Sec+ - Renew Certification (Domain 1.0 General Security Concepts Assessment)

A cybersecurity analyst implements security measures for a financial institution's infrastructure. The analyst explores different technologies to enhance security and must select the appropriate technology to strengthen security within the organization's infrastructure. What includes a CPU extension that protects data that is stored in system memory so that untrusted processes cannot read it?

A. Secure enclave

A system administrator reviews network access permissions granted to several devices and revokes their certificates. What log would reflect these changes?

B. Certificate Revocation Lists (CRL)

An organization's baseline configuration requires 256-bit keys for a specialized application used by one of its departments. After conducting some tests, it is determined that an existing device performs poorly when key lengths exceed 128 bits. After performing a risk assessment, the leadership team authorizes using 128-bit keys for the problematic device, pending its replacement. What type of control is described in this situation?

B. Compensating

To support a new secure application, a helpdesk technician installs a PCIe adapter card containing a crypto-processor in a computer. What type of devices does this best describe?

B. Hardware security module

As the network administrator for a small legal firm, you've been tasked with enhancing the security of the firm's network, especially regarding the software and applications used on work devices. Given the sensitive nature of the firm's data, you decide to implement a strategy that restricts what software can run on company devices. Which security strategies best describe the approach to limit what software can run on company devices? (Select the two best options.)

A. Allowlists D. Blocklist

After encountering a cyber attack, an organization uses a monitoring solution that automatically restarts services after it has detected the system has crashed. What type of functional security control is the company implementing?

A. Corrective

What type of policy defines the appropriate handling of a customer's personally identifiable information (PII)?

A. Data privacy policy

A defense contractor is enhancing its defensive capabilities by implementing deception technologies. How can a honey token assist in this strategy?

A. It creates false credentials, login credentials, or other data types to distract and gain insight into attackers.

A company installed a new locking cabinet in the computer room to hold extra flash drives and other supplies. Which type of security control did the company configure?

A. Preventive

After receiving the annual audit results from the Inspector General's office, a cyber specialist begins identifying improvements to existing change management processes. Which of the following roles would likely own the change management process? (Select the two best options.)

A. Project manager C. Team leader

You are the Chief Security Officer (CSO) for a government agency transitioning to a more modern and secure technology architecture. You decide to adopt a model emphasizing secure access and aligning with the principle of "never trust, always verify." Which of the following best describes the security model you plan to implement?

A. Zero Trust Architecture (ZTA)

A security analyst wishes to implement a system that enforces access decisions to ensure that the privileges granted to an individual are appropriate for their role within the organization. Which component is critical for enforcing these access control decisions?

B. Policy enforcement point

The organization is implementing a significant software upgrade that necessitates application restarts. How can the cybersecurity analyst ensure a smooth transition without causing extended downtime?

B. Schedule the upgrade during nonworking hours to reduce the impact on users.

An organization has an established change management program that includes standard operating procedures (SOPs). It wants to implement changes consistently and effectively. What role do SOPs play in the change management process?

B. They define routine operations or changes, providing detailed instructions to implement them.

An organization is transitioning from an on-premises server system to a public cloud platform. What security design paradigm requires all requests to be authenticated before they can continue?

B. Zero trust

A software specialist prepares to integrate new software into the organization's network. Before implementation, the specialist evaluates the changes in a tailored environment to ensure they work as intended and do not cause further issues. Which of the following concepts provides valuable insight into the likelihood of success and helps identify potential issues without impacting business operations?

B.Backout plan C.Maintenance windows D.Test results

An employee accesses one of the company's storage closets to retrieve some writing pads and pens. While there, the employee notices the closet also contains several new high-end wireless mice, some high-capacity external drives, and a few webcams. In front of the closet, a warning sign indicates that cameras are in use. What is the control objective of the warning sign?

C. Deterrent

A senior analyst is purchasing new cybersecurity tools that enhance the ability to detect and defend against various types of attacks. What decoy system can support detection efforts by mimicking a specific application and gathering information on the attacker's tactics and tools?

C. Honeypot

A security specialist is updating the organization's change management policy. What is the term associated with identifying and assessing the potential implications of a proposed change?

C. Impact analysis

A cyber security analyst is implementing full disk encryption by utilizing the features offered by the hardware components of the company's laptops, tablets, and smartphones. What type of hardware device does this describe?

C. Trusted Platform Module (TPM)

How can a cybersecurity analyst effectively utilize version control to maintain a historical record of changes and ensure security in the organization's IT systems and applications?

C. Use version control to track changes in network diagrams and configuration files.

The system administration team identified a critical server that crashed after deploying a new set of patches. After troubleshooting the issue, the team determined that the new patches directly caused the crash. What is needed to restore functionality to the critical server confidently?

D. Backout plan

Risk managers plan to compare existing security controls to a set of best practice controls described in a technical hardening standard. Which technique would be most helpful to the risk managers in this scenario?

D. Gap analysis

A finance company has implemented a deception strategy to plant documents that appear to contain sensitive information. Upon access, the documents help capture the attacker's tactics and tools. What type of deception technology best describes this scenario?

D. Honeyfile

A software application firm is strengthening its cyber defense by incorporating deception technologies into its environment. How can a honeynet support this strategy?

D. It uses a network of decoy systems to simulate an entire network to capture attackers' tactics and tools.

You are the cybersecurity manager at a company that regularly handles sensitive customer data. To enhance the security of data transmissions between server and client systems, you have decided to implement a system to support data integrity, confidentiality, authentication, management of encryption keys, and digital signatures. Which system is best suited to this goal?

D. Public Key Infrastructure (PKI)