Percipio Security +
An information security consultant identifies a lot of security gaps in the IT implementation. After some interviews with the stakeholders, the consultant realizes that the gap is a result of the IT goals not being in sync with the business goals. Which framework should the security consultant implement to ensure the gaps are closed, the network is protected, and the IT goals are aligned with the business goals?
COBIT
Your organization has assigned you a mobile device. The organization controls the device, along with its applications and data. Which type of device have you been assigned?
COBO
Your organization has issued you a mobile phone. It allows you to use company apps and also a few apps from the pre-approved list. Which type of device have you been assigned?
COPE
Which of the following components of a camera system, CCTV, is likely to be at risk? [Choose two that apply.]
Central console controlling the cameras Embedded system
Which of the following are contained in a P7B file? [Choose two that apply.
Certificate Chain Certificate
Which of the following term can be used to describe the process of purchasinga digital certificate from a certificate authority (CA). You now trust the CA's certificate. The CA, from which you got the certificate, trusts the root certificate.
Certificate Chaining
A crime scene technician in an organization collects all evidence from the moment a security incident had been discovered and documented the details of the events across their lifecycle. Which of the following process is performed by the forensic examiner here?
Chain of custody
You use a backup tool to perform a weekly backup on Friday evening. You also take an incremental backup daily. You want to ensure that you can restore the backup with minimum efforts, but the backup must be the latest one. What should you do?
Change incremental backup to differential backup
An organization has clients and vendors regularly visiting their office for business meetings. What personnel management policy will help ensure that the clients and vendors do not get hold of any sensitive or confidential data?
Clean Desk Policy
You are logged in to your Facebook account. You find a video posted by a friend and click the link to view the video. You are presented with a CAPTCHA (An image with distorted alphanumeric characters that need to be entered into the given text box). You complete the CAPTCHA, but the video does not open. But, the link is posted on your Facebook page with a note that you have liked the video.Which of the following attack is in action here?
Clickjacking
Which type of sensor are you likely to install on a window?
Closed-circuit senson
Which type of sensor are you likely to install on a window?
Closed-circuit sensor
An organization has approached the ISO for certification. Which of the following type of security does the organization want to be certified for?
Cloud secuirty
A developer wants to send an ActiveX component over a private network. Which of the following certificates does the developer choose to ensure that the software component does not get tampered or corrupted during the transit?
Code signing certificates
Which of the following receives the traffic from the sensors on a network?
Collector
A hypothetical classic hash algorithm is supplied with an input value 'P'. A hash value, for example, 543367 is generated for the given input 'P'. An attacker supplies a different input value 'Q' to the same hash algorithm. The hash value for input 'Q' is also generated as 543367.Which of the following processes does the hash algorithm demonstrate?
Collision
Which of the following parameters are exploited during a cryptographic birthday attack?
Collision in the hashing algorithm
Which of the following types of actors purchase confidential information about an organization on the dark Web market?
Competitors
A system administrator has implemented proper access control, steganography and encryption method so that the data sent by the users is received, accessed and read only by the intended recipient.Which of the following does this security implementation ensure?
Confidentiality
You have been asked to install a VMware ESXi server on a bare metal server. You will be installing and running multiple virtual machines. You want to be able to manage the ESXi server remotely. What should you do? [Choose two that apply.]
Configure Type I hypervisor use vSphere Client to manage the ESXi server
You have to setup a branch office, and you want the user profiles, data, and applications to be available while the users move from one office to another office. When the users log on to the server, they should get their desktop settings and data as they do when they connect from their branch office. You must perform this with minimum administrative efforts. What should you do?
Configure VDI to host user data, appliations and desktop settings
During an attack on a Web server, the logs were deleted by the attacker. You need to protect the integrity of the logs if a similar attack occurs on any of the servers on the enterprise network. To do this, you decide to implement SIEM. What else should you do to ensure the goal mentioned above is achieved?
Configure aggregation for collecting data
A Web developer has developed a Web application that needs to be debugged. The Web developer needs to capture and find vulnerabilities. The developer also wants to change the requests and responses as they are captured. What should the developer do?
Configure an interception proxy
You have recently launched an E-commerce application. During the festive time, many customers called and reported application unavailability. Before the festive reason, with lesser load, the application was working without any issue. What should you do?
Configure another Web server with load balancer
You have configured a Type II hypervisor using VirtualBox on Windows 10 system. You want to be able to allow the virtual machines to interact with the systems on the network. What should you do?
Configure bridging in virtual box
Your organization is contracted by the government to work on a secret project. You have been asked to classify data as public, confidential, secret, top secret, and unclassified. To meet this requirement, you need to configure an appropriate access control model. Which one should it be?
Mandatory Access Controls
You have developed an application. When you execute the application for testing, the system hangs. After you restart the system, it works in the normal fashion. Once again, when you execute the application, the system again hangs. What could be the possible cause?
Memory Leak
A tester is using the fuzzing technique to test a new application by providing random input data. Which of the following aspects of the application is the tester trying to check for?
Memory leak
You are using a system with the default administrative access. You get an important phone call, and you leave immediately without disabling that feature. Which of the following vulnerability may this situation lead to?
Misconfiguration
Which of the following situations can poor lighting lead to? [Choose two that apply.]
Misidentification Biometric Failure
Which of the tasks can be done using security automation? [Choose three that apply.]
Monitoring the enterprise network for security breaches Updating security policies on all servers Taking action to overcome the security breaches
You have just implemented Mobile Device Management (MDM). You want to impose different access controls on specific types of data that an employee has on their mobile phone. The access control must be imposed on built-in storage as well as removable media. What should you?
Configure storage segmentation
You have been asked to host a new e-commerce Website. Your manager has asked you to configure the Website with a certificate. You want to use a transportation encryption protocol to ensure maximumsecurity between your Web server and the end user's Web browser. What should you do?
Configure the Website to use TLS
You want to start sending encrypted E-mail to your client. Your messaging server is not configured with any security protocols. You want to be able to sign the E-mails that you are sending digitally. What should you do?
Configure your messaging client to use S/MIME
You receive a mail regarding a new 100% organic product that helps regain lost hair within three months without any painful procedure. You click on the link provided to know more about the product. The review section of the website lists almost 100 customer testimonials, out of which 90% to 95% of the testimonials are positive. You notice that some of the testimonials are the same but under different customer names.Which social engineering principle does this scenario depict?
Consensus
Which of the following are likely to take place during stress testing? [Choose two that apply.]
Multiple user simultaneous inputs Multiple server data syncing
Which of the following technologies can help you complete a payment transaction from your mobile?
NFC
After a recent breach on the network, you want to implement a sensor that will process the traffic flowing through the network in real-time. Which of the following should you implement?
NIPS
A threat actor uses advanced techniques and abundant resources to perform a sophisticated attack that might continue for a significant period of time. Which of the following types of threat actors is mentioned here?
Nation States
After a recent attack on a Web server, you want to ensure that you have secured your Web server. You want to ensure that SSH running on the Web server is of the latest version.You want to determine the version and grab as much information as possible from the Web server and to determine the SSH and other application versions. To be able to do this, you decide to do banner grabbing. Which of the following two tools can you use to complete this task? [Choose two that apply.]
Netcat Nmap
An organization has identified that one of the systems on the network has been hacked. However, the hacking took place almost 2-3 months back. The hacker has been able to access a lot of confidential information, which can harm the reputation of the company. Which of the following security measures could have helped prevent this information leak?
Continuous monitoring
After you install SIEM and configure aggregation, which of the following will help you compare events from different logs to link them together as security-related events?
Correlation
A user wants to convert block cipher to stream cipher. Which of the following cipher modes can be used for this purpose?
Counter mod
Refer to the exhibit. You are planning to design a Student Information Management System (SIMS). You have been told that the table structure, as shown in the given exhibit, does not implement normalization. Identify the fault within the table structure?
Course name and instructor are repeated
You have a small network of 100 systems and 10 servers. You want to be able to detect a rogue system or device if it is present on the network. What should you do? [Choose two that apply.]
Create a baseline for network assets Perform continuous monitoring
You have recently configured a wireless access point. All users with laptops now connect to the wireless network. You usually have visitors coming in for meetings who demand wireless connectivity. As per the IT Security Policy, you cannot connect the visitors to the corporate network. You need to still ensure that they are given access to the Internet and with minimum administrative effort and without additional cost. What should you do?
Create a guest zone in the existing wireless access point
You have installed SQL Server and created a database with several tables. In one of the tables, you want to encrypt the data. What is the first thing that you must do to meet this goal?
Create a master key
You have a single server VLAN that contains servers with sensitive information. Each server is hardened with company security guidelines. You need to deploy multiple virtual machines that will contain generic folder shares and will be accessed by the users on the network.These virtual machines are not hardened as per company policy. You must ensure that sensitive information is not at risk. What should you do?
Create a new VLAN, install a server, host the virtual machines, and restrict access on the VLAN
Your organization has bagged a large contract from a multi-national firm. The key requirement from the client is to provide high security of the data on your network. Which of the following should you create to provide the highest security to the client's data?
Create a new segment with airgap
data on your network. Which of the following should you create to provide the highest security to the client's data?
Create a new segment with airgap
An online store has a requirement that its website is 100% available, even in case of disasters. The area in which the data center is implemented is seismic-sensitive. Which of the following solutions should the organization consider?
Create a redundant data center at a different geographical site
You manage an Active Directory domain, which has the following OUs: North, South, East, and West. You want to ensure that the users in these OUs are not able to use any removable media on their systems or their laptops. The sales team, however, will require the use of removable media for carrying their Sales presentations. You must complete this task with minimum administrative efforts. What should you do? [Choose two that apply.]
Create a serparate GPO for each OU and block removable media move the Sales team to a separate OU
You are the network administrator for an organization. You would like to delegate the permission to create user accounts to a junior administrator in your team. You, however, do not want the junior administrator to perform any other administrative task. What should you do
Create and assign a privileged user account to the junior administrator
You are the network administrator for an organization. You would like to delegate the permission to create user accounts to a junior administrator in your team. You, however, do not want the junior administrator to perform any other administrative task. What should you do?
Create and assign a privileged user account to the junior administrator
You are creating several shared folders on various file servers and have to assign permissions to users from different departments. While assigning the permissions, you want to reduce the administrative overhead and access management burden. You also need to ensure that the users from a department are assigned the same level of permissions. What should you do?
Create groups based on departments, add users to the groups, and assign permissions to the groups.
A vulnerability scanner has been provided with authentication to perform a scan and list the recommended configuration parameters for several system settings. Which of the following approach is used by the vulnerability scanner here?
Credentialed
Which of the following factors are considered to determine the components for which redundancy should be provided? [Choose three that apply.]
Criticality Cost Likelihood of failure
The network administrator has planned to install a web proxy that will exchange website requests between the web applications and the users.What type of attack is the network administrator trying to prevent?
Cross-Site request forgery
Refer to the exhibit. Which of the following being displayed with a circle?
Crossover rate
You are using a Crypto Service Provider to encrypt an algorithm. Which of the following will be used by the Crypto Service Provider to perform this task?
Crypto Modules
A user is using a service that allows an application to implement an encryption algorithm but does not allow the application to alter the algorithm. Which of the following service provider is used by the user here?
Crypto Service provider
Your company website has not been accessible for some time. Your system administrator checks the logs of the webserver to determine the issue. The administrator notices that the webserver is busy servicing requests coming from 10 to 20 IP addresses from outside the organizational network.What type of attack has taken place in this case?
DDoS
A system administrator plans to implement an exponential key-agreement protocol that uses ephemeral keys and provides perfect forward secrecy. Which one of the following options should the administrator select?
DHE
You enter the URL of an online store that you regularly visit. You browse the site and make a purchase using your credit card. Your purchase is declined due to some error. After some time, you get an alert from your credit card company about a transaction on your credit card.Which attack were you a victim of?
DNS cache poisoning
Which of the following are the benefits of using Counter Mode-Cipher Block Chaining (CBC)-Message Authentication Code (MAC) Protocol (CCMP) protocol? [Choose all that apply.]
Data Integrity Data Confidentiality Data origin authentication
You had a recent incident where a user copied sensitive data into his mobile phone by plugging it into the laptop. You want to prevent such incidents from re-occurring. No user should be able to plug in the unapproved phone into the laptop. Which of the following method should you use to prevent such re-occurrences?
Data Loss Prevention
You have been asked to investigate a data exfiltration issue. During the investigation, you discover that one employee had sent the documents via E-mail to an external person. You want to prevent this in the future. Which of the following do you implement to avoid this?
Data Loss Prevention
Two companies working in a partnership mode, want to exchange information to achieve a partnership goal. Which of the following security considerations should the organizations take care of before exchanging the information?
Data Ownership
A federal agency in the USA is searching for a suitable cloud service provider in Russia but was prohibited by internal law to store the data outside the country's physical borders. Which of the following laws has been enforced here?
Data Sovereignty
An employee of an online store has been entrusted with the task of determining the trends in the customer buying habits and the statistics of the sales regarding products and demographics. Which of the following type of group should this employee be a part of?
Data User
Which of the following security concerns is related to cloud elasticity?
Data confidentiality
Which of the following best practices should be considered to ensure seamless key rotation and expiration?
Data encrypted using an old key should be kept as is
An application is supplied with input data that exceeds the allocated memory for that data. The application is not configured to handle the excess data. What impact the vulnerability discussed in the given scenario may produce? [Choose three that apply.]
Data loss Privilege escalation Denial of service
Your junior developer has developed a module in an application. When you test the module, you notice that the memory and CPU usage in the system has increased. Which of the following is likely to cause this issue?
Dead Code
An attacker gains unauthorized access to a system using the knowledge of the make and the model of that system. Which of the following vulnerability has led to this situation?
Default configuration
You are performing a security audit of a client network. You notice that several user accounts are still active even though the users have left the organization. You warn your client about this issue. What should be your solution to fix this issue?
Define a routine audit mechanism
Which of the following attacks can cause backscatter as a side effect?
Denial of Service
An application code that performs authentication on the client-side is exploited by an intruder with reverse engineering skills. Which of the following vulnerability has been exploited by the intruder here?
Design weakness
You need to dispose of a multi-function printer. Before you dispose of it, which of the following tasks must you complete to avoid anyone having access to the data on the printer? [Choose two that apply.]
Destroy the drive Clear the print queue
You need to deploy alarms that would be triggered if anyone forcefully attempts to enter the server room or attempts to break its lock. Which type of security control are you implementing?
Detective
A system administrator has put up a signboard at the entrance of the server room, stating that this is a restricted area, and unauthorized users cannot enter. What type of physical control has the system administrator implemented?
Deterrent
You have been asked to install extra lighting in the hallway and near the server room. Which of the following control should you implement?
Deterrent
You have deployed several guards at your office premises. Their key job is to protect the office premises and prevent any theft. Which security control have you implemented? [Choose two that apply.]
Deterrent Preventative
Your organization displays the following two warning boards near the main entrance. One reads "ACCESS DENIED" and the other "TRESPASSERS WILL BE PROSECUTED." Which of the following risk control has been implemented by your organization?
Deterrent control
Which is the first stage of deployment in which you create the design of the solution?
Development
Which of the following attacks exploits the human tendency to choose short and simple passwords?
Dictionary
Which of the following are used by a vulnerability scanner to identify vulnerabilities? [Choose two that apply.]
Dictionary scanning Database scanning
A Security Analyst wants multiple bits in the output to be changed when a single bit of input is altered in a symmetric cipher. Which of the following symmetric cryptography principles can help the analyst achieve this?
Diffusion
You have a kiosk that has USB enabled and is isolated from the network. Recently, a user copied an infected file into the kiosk. You want to ensure no one can use USB on the kiosk.Which of the following either two actions can be performed? [Choose two that apply.]
Disable USB in the BIOS Disable USB hub through the operating system
Which of the following solutions can protect a Wi-Fi protected setup (WPS) from a brute-force attack? [Choose two that apply.]
Disable WPS Update the firmware
You want to provide the first level of protection for your organization. The protection should be part of a domain and would not use any additional application. Which of the following would you use? [Choose two that apply.]
Disable unnecessary services Disable unnecessary ports
While driving by the office, the network administrator notices that the company's wireless network name is visible on the available networks. However, the network is available with weak signals. What would be the method that can prevent the wardriving in this case?
Disabling SSID broadcast
PLAB Inc. uses EAP Transport Layer Security (EAP-TLS) for wireless security. Each laptop in the domain has a unique EAP-TLS certificate installed. One of the user's laptop is stolen. You do not want the laptop to be misused for accessing the wireless network. You must ensure your actions cause minimum impact on the wireless network. What should you do?
Disassocitate the laptop's certificate
Which of the following attacks do hacktivists generally resort to? [Choose two that apply.]
Disclosure of sensitive business information Distributed Denial of Service
You have been asked to implement an access control model. The object access is determined based on the user identification and group membership. The user should be able to transfer the ownership to another user. To meet this requirement, you need to configure an appropriate access control model. Which one should it be?
Discretionary Access Control
You have configured a new Website and configured its permissions. As per the permissions defined, the owner of the data has the permissions to modify the hosted data. Which type of permissions have you defined?
Discretionary Access Controls
You have an outsourcing agency that handles the drive destruction. You want to send a drive for the first time but want to ensure that the data is non-recoverable. Which two methods should you use to meet this goal? [Choose two that apply.]
Disk Wiping Full drive encryption
Which of the following features distinguishes a Distributed Denial of service (DDoS) from a Denial of Service (DoS) attack?
Disrupting the network services using multiple compromised computers from multiple locations to send service requests to the servers
Since the day started, users have been complaining that they are not able to log on to the company's website. The administrator checks the server log and notices that the website is continuously serving requests from one particular computer.Identify the type of attack.
DoS
An organization hired a contractor to help manage the IT systems. However, the contractor was found guilty of some frauds. This resulted in a loss of reputation for the organization, thereby losing some of its high-value projects to rival companies. Also, the contractor was found lacking the required knowledge to perform the assigned tasks.Which of the following activities would have ensured that the organization did not get into these problems with the contractor?
Doing a background check on the contractor
Which of the following example depicts a transitive trust?
Domain A trusts Domain B, Domain B trusts Domain C, Domain A trusts Domain C
You type in the URL to access your company's website. However, you get directed to a different website. You check the URL you have typed in and confirm that it is correct. You check the same from your colleague's computer, but you are still directed to a different website.What type of attack has taken place in this case?
Domain Hijacking
You are the IT administrator for your organization. One day while collecting a print out from the printer, you notice that the dustbin is full of old printed papers. When you go through the papers, you find that several papers included user accounts, E-mail address, and their banking information. What would have happened if these papers were thrown away without being properly shredded?
Dumpster diving
Which of the following option indicates the downside of Electronic Code Book (ECB)?
Duplicate cipher text blocks
You have recently deployed an enterprise certificate authority named PLABCA. You have a user certificate template and need to issue certificates based on it. You must also ensure that the certificates are valid for at least two years with autoenrollment support. What should you as the first step to meet your goal? [Choose two that apply.]
Duplicate the user certificate template Enable autoenrollment for the domain users
You have developed an application that needs to be tested. You have been asked to test the application for buffer overflow and code reuse weaknesses by executing the code. You also want to ensure that the input fields only accept proper data and no unexpected data. Which type of testing should you perform in this scenario to meet the given requirements?
Dynamic Analysis
PLABS Inc. implements the RSA algorithm for data security. However, the Security Administrator decides to change and implement the Elliptic Curve Cryptography (ECC) algorithm.Which of the following benefits of the ECC algorithm over the RSA algorithm could have prompted the Administrator to implement the change? [Choose two that apply.]
ECC uses less computing power ECC uses smaller key sizes
Which of the following statements are true for RADIUS Federation? [Choose all that apply.]
Each member retains its own administrative control There are common authentication system and credentials database Members of the Federation share the same level of trust
What advantages does a public cloud offer over private networks managed by organizations? [Choose two that apply.]
Economy of scale Inexpensive setup
A Security Administrator implements a policy to archive email messages contained within official email accounts of employees. The administrator can access these emails as and when required to scan them for any misconduct. While reviewing the archived messages of an employee, the Administrator finds that the employee has been misusing the organizational email account to send emails that serve no business purpose.Which of the following policy has the Administrator implemented in the given scenario?
Email retention policy
After reviewing the recent logs on a server, the security administrator notices that the server recently transferred a large amount of data to an unknown public IP address. What should the administrator do to detect such events? [Choose two that apply.]
Enable Flow Logs Enable Heuristic analysis
You have just implemented Mobile Device Management (MDM). You want to ensure that if the device is stolen, the company's data is still secure and remains confidential without removing it from the device. What should you do?
Enable Full device encryption
Which of the following feature should you enable on a mobile device to ensure security?
Enable auto lock
Your organization allows users to use their own mobile phones. You have been advised by the top management to ensure that if there is any corporate data on the mobile phone, it should not be compromised. Even if the SIM is changed, you should be able to locate the device. What should you do? [Choose two that apply.]
Enable device encryption Configure asset tracking
You want to configure your new laptop in a manner that even if someone installs a new operating system, he or she should not be able to gain access to the system and its data. What should you do?
Enable secure boot
You use Mobile Device Management (MDM) to manage mobile devices. You have configured the mobiles to store all the corporate data on the micro-SD cards. You want to ensure that if a mobile is lost, the corporate data is not accessible. What should you do?
Encrypt the data on the micro-SD card
Which of the following options differentiates Twofish from Blowfish? [Choose two that apply.]
Encryption Speed Complexity
You are using software comfortably over a period, and suddenly the software slows down, and you are not receiving any updates or support services. Which of the following vulnerabilities has occurred in this case?
End-of-life-system
What does Robert's rating of a security cabinet indicate?
Endurance to attacks
You have joined as a network administrator for an organization that has several large branch offices. Each branch office has two junior administrators. Each one performs a different set of network administration tasks. You want to ensure that each one has only an appropriate level of access to perform their tasks. What should you do?
Enforce permission auditing and review
An employee has been appointed as the system owner for the organizational network. What will this employee be responsible for?
Ensure physical security of hardware resources
What is the primary purpose of using security templates?
Ensure standardization of security settings
After a recent worm attack, you are now restoring the system from the original disk images that were created a few days before. Which phase of the Incident Response are you in?
Eradication
In which phase of the Incident Response Plan are you likely to escalate an incident that you cannot resolve?
Eradication
An organization is responsible for formulating strategies for the defense of the country. Which of the following security measures must the organization adopt to ensure the safety of the lives of their employees? [Choose all that apply.]
Escape Routes CCTV Fencing
The IT helpdesk has been receiving complaints that when they connect their laptops through the Wi-Fi connection, they are not able to access the organizational network. However, they can access the Internet. On conducting a security scan, the IT helpdesk engineer notices that the users are being routed to an access point that has not been installed by the organization.Which of the following wireless attack does this scenario depict?
Evil Twin
Which of the following attack is the wireless LAN equivalent of the phishing attack?
Evil Twin
The security administrator has been assigned to scan the network to discover the following: A definitive list of missing patches Client-side vulnerabilities Bluetooth devices attached to the hosts being scanned Password policies What should the security administrator do to get the required information?
Execute a credentialed scan
An employee calls up the helpdesk every two days to get the user account unlocked. The employee does not have enough knowledge about using a computer. Which user group should this employee be a part of?
Executive user
The security administrator notices that there is a large amount of file transfer taking place between a few systems on the network. The security administrator discovers that these systems are transferring these files using a P2P application. This is causing the network to slow down. Which of the following security issues is the network prone to? [Choose all that apply.]
Exposure of sensitive information Denial-of-service The spread of malicious code
As part of a recovery drill, an organization decides to move to a warm site, until the primary location is back in action. Which of the following business continuity plan is performed here?
Failover
An unauthorized user attempted to authenticate himself with the fingerprint scanner and got authenticated. Which of the following has just occurred?
False Acceptance Rate
You have performed a vulnerability scan on a Web server. The report confirmed that several security updates are missing for a critical application on the Web server. After you investigate, you can conclude that the application, for which the security updates are missing, does not exist on the Web server. Which of the following is the reason?
False Positive
The NIPS installed on the network has failed to detect an attack on the network. The attack attempts were identified as a normal event. Which of the following situations has occurred in this scenario?
False negative
A vulnerability scan was performed, and the report suggests that the installed web server version as the older version, even when the version installed is the latest. Which of the following vulnerability does this report depict?
False poisitiv
An authenticated user attempts to scan his finger to open the door. However, the user is not recognized and therefore, authentication fails. Which of the following has occurred?
False rejection rate
Which of the following is an example of the nonregulatory framework?
FedRAMP
Yahoo! and Microsoft announced that Yahoo! Messenger and MSN Messenger would be interoperable. Which of the following services makes it possible?
Federation
Which type of cables should you use to protect your data from EMI/EMP and can span large distances?
Fiber Optic
Which of the following will you use to restrict access to certain sites when using a proxy server?
Filters
You have a single server segment that hosts all the servers. You want to segregate the servers with confidential data and want to prevent any unauthorized access to the data. The segment with these servers must allow restricted access. Which of the following should you implement to meet your goals?
Firewall
What are the benefits of using run time code over compile code? [Choose two that apply.]
Flexibility to run with multiple Web browsers Flexibility to run on multiple operating systems
Recently, a server in your organization was compromised. This was acting as a file server and contained sensitive data. The server has two partitions; one partition holds the operating system, and the other partition holds data. You regularly take the backup on a weekly basis.After an investigation, you discover that the server was infected with a rootkit. Which of the following method would be most appropriate to restore the infected server?
Format the data and operating system partitions, then re-install the operating system and restore data from the last clean backup
Which of the following does a watering hole attack aims at for infiltrating the target?
Frequently visited external websites
When assessing the capability of a threat actor to implement a threat, which of the following factors should you consider? [Choose two that apply.]
Funds Technical resources
Which of the following attacks are the most likely to occur and have the most impact on an unmanned aerial vehicle (UAV) used for autonomous or semi-autonomous operations even after anti-malware, anti-spam, and anti-virus software has been installed? [Choose two that apply.]
GPS Spoofing Jamming
How do automation tools help in configuration validation?
Generate reports based on current configuration settings
Your bank is collecting data from a set of existing customers to decide where to install ATMs. Which method are you using to do this?
Geolocation
Which of the following does scoping help achieve when used on a safe? [Choose two that apply.]
Get an intimate look at the contents of the safe Determine the locking mechanism of the safe
You receive an email with a URL. When you click on the URL, you are taken to a web page where you fill in your credit card information as directed. Immediately after this, you receive an email stating that a transaction has been made using your credit card. In this scenario, what was the role of the collector?
Getting the user's personal information
Which of the following would be a good example of a technical control?
Group Policy
Which of the following will be equivalent to the Agent-based NAC?
Group Policy rule
What are the disadvantages of using guards for physical security? [Choose two that apply.]
Guards are the most expensive Guards are fallible
Recently, a user attempted to gain unauthorized access to the company's Web server that is hosted on the internal network. The user attempted to gain access using a program that was installed on the user's system. You want to prevent such unauthorized access to the Web server in the future.Which of the following should you implement?
HIPS
Refer to the exhibit. Which type of card is being displayed?
HSM
If you need to sense and control the temperature of a data center, which type of system should you implement?
HVAC
Which of the following options distinguish an offline brute force attack from an online brute force attack? [Choose two that apply.]
Having access to the encrypted material Calculating the possible combination leisureley
In your organization, you need to configure multiple intermediate certificate authorities (CA). You need one CA to issue only E-mail certificates while others need to issue only code signing certificates. Which of the trust model should you implement?
Hierarchical
A user is looking for a cryptography algorithm that is not prone to side-channel attacks and data leaks. Which of the following features of crypt
High resiliency
A user is looking for a cryptography algorithm that is not prone to side-channel attacks and data leaks. Which of the following features of cryptography is the user looking for?
High resiliency
The security administrator at PLAB Inc. needs to ensure that the laptops on the network must not attack each other and must be prevented from doing so. All laptops are connected to switches.Which of the following should the security administrator use to meet this goal?
Host Intrusion Prevention System (HIPS)
An organization becomes inoperable due to a fire accident but resumes all its functionalities within a few hours. Which of the following recovery sites has been maintained by this organization?
Hot Site
You are the IT Administrator for your company. Several users have started to complain that their systems have slowed down. You also get complaints about network slowness. You suspect that there is a worm attack on the network. Which of the following incident response would be your first response to this situation?
Identification
PLABS is developing a Business Continuity Plan (BCP) for the organization. Which of the following steps needs to be taken by the organization?
Identify critical business functions
Which of the following techniques can be employed to ensure that the reputation of an organization is not damaged? [Choose two that apply.]
Imparting proper training to vendors and business partners Ensuring internal coordination
You have deployed servers using a pre-defined tested image. After you go on leave for two weeks, your junior system administrator has made several changes in the configuration of several servers. You want to prevent such incidents from happening in the future. What should you do?
Implement Change Management
Your organization had all public E-mail Websites blocked. However, with the implementation of Office 365, the users are now able to access Hotmail and Outlook.com Web sites. Users are also able to access their personal OneDrive, which was also blocked earlier. You want to prevent users from sharing data through their personal E-mail accounts or through OneDrive. You must protect data leaks that can possibly occur through them. What should you do?
Implement Data Loss Prevention
Refer to the exhibit. While programming an application, you have written the following code as shown in the exhibit. What are you trying to achieve with this code?
Implement Error Handling
You have two servers on which the traffic must be encrypted and protected. You must ensure that the solution that you implement provides authentication and integrity services for IP traffic. Which of the following solution should you implement?
Implement IPSec with Authentication Headers
Which of the following can be a defense mechanism against IP spoofing? [Choose all that apply.]
Implement Packet filtering Enable Encryption Implement key-based Authentication
After implementing audio and video conferencing, what would be the best method to secure them?
Implement SRTP
The CEO of your organization has asked you to look at encrypting his video conferencing sessions and his voice calls. What should you do?
Implement SRTP
An organization stores sensitive data on the intranet, which is accessible by the employees on their computer systems and mobile devices. The CEO has received information that some of the sensitive data has been leaked by an employee.What can the organization do to ensure such situations do not occur again? [Choose two that apply.]
Implement Strong Security Policies Implement content and email filters
You have two-factor authentication in your organization. The two-factor authentication includes a smart card and a password. The Chief Technology Officer (CTO) has asked to use multi-factor authentication for the data center. What should you do?
Implement a fingerprint scanner
You have a web server that is configured to run a website with a certificate. You notice that after the certificate configuration, the webserver has slowed down. You want the webserver to give good performance while using the certificate, and at the same time, you also want to protect its private key.What should you do?
Implement a hardware security module
You have a web server that is configured to run a website with a certificate. You notice that after the certificate configuration, the webserver has slowed down. You want the webserver to give good performance while using the certificate, and at the same time, you also want to protect its private key.What should you do?
Implement a hardware security module(HSM)
You want the users to run only a restricted set of applications. Other than the approved applications, the users should not be able to install any unauthorized application that is not approved. What should you do?
Implement application whitelisting
You have deployed servers using a pre-defined tested image. After you go on leave for two weeks, your junior system administrator has made several changes in the configuration of several servers. You want to prevent such incidents from happening in the future. What should you do?
Implement change management
You need to implement a wireless network that is in the most secure form. You also want to integrate digital certificates in this implementation. What should you do?
Implement the wireless network in the enterprise mode
The security administrator has been asked to implement an IT Asset Management solution for PLAB Inc. Before proceeding with this task, the administrator needs to identify the critical assets that deviate from the defined baseline. Which of the following options can help the administrator in this scenario? [Choose two that apply.]
Implementation of an anomaly detection method Method of tracking the events of anomalies
An organization wants to ensure that the confidential data is secured. Which of the following controls must the organization implement? [Choose two that apply.]
Implementing the Least Privilege policy Authenticating users
Your organization network is protected by a firewall. You notice a large amount of traffic coming from two different IP addresses and want to block the to and from communication on these IP addresses. However, the communication from other IP addresses should be allowed.Which ACL rule should you add in the firewall?
Implicit deny as the first rule
An attacker tries to locate an important file with malicious intention and receives a message 'access denied', which gives more information than the attacker expected to know. Which of the following vulnerability has occurred in this situation?
Improper error handling
Where would you place the correlation engine?
In a secure network segment
You have recently joined an organization as an IT Manager. Your organization uses generic accounts for specific roles. The sales team executives have a generic account, SalesExec. Similar accounts exist in other departments.You decide to assign each user a user account with their name and discontinue the generic accounts. What is the purpose of creating individual accounts?
In case of an incident, you will be able to trace the responsible user
In a recent breach, an attacker was able to crack several user passwords. The attacker used a specific account with administrative privileges for privilege escalation and breached confidential data. What should you do to prevent password cracking attacks? [Choose two that apply.]
Increase password length Increase the password complexity
A system administrator wants to speed up the backup process, use fewer media storage, and take the backup of the data that has changed since the last backup. Which of the following backup operations satisfies these requirements?
Incremental
When an organization in the USA decides to secure backups in a digital format and store it in India, the data would be subjected to the laws of which of the following countries?
India only
You want to turn your Android mobile into a universal remote control. To be able to do this, which of the following protocol should you use?
Infrared
You have implemented multiple layers of technical controls on your network. You still want to ensure that there is no possible means of data leakage. What should you do?
Initiate security awarenes training for users
Which of the following attacks can be detected by behavioral monitoring and reviewing failed login attempts?
Insiders
You have a Web server that hosts a client specific application. In the recent past, there have been two attacks when the Web server stopped responding to the requests. You want to ensure that this is not repeated. What should you do?
Install a DDoS mitigator between the Web server and the Internet
You have installed a new wireless access point. You configure it with MAC filtering, WPA2 encryption, and strong encryption key. You leave the rest of the configuration as default. Which of the possible misconfiguration still exists in the access point? [Choose two that apply.]
No change of default admin password No maximum number of user restriction
An employee sends the company's confidential information to a customer in an encrypted form. However, the employee denied any such message to the customer when the superiors questioned the employee. Which of the following features can help determine the identity of the sender in such cases?
Non-Repudiation
An employee sends the company's confidential information to a customer in an encrypted form. However, the employee denied any such message to the customer when the superiors questioned the employee. Which of the following features can help determine the identity of the sender in such cases?
Non-repudiation
You have executed a command to query the DNS server for the domain, www.google.com. When you run this command, you get the following information:Non-authoritative answer:Name: www.google.comAddress: 172.217.166.36Which command would have you executed to get this output?
Nslookup
You have found a piece of paper that has a paragraph written on it. You suspect that a message is hidden in the paragraph, but the suspect has very smartly not used any complicated algorithm. What type of steganography would the suspect have used?
Null Ciphers
One of your junior developers wrote the following code: function hello(name) {console.log('Hello, ' + name);}hello('New user'); You modified the code to the following to hide the business logic: eval(function(p,a,c,k,e,d){e=function(c){return c};if(!''.replace(/^/,String)){while(c--){d=k||c}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k)}}return p}('3 0(1){2.4(\'5, \'+1)}0(\'7 6\');',8,8,'hello|name|console|function|log|Hello|user|New'.split('|'),0,{})) What has been done to the code? [Choose two that apply.]
Obfuscation has been applied. Camouflage has been applied.
A forensic investigation finds a mismatch between the evidence of the reported time of events and the recorded events of the system logs. Which of the following issue may be the reason for this discrepancy?
Offset in recorded time
Refer to the exhibit. After executing the command, as shown in the exhibit, you receive the output of 2. What does this output mean in the context of Data Execution Prevention (DEP)?
On for Windows Binary Files
Which of the following attributes of cloud solution makes it different from the hosted solution? [Choose two that apply.]
On-demand self-service Rapid elasticity
You have joined as an IT Manager in a newly incorporated insurance firm. Your firm has setup a large datacenter with hundreds of servers and a team to manage it. You have been asked to deploy an insurance application.The application will store customer-sensitive data and needs to be installed in an environment that is under your control. What type of deployment should you opt for?
On-premise
When the Annualized Loss Expectancy (ALE) is calculated as $25,000, and the Single Loss Expectancy (SLE) is calculated as $50, 000, what is the estimated frequency of threat?
Once in two years
Which of the following types of Websites are likely to use an Extended Validation (EV) certificate? [Choose all that apply.]
Online patient records management system Banking Websites E-commerce websites
All laptops in your organization are deployed through an operating system image that has been approved by the security team. A developer installed a development utility without approval from the IT team. Which of the following is likely to be affected by this installation?
Operating System baseline
As the first priority in a disaster recovery measure, your organization takes immediate action to secure all backups. After that, other applications are secured according to the level of importance. Which of the following procedure is being followed here?
Order of restoration
The system administrator of an online store needs to secure the payment systems from cyber-attacks to ensure the cardholder details are not compromised. Which of the following frameworks must the administrator follow to complete this task?
PCI DSS
Which of the files use the .cer file extension? [Choose two that apply.]
PEM DER
Your organization has recently moved its network to the MPLS cloud and opted for cloud services from the service provider, who has provided the set of software development tools online and is charging on subscription-based usage. Which cloud deployment model has your organization opted for?
PaaS
Which of the following activities are involved in passive reconnaissance? [Choose two that apply.]
Packet sniffing Impersonating a network user
You have a small network that runs on Active Directory. A recent security audit revealed that several users are using the password as 'password.' You have been advised not to allow the users to use easy to guess passwords. Which of the following method would help you prevent the use of easy to guess passwords?
Password complexity
You have a small network that runs on Active Directory. You want the users in the domain to change their passwords every 50 days. If a user forgets to change the password, then the user should not be allowed to access network resources in the domain using the old password. Which of the following method would help you achieve this goal?
Password expiration
You are reconfiguring your network, and in the new network architecture, you want to allow the users to access the Internet but, you do not want to install any additional client software on the users' systems. What should you do?
Install a Transparent Proxy
You have a single server, and you need to deploy multiple operating systems. Each operating system will be running a different application, and you need to ensure all of them are running at once. What should you do?
Install a hypervisor and install one operating system per virtual machine
You are the security administrator for your organization. You want to ensure that you can protect the network and systems from unknown threats that may enter the network through various applications that the users install. The security administrator wants to ensure that the systems are not compromised in case the applications they install are malicious. What should the security administrator do to prevent such unknown threats?
Install a sandboxing application on each system where the users install applications
You are reconfiguring your network, and in the new network architecture, you want to allow the users to access the Internet but, you do not want to install any additional client software on the users' systems. What should you do?
Install a transparent proxy
When the finance team is working, they want to limit the view from people walking past the screens. You have been asked to provide a solution to the finance team.What should you do? [Choose two that apply.]
Install privacy filters Install screen filters
Refer to the following exhibit. While testing an internal Website that needs to go live, you can capture its traffic and reveal a user's password. How could you avoid this issue?
Integrate TLS with HTTP
You have been asked to store the logs on the write-once drives. After you configure the write-once drives to store the logs, what will you achieve?
Integrity
You send some data to your colleague working from another location. However, when your colleague receives the data, the data is not the same as what you have sent. What type of protection would have ensured that your colleague received the correct data?
Integrity
Which of the following components poses the main security challenge with System-on-Chip (SoC)?
Intellectual Property blocks
Which of the following is true about a community cloud? [Choose two that apply.]
A community cloud is an example of a hybrid cloud A community cloud helps businesses achieve common objectives
A user downloads a file from the Internet. When the user attempts to open the file, the download asks to allow the installation of an add-in to view the file type. Which of the following is likely to be installed on the system after this?
Adware
You are configuring a new load balancer. You want to configure it in a manner that if a client has initiated a request with a particular server, then all requests must go to the same server from the same client. Which feature should you enable?
Affinity
During your deployment of SIEM on your enterprise network, which of the following devices should you configure for automated alerts and triggers?
All of the mentioned choices
In an organization, a security breach is reported. A forensic examiner is given the charge of collecting digital evidence. Which of the following item is the most volatile and must be examined first?
Cache
Where are you likely to use the Wi-Fi-enabled MicroSD cards?
Cameras
A Security Administrator decides to update the security systems in the organization and install new security devices. Which of the following risk mitigation process must be followed by the administrator to reduce the risk while upgrading the systems?
Change management process
You have recently installed a new wireless access point. To ensure its security, what is the first task that you must perform right after the installation?
Change the default admin password
Several systems on the production floor of your company have been facing electrostatic discharge (ESD). You need to correct this problem before these systems are destroyed by ESD. What should you do?
Check the humidity level
You recently had a fire break out in the data center. The senior management has asked to install protective measures and appropriate equipment to suppress the fire. You decide to use FM-200 extinguishers. Which type of fire are you trying to protect in the data center?
Class C
Your organization is in digital marketing. An employee recently posted a picture on social media with a computer monitor in the background that displays one of the company's confidential documents. How could you prevent this from happening again?
Conduct user awareness training
For which type of data would you ask an employee to sign a non-disclosure agreement (NDA)?
Confidential
You have a network switch, and you want to configure it to send a copy of its network traffic to a port that you can run the monitoring software on. What should you do?
Configure port mirroring device
An attacker encrypts the files in a system and demands money to decrypt the files. The security administrator advises to use backups and realizes that the backups are not taken regularly. The security administrator makes a strict rule that the system backups must be done every day and must be reported to the team leader.Which of the following controls has been implemented here?
Corrective
Which of the following options differentiates a cold site from a hot site? [Choose two that apply.]
Cost Recovery time
You are creating a new network. You want to break the network into smaller networks using routers so that you can control what traffic can enter or leave each of the networks. What should you do?
Create multiple broadcast domains
You have recently installed several CCTV cameras with motion detection capabilities. Which type of security control have you implemented?
Detective
The security administrator at PLAB wants to ensure that the users are protected from phishing. The security administrator wants to ensure that the employee's personal information and identity are secured. What should the security administrator do as a long-term solution? [Choose two that apply.]
Educate users Implement a spam filter
A system administrator wants to secure the email communication of the organization from cyber-attacks. The administrator plans to use some encryption method that is not as complicated as RSA but provides a similar level of high security.Which of the following algorithms should the system administrator choose?
Elliptic curve
You need to enable the Guest account on a system. You want to control how the account can be used carefully. To be able to achieve this, which of the following should you do? [Choose all that apply.]
Ensure that the guest account cannot be used over the network Prevent the Guest account from shutting down the computer Set a secure password for the Guest account Prevent the Guest account from viewing event logs
You have been asked to install a preventive control to secure entry into the data center. Which of the following will meet the requirements?
Facial Recognition
Your organization is based out of Boston. You have been asked by another organization to process Protected Health Information (PHI) of its clients. You will be processing the information into an application and maintaining the records. Which type of compliance would you need to opt for?
HIPAA
Due to the shortage of resources in the team, the CIO has decided to use the cloud computing to extend the company's infrastructure. Going forward, the servers, databases, and storage will be deployed online in the cloud computing environment. Using these resources, the CIO requires his team to be able to: create virtual machines (VMs) install operating systems on each VM deploy middleware create storage buckets To meet these goals, which type of cloud computing model would be most appropriate?
IaaS (Infrastructure-as-a-Service)
Which of the following can be the motive of a hacktivist attack?
Ideology
You want to implement a proxy on the network that will inspect the header and the data portion of the data packets. What should you do?
Install an Application Proxy
You have recently added a new employee who is an experienced professional. You want to ensure that the new person is familiar with the incident response plan of the company. You also want to ensure that existing members do not forget any critical steps if an incident occurs. What should you do to ensure you effectively highlight the steps?
Pan for an exercise to perform every step of the plan
You manage a Website that requires users to log on before accessing the resources hosted on it. On a daily basis, several users daily send you an e-mail to reset their passwords. You want the users to reset their own passwords. Which of the following methods should you configure?
Password Recovery
What can be the key outcome if a user continues to install mobile apps from an unknown third-party app store? [Choose two that apply.]
Personal Information theft Malicious infected apps
An attacker switches the RFID tag of an expensive product with a cheap one to pay less for that expensive product. Which of the following layers of RFID has been exploited in this attack?
Physical Layer
Which of the following attacks can be prevented by using time stamps?
Replay
An organization has partnered with a web hosting company to host their website (an online store). The web hosting company will be responsible for regularly updating the site and managing the database of products, orders, and customers. However, the hosting company should not be allowed to make any changes to the data in the database.Which agreement must be signed by the two companies to outline the database access?
Interconnection security agreement
A social engineer, pretending to be a law enforcement official, demands that the user reveals confidential information, and states the legal consequences if the user does not reveal the information. Which of the following principles is used by the social engineer here?
Intimidation
Which of the following devices are likely to implement home automation?
IoT
Which authentication method scans the colored part of your eye that surrounds the pupil?
Iris Scan
A worm attack has recently been discovered on the network-segment and is spreading to the rest of the network. What should be the Incident Response Team's first step as a response to this incident?
Isolate the infected systems
If you are installing screen dampeners, which type of attack are you preventing?
Shoulder Surfing
An employee's background screening reveals evidence of criminal activities. As an employer, what should be the next step?
Issue written pre-adverse notification
Which of the following fields are likely to be contained in an end-user certificate? [Choose all that apply.]
Issuer CA's name Issuer's signature Owner's name
Which of the following is a disadvantage of using a water-based system for fire suppression?
It causes damage to computers
You have been working on an important research report. One morning, when you attempt to open the research report, the antivirus, which you had downloaded from the Internet, flashes a message that file is corrupt and cannot be opened unless you upgrade the antivirus. What could be the probable cause?
The laptop is infected with ransomware
Your organization uses Exchange Server 2016 for messaging. You have configured Outlook 2016 as the E-mail client. When you attempt to login, the authentication fails.You use IMAP to connect to your E-mail account. The password that you are using is of your domain account, and you have been able to log on to your system. What could be the probable cause?
The password contains Unicode characters
You are configuring an application that requires a service account. Before you create this account, which of the following practices must you be aware of? [Choose two that apply.]
The password of the service account is set to never expire The service account has a strong password.
When do you create an Object identifier (OID)?
When you create the certificate
Which of the following statements about a protected distribution system are true? [Choose three that apply.]
It is safe enough to transmit unencrypted classified information It uses a wired network topology It does not allow wireless devices to be used
Which of the following statements about Faraday's cage are true? [Choose two that apply.]
It protects sensitive electronic equipment from external RFI It protects devices that produce RFI
Which of the following statements about Faraday's cage are true? [Choose two that apply.]
It protects sensitive electronic equipment from external RFI. It protects devices that produce RFI.
Which of the following statements are true about gray box testing? [Choose two that apply.]
It requires limited knowledge of the internal working of the application. It is not suitable for algorithm testing.
The IT helpdesk has been getting repeated complaints from the sales team on the field, stating that they are not able to access the company's intranet through their mobile device. As a result, they are not able to give product demos to the clients they are visiting.The IT helpdesk engineer checks on various systems in the office and confirms that there are no problems with accessing the intranet.What could be the possible reason for this situation to arise?
Jamming
While designing the login page for your application, you must perform input validation so that the password field cannot be misused. You want to ensure that the users enter certain special characters in the password field. Which of the following characters would you allow them to use?
$, %, &, _
An employee is calculating the Single Loss Expectancy (SLE) value of hardware assets in the organization. The value of hardware assets is $50,000. The Exposure Factor (EF) is 20%. What is the value of SLE?
$10,000
While performing risk assessment, a project manager finds that the delivery of the systems ordered might get delayed due to the expected rainfall. A further delay might be expected due to transport strike. The 20% chance of rainfall may delay the delivery by three days, which will cost the project $12,000. The impact of a 2% probability of transport strike would lead to a loss of $100,000.What is the Expected Monetary Value due to these risks?
$4400
You have recently implemented E-mail encryption in your organization. You want to ensure that you can store encryption keys and can recover as and when required. Which of the following should you implement?
Key Escrow
Which of the following are the weaknesses in the implementation of the Wired Equivalent Privacy (WEP) protocol? [Choose three that apply.]
Key management Encryption algorithm 24 bit initialzation vector
An organization decides to replace its Data Encryption Standard (DES) algorithm with the Advanced Encryption Standard (AES). The organization decides to use the AES default key size at the beginning of the changeover. Which of the following key size is mentioned here?
128 Bits
In which of the following attacks, does the attacker have access to both the crib and encrypted version?
Known plain text
You are setting up a VPN and need to ensure that the VPN traffic is encrypted. You need this VPN to be a secure tunneled VPN. Which of the following protocols can you use for this purpose?
L2TP
Which of the following factors make vendor diversity conceptually important for implementing defence-in-depth security? [Choose two that apply.]
Lack of innovation Technological inefficiency
You are working on a customized module and encounter a bug that needs to be fixed immediately. However, you do not get proper response or patches from the relevant source. Which of the following may be the reason for this situation?
Lack of vendor support
The operation time of a machine is 11 hours. While operating, the machine failed twice, and each time it took half an hour to repair the machine. Which of the following is the Mean Time Between Failures (MTBF) of the machine?
5 hours
Refer to the exhibit. What is the value likely to be derived from the given permissions on a Linux system?
755
You need to implement a new wireless network for a media organization. Most of the users will be working with video streaming. Which of the wireless standard should you select in this scenario?
802.11ac
The security administrator for a large organization is worried about someone plugging in a rogue device into the available ports. The organization is situated in a large building and is spread over multiple floors.The security administrator wants the highest level of security to prevent any rogue device connecting to the network. Which of the following method should the security administrator implement to achieve this?
802.1x
You have been asked to implement network devices that can filter and forward Ethernet frames by inspecting their MAC addresses. However, you require these network devices not to be able to perform any routing function. In the given scenario, which network device would be best to implement?
Layer 2 Switch
Which of the following actions describes vertical privilege escalation? [Choose two that apply.]
A normal user acquiring the administrative privilege A user gaining access to the CFO's account
What makes security as a service unsecure for many applications? [Choose two that apply
A security breach is broadcast to all secuirty requests Secuirty service requests are transmitted over the internet, giving sufficient opportunity for hacking
After you have finished recovering from an incident and systems are back to normal functioning, you need to document the entire incident and its recovery process. You also need to determine the steps to prevent a similar incident from occurring. Which phase of the Incident Response are you in?
Lesson Learned
To ensure that there are no weak security configurations on the network devices, which of the following must be properly configured? [Choose all that apply.]
A. Access Control Lists B. Passwords C. Encryption Keys D. Encryption Algorithms E. Filtering Features
Which of the following are examples of pulverizing? [Choose all that apply.]
A. Hammering a drive B. Drill holes into a drive C. Shooting a drive D. Turn a drive into scrap
For which purpose can you use the logs and event anomalies data? [Choose all that apply.]
A. Tracking an attack on a Web server B. Fixing network issues C. Identifying access violations D. Identifying suspicious activities
If you need to use a wireless communication that uses lower power but uses AES encryption between two devices, which of the following should you use?
ANT
You need to deploy a Cloud access security broker (CASB) between your on-premises and cloud environment. You want to monitor the usage of cloud services. You also want to track the usage out of the organizational network in unmanaged devices. Which of the following should you deploy?
API-based
You have recently joined an organization as their IT Administrator. While reviewing the Active Directory configuration, you notice that several user accounts are active, but the users are no longer with the company. This also included the account of the previous IT Administrator. What should you do with the active user accounts whose owners have left the company?
Account Disablements
You have had a breach attempt on your network. After the log reviews, you notice that a specific user account was used for this breach attempt. You want to avoid the recurrence of this type of attack. However, if such an attempt occurs, the account should be locked for 30 minutes after five attempts. You want to configure this at the domain level in the Default Domain Policy. Which of the following policies should you configure? [Choose two that apply.]
Account lockout duration Account lockout threshhold
Refer to the exhibit. The administrator at PLAB is currently managing a workgroup of 30 computers. He has created a structure for the new architecture that he wants the computers to be in. Which architecture is the administrator trying to create?
Active Directory
While performing a risk assessment for a project, an employee is calculating the Expected Monetary Value (EMV). Which are the two factors that should be considered to calculate EMV?
Likelihood of risk occurence and impact
Refer to the exhibit. Identify the type of load balancer configuration in the given exhibit.
Active/Active
An organization decides to secure passwords, which is the easiest entry point for cyber-attacks and enforces a password policy. Which of the following controls is taken by the organization?
Administrative
Refer to the exhibit. Identify the network devices that are highlighted in a blue circles.
Aggregation switches
Identify the correct examples that define the use of infrastructure as code.
All of the mentioned choices
If you configure Context-aware authentication through Mobile Device Management (MDM), which of the following can be considered as context?
All of the mentioned choices
On a newly setup network, which of the following can be procured as subscription services?
All of the mentioned choices
Which of the following are examples of wearable technology?
All of the mentioned choices
Which of the following features should you disable if not in use on an Android mobile phone?
All of the mentioned choices
You had implemented a continuous integration tool on the network for software developers. However, the developers do not submit the code for many days or submit the code once a week. What is the likely outcome of this?
All of the mentioned choices
You have terabytes of data that is stored on the cloud servers. You decide to implement Cloud Data Loss Prevention (DLP) as a security solution. With this implementation, which of the following are you likely to achieve?
All of the mentioned choices
You manage a network that consists of 100s of applications that use single-sign-on from Active Directory. You want to implement the standard naming convention for user account creation.However, you need to ensure that this user can continue using the applications with the single-sign-on. Which of the following issues can arise while implementing the naming convention?
All of the mentioned choices
You have recently set up a honeynet comprising of multiple honeypots in the DMZ. You have been asked to harden the honeypots and implement security controls. What would be the key reason for this?
Allow the hacker to believe it is a real network
A company started a policy wherein the employees are allowed to telecommute with prior permission from their superiors. However, after this facility has been extended, the system administrator has noticed some unauthorized access to the organizational network. What should the organization do to resolve this issue?
Allow the telecommuters to connect to the organizational network through a VPN connection.
The systems in an organization are down due to a disaster. The Administrator suggests entering the business deals manually in a ledger. Which of the following continuity of operation is suggested in this situation?
Alternate business practices
A system administrator has implemented an intrusion prevention system on the network. When analyzing the log report generated by the intrusion prevention system, the administrator notices sudden spikes in the number of packets being sent to one specific target address.What type of attack does this indicate?
Amplification
Users of a company are complaining that they are not able to access any website. When troubleshooting the issue, the administrator notices that the DNS server is busy responding to requests coming from one particular IP address, which is not from within the organizational network.What type of attack has occurred in this case?
Amplification
Which of the following impact the calculations of quantitative risk assessment? [Choose all that apply.]
Annual Loss Expectancy Single Loss Expectancy Annualized Rate of Occurrence
Which of the following methods should you use to secure a public kiosk? [Choose all that apply.]
Antivirus OS Hardening Cable Locks
You have an e-commerce application that needs to be implemented. Implementing the application includes allowing access to external users on the Internet. You want to ensure the application is protected from cross-site scripting (XSS) and SQL injection. You also want to prevent OSI Layer 7 traffic. To meet the criteria in the scenario, which of the following should you implement along with the application?
Application Firewall
In a substitution cipher, the word 'WELL DONE' is encrypted as 'DVOO WLMV.' Which of the following substitution ciphers is used here?
Atbash
Which of the following factors describe the sophistication attribute of threat actors? [Choose two that apply.]
Attacking specific points on the target Identifying the specific application to attack
You need to define an access control model for a shared folder named Procurement. The control should allow access to the users from the city Boston and the Purchase department. Which type of access control model should you configure?
Attribute-based Access Control
Which of the following features describe a white box approach for testing? [Choose all that apply.]
Authenticated test Active test
A user enters the username and password to gain access to a system. However, access is denied to the user. Which of the following mechanism has failed in the process?
Authentication
Your organization uses voice-recognition method to allow the users to log on to their systems. One of the user's voice is not being matched. Which of the following type of issue is the user experiencing?
Authentication
A consultant is calling the help desk as a CIO to obtain the password of an employee. What kind of principle of social engineering is performed here?
Authority
You receive an email from a person claiming to be from your bank Manager stating that you have not updated your personal details with the bank. If you do not do it immediately, the bank account will be blocked, and you will not be allowed to make any transactions.Which of the following social engineering principles has been used in this scenario?
Authority
Which of the following will be implemented in a trusted operating system? [Choose two that apply.]
Authorization Authentication
A system administrator uses the master image of a properly configured and secured computer on other computers. What is the administrator trying to achieve? [Choose two that apply.]
Avoid installation and configuration errors and security loopholes Standardize installation and configuration settings across various computers
You manage a remote office for your organization. You have full Internet access and manage the entire network at the remote office. Whenever you visit the remote office, you are no longer able to connect to the network or browse the Internet. Which of the following solution could have been configured?
Location-based NAC
A senior developer has recently left the company after having a bad appraisal. He was working on a critical business application. After two weeks of his leaving, the business data in the application is automatically deleted. What could be the probable cause of this?
Logic Bomb
An administrator has installed a dedicated crypto-processor for cryptographic operations on the system. What could be the outcome of this action?
Low Latentcy
Identify the statements that are the benefits of the immutable systems? [Choose two that apply.]
Lower IT Complexity Easier to troubleshoot
A Security Administrator used Message Digest Algorithm 5 (MD5) to protect data from birthday attacks. However, due to some disadvantages of MD5, the Administrator switched over to Secure Hash Algorithm 2(SHA-2).Which one of the following options can be the main disadvantage that forced the Administrator to switch over to SHA-2?
MD5 does not have strong collision resistance
A system that has been in operation for 70 hours halts suddenly. The System Administrator suggests that the average time for the failed system to be back in action will be 8 hours. Which of the following parameters represents 8 hours in this case?
MTTR
The users have been complaining that they are being directed to different websites when they try to access the company's website. The IT helpdesk engineer scans the network and notices that the user requests are being routed to another computer, which is modifying the request and sending it to the internet gateway.What type of attack is the organizational network a victim of?
Mac spoofing
You have recently implemented an 802.11 wireless network. You need to ensure that each system that needs to connect to the wireless network must be authenticated using a certificate. Which of the following certificate should you implement?
Machine/Computer certificate
What type of threats are likely to occur on a system that has an external storage device connected? [Choose two that apply.]
Malware Data Leakage
You owe your brother some money. You plan to transfer the money online to your brother's account. You get the account details from your brother and transfer the money. The specified amount is debited from your account. However, when you check with your brother, you come to know that your brother has not received the transferred money in the account. On further checking, you realize that the account number you received was a different one than what your brother had sent.What attack were you a victim of?
Man-in-the-middle
Which two types of attacks are possible with the Domain validation certificates? [Choose two that apply.]
Man-in-the-middle Phishing
You have developed an application and installed at the client site. You have also created an administrative interface that the client uses to manage the application. The administrator at the client site forgets the administrator password that was reset and requests you to unlock the application. Which of the following method can you use to unlock this application?
Backdoor
Refer to the following exhibit. Which of the following tests have you performed to get the output displayed in the exhibit?
Banner grabbing
As a preventive measure against password attacks, an organization decides to salt passwords to increase the complexity, before encrypting the passwords with blowfish. Which of the following algorithms is implemented by the organization here?
Bcrypt Algorithm
In which of the following situations, creating a manual snapshot of an operating system is recommended?
Before updates or major system changes
In a network configuration, where would you place the VPN concentrator?
Behind the firewall
Which of the following statements describe biometric tokenization?
Biometric information is obfuscated and transmitted
Which of the following problems can be resolved by booting the operating system to the last known configuration? [Choose two that apply.]
Boot problems arising due to a newly-applied update Startup sequence issues arising due to viruses, trojans, and rootkits
Which of the following measures can help implement physical security for the servers similar to perimeter security in a building? [Choose three that apply.]
Border routers Firewalls Intrusion detection system
A user's laptop has crashed and has gone in for repairs. While the laptop is being repaired, the system administrator hands over a Live CD for the user to work on. Which of the tasks can the user perform on the Live CD?
Browse the Internet
A user's laptop has crashed and has gone in for repairs. While the laptop is being repaired, the system administrator hands over a Live CD for the user to work on. Which of the tasks can the user perform on the Live CD?
Browse the internet
The network administrator has asked the helpdesk team to check each user's system and ensure that the Data Execution Prevention is turned on for all the programs and services.Which type of attack is the network administrator trying to prevent?
Buffer overflow
Which of the following roles are played by an Initialization Vector (IV) attacker? [Choose two that apply.]
Builds a decryption table Computes RC4 key stream
You have a lot of paper from the production department that holds critical information but is no longer required. You want to ensure that you destroy these papers using a method so that the information is not retrievable. Which of the following data destruction method should you use?
Burding
How does a secure baseline help in integrity measurement? [Choose two that apply.]
By helping to identify any security deviations By defining a chain of trust
To produce a different cipher text for the same message every time, a developer decides to use an initialization vector (IV) with the encryption function. How can the developer create the IV?
By using a pseudo-random number generator
Consider a scenario where there are three parties, say A, B, and C, in a two-key communication system. B sends a message to A that is encrypted with A's public key, whose size is 128 bits. C is in possession of A's public key and tries to decrypt B's message that was sent to A. However, C fails to decrypt the message. Which of the following is a valid reason for the failed decryption?
C should use A's private key to decrypt the message
You are a security tester in your organization and are specialized in application testing. You have been handed over a new application in which you have to test the application for crashes, failing built-in code assertions, and memory leaks. What should you do?
Perform fuzzing
Your organization has built an E-commerce application, which is now deployed in a testing environment. You have been asked to use an exploitation framework to find the vulnerabilities in the application and exploit them. What should you do?
Perform penetration testing
Your organization uses an in-house developed application for project management. This application is being used by various partners from different organizations. You receive an e-mail from an unknown person about discovering a vulnerability in the application.The person demands money to disclose the vulnerability. Further, there is a threat that if money is not paid, details of the vulnerability will be shared with various hackers. What are the possible methods to handle this situation? [Choose two that apply.]
Perform thorough security tests on the application and discover the vulnerability Pay money to the person and get details of the vulnerability
For which of the following reasons is RAID implemented? [Choose two that apply.]
Performance Improvement Data redundancy
While combining inputs from multiple sources and performing validation, which of the following consideration must be taken care of?
Performing validation during concatenation
An attacker switches the RFID tag of an expensive product with a cheap one to pay less for that expensive product. Which of the following layers of RFID has been exploited in this attack?
Physical layer
You want to ensure that an attacker does not update the certificate on a Web server. You want to ensure that the hashes of the public key can be used to verify the public key inside the certificate. Which of the method is being described here?
Pinning
A software testing organization has been spending a lot of money on the infrastructure required to test the various applications created by its clients. They plan to subscribe to cloud service to reduce the overheads. Which cloud service should the organization subscribe to?
Platform-as-a-Service
While attempting to access a stored value from a reference variable that is pointing to a memory location that contains nothing, an application crashes. What type of vulnerability is discussed in the given scenario?
Pointer dereference
You have recently setup SFTP that your partner organization will be using for file transfer. However, when they try to access, they are not able to connect. You internally test the connection over the network and can connect using the same account. What could be the probable cause?
Port 22 on the firewall is blocked.
Your organization has a lot of visitors who occasionally connect their systems to the network. You want to associate specific MAC addresses with the interfaces on the switch. This will enable you to enforce that only the assigned MAC addresses can connect to the network. Which of the following methodologies should you implement?
Port Security
You have been appointed as a Chief Technology Officer (CTO) in a large company. You have recently added more than 100 servers that serve critical applications to the clients. You have advised the Incident Response Team to update the incident response plan. Which phase of the Incident Response are you in?
Preparation
There has been a security breach in an organization. While collecting evidence, the forensic experts made copies of the evidence without making any changes to the original. Which of the following actions is performed by the experts?
Preserving the integrity of the evidence
A system administrator has been tasked with improving the security of the organizational email system. The administrator plans to use an encryption system that uses both asymmetric and symmetric cryptography.Which of the following algorithms is the system administrator planning to implement?
Pretty Good Privacy
The front door of your office has three different locks. Which type of security control have you installed?
Preventative
You have implemented protected cabling to prevent eavesdropping. Which type of security control have you used in this scenario?
Preventative
You have recently purchased a vault for your office. This vault will be used by the Finance department to keep their cash. Which type of security control are you implementing?
Preventative
Which of the following vulnerabilities are associated with real-time operating systems (RTOS)? [Choose two that apply.]
Priority Inversion IPC attacks
You have implemented the Online Certificate Status Protocol (OSCP) with a certificate authority. Which of the following attack is likely to occur with this implementation?
Privacy
Which of the following assessments identifies possible risks related to collecting, storing, and maintaining Personally Identifiable Information?
Privacy Impact Assessment
You have been hired by an organization to ensure that the data and its retention policies are as per the HIPAA regulations. Which of the following data role are you playing?
Privacy Officer
As an HR Manager, you hold everyone's personal information along with their social security numbers. What does the social security number classify to be?
Private
Which of the following attacks can be the outcome of a race condition? [Choose three apply.]
Privilege escalation DOS Null pointer error
An employee needs to install an application that is required for the execution of the current project. However, the employee does not have the required rights. What type of a user account must be assigned to the employee to be able to perform the installation?
Privileged User
Which of the following is the typical main motive of an organized cybercriminal?
Profit
An organization is responsible for formulating strategies for the defense of the country. Which of the following security measures must the organization adapt to ensure the safety of their facility? [Choose two that apply.]
Proper Lighting Fencing
Refer to the following exhibit. Which of the following is being depicted?
Proper error handling
You recently had a physical intrusion in the data center. You now need to implement a new access method for the data center. You need to ensure that access is granted based on something you have and something you are. Which of the following combination should you deploy?
Proximity card with retina scan
There are millions of products that are displayed on the Amazon website. What does their information classify to be?
Public
You have been asked to deploy multiple applications in the AWS cloud. These applications would be catering to internal employees. Which type of cloud deployment model is being used in this scenario?
Public
You have shredded a large pile of paper and want to ensure that the information cannot be retrieved from the shredded paper. However, you want to use the same paper in the form of recycled paper. What else should you do to ensure this?
Pulping
You need to put a security control into the practice so that you can prevent tailgating in the server room. You want this to be a full proof method and operational all the time. What should you do?
Put a mantrap at the entry door
One of the employees is suspect in the corporate espionage. You have confiscated his mobile phone. You want to prevent the mobile from any kind of electronic interference without losing its memory contents. What should you do?
Put the mobile phone into the Faraday cage
You have two switches that are installed in a room. These switches provide connectivity to the HR department. You have been asked to secure these switches from physical tampering. Which of the following two methods can be used? [Choose two that apply.]
Put the switches into secure enclosures Install an access control at the room enterance
How do you secure the medical devices on a network other than protecting them with a firewall and other security devices? [Choose all that apply.]
Put them in a restricted VLAN Physically segment them Logically segment them
Your organization uses a traffic light grid method while performing a risk assessment. Which of the following type of risk assessment is performed by your organization?
Qualitative assessment
Which of the following are used to measure the integrity of an application? [Choose all that apply.]
Quality Confidentiality Maintainability Reliability
A user decides to perform the encoding of a plain text bit by bit. Which of the following symmetric algorithms is most suited?
RC4
A user is using a cryptographic cipher that encodes 'BAD' as 'ONQ.' Which of the following methods is used by the user here?
ROT13
A user wants to use a public key algorithm that provides digital signature and secret key distribution. Which of the following algorithm satisfies these requirements?
RSA
Which of the following is an example of system-on-chip (SoC)?
Raspberry PI
You manage a network that has 10,000 users. Most of the users have access to several shared folders across multiple file servers. You have recently performed permission auditing and review. Which of the following will be the outcome of this auditing and reviews?
Recertification
While collecting evidence for digital forensics, which of the following is the volatile evidence that must be given first priority?
Recovering data from the network logs
A forensic expert finds a hidden encrypted file that is useful for legal proceedings. Which of the following actions is performed by the expert here?
Recovery of Evidence
You are setting up a new network. You have decided to use products from different vendors. What would be your core reason(s) for this? [Choose two that apply.]
Reduce vulnerabilities on the network Avoid Vendor Lock-In
You are setting up a new network. You have decided to use products from different vendors. What would be your core reason(s) for this? [Choose two that apply.]
Reduce vulnerabilities on the network Avoid vendor lock-in
An organization, which has been relying completely on a single service provider, faced a severe loss due to the failure of this service. Which of the following options could have prevented this situation?
Redundancy
Which of the following methods can be used to make a system fault-tolerant? [Choose two that apply.]
Redundancy Diversity
Which of the following are the benefits of distributive allocation? [Choose three that apply.]
Redundancy Fault tolerance Availability
You visited a website some days back, and you were prompted to install an antivirus program because your computer is infected. You installed the antivirus. But after that, you notice that the computer has slowed down and has also become unstable.The IT helpdesk engineer checks your computer and uninstalls the free antivirus program you installed and installed a licensed antivirus program. However, the computer still works slow and is unstable. The helpdesk engineer finds that the free antivirus program is installed again, and the licensed antivirus program is not able to detect the malicious software.What type of attack are you a victim of?
Refactoring
Which type of VPN access should you grant to a user who is always on the move and needs to connect to the office?
Remote access VPN
You need to deprovision an application that has been running on the intranet. A large number of users access this system. You have notified all the users that this application will be shut down from a specified date. Before deprovisioning the application, what should you do?
Remove everyone's access
You want to control the use of specific applications by the users in the PLAB Active Directory domain. You even do not want your team to use any application that is not approved. You must apply a solution with minimum administrative effort. Which of the following two methods to control the use of the security applications? [Choose two that apply.]
Remove users' administrative permissions on their systems Use Group Policy to prevent these applications
You have been getting calls from various clients complaining about some fraudulent emails they are receiving from your email ID. You visit one of the clients to check the type of emails they are receiving. You notice that the emails have been sent from your email ID, but you have not sent them.What kind of attack does this scenario depict?
Replay
It is the first day of the employee in the organization. The employee has completed all the joining formalities. What should the HR department do next?
Request the reporting manager of the employee to on-board the employee
You are developing an application that will use third-party libraries. You want to ensure that there are no security issues with the third-party libraries and their dependencies. What should you do to ensure the third-party libraries are safe? [Choose two that apply.]
Research on the internet Test them using dependency checkers
A Security Administrator suggests that the best option to secure data is to perform whole disk encryption. This indicates that the data is in which of the following states?
Rest
Several users extensively use SMS for exchanging messages. You want to track and restrict this in your corporate environment. You need to achieve this with minimum effort. What should you do?
Restrict incoming and outgoing SMS using MDM
Identify the methods that a security administrator can use to prevent an Advanced Persistent Threat (APT). [Choose all that apply.]
Restrict the administrative privileges on servers, desktops, and applications Use application whitelisting Patch applications, operating systems, and firmware of systems and network devices
A security administrative has arranged for a penetration test without getting prior permission. A technical team member, who is unaware of the test, performs an attack against the testers. Which of the following attacks is performed by the technical team member here?
Retaliation Attack
You have to implement two-factor authentication that includes something you know and something you are. You have chosen a password as something you know. Which other method should you choose to fulfill the requirement?
Retina Scan
A user downloaded and installed an application on the computer. During installation, the application prompted the user to confirm if changes can be made to the configuration settings. The users confirmed, and the installation is completed. However, after the installation, the computer's performance was degraded. Some internal tasks were being performed which the user did not initiate.The user intimates the system administrator about the issue. The system administrator checks the computer and identifies that some malicious code has been installed on the computer. What should the administrator do?
Revert to the last known state
A timer, set in a system to automatically start the process, has stopped working and needs to be started manually. This may cost around $500 per month. Repairing or replacing the timer would cost $20, 000, while the next version of the system is about to be released in a year.Which of the following risk response technique is advisable in this situation?
Risk Acceptance
Your hard drive fails due to corrupt operational system files. The System Administrator is unable to recover the system. Fortunately, you have taken a backup of the system until a day before the failure. Which of the following risk response technique has helped in this situation?
Risk mitigation
You have been asked to revise the access control methods. Going forward, you need to ensure that privileges are assigned to groups. If a user is placed in a group, the user should get access to the object on which the group has permissions. Any user who is not part of the group must not have access to the object. Which type of access control model should you configure?
Role Based Access Control
PLAB Inc. has many servers that run in their datacenter. These servers include: A root certificate authority Three DNS servers Two DHCP servers A domain controller Four file servers Subordinate certificate authority The Chief Information Security Officer has advised isolating the systems that require highest levels of security. Which of the following server/servers should the security administrator isolate from the network?
Root Certificate Authority
You are configuring a new load balancer. You want to configure it in a manner that each server must take a turn to respond to the client's request. Which feature should you enable?
Round-robin
You have been asked to allow secure remote access to the internal file servers. The access must be granted to the sales team. Which solution should you implement to meet these requirements?
Router
Which of the following devices is the first line-of-defense in any network, forwards packets, sits in front of a firewall, and needs to be monitored for exploitation?
Routers
You are installing a firewall at the edge of the network. You want to configure the firewall in a manner that filters the traffic and allows only a certain type based on the defined criteria. Which type of access control model should you configure?
Rule-Based Access Control
You want to implement a mechanism on the network that would apply a condition if it detects an excessive number of ICMP packets directed to a specific IP address on the network. The condition should be activated, and the attack must be prevented. Which of the following should you implement?
Rule-based IPS
You are configuring several Point-of-Sale (POS) systems and want to configure connectivity method for them to send and receive a small amount of data with the central system. Which of the following connectivity technologies should you implement to achieve this?
SATCOM
Your organization has merged with another organization. You have been asked to share the Personal Identifiable Information (PII)of all the employees with the HR Managers of the other organization. You need to ensure that the file is safely transferred to the HR Manager.The data must be encrypted while being transmitted to the destination. Which of the following should you use?
SFTP
The security administrator at PLAB Inc. has been advised to implement a solution that collates only the information from the events related to system security. The solution must simply discard the other information to save the network bandwidth.Which solution should the security administrator consider meeting this requirement?
SIEM
You have multiple Layer 3 switches on your network. You want to collect their daily usage report without compromising the data. Which of the following should you use?
SNMPv3
You have recently configured a new network, which has multiple routers and switches. You want to be able to remotely login into the routers and switches and manage and monitor these devices in a secure manner. Which of the following will be most appropriate to implement on all devices?
SNMPv3 and SSH
You have an E-commerce application that is hosted on a server in the DMZ zone. The database server is on the internal network and stores highly sensitive data. The application stores the data in the database hosted on the database server.To ensure the security of the data, you have encrypted all drives on both the servers and communication between the database, and the application server is also encrypted. The application is hosted using HTTPS. A firewall between the database server and application server prevents any unauthorized access to the database with the appropriate access control list.With such configuration, an attacker was still able to get inside the application and access data from the database server. Which attack did the attacker perform?
SQL Injection
You need to develop a database-driven application. You have been asked to use stored procedures to protect the SQL code within the database. You have been told that stored procedures are safe to use. If you decide to use stored procedures, which type of attack are you trying to prevent?
SQL Injection
You have a few switches that are interconnected. Occasionally, you have seen these switches go into the bridge loop. You want to prevent this by implementing loop prevention. Which of the following protocols should you configure to achieve this?
STP
Your organization is changing its software deployment model from on-premises to the cloud. You will be given access to only the application that is hosted in the cloud. Which of the following cloud deployment model has your organization opted for?
SaaS
A security assessment report states that the organization must use the Advanced Encryption Standard (AES) encryption method in the data center. Which aspect of security does this recommendation target? [Choose all that apply.]
Safety Confidentiality
If a Security Administrator wants to add a random string of text to the password hash to prevent a collision, which of the following cryptography techniques must the Administrator use?
Salt
Which of the following methods can be used to reduce the possibility of VM escape for a device?
Sandboxing
A cyber attacker has got access to the database on the server where all the user passwords are stored. However, an incorrect password message is displayed each time the attacker tries to gain access to the network using the passwords stored in the database.What type of algorithm has the system administrator implemented to secure the user passwords?
Secure Hash Algorithm
You have secured a hard drive that is forensic evidence. You need to examine this hard drive and ensure that you can retrieve the required information.You want to make an image of the hard drive and put it on a USB drive that you regularly use. To achieve this goal, what should you do so that you can successfully inspect the contents of the hard drive?
Securely wipe the USB drive and then copy the hard drive image
If you were to implement deterrent controls, which can also serve as the preventive controls, which of the following will you implement? [Choose two that apply.]
Security Guards Fencing
You want to implement security services solutions without adding any extra on-premises hardware for your cloud applications. You also want to ensure that your solution provides continued protection. Which of the following should you implement?
Security as a service (SECaaS)
Which of the following are described by the secure baseline? [Choose two that apply.]
Security controls required for the basic security of the organizational network Security controls required to ensure the basic security of the user computers on the organization network
An organization takes extra care to hide the cryptographic methods that it uses. Which of the following term describes this secrecy?
Security through obscurity
You use Mobile Device Management (MDM) to manage mobile devices. You have now started to push updates to the mobile devices. What would be the best method to inform the users after updates are installed?
Send a notification after an update is installed
Consider a scenario where the symmetric key needs to be exchanged with a recipient through the in-band key exchange approach.Which of the following technique needs to be followed to exchange the symmetric key securely?
Send it across the network by encrypting the key using asymmetric encryption
Two administrators, having the same level of proficiency, are involved in monitoring and managing the network. One administrator is responsible for managing the file server and database server; the other administrator is responsible for the mail server and the web server.Which personnel management policy is the organization following?
Separation of duties policy
You are developing an application that will contain critical data for your organization. The application will have the client/server architecture. You need to ensure optimal security for the data that will be stored in the application. You also need to ensure input validation. Which of the following will meet this goal?
Server-side validation
An organization has contracted a vendor to manage its IT systems and network. One of the routers has been malfunctioning. The vendor says the router will need to be replaced with a new one. The IT administrator asks the vendor to provide a standby router until the new one arrives. Still, the vendor refuses to say it is not within the scope agreed.Which of the following agreements should the IT administrator refer to determine whether providing a standby router is within the scope of the vendor?
Service-Level Agreement
You log into your webmail account to send a mail to your team. You send the mail and log out from the account. In some time, you receive a call from one of your colleagues that they have received a mail from you with a URL, but the mail does not specify any details. You tell your colleague that you have not sent any such emails. You confirm the same by logging into your account.Which of the following methods did of the attacker use to hack into your account?
Session sidejacking
One of the company's managers is leaving the job in two months. The manager has access to numerous network shares, and the access cannot be removed for these next two months. You, as the administrator, cannot leave this user account open. Which of the following actions can you perform?
Set the expiration date for the user account to next two months
You use your chip-based credit card to make a payment at a retail outlet. After some time, you receive an alert from the credit card company about a large transaction done another retail outlet, which you have never visited. What kind of attack was you a victim of?
Shimming
Recently, a malicious internal user compromised the internal DNS server and changed the DNS records to point to a malicious URL. You need to secure the integrity of the DNS records. What should you do?
Sign the DNS zones with DNSSEC
You are a Web application developer. A client has given a small application to develop, but the client has asked to build a method into the application to ensure that the code is not altered. You must be able to check the code against the hash that is stored within the application to verify its integrity. What should you do?
Sign the code using code signing
Which of the following physical security measures will provide the most effective security to the server room in an organization? [Choose three that apply.]
Signage Entry and exit logs Mantrap
Several user systems have been infected with a new virus. The antivirus application installed on each system is not able to detect this new virus. After you update the antivirus server and roll out the update, you are able to clean the virus. Which type of vulnerability did you clean from the system?
Signature-based
After a recent merger with another organization, you have been asked to configure a VPN solution between both the networks. The traffic across the VPN must be encrypted. The users at both ends should not have to reconfigure their systems.What should you do?
Site-to-site VPN
You receive an SMS on your mobile phone stating that you have won a lucky draw conducted by an online store that you regularly visit. The message prompts you to call on a specific number to claim the prize. You call on the given number, and you are taken to an automated voice response system, which asks you to enter the bank account details where you want the prize money to be deposited.Which attack are you subjected to?
Smishing
An organization decides to capture the complete state of the virtual machine at a specific point in time. Which of the following backup concept would be used here?
Snapshot
What is the basic premise of the consensus principle?
Social Proof
Refer to the exhibit. Which of the following architecture is being depicted in this exhibit?
Software Defined Networking
A startup organization is yet to install a mail server in-house. The number of employees being few, the organization has subscribed to an online email service provider to provide official email accounts to all the employees. Which cloud service has the organization subscribed to?
Software as a service
A system scans a user's retinal pattern for authentication. Which of the following authentication factor is being used by the system to authenticate?
Something you are
You swipe your ID card to enter the Data Center of your organization. You are then asked to enter your PIN number. Which factors of authentication are in play in this case?
Something you have and something you know
A security system authenticates users based on the user name and password. What type of authentication factor is used by the system for user authentication?
Something you know
You log into your system using your password. A colleague is not able to log into your system with your account. Which authentication factor is this technique based on?
Something you know
A web-based application restricts access based on the Internet Protocol (IP) address of the system used to access the application. Which of the following authentication factor is being used by the application to authenticate users?
Somewhere you are
You receive an email from your friend informing you about some great shopping offers on a new website. You click on the link provided in the mail, but nothing happens. A few days later, you hear that some sensitive organizational data has been stolen.What type of attack does this scenario depict?
Spear Phishing
You have configured a router to examine incoming packets. You have configured a rule is to filter out packets that have conflicting source addresses, especially if a packet shows a source address from the internal network. Such packets need to be automatically dropped. Which of the following are you trying to prevent with this configuration?
Spoofing
What are the purposes of user training in implementing administrative controls? [Choose two that apply.]
Spread Awareness Demonstrate Management Support
While fixing an issue on a user system, you accidentally discover a file had the user's keystrokes entered. The user denies having created the file.What kind of infection has occurred on the user's system?
Spyware
In which phase of deployment is the production-like validation performed?
Staging
Refer to the exhibit. Which of the device is shown in the circle?
Standalone access point
Refer to the exhibit. You have a wireless network. Most of the users complain about the weak signal. You need to ensure that you extend the signals to these users so that they can work. If you were to add a device to the black circle, which one would, that be?
Standalone access point
A new employee has joined the procurement department of the organization. This new employee needs to understand how the procurement takes place in the organization. Which document should the employee refer to for the required details?
Standard Operating Procedure
You must implement a solution on the network to allow only authorized traffic. You want to deny the unauthorized traffic and block it from entering the network. At the same time, your solution should be able to inspect the packets. Only the appropriate TCP and UDP ports must be used with their respective protocols. Which of the following network controls would be most appropriate in this situation?
Stateful Firewall
Your organization has multiple public IP addresses. You need to host multiple Web sites on the Internet. You want all the Websites to use the public IP addresses with one to one mapping and still be accessible on the intranet with their private IP addresses. Which of the following method should you use to configure this?
Static NAT
A user hides sensitive information within a picture and sends it to the intended recipient. Which of the following techniques is used by the user in this case?
Steganography
When requesting a certificate, which of the following step must be performed first?
Submit a certificate-signing request (CSR)
Which of the following are implementations of obfuscation? [Choose all that apply.]
Substitution ciphers steganography XOR Rotate by 13
Which of the following tools are used in detective controls?
Surveillance camera
Your organization mandates the installation of digital certificates on mobile devices to enable secure access to corporate E-mail. You need to define a process to ensure that if the mobile is lost, the corporate E-mail cannot be accessed. The user should be able to work on the laptop without any problems. What should you do? [Choose two that apply.]
Suspend the digital identities Suspend the cryptographic keys
An online banking application implements Secure Sockets Layer (SSL) using symmetric encryption to encrypt its transactions. The application shares the key between the client and the server machines using in-band exchange method.Which of the following key will be used by the server to encrypt the data that is valid for a particular session only?
Symmetric Key
A Web server is not synchronized with the NTP server in the organization. When the Web server administrator raises a ticket with the helpdesk, who requests to open the Event Viewer. Which of the following types of the log should the Web server administrator open to determine the issue?
System
A marketing executive explains to you about the latest IT infrastructure and its benefits. Though your organization is already equipped with the latest infrastructure, you are ready to go ahead with the deal without even analyzing the necessity, because it was offered to you at a reasonable cost. Which of the following vulnerability could be present due to this unwarranted infrastructure addition?
System sprawl
The PLAB Inc. IT team is responsible for managing several routers, switches, firewalls, and access points on their network. At present, there are policies running on each of the devices, and therefore, it has become unmanageable for the IT team to handle the policies of these devices independently. The IT team now wants to implement centralized policies to determine the following: who can log in to manage each device what operations they can run log all actions taken on these devices encrypt the whole packet including username, password, and attributes The IT team also wants to implement granular access controls on the commands that can be run on specific devices by individuals.If the IT team must implement a protocol to meet the required goal, which of the following should they implement?
TACACS+
You are developing a new application. You need to authenticate users with an OTP, which is going to be time bound. If the user does not feed in the OTP within 10 minutes of receiving it, then the OTP will not be accepted. Which of the following feature should you integrate within your application to operate as required?
TOTP
Which of the following are examples of Hardware root of trust? [Choose two that apply.]
TPM HSM
To be able to use BitLocker, which of the following is the pre-requisite? [Choose two that apply.]
TPM enabled in UEFI TPM chip on the motherboard
What is the role of a risk register in the risk assessment process?
Tabulates the risks and their severity
You forgot your ID card at your desk when coming out of the office for a meeting. When you come back, you ask your friend to open the door for you.Which of the following does this scenario depict?
Tailgating
Which of the following actions distinguish a bluesnarfing attack from a bluejacking attack? [Choose two that apply.]
Takes control of a user's device Steals information from a devise
PLAB Inc. has recently suffered many network breaches. The newly joined security administrator has made specific changes to ensure no more breaches take place. The security administrator has also configured a public-facing server that contains redundant data of no value. The server is left open on the Internet but has a very slow connection. The security administrator wants the attacker to attack this server.What type of system has the security administrator setup?
Tarpit
A Security Administrator instructs the employees to encrypt sensitive data before sharing it over the network. Which of the following controls is suggested by the Administrator to safeguard sensitive data?
Technical
You have written a piece of code that needs to be plugged into an existing application. You do not want to run the code but still want to find potential vulnerabilities. What should you do?
Test the code through a static code analyzer
Which of the following malpractices make a Heating, ventilation, and air conditioning (HVAC) network vulnerable to attacks? [Choose two that apply.]
The HVAC equipment being connected to the corporate network HVAC moinitoring software is not updated
When exposing a Web service, you get the following errors:The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channelWhat could be the probable cause? [Choose all that apply.]
The certificate has expired. The hostname used in the URL doesn't match the name on the certificate The certificate is self-signed The Certificate Root Authority that issued the certificate is not trusted by the server
Why would an Administrator prefer ephemeral keys to static keys? [Choose two that apply.]
The ephemeral keys have a short lifetime The ephemeral keys are recreated for each session
An employee who has been working with the organization for a long time has resigned from the services. The HR department is conducting an exit interview with the employee. What should be the main objectives for the HR department during the exit interview? [Choose two that apply.]
The improvement areas for the organization from an employee's perspective Understand what the employee liked about working in the organization
Which of the following statements differentiate IaaS from PaaS? [Choose three that apply.]
The main uses of IaaS include the actual development and deployment of PaaS, SaaS, and web-scale applications. IaaS provides the infrastructure for operations, networking, data storage, and hardware, whereas PaaS provides the infrastructure for software development. IaaS clients have true control over their infrastructure than users of PaaS
Which of the following statements about the hybrid cloud are true? [Choose two that apply.]
The organization's workload is handled by the private cloud, and any spikes in the resource usage are handled by the public cloud. The organization needs to pay only for those portions of the public cloud that they use.
A user from your organization purchased an Android mobile from the United States for official purposes. When the user returned to the native country, you reset the phone to factory mode and insert a SIM from another service provider. However, the mobile did not recognize the SIM. What could be the probable cause?
The phone is locked by the service provider
Users in your organization have Internet access only during lunchtime. For the rest of the working hours, they have no Internet access. Which of the following is being enforced on the users?
The principle of least privilege
You are reviewing the log files on a router. You notice the following entries:*Jan 11 4:10:29.779:%Router1: list 101 permitted tcp 192.10.10.204(57222) (FastEthernet 0/3) ->10.10.1.5 (6667), 3 packets.* Jan 11 4:10:38.779:%Router1: list 101 permitted tcp 192.10.10.204(57222) (FastEthernet 0/3) ->10.10.1.5 (6667), 6 packets.* Jan 11 4:10:45.779:%Router1: list 101 permitted tcp 192.10.10.204(57222) (FastEthernet 0/3) ->10.10.1.5 (6667), 8 packets.There are hundreds of entries like this in the log file.What should you infer from these log entries?
The router is acting like a bot
An organization is planning for disaster recovery. It is deciding on a location for setting up the disaster recovery site. Which of the following considerations must be evaluated before choosing a site? [Choose two that apply.]
The site must be closer to the primary data site The site should be easy to access
Most of the desktops in your organization use wireless keyboards and mouse. Recently, another user was able to remotely gain access to one of the systems with a wireless mouse and keyboard and type in various commands. What could have possibly happened? [Choose two that apply.]
The system was not updated with the latest patches The USB dongle was exploited for remote access
You have developed an application in SharePoint Online and linked to the company's Website. You connected both using a Web service that uses a temporary user account for authentication with SharePoint Online.The visiting users will fill up a request form on the Website, and data will be sent to SharePoint and stored in a list. When you test this functionality, it works fine. However, after a few days, you realize that even the form on the Website is being submitted, but data is not reaching SharePoint. You can individually access both the Website and the SharePoint Online.What could be the probable cause?
The temporary user password has expired
You have configured two devices to use NFC (Near Field Communication). You want to share contact information between the devices using NFC. However, one device is moved about a foot away, and NFC connectivity fails.What could be the problem?
There should be a maximum of two-inches distance between both the devices
Why is it important to implement proper access control on devices, such as printers and multifunction devices (MFDs)? [Choose two that apply.]
They are computing devices with a hard drive and operating system. They communicate using various ports and protocols
Which of the following options describe internal threat actors?
They are non-malicious users who are not aware of the organization's policies or who ignore the policies.
Which of the following statements are true about wearable medical devices? [Choose two that apply.]
They run on weak embedded operating systems They collect a lot of personal health data from users.
In a corporate environment, what would the best method to control the use of the mobile camera in certain areas?
Through a security policy
After the Eradication phase, you are in the Recovery phase. Before you put the systems back in the production, which of the following decisions should you make? [Choose all that apply.]
Time and date to restore operations Test and verify that the compromised systems are clean and fully-functional The duration of monitoring to observe for abnormal behaviors
Two users in the finance department have access to the company's financial details because they are responsible for the financial transactions of the company. The finance details of an organization have been leaked to its competitor. The system administrator checks the logs of the network activities and notices that one of the users has been accessing the department's shared folders during the night time.What should the organization do to ensure such transactions do not occur?
Time of day restrictions
An employee at PLABS performs Business Impact Analysis (BIA) and has created a business impact analysis report. This report is useful for performing which of the following activities?
To identify the mission-essential functions
Why are hot and cold aisles implemented in a server room? [Choose two that apply.]
To provide a constant air circulation To exhaust hot air and intake cold air
While accounting for the expenses of a security breach, the administrator calculates the time spent on this issue, the number of people involved in this case, and the resources used for the forensic investigation. Which of the following processes is performed by the administrator here?
Track man-hours
Which of the following techniques can be used to avoid whaling attacks?
Training the users
Which of the following security protocol is used by Protected EAP (PEAP)?
Transport Layer Security (TLS)
PLABS Inc. is using Data Encryption Standard (DES) algorithm, which is prone to brute force attacks. To avoid that, the Security Administrator decides to use an algorithm that uses the same encryption methodology as DES, but with longer key size, and is more secure.Which of the following algorithm does the Administrator decide to use?
Triple Data Encryption Standard
A user complains that their system has slowed down. When you investigate the system and question the user, they confirm that they had downloaded a pirated application from the Internet. You check the antivirus and find that there are several alerts. Which of the following is causing this issue?
Trojan
You need to ensure that the IP traffic is encapsulated when it is sent outside of your local network. The traffic will be sent using WAN links and received by other networks at the partner organizations. Which of the following should be implemented to meet the requirements?
Tunnel Mode
You use Mobile Device Management (MDM) to manage mobile devices, which are configured to install apps only from the company's play store. You also have disabled wireless and memory card installation. You also need to ensure that the users are not able to install apps by any other means. What should you do? [Choose two that apply.]
Turn off USB on-the-go disable install from unknown sources
The IT helpdesk receives a complaint from the user stating that when the user is being routed to some other website when trying to access the company's website. The IT helpdesk engineer checks and confirms that there is no problem with accessing the website. When checking the user's laptop, the IT helpdesk engineer notices that there is an error in the URL typed by the user.What type of attack does this scenario depict?
URL hijacking
Which of the following damages is caused by the injection attack?
Unauthorized access to the database
Which of the following distinguishes the principle of scarcity from the principle of urgency?
Under supply
Which of the following can be a prevention against a replay attack? [Choose two that apply.]
Unique session ID Timestamps
You have recently implemented a media gateway that uses the Session Initiation Protocol (SIP) protocol. You want to ensure that the media gateway using SIP cannot be exploited via the man-in-the-middle (MITM) attacks. What should you do? [Choose all that apply.]
Update it with the latest patches Implement data encryption Implement an authentication scheme
You receive a call from his credit card company stating that there have been some suspicious transactions on your account. The caller requests you to share the credit card details so that the transactions can be reversed before the transactions are approved by the company.Which of the following social engineering principles is used here by the attacker?
Urgency
Which of the following is the main disadvantage of the symmetric key encryption?
Usage of a single secret key
PLAB Inc. network consists of Windows 10 systems and Windows Server 2016 servers. All users are part of the PLAB.com domain. The network administrator discovers that several users have installed pirated applications on their systems. Which of these methods can the network administrator use to prevent users from installing pirated applications? [Choose two that apply.]
Use AppLocker Remove administrative privileges
Recently, a user lost his laptop that had confidential data. You want to prevent the company's data even if the laptop is lost. No one should be able to access the data at rest without proper authentication at boot. What should you do?
Use BitLocker to encrypt the disk
PLAB Inc. uses a wireless network that has recently been breached. An attacker was to connect to the wireless network after gaining access to its password. The security administrator wants to ensure that the wireless network is secured with the possibilities of available methods. Which of the following methods should the security administrator implement? [Choose all that apply.]
Use MAC filtering Use WPA2-Enterprise Disable the SSID broadcast Lower the radio transmission strength
The Sales team in your organization has been assigned new Android phones. You, as the IT Manager, do not want them to install any applications from the Internet. The Sales team should be able to install only the approved applications from your app store. How would you control this?
Use MDM to manage the mobile devices
The Sales team in your organization is provided with mobile phones. Some of the Sales team members have rooted their phones to get the latest Android updates. You want to restrict them to install applications only from the company's official app store. You also want to monitor, manage, and secure these mobile devices. What should you do?
Use MDM to manage their devices
You need to host multiple SSL-enabled sites on a single server. Each website is named www.plab.com, www.plab.net, and www.plab.org. You want to achieve this with minimum cost and administrative effort. What should you do?
Use Subject Alternative Names Certificates
You have installed a new wireless network. However, before the users start to use the wireless network, you need them to accept the Acceptable Usage Policies. After they accept, then only the access to the wireless network must be granted. You must complete this task with minimum administrative effort. What should you do to meet this goal?
Use a Captive Portal before access to the wireless network is granted
You have a root domain with multiple sub-domains. You need to use certificates with the domain and its sub-domains using a recommended solution. What should you do?
Use a single wildcard certificate for domain and sub-domains
You have several Websites that use SSL. These Websites are configured to use public IP addresses. You need the SSL traffic to be inspected on the fly. What should you do?
Use an SSL decryptor
You detect a keylogger on a user's Windows 10 system. The keylogger was capturing the user's keystrokes and sending it to a person outside the network. You need to clean the keylogger from the system with minimum administrative efforts. What should you do?
Use an anti-malware live boot CD to clean the keylogger
You are an administrator for a network that contains Web servers, database servers, and file servers along with the servers that provide various services, such as DNS and DHCP.You need to ensure overall IT security compliance of the network as well as ensure that each of the servers meets the required compliance standards. You need to be able to locate any non-compliance issues. What should you do?
Use configuration compliance scanner
Recently, an attacker targeted a user connected to the company's wireless network. He used a wireless scanner to target the users. The attacker finally conducted a deauth attack to obtain the SSID information. You need to prevent such attacks. which of the following solutions can be used? [Choose two that apply.]
Use management frame protection Use WPA2 along with complex passphrases
You are developing an application that will be hosted on your network but will be exposed on the Internet. You want to limit the amount of data that is exposed from your application. What should you do?
Use public methods to interact with the data
You want to use a packet capturing tool that runs on a Linux system. The tool consumes the least system resources, runs on the command line, and has lesser security risks. Which of the following would you use?
Use tcpdump
Your organization uses Exchange Server for messaging. Several Salespeople are always on the move and access their E-mails through mobile. You, as the IT Manager, want to configure a method to ensure that all the Salespeople use strong passwords on their mobile. You must do this with minimum administrative efforts. What should you do?
Use the ActiveSync Policies on mobile devices
You need to connect two laptops using their wireless network adapter and share data between them. There is no network or wireless network available to connect both the laptops. You must perform this task with minimum administrative effort. What should you do?
Use the Ad Hoc Mode
You manage the Mobile Device Management (MDM) application for your organization. One of the employees reports that their mobile phone is stolen. You track the device and find that it is still communicating with the MDM applications. You want to immediately act and ensure that the corporate data on the mobile phone is not accessible. What should you do?
Use the Remote Wipe feature
User1 needs to send an encrypted message with User2. If there is a Public Key Infrastructure installed, what should the user do?
Use the User2's public key to encrypt the message
You have a Linux system that is connected to the network. The system has multiple network adapters with manually configured IP Addresses. You want to verify the IP addresses on all of its network adapters. What should you do?
Use the ifconfig command with -a parameter
You need to add a digital signature to a message and send it to a user, John. If there is a Public Key Infrastructure installed, what should you do?
Use your private key to create the digital signature
Which of the following characteristics of the confusion operation in cryptography differentiates it from its counterpart diffusion operation? [Choose two that apply.]
Used by both stream and block ciphers Implements a complex relationship between the key and the cipher text
Which of the following features of the Data Encryption Standard (DES) algorithm makes it susceptible to brute-force attacks?
Uses smaller key size
Which of the following reasons allow for the security vulnerabilities associated with cameras, to be exploited? [Choose two that apply.]
Using default credentials Using outdated firmware/software
An employee of your departmental store left their phone unattended. The customer they were attending was able to copy several phone numbers and browse personal photographs on the phone. How could this have been prevented?
Using screen lock
An organization has tied up with various software development companies to test their applications. To ensure that all the software developing companies can be served properly, the organization has set up a virtualization team to set up virtual machines for testing based on the application requirements. Different teams started demanding for different virtual machines, and the virtualization team built the required virtual machines without any control on the number of virtual machines created. What kind of a problem can this lead to?
VM Sprawl
Which of the following points differentiates stream ciphers from block ciphers? [Choose all that apply.]
Very low hardware complexity The different initialization vector for every stream high speed of encryption
The surveillance camera footage showed evidence of two unauthorized people entering the premises of an organization. Other digital evidence confirmed the malicious intention of these two people.Which of the following data acquisition method has given a lead in this case?
Video capture
You manage a network that has 10,000 users. Most of the users have access to several shared folders across multiple file servers. Which problem is likely to arise if you do not perform periodic permission and usage auditing and reviews? [Choose two that apply.]
Violation of the principle of least privilege Privilege Creep
Which of the following features represent the differences between a private cloud and a private network? [Choose two that apply.]
Virtualization Self-Service
You receive a call from a new credit card company. The caller says that they provide credit cards at lower interest rates and asks if you are interested in knowing more about it.You respond saying you are interested and the caller starts asking questions about the current credit card you are holding saying this information is required to suggest the best credit card plan for you. You provide all the required information.After two days, you get an alert stating that there has been a transaction on your credit card for a large amount.What type of attack did the attacker use in this scenario?
Vishing
You receive a call from your credit card company stating that you have 10,000 points available on your credit card, and if you did not redeem it, the points would lapse. The caller also offers to assist you in redeeming the points. You agree and provide the caller credit card details to the caller. Soon after the call, you get an alert from the credit card company about a large shopping payment made using your credit card.Which technique did the attacker use in this scenario?
Vishing
Which of the following test identifies weaknesses while ensuring that normal operations are not affected by this testing?
Vulnerability scan
The security administrator needs to install patches on the user computers. The patch has been installed on some of the user computers. Which of the following tools should the administrator use to identify computers where the patch has not been installed?
Vulnerability scanner
An employee of an organization shares a directory with an unauthorized user. Which of the following tests can detect this action?
Vulnerability test
An unauthorized user alters a management procedure to gain undue benefits without the knowledge of the organization. Which of the following vulnerability is being exploited here?
Vulnerable business process
Which of the following uses Temporal Key Integrity Protocol (TKIP)?
WPA
A security administrator suggests having a fully functional recovery site to handle disasters. However, due to financial constraints, the organization decides to maintain a partially equipped and configured site. Which of the following site is decided by the organization?
Warm
Of the given choices, if you were to build a house, which of the following method would you use considering that developing an application is the same as building a house?
Waterfall
You regularly buy products from a particular online store. As usual, today you buy some products using your credit card. After some time, you receive an alert from your credit card company stating that your credit card has been used to make a payment on an online store that you have not even visited.What type of attack were you subjected to?
Watering hole
A banking web application employs an encryption algorithm using a key size less than 128 bits. Which of the following vulnerabilities might bug the application?
Weak cipher suite
A Security Administrator is assessing the probability of the occurrence of natural threats. The Administrator wants to implement controls to reduce the risks associated with natural threats.Which of the following information may be useful to determine the probability of natural disasters?
Weather history
Which type of guideline document would contain a best practice statement, such as this:Move the Inetpub folder from your system drive to a different drive.
Web server
Which of the following is an example of Real-time Operating System (RTOS)?
Windows Embedded Compact
Which of the following feature of a digital camera, if available, can be exploited by a hacker?
Wireless connectivity
A user receives an email with an executable. After launching the executable, an auto-generated e-mail is sent to the users in the contact list in Outlook. The e-mail sent out is the same as the one received by the user. What type of attack has occurred in this scenario?
Worm
A user is using a symmetric cipher that uses a binary encryption algorithm. The algorithm is weak when it is used all by itself, but it works well when used in conjunction with other cryptographic modes of operation. Which of the following encryption algorithm is the user using in this scenario?
XOR
You have two large physical local area networks (LANs). You need to combine both of them into a single logical LAN. What should you do?
You need to install a bridge between both the physical LANs
An organization has implemented a customized application to track its financial dealings with customers, vendors, and business partners. In one of the reports generated by this application, the CFO notices some variances in the financial data. The IT engineer suspected some virus or malware attack. However, a complete antivirus scan did not detect any issues.What type of attack has taken place in this scenario?
Zero-day
Recently, one of the newly deployed application was attacked, and the attacker was able to gain administrative access to the application. The antivirus and HIDS deployed on the server hosting the application was not able to detect any suspicious file or malware. What could have been the possible cause?
Zero-day
Which of the following attacks can be prevented by using multiple layers of firewall and by allowing only approved software to run?
Zero-day