CompTIA Module 4 Review

Ace your homework & exams now with Quizwiz!

What are the two limitations of private information-sharing centers? a. Government approval and cost b. Access to data and participation c. Bandwidth and CPU d. Timing of reports and remote access

Access to data and participation

What does AIS stand for? a. Automated Indicator Sharing b. Advanced Intrusion System c. Application Integration Services d. Access Identity Security

Automated Indicator Sharing

Oskar has been receiving emails about critical threat intelligence information from a public information-sharing center. His team leader has asked him to look into how the process can be automated so that the information can feed directly into their technology security. What technology will Oskar recommend? a. Bidirectional Security Protocol (BSP) b. Linefeed Access c. Lightwire JSON Control d. Automated Indicator Sharing (AIS)

Automated Indicator Sharing (AIS)

SecDevOps applies automated courses of action to develop code as quickly and securely as possible. Which of the following is NOT an automated course of action? a. Continuous monitoring b. Continuous validation c. Continuous deterrent d. Continuous deployment

Continuous deterrent

Luka has been asked by his supervisor to monitor the dark web for any IOCs concerning their organization. The next week, Luca reports back that he was unable to find anything due to how looking for information on the dark web is different from using the regular web. Which of the following is not different about looking for information on the dark web? a. Dark web merchants open and close their sites without warning. b. It is necessary to use Tor or IP2. c. Dark web search engines are identical to regular search engines. d. The naming structure is different on the dark web.

Dark web search engines are identical to regular search engines.

Which of the following takes advantage of vulnerability in the web application so that a user can move from the root directory to other restricted directories? a. Software Diversity attack b. Zero-Day Exploit c. Directory traversal attack d. Deprovisioning

Directory traversal attack

A typical OS security configuration should include all but one of the following: a. Employing least functionality b. Disabling the Administrator from the ability to login c. Disabling default accounts/passwords d. Disabling unnecessary ports and services

Disabling the Administrator from the ability to login

Which tool is considered more robust than HIDS and HIPS? a. TAXII b. EDR c. STIX d. IOC

EDR

What does EDR stand for? a. Enterprise Data Routing b. Enhanced Data Recovery c. Endpoint Detection and Response d. External Data Repository

Endpoint Detection and Response

Which of the following tries to block a malicious attack by following specific rules? a. HIDS b. HIPS c. EDR d. HTTPS

HIPS

If you are using hidden fields to capture the state information, which type of attack can occur? a. Cross-site scripting b. Injection c. Hijack session d. Cookie tampering

Hijack session

What does IOC stand for? a. Inversion of Control b. Indicator of Control c. Internet of Computers d. Indicator of Compromise

Indicator of Compromise

An IOC occurs when what metric exceeds its normal bounds? a. IRR b. LRG c. EXR d. KRI

KRI

What does KRI stand for? a. Key Root Interrupt b. Key Risk Indicator c. Kernel Rootkit Infiltration d. Knowledge Recovery Index

Key Risk Indicator

Which of the following is NOT a tool that can be used to confine or restrict malware? a. Whitelisting b. Quarantine c. Sandbox d. Legacy boot

Legacy boot

Which boot security mode sends information on the boot process to a remote server? a. Secure Boot b. Measured Boot c. UEFI Native Mode d. Trusted Boot

Measured Boot

What statement is FALSE concerning Antivirus? a. Many AV products use signature-based monitoring, also called static analysis and uses only virus signatures b. Dynamic Analysis is also called heuristic, where many indicators are used to determine a virus c. On average, Antivirus Software is only 85% effective at detecting malware d. Antivirus (AV) software can examine a computer for file-based virus infections and monitor computer activity

On average, Antivirus Software is only 85% effective at detecting malware

Which of the following is a firmware driver used by UEFI? a. Bootloader b. Static ROM c. Option ROMs d. Volatile ROM

Option ROMs

What are the two concerns about using public information-sharing centers? a. Privacy and speed b. Security and privacy c. Regulatory approval and sharing d. Cost and availability

Privacy and speed

Which of the following is NOT an important OS security configuration? a. Restricting patch management b. Disabling default accounts c. Disabling unnecessary services d. Employing least functionality

Restricting patch management

Which is a language and format used to exchange cyberthreat intelligence (collects all the threats)? a. STIX b. IOC c. AIS d. HTTPS

STIX

Which stage conducts a test that will verify the code functions as intended? a. Production stage b. Staging stage c. Development stage d. Testing stage

Staging stage

What does STIX stand for? a. Security Test Implementation and eXecution b. Structured Threat Information Expression c. Systematic Threat Intelligence Exchange d. Secure Transaction Interchange XML

Structured Threat Information Expression

Which of the following is not an improvement of UEFI over BIOS? a. Support of USB 3.0 b. Access larger hard drives c. Stronger boot security d. Networking functionality in UEFI

Support of USB 3.0

Which of the following is an application protocol for exchanging cyberthreat intelligence over HTTPS? a. STIX b. TAXII c. AIP-TAR d. TCP-Over-Secure (ToP)

TAXII

Which privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information? a. PCII b. TLP c. CISA d. FOIA

TLP

Which of the following best describes static code analysis? a. Testing uses a suite of pre-built attacks. b. Tests are run before the source code is compiled. c. Random input is used to trigger exceptions. d. Used after all components are integrated.

Tests are run before the source code is compiled.

Which of the following is NOT a limitation of a threat map? a. Threat actors usually mask their real locations so what is displayed on a threat map is incorrect. b. Many maps claim that they show data in real time, but most are simply a playback of previous attacks. c. Because threat maps show anonymized data it is impossible to know the identity of the attackers or the victims. d. They can be difficult to visualize.

They can be difficult to visualize

What does TLP stand for? a. Threat Level Protection b. Tactical Log Privacy c. Traversal Log Protection d. Traffic Light Protocol

Traffic Light Protocol

Which of the following is NOT an advantage to an automated patch update service? a. Specific types of updates that the organization does not test, such as hotfixes, can be automatically installed whenever they become available. b. Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service. c. Administrators can approve or decline updates for client systems, force updates to install by a specific date, and obtain reports on what updates each computer needs. d. Downloading patches from a local server instead of using the vendor's online update service can save bandwidth and time because each computer does not have to connect to an external server.

Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service.

Which model uses a sequential design process? a. Rigid model b. Secure model c. Agile model d. Waterfall model

Waterfall model

Securing endpoint computers primarily involves three major tasks. Which of the following is NOT one of the three major tasks? a. hardening endpoints for even greater protection b. confirming that the computer has started securely c. protecting the computer from attacks d. provisioning for increased zero-day exploits

provisioning for increased zero-day exploits


Related study sets

Microservices Interview Questions

View Set

CH.7 ENERGY BALANCE & WEIGHT CONTROL

View Set

SW 1: white spaces & 4 box business models

View Set

Physics 10: Velocity, Acceleration, and Newton's Laws

View Set

Chapter 14 Fitness: Physical Activity, Nutrients, and Body Adaptations

View Set