connects to your organization's network. One way to prevent this event is to use a Network Access Control (NAC) system. How does an NAC protect your network from being infected by a BYOD device?
The NAC remediates devices before allowing them to connect to your network.
When using SSL authentication, what does the client verify first when checking a server's identity?
The current date and time must fall within the server's certificate-validity period.
Security Association (SA)
The establishment of shared security information between two network entities to support secure communications.
Privilege escalation
The exploitation of a misconfiguration, a bug, or design flaw to gain unauthorized access to resources.
Improper input handling
The lack of validation, sanitization, filtering, decoding, or encoding of input data.
Internet of Things
The network of physical devices such as vehicles, home appliances, etc., that are embedded with electronics, software, sensors, actuators, and connectivity that enable them to connect, collect, and exchange data through the internet.
Error handling
The procedures in a program that respond to irregular input or conditions.
Virtual desktop infrastructure
VDI is a technology that uses virtual machines and virtual desktops.
You manage information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology that allows them to be managed over an internet connection using a mobile device app. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
Verify that your network's existing security infrastructure is working properly Install the latest firmware updates from the device manufacturer.
You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
Verify that your network's existing security infrastructure is working properly Install the latest firmware updates from the device manufacturer.
Which of the following lets you make phone calls over a packet-switched network?
VoIP
Which of the following is an attack that injects malicious scripts into web pages to redirect users to fake websites to gather personal information?
XSS
Zigbee
Zigbee is a radio protocol that creates low-rate private area networks.