TestOut Security Pro Ch. 1- Ch. 7
Which of the following algorithms are used in symmetric encryption? (Select two.) -Diffie-Hellman -Blowfish -RSA -DES -ECC
-DES -Blowfish
A PKI is an implementation for managing which type of encryption? -Asymmetric -Steganography -Hashing -Symmetric
Asymmetric
Which type of control makes use of policies, DPRs, and BCPs? -Operational -Managerial -Preventative -Technical
Managerial
Which of the following is a method of implementing security controls? -Financial controls -Marketing controls -Sales controls -Managerial controls
Managerial controls
When two different messages produce the same hash value, what has occurred? -High amplification -Hash value -Collision -Birthday attack
Collision
You create a new document and save it to a hard drive on a file server on your company's network. Then you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing which security goal? -Non-repudiation -Availability -Confidentiality -Integrity
Confidentiality
A large multinational corporation has recently experienced a significant data breach. The breach was detected by an external cybersecurity firm, and the corporation's IT department was unable to prevent or detect the breach in its early stages. The CEO wants to ensure that such a breach does not happen again and is considering several options to enhance the company's security posture. Which of the following options would be the MOST effective in preventing and detecting future data breaches? -Implementing a dedicated Computer Incident Response Team (CIRT). -Hiring an external cybersecurity firm to conduct regular penetration testing. -Increasing the budget for the IT department to purchase more advanced security software. -Conducting regular cybersecurity training for all employees.
Implementing a dedicated Computer Incident Response Team (CIRT).
Which of the following is an example of a social engineering attack? -A fake bank email is sent to recipients asking them to update their account info via a link that leads to a fake site, capturing login details. -An attacker floods a website's server with fake requests, making it slow or unresponsive to legitimate users. -A call from a threat actor posing as a remote sales representative to obtain the login credentials to a remote access server from the help desk. -An employee sends information to HR, but an attacker secretly intercepts and manipulates the communication, unbeknownst to both employees.
A call from a threat actor posing as a remote sales representative to obtain the login credentials to a remote access server from the help desk.
Which of the following describes a logic bomb? -A program that performs a malicious activity at a specific time or after a triggering event. -A program that has no useful purpose but attempts to spread itself to other systems and often damages resources on the systems where it is found. -A type of malicious code similar to a virus whose primary purpose is to duplicate itself and spread while not necessarily intentionally damaging or destroying resources. -A program that appears to be a legitimate application, utility, game, or screensaver that performs malicious activities surreptitiously.
A program that performs a malicious activity at a specific time or after a triggering event.
As a cybersecurity expert, you are tasked with implementing a secure enclave in your company's new mobile banking application. Which of the following statements best describes the primary function and benefit of a secure enclave in this context? -A secure enclave is a protected area within the application's code that prevents users from making unauthorized transactions. -A secure enclave is a separate, isolated environment within the device's processor where sensitive data can be securely stored and processed. -A secure enclave is a network security tool that monitors and controls incoming and outgoing network traffic based on predetermined security rules. -A secure enclave is a cloud-based storage system where encrypted data is stored and can only be accessed with the correct decryption key.
A secure enclave is a separate, isolated environment within the device's processor where sensitive data can be securely stored and processed.
Which of the following security challenges refers to the rapid and broad spread of an attack, often affecting a large number of computers in a relatively short amount of time? -Data encryption -Sophisticated attacks -Proliferation of attack software -Attack scale and velocity
Attack scale and velocity
Mary wants to send a message to Sam in such a way that only Sam can read it. Which key should be used to encrypt the message? -Sam's private key -Mary's public key -Sam's public key -Mary's private key
Sam's public key
Which of the following terms means a cryptography mechanism that hides secret communications within various forms of data? -Algorithm -Cryptanalysis -Ciphertext -Steganography
Steganography
Which of the following would require that a certificate be placed on the CRL? -The encryption key algorithm is revealed. -The certificate validity period is exceeded. -The private key is compromised. -The signature key size is revealed.
The private key is compromised.
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file? -You are the only one able to open the downloaded file. -No one has read the file contents as it was downloaded. -Your copy is the same as the copy posted on the website. -You can prove the source of the file.
Your copy is the same as the copy posted on the website.
You've used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you've used an external USB flash drive to store the BitLocker startup key. You use EFS to encrypt the C:\Secrets folder and its contents. Which of the following is true in this scenario? (Select two.) -Any user who is able to boot the computer from the encrypted hard disk will be able to open the C:\Secrets\confidential.docx file. -If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, the file will remain in an encrypted state. -The EFS encryption process will fail. -Only the user who encrypted the C:\Secrets\confidential.docx file is able to boot the computer from the encrypted hard disk. -If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, the file will be saved in an unencrypted state. -By default, only the user who encryp
-If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, the file will be saved in an unencrypted state. -By default, only the user who encrypted the C:\Secrets\confidential.docx file will be able to open it.
Which of the following algorithms are used in asymmetric encryption? (Select two.) -Blowfish -Twofish -RSA -Diffie-Hellman -AES
-RSA -Diffie-Hellman
A group of hackers has been monitoring recent orders from a company involving new laptops and Universal Serial Bus (USB) thumb drives. The group infiltrated the shipping company and added malicious USB thumb drives to the order. The target company received the order without any concerns. What vectors made this attack successful? (Select two.) -Social media -Cloud access -Direct access -Removable media -Supply chain
-Removable media -Supply chain
Which of the following are characteristics of a rootkit? (Select two.) -Resides below regular antivirus software detection. -Collects various types of personal information. -Monitors user actions and opens pop-ups based on user preferences. -Uses cookies saved on the hard drive to track user preferences. -Requires administrator-level privileges for installation.
-Resides below regular antivirus software detection. -Requires administrator-level privileges for installation.
You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.) -Enable account lockout. -Disable UAC. -Enable chassis intrusion detection. -Schedule regular full-system scans. -Educate users about malware.
-Schedule regular full-system scans. -Educate users about malware.
You want a security solution that protects the entire hard drive and prevents access even if the drive is moved to another system. Which solution should you choose? -IPsec -VPN -EFS -BitLocker
BitLocker
Which type of malware is software installed alongside a package selected by the user or bundled with a new computer system? -Trojan horse -Bloatware -Logic bomb -Spyware
Bloatware
There are several block cipher modes of operation that can be utilized depending on the application or use. Which of the following block cipher modes of operation uses a nonce combined with a counter that is encrypted? -Cipher Feedback Mode (CFB) -Cipher Block Chaining (CBC) -Counter Mode (CTR) -Electronic Code Book (ECB)
CTR
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security risks is MOST pressing? -Integrity -Confidentiality -Availability -Non-repudiation
Confidentiality
Which of the following are often identified as the three main goals of security? (Select three.) -Integrity -Assets -Confidentiality -Availability -Policies -Employees -Non-repudiation
Confidentiality, Integrity, and Availability (CIA)
A company moved its office supplies to another room and instituted a new security system for entry. The company implemented this after a recent server outage. What category of security control BEST describes the function of this recent implementation? -Operational -Detective -Preventive -Corrective
Corrective
Which of the following functions are performed by a TPM? -Perform bulk encryption -Create a hash of system components -Encrypt network data using IPsec -Provide authentication credentials
Create a hash of system components
Hashing algorithms are used to perform which of the following activities? -Creating a message digest. -Providing a means for exchanging small amounts of data securely over a public network. -Encrypting bulk data for communications exchange. -Providing for non-repudiation.
Creating a message digest.
Which of the following cryptographic attacks uses SSL exploitation as a common implementation of this attack? -Downgrade attack -Dictionary attack -Collision attack -Birthday attack
Downgrade
You are the Chief Information Security Officer (CISO) at a large corporation. Your company is expanding rapidly and the complexity of managing security across different business functions is increasing. You need a dedicated team to monitor and protect critical information assets across the organization. Which of the following would be the MOST effective solution? -Outsourcing security to a third-party vendor -Establishing a Security Operations Center (SOC) -Hiring more IT staff -Implementing a new security policy
Establishing a Security Operations Center (SOC)
You are a cybersecurity analyst at a large corporation. You notice that a particular employee has been receiving emails from an unknown sender who claims to be a new colleague from a different department. The sender has been engaging in friendly conversation, asking about the employee's role, and subtly inquiring about certain company processes. Recently, the sender asked the employee to open an attachment that supposedly contains a funny meme. What phase of the social engineering process does this scenario represent and what should be your immediate action? -Research phase - Inform the employee about the potential threat and advise them to stop communication. -Development phase - Report the incident to the IT department for further investigation. -None of the above - This is a normal interaction and no action is required. -Exploitation phase - Isolate the employee's system and conduct a thorough security scan.
Exploitation phase - Isolate the employee's system and conduct a thorough security scan.
Which virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions? -Fileless malware -Ransomware -Remote Access Trojan (RAT) -Worm
Fileless malware
Which utility would you MOST likely use on OS X to encrypt and decrypt data and messages? -IPsec -VPN -GPG -PGP
GPG
What is the main function of a TPM hardware chip? -Control access to removable media -Perform bulk encryption in a hardware processor -Generate and store cryptographic keys -Provide authentication credentials on a hardware device
Generate and store cryptographic keys
Which of the following is a message authentication code that allows a user to verify that a file or message is legitimate? -HMAC -RIPEMD -MD5 -SHA
HMAC
A cyber technician reduces a computer's attack surface by installing a cryptoprocessor that a plug-in PCIe adaptor card can remove. What type of cryptoprocessor can support this requirement? -HSM -CRL -PKI -TPM
HSM
A prominent multinational corporation has experienced an unexpected spike in unauthorized network traffic aimed at its web servers. Upon investigation, the corporation discovered that the goal of this traffic was to disrupt its online services rather than gain unauthorized access or steal data. The attack started shortly after the corporation made a controversial policy decision that sparked a public backlash. Which type of threat actor is MOST likely responsible? -Insider threat -Hacktivist -Individual hacker -Nation-state
Hacktivist
Which of the following is used to verify that a downloaded file has not been altered? -Symmetric encryption -Private key -Hash -Asymmetric encryption
Hash
Which of the following types of encryption is specifically designed to allow data to be worked on without decrypting it first? -Stream cipher -Homomorphic encryption -Lightweight cryptography -Block cipher
Homomorphic encryption
You want to protect data on hard drives for users with laptops. You want the drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do? -Have each user encrypt the entire volume with EFS. -Have each user encrypt user files with EFS. -Implement BitLocker without a TPM. -Implement BitLocker with a TPM.
Implement BitLocker with a TPM.
The IT manager in your organization proposes taking steps to deflect a potential threat actor. The proposal includes the following: Create and follow onboarding and off-boarding procedures. Employ the principal of least privilege. Have appropriate physical security controls in place. Which type of threat actor do these steps guard against? -Insider -Competitor -Script kiddie -Hacktivist
Insider
The chief security officer (CSO) at a financial organization wants to implement additional detective security controls. Which of the following would BEST represent this type of control? -Performing regular system backups. -Implementation of biometric authentication systems. -Installation of surveillance camera. -Enforcement of access control mechanisms.
Installation of surveillance camera.
Your computer system is a participant in an asymmetric cryptography system. You've created a message to send to another user. Before transmission, you hash the message and encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, which protection does the hashing activity provide? -Confidentiality -Non-repudiation -Integrity -Availability
Integrity
CloudSecure is facing a cybersecurity challenge where some of its critical software applications are no longer supported by vendors, making them vulnerable to potential exploits. The IT team is exploring various strategies to mitigate the risk posed by these unsupported apps. What is the MOST effective approach to enhance the security posture? -Ignoring the vulnerability as it can only be exploited in specific circumstances. -Isolating the unsupported apps from other systems to reduce the attack surface. -Implementing regular patch management to fix the faulty code. -Consolidating all operating systems and applications into one product.
Isolating the unsupported apps from other systems to reduce the attack surface.
What is the primary use of the RACE Integrity Primitives Evaluation Message Digest (RIPEMD)? -It is primarily used in Bitcoin and other cryptocurrencies. -It is primarily used for file compression. -It is primarily used for email encryption. -It is primarily used for creating digital watermarks.
It is primarily used in Bitcoin and other cryptocurrencies.
Which of the following BEST describes spyware? -It monitors user actions that denote personal preferences and then sends pop-ups and ads to the user that match their tastes. -It monitors the actions you take on your machine and sends the information back to its originating source. -It is a malicious program disguised as legitimate software. -It is a program that attempts to damage a computer system and replicate itself to other computer systems.
It monitors the actions you take on your machine and sends the information back to its originating source.
You are concerned that if a private key is lost, all documents encrypted with your private key will be inaccessible. Which service should you use to solve this problem? -RA -Key escrow -OCSP -CSP
Key escrow
Which of the following is no longer valid for security purposes? -AES -DES -MD5 -SHA-1
MD5
Which technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large, complex environments? -Certificate revocation list -Key escrow -Online Certificate Status Protocol -Private key recovery
Online Certificate Status Protocol
An acceptable use policy requires the system to encrypt confidential information while in transit. All employees must use secure email when exchanging proprietary information with external vendors. Which of the following describes this type of acceptable use policy? -Managerial -Preventive -Technical -Operational
Operational
A medium-sized e-commerce company is planning to upgrade their website's security by acquiring a certificate from a certificate authority (CA). The company wants to ensure that the certificate not only validates their domain ownership but also verifies the legitimacy of their organization. They are also looking for a validation process that can be completed within 1 to 3 days. As the IT manager for the company, which level of CA validation would you recommend? -Domain validation -Self-signed certificate -Extended validation -Organization validation
Organization validation
Which of the following BEST describes compensating controls? -Attempts to fix any controls that aren't working properly. -Monitors network activity and informs the security team of a potential security event. -Discourages malicious actors from attempting to breach a network. -Partial control solution that is implemented when a control cannot fully meet a requirement.
Partial control solution that is implemented when a control cannot fully meet a requirement.
An employee receives an email from an unknown sender claiming to be from the IT department. The email states that there is a login issue on the network and that the user needs to run the file to resolve the problem. The executable file prompts the user to input a network password, which the threat actor records. What social engineering technique is the threat actor using in this scenario? -Pharming -Phishing -Vishing -Tailgating
Phishing
After a recent server outage, the company discovered that an employee accidentally unplugged the power cable from the server while grabbing some office supplies from the nearby shelf. What security control did the company lack that led to the server outage? -Operational -Technical -Physical -Managerial
Physical
A multinational corporation recently fell victim to a series of cyberattacks, disrupting services and leading to significant financial losses. After an investigation, the corporation found that these attacks were part of a systematic campaign to undermine the corporation's market position. The highly sophisticated attacks suggest the involvement of a well-resourced entity with specific strategic objectives. Which of the following motivations BEST describes this scenario? -Political -Revenge -Chaotic -Financial
Political
The cybersecurity manager of a large organization is investigating a recent security breach that occurred during office hours. Investigatory research shows that the suspect convinced the janitor to let them inside the building because they had forgotten their badge at home. Once inside, the suspect pulled the fire alarm and accessed the building's network room amongst the chaos. The intruder then attached a monitoring device to a network port before escaping unnoticed. Which of the following is the social engineering technique the threat actor employed in this scenario? -Pharming -Impersonation -Vishing -Pretexting
Pretexting
Above all else, what must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates? -Hash values -Public keys -Cryptographic algorithm -Private keys
Private keys
An attacker is attempting to crack a system's password by matching the password hash to a hash in a large table of hashes he or she has. Which type of attack is the attacker using? -Rainbow -Brute force -Cracking -RIPEMD
Rainbow
Which of the following is a type of malware that prevents the system from being used until the victim pays the attacker money? -Fileless virus -Ransomware -Denial-of-service attack (DoS attack) -Remote Access Trojan (RAT)
Ransomware
In which phase of an attack does the attacker gather information about the target? -Breach the system -Escalating privileges -Reconnaissance -Exploit the system
Reconnaissance
In the process of obtaining a digital certificate, which entity may a certificate authority rely on to perform the validation of the certificate signing request (CSR)? -Certificate revocation list -Registration authority -Root authority -Online Certificate Status Protocol
Registration authority
Which kind of malware provides an attacker with administrative control over a target computer through a backdoor? -Remote Access Trojan (RAT) -Crypto-malware -Trojan horse -Potentially unwanted program (PUP)
Remote Access Trojan (RAT)
You are the head of the cybersecurity team at a large corporation. You notice an increase in network traffic that appears to be legitimate but is causing a slowdown in your systems. Upon further inspection, you find that the traffic patterns vary each time, making it difficult to distinguish from normal traffic. What type of security challenge are you MOST likely facing? -Sophisticated attack -Attack scale and velocity -Proliferation of attack software -Data breach
Sophisticated attack
An SSL client has determined that the certificate authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity? -The CA's public key validates the CA's digital signature on the server certificate. -The master secret is generated from common key code. -The post-master secret must initiate subsequent communication. -The domain on the server certificate must match the CA's domain name.
The CA's public key validates the CA's digital signature on the server certificate.
You have transferred an encrypted file across a network using the Server Message Block (SMB) Protocol. What happens to the file's encryption? -The encryption inherits from the new location. -The file is unencrypted when moved. -The encryption carries over to the new location. -An encrypted file cannot be moved using SMB.
The file is unencrypted when moved.
Which of the following statements accurately describes the root of trust model in a public key infrastructure (PKI)? -In the root of trust model, the root certificate is issued by a third-party CA, not the organization's own CA. -The root of trust model involves multiple root certificates, each issued by a different certificate authority (CA). -The root of trust model involves a root certificate that is issued by a user, not a CA. -The root of trust model defines how users and different CAs can trust one another, with each CA issuing itself a root certificate.
The root of trust model defines how users and different CAs can trust one another, with each CA issuing itself a root certificate.
A representative at a company reports receiving numerous unsolicited phone calls seeking banking information for a credit report. Which social engineering variant is the finance director experiencing? -Vishing -SMiShing -Whaling -Spear phishing
Vishing
What is the term for a phishing attack conducted through a voice channel, such as a phone call? -Phishing -Vishing -SMiShing -Pharming
Vishing
Which of the following is a passive computer attack technique in which an attacker anticipates or observes the websites an organization uses often and infects them with malware? -Social networking -Pretexting -Watering hole -Typosquatting
Watering hole
To prevent malware infection in your network system, you decide that it's critical to prevent malware attacks, such as ransomware and phishing, by restricting access to sites that might be malicious. Which of the following BEST represents this type of prevention technique? -Patching the operating system -Pop-up blocker -Updating your web browser -Web filters
Web filters
An attack that targets senior executives and high-profile victims is referred to as what? -Scrubbing -Whaling -Vishing -Pharming
Whaling
The network administrator for an international e-commerce company that operates multiple online stores must ensure secure communication across various subdomains. To streamline secure sockets layer/transport layer security (SSL/TLS) certificate management and implement a robust public key infrastructure (PKI), the network administrator must identify the most suitable solution for efficiently securing the company's numerous subdomains within the PKI. What is the MOST suitable solution for efficiently securing the multiple subdomains of the company's online stores within the PKI? -Wildcard certificates -Certificate revocation lists (CRLs) -Certificate pinning -Self-signed certificates
Wildcard certificates
You are a cybersecurity manager at a financial institution. Your team is responsible for managing the cryptographic keys used for secure transactions. Recently, there has been an increase in attempted cyber attacks on your institution. Which of the following key management strategies would be MOST effective in maintaining the security of your cryptographic keys under these circumstances? -You decide to set an expiration date for all current keys and inform users that they will need to renew their keys after this date. -You decide to revoke all current keys and generate new ones, informing all users to update their keys immediately. -You decide to centralize key generation and storage, moving all keys to a single server for easier management. -You decide to generate new keys for each transaction, but keep the old keys stored in the system for future reference.
You decide to set an expiration date for all current keys and inform users that they will need to renew their keys after this date.
You are a cybersecurity architect at a tech company that is developing a new mobile payment application. The application will handle sensitive user data including credit card information and personal identification numbers (PINs). Which of the following strategies would best leverage the concept of secure enclaves to protect this sensitive data? -You decide to store all sensitive data in a secure enclave within the application, accessible only through a secure API. -You decide to store all sensitive data in a secure enclave within the application, accessible to all application users. -You decide to store all sensitive data in a secure enclave on the company's main server, accessible only by senior IT staff. -You decide to store all sensitive data in a secure enclave on each user's device, accessible only with the user's unique PIN.
You decide to store all sensitive data in a secure enclave on each user's device, accessible only with the user's unique PIN.
You are a cybersecurity analyst at a large corporation. Your team has been tasked with securing sensitive data within the company's database. One of the strategies you are considering is obfuscation. Which of the following scenarios would be the most appropriate application of obfuscation? -You use obfuscation to hide employee personal data within a database field by substituting character strings with x. -You use obfuscation to hide the source code of the company's proprietary software within a text document. -You use obfuscation to hide the company's financial data within an image file on the company's public website. -You use obfuscation to hide the company's network architecture within a PDF document.
You use obfuscation to hide employee personal data within a database field by substituting character strings with x.
Which of the following encryption mechanisms offers the least security because of weak keys? -IDEA -TwoFish -DES -AES
DES
A private key has been stolen. Which action should you take to deal with this crisis? -Recover the private key from escrow -Place the private key in escrow -Delete the public key -Add the digital certificate to the CRL
Add the digital certificate to the CRL
You are the Chief Information Security Officer (CISO) at a tech company. Your company is facing issues with silos between the development and operations teams, leading to inefficiencies and security vulnerabilities. Which approach should you adopt to encourage collaboration and integrate security considerations at every stage of software development and deployment? -Establishing a Security Operations Center (SOC) -Implementing a new security policy -Adopting a Development and Operations (DevOps) approach -Outsourcing security to a third-party vendor
Adopting a Development and Operations (DevOps) approach
Which of the following is an example of a preventative control type? -Intrusion detection systems -Real-time monitoring alerts -Network monitoring applications -An advanced network appliance
An advanced network appliance
Which of the following should you set up to ensure encrypted files can still be decrypted if the original user account becomes corrupted? -DRA -GPG -PGP -VPN
DRA
Which type of control is used to discourage malicious actors from attempting to breach a network? -Deterrent -Detective -Preventative -Physical
Deterrent
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, an administrative assistant at the law firm, is having lunch at the food court around the corner from her office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a conversation about dogs. Which phase of the social engineering process is Ron in? -Elicitation phase -Exploitation phase -Research phase -Development phase
Development phase
Which of the following security solutions would prevent a user from reading a file that they did not create? EFS VPN IPsec Bitlocker
EFS
You are a security analyst at a large corporation. The corporation is implementing a new system that requires secure logon credential exchange between different departments. The corporation decides to use a cryptographic hashing algorithm for this purpose. Which of the following scenarios best demonstrates the correct use of hashing for secure logon credential exchange? -Each department calculates a hash of their password and sends it to the other departments. The receiving department compares this hash with the hash of the sending department's password they have on file. If the hashes match, the receiving department assumes the sending department has authenticated itself. -Each department shares their passwords with each other, calculates the hash of their own password, and if the hashes match, they assume they have authenticated each other. -Each department calculates a hash of their password and sends the actual p
Each department calculates a hash of their password and sends it to the other departments. The receiving department compares this hash with the hash of the sending department's password they have on file. If the hashes match, the receiving department assumes the sending department has authenticated itself.
You would like to implement BitLocker to encrypt data on a hard disk, even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do? -Save the startup key to the boot partition. -Use a PIN instead of a startup key. -Disable USB devices in the BIOS. -Enable the TPM in the BIOS.
Enable the TPM in the BIOS.
Which type of threat actor is MOST likely to engage in cyber espionage with strategic or political motivations? -Organized crime -Competitors -Hacktivist -Nation-state
Nation-State
What is the process of adding random characters at the beginning or end of a password to generate a completely different hash called? -Deterministic -Avalanche -Salting -Collision
Salting
The IT department at a large corporation noticed an unfamiliar software application running on its network. Upon investigation, they discovered that a team in the marketing department started using a new cloud-based project management tool to improve their workflow efficiency. The team did consult with the IT department before implementing this tool. In the context of cybersecurity threats, what does this situation BEST exemplify? -Insider threat -Careless password management -Shadow IT -Nation-state
Shadow IT
Match the general attack strategy on the left with the appropriate description on the right. (Each attack strategy may be used once, more than once, or not all.) Stealing information. Preparing a computer to perform additional tasks in the attack. Crashing systems. Gathering system hardware information. Penetrating system defenses to gain unauthorized access. Configuring additional rights to do more than breach the system. Escalating privileges Breaching Staging Reconnaissance Exploitation
Stealing information. Exploitation Preparing a computer to perform additional tasks in the attack. Staging Crashing systems. Exploitation Gathering system hardware information. Reconnaissance Penetrating system defenses to gain unauthorized access. Breaching Configuring additional rights to do more than breach the system. Escalating privileges
Combining encryption with steganography involves several steps. From the list on the left, drag a description of a step or result in this process to the correct order on the right. -Anyone intercepting the message would have to know its there before being able to decrypt it. -Encrypt plaintext with a private key to generate ciphertext. -The recipient extracts the ciphertext and decrypts it using the matching public key. -The ciphertext is hidden inside of a media file, such as an image, using steganography.
Step 1 Encrypt plaintext with a private key to generate ciphertext. Step 2 The ciphertext is hidden inside of a media file, such as an image, using steganography. Step 3 The recipient extracts the ciphertext and decrypts it using the matching public key. Step 4 Anyone intercepting the message would have to know its there before being able to decrypt it.
Blockchain is a unique and increasingly popular implementation of cryptography. A blockchain is a decentralized and distributed ledger that records and verifies transactions between two parties. The list on the left describes each step a block goes through as part of the blockchain cryptographic process. From the list on the left, drag a description to its proper step order on the right. -The contents of the transaction move to User2. -The network users verify the transaction is valid. -User1 requests a transaction with User2. -The transaction is represented online as a block. -The block is added to the chain. -The block is distributed to everyone on a peer-to-peer network.
Step 1 User1 requests a transaction with User2. Step 2 The transaction is represented online as a block. Step 3 The block is distributed to everyone on a peer-to-peer network. Step 4 The network users verify the transaction is valid. Step 5 The block is added to the chain. Step 6 The contents of the transaction move to User2.
Which form of cryptography is BEST suited for bulk encryption because it is so fast? -Asymmetric cryptography -Public key cryptography -Hashing cryptography -Symmetric key cryptography
Symmetric key cryptography
A cyber security analyst wants to reduce the attack surface for a computer that contains top secret data. The analyst installs a cryptoprocessor as a module within the central processing unit (CPU) on the designated computer to accomplish this. What type of cryptoprocessor is the analyst installing? -CRLs -TPM -HSM -PKI
TPM
A company finds that employees are accessing streaming websites that are not being monitored for malware or viruses. Which type of control can the network administrator implement to protect the system and keep the employees from viewing unapproved sites? -Detective -Operational -Corrective -Technical
Technical
You are the Chief Information Security Officer (CISO) at a large corporation. You have been tasked with implementing a new security control to protect sensitive customer data. The control must be able to automatically detect and prevent unauthorized access to the data. Which type of control should you implement? -Managerial control -Operational control -Physical control -Technical control
Technical control
What is the primary function of crypto-ransomware? -To spread spam emails from the infected system. -To steal sensitive information from the infected system. -To encrypt files on the infected system and demand a ransom for the decryption key. -To create a backdoor for remote access to the infected system.
To encrypt files on the infected system and demand a ransom for the decryption key.
Which of the following database encryption methods encrypts the entire database and all backups? -Column-level -Transparent Data Encryption (TDE) -Application-level -Bitlocker
Transparent Data Encryption (TDE)
Employees at CloudCom receive a suspicious email claiming to be from "CloudCom Support," informing employees that their passwords need to be reset urgently due to a security breach. The email includes a link to a login page that looks identical to CloudCom's official site. What type of social engineering attack does this scenario exemplify? -Watering hole attack -Typosquatting -SMiShing -Phishing
Typosquatting
The security operations manager of a multinational corporation focuses on enhancing directive operational controls. Which of the following should the manager implement? -Regular vulnerability assessments using automated tools. -User awareness and training programs. -Surveillance cameras installed around the premises. -Firewall to block unauthorized network traffic.
User awareness and training programs.
As a cybersecurity analyst, you are tasked with reducing the supply chain attack surface in your organization. Which of the following areas should you focus on to MOST effectively mitigate this risk? -Internal IT infrastructure -Vendor management -Employee training -Customer data protection
Vendor management
