compTIA Security+ SY0-601
Which of the following types of attack is an SSL stripping attack?
An on-path attack
You take responsibility for establishing new accounts for your office's network. Which is the most important factor you should notice when performing this task?
Least privilege
Why is improper error handling for web applications that lead to displaying error messages considered a vulnerability that should be repaired?
Many errors provide information and the host system or its configuration
Nancy wants to protect and manage her RSA keys while using a mobile device. What type of solution could she purchase to ensure that the keys are secure so that she can perform public key authentication?
MicroSd HSM
Yasmine wants to implement a cloud-based authorization system. What protocol is she most likely to apply for that purpose?
OAuth
Claire wants to check whether a certificate has been revoked. What protocol is used to validate certificates?
OCSP - Online Certificate Status Protocol
What type of code analysis is manual code review?
Static code review
David works as a security administrator. He is managing to block unauthorized access to the desktop computers within the company's network. He has configured the computers' operating systems to lock after 5 minutes they are not active. Which of the following security controlling types has David performed?
Preventive
When traveling, each salesperson has a cable to lock down their laptop when they step away from the device. Which of the following controls does this perform?
Preventive
Alan's company is considering signing a contract with a cloud service provider. He needs to identify how secure their services are. Which of the following methods he should take to assess it?
Review an existing SOC audit
Jack buys his network devices through a gray market supplier that imports them into his region without an official relationship with the network device manufacturer. What risk should Jack recognize when he assesses his supply chain risk?
-Lack of vendor support -Lack if warranty coverage -Inability to validate the source of the devices
Security orchestration, automation, and response (SOAR) tools have three major components. What are they?
-Security incidence response -Security operations automations -Threat and vulnerability management
What channels do not cause issues with channel overlap or overlap in U.S. installations of 2.4 GHz Wi-Fi networks?
1, 6, and 11
What is not a common part of a cleanup process after a penetration test?
Restoring all rootkits to their original settings on the system
Shara has been asked to deploy 5G cellular inside her organization. What concern should she raise with her management about the effort to implement it?
5G requires high levels of antenna density for full coverage
Your company has employed an outside security firm to act on various tests of your network. During the vulnerability scan, you will provide that company with logins for various systems (i.e., database server, application server, web server, etc.) to aid in their scan. Which of the following best describes this?
A credentialed scan
Eren is working for a credit card company that handles global credit card transactions for businesses. What data privacy role does his company play?
A data processor
Which of the following scenarios is least likely to result in data recovery being possible?
A disk is degaussed
Isaac is designing his cloud datacenter ' s public-facing network and wants to properly implement segmentation to protect his application servers while allowing his web servers to be accessed by customers. What design concept should he apply to implement this type of secure environment?
A DMZ
A browser toolbar is an example of what type of malware?
A PUP
As part of her incident response, Isabelle needs to identify what was said on a Voice over IP (VoIP) call. Which of the following data sources will give him the audio from the call?
A Wireshark capture of traffic from the phone
The college that Gary works for wants to stop students from surfing websites that are not related to school work. Which solution is most suitable to help prevent this?
A content filter
Ellen's company provides telephone support service for their all customer base as an important business function. She has built a plan that will make sure that her company's Voice over IP (VoIP) phones will be restored in the event of a risk. Which of the following types of plans has she built?
A functional recovery plan
Elainy wants to adopt appropriate response and recovery controls for natural disasters. What type of control should she use to prepare for a multi-hour power outage caused by a tornado?
A generator
Megan wants to set up an account that can be issued to visitors. She configures a kiosk application that will allow users in her organization to sponsor the visitor, set the amount of time that the user will be on-site, and then allow them to log into the account, set a password, and use Wi-Fi and other services. What type of account has Megan created?
A guest account
Daryl is informed that one of his staff was warned via a text message that the FBI is aware that they have accessed illegal websites. Which of the following types of issues is this?
A hoax
Which of the following types of teams is used to test security by using tools and techniques that an actual attacker would use?
A red team
What concept is used to indicate a listing of all of a company's risks, containing information about the risk's rating, how it is being handled, remediation status, and who owns or is responsible for the risk?
A risk register
Alex is checking commands run on a Windows 10 system and finds out that the route command was run with the -p flag. What happened?
A route was added that will persist between boots
Elaine wants to back up the contents of network-attached storage (NAS) devices used in a critical department in Scott's company. She is worried about how long it would take to restore the device if a significant failure occurred, and she is less concerned about the ability to recover in a natural disaster. Given these requirements, which of the following types of backup should she use for the NAS?
A second NAS device with a full copy of the primary NAS
Which of the following best describes a TPM?
A secure cryptoprocessor
Michael wants to use IP reputation information to protect his network and knows that third parties provide that information. How can he get this data, and what secure protocol is he most likely to use to retrieve it?
A subscription service, HTTPS
Matthew is patching a Windows system and wants to have the ability to revert to a last known good configuration. What should he set?
A system restore point
Juan wants to show the management in her organization real-time data about attacks from around the world via multiple service providers in a visual way. Which of the following types of threat intelligence tools is usually used for this purpose?
A threat map
Where are privacy notices often found?
A website usage agreement, the terms of an agreement for customers, a click-through license agreement
Henry wants to deploy a web service to his cloud environment for his customers to use. He wants to be able to see what is happening and stop abuse without shutting down the service if customers cause issues. What two things should he implement to allow this?
API keys and logging via an API gateway
What research sources are typically the least timely when sourcing threat intelligence?
Academic journals
Brian wants to limit access to a federated service that uses Single Sign-On based on user attributes and group membership, as well as which federation member the user is logging in from. Which of the following options is best suited to his needs?
Access policies
What is the main difference between active and passive reconnaissance?
Active will actually connect to the network and could be detected; passive doesn't
Kate needs to allow Chrome via the Windows Defender firewall. What type of firewall rule change will she need to permit this?
Add Chrome to the Windows Defender Firewall allowed applications
Daniel has deployed the control infrastructure for his manufacturing plant without a network connection to his other networks. What term describes this type of configuration?
Airgap
Raymon is building a new web service and is considering which parts of the service should use Transport Layer Security (TLS). Components of the application include:1. Authentication2. A payment form3. User data, including address and shopping cart4. A user comments and reviews sectionWhere should he implement TLS?
All points
Which of the following capabilities is not the main part of a SOAR (security orchestration, automation, and response) tool?
Automated malware analysis
Kate has a task with putting radio frequency identification (RFID) tags on all new pieces of equipment that enter her datacenter that costs more than $500. Which of the following organizational policy types is most likely to contain this type of requirement?
An asset management policy
David is running an IDS on his network. Users sometimes report that the IDS flags legitimate traffic as an attack. What describes this?
False-positive
Tom is responsible for VPN connections in his company. His company uses IPSec for VPNs. What is the primary purpose of AH in IPSec?
Authenticate the entire packet
The office that Wood is working for has recently suffered a data breach that exposed customer data. The data breached containing their home addresses, shopping habits, email addresses, and contact information. Wood's organization is an industry leader in its space but has strong competitors as well. Which of the following effects is not likely to happen now when the office has finished their incident response process?
Availability loss
What does Unified Extensible Firmware Interface (UEFI) Secure Boot do?
It validates a signature for each binary loaded during boot
Your company outsourced the development of an accounting application to a local programming firm. After three months of using the product, one of your administrators finds that the developers have inserted a way to log in and bypass all security and authentication. Which of the following best describes this?
Backdoor
The forensic information David is concerned about is stored on a system's hard drive. If he needs to follow the order of volatility, which of the following items should be forensically captured after the hard drive?
Backups
Which of the following is not a popular means of attacking RFID badges? -birthday attacks -data capture -spoofing -DoS
Birthday attacks
Alaina has implemented an HSM. Which of the following capabilities is not a typical HSM feature?
Boot attestation
What happens when a certificate is stapled?
Both the certificate and the OCSP responder is sent together to prevent additional retrievals during certificate path validation
Barbara wants to implement WPA3 Personal. Which of the following features is a major security improvement in WPA3 over WPA2?
Brute-force attack prevention
Rosie needs to capture the pagefile from a Windows system. Where can she find the file for acquisition?
C:\pagefile.sys
Frank is responsible for cybersecurity at a small university. There are many computer labs that are open for students to use. These labs are monitored only by a student worker, who may or may not be very attentive. Frank is worried about the theft of computers. What would be the best way for him to alleviate this risk?
Cable locks
What is the key forensic concept to setup provenance for a forensic artifact?
Chain of custody
Elias is checking practices for his reception desk and wants to make sure that the reception desk's visitor log is accurate. Which of the following processes should he add to the guard's check-in procedure?
Check the visitor's ID against their logbook entry
Luna is working for the U.S. government and she has to classify data. Which of the following is not a common classification type for U.S. government data?
Civilian
Trevor is reviewing the logs for his company's web applications. He finds what he thinks is a breach. After further investigation, it appears as if the attacker executed code from one of the libraries the application uses, code that is no longer even used by the application. Which of the following best describes this attack?
Code reuse attack
When an attacker attempts to find an input value that will produce the same hash as a password, what type of attack is this?
Collision attack
Cynthia wants to reduce the likelihood of successful credential harvesting attacks via her organization's commercial websites. Which of the following is not a popular prevention method targeted at stopping credential harvesting?
Complex usernames
Patrick has implemented an AI-based network traffic analysis tool that requires him to permit the tool to monitor his network for a period of two weeks before being put into full production. Which of the following is the most significant concern that he needs to solve before using the AI's baselining capabilities?
Compromised or otherwise malicious machines could be added to the baseline resulting in tainted training data
Frank wants to verify that no unnecessary ports and services are available on his systems, but he cannot run a vulnerability scanner. What is his best option?
Configuration review
Erik is responsible for his organization's mobile device security. They use modern mobile device management (MDM) tool to manage a BYOD mobile device environment. Eric needs to ensure that the applications and data that his organization provides to users of those mobile devices remain as secure as possible. Which of the following technologies will provide him with the best security?
Containerization
Rose is a new network administrator for a local community bank. She researches the current file server folder structures and permissions. She found that the previous administrator improperly secured customer documents in the folders. Rose assigns appropriate file and folder permissions to ensure that only the authorized staff can access the data. What security role is Rose assuming?
Custodian
Which type of firewall examines the content and context of each packet it encounters?
Stateful packet filtering protocol
What are the key limiting factors for cryptography on low-power devices?
There are system limitations on memory, CPU, and storage
Greg works as a network administrator for a small college. He discovers that several machines on his network are infected with malware. That malware is sending a flood of packets to a target external to the network. Which of the following is the best description for this attack?
DDoS
Teresa is investigating a network breach at her company. She noticed a program that was able to execute code within the address space of another process by using the target process to load a specific library. Which of the following best describes this attack?
DLL injection
Nathalie's company stores and uses sensitive information, including Social Security numbers. After a recent compromise, she has been asked to implement technology that can help prevent this sensitive data from leaving the company's systems and networks. What type of technology should Nadine implement?
DLP - Data Loss Prevention
Gabriel is setting up a new e-commerce server. He is concerned about security issues. Which of the following would be the best location to place an e-commerce server?
DMZ
Rachel's organization uses a CCTV monitoring system in their main office building, which is occupied and in use 24-7. The system uses cameras connected to displays to provide real-time monitoring. What additional feature is the most likely to receive requests to ensure that her organization can effectively use the CCTV system to respond to theft and other issues?
DVR
Which of the following examples best indicates a preventive control? -Smoke detectors -Door alarm -Security camera -Data backups
Data backups
What policy clearly indicates the ownership of information made or used by an organization?
Data governance policy
In the Security+ exam, you need to know 7 impact categories, which of the following is not of them?
Data modification
Caroline is worried about security for her server room. She wants the most secure lock she can find for the server room door. Which of the following would be the optimal choice for her? -deadbolt -padlock -combination lock -key in knob
Deadbolt
Frank uses a powerful magnet to wipe tapes before they are removed from his organization's inventory. What type of secure data destruction technique has he used?
Degaussing
Taylor has configured a backup that will backup all of the changes to a system since the last time that a full backup occurred. What type of backup has she set up?
Differential backup
Edward's corporate data-center is placed in an area that FEMA has determined as being part of a 100-year flood plain. He obtains that his datacenter could be completely flooded and underwater, and he wants to make sure that his organization knows how to handle it if that happens. What type of plan should he write?
Disaster recovery plan
Stefan needs to explain the access control scheme used by both the Windows and Linux filesystems. What access control scheme do they implement by default?
Discretionary access control
What browser feature is used to help prevent successful URL redirection attacks?
Displaying the full real URL
Juanita is responsible for security testing applications in her company. She has found that a web application, under certain conditions, can generate a memory leak. Which of the following types of attack would this leave the application vulnerable to? -Backdoor -DoS -SQL injection -Buffer overflow
DoS
The organization that Greg works in finds that one of their domains is directing traffic to a competitor's website. When Greg checks, the domain information has been changed, including the contact and other administrative details for the domain. If the domain had not expired, what has most likely happened?
Domain hijacking
What is the most popular reason to include a privacy notice on a website?
Due to regulations or laws
Diana has to use an exploitation framework to conduct a realistic penetration test of her organization. Which tool is best suited to that requirement?
Metasploit
Oliviana is building a wireless network and wants to implement an Extensible Authentication Protocol (EAP)-based protocol for authentication. What EAP version should she use if she wants to prioritize reconnection speed and doesn't want to deploy client certificates for authentication?
EAP-FAST
As part of the certificate issuance process from the CA that her company works with, Marie is required to prove that she is a valid representative of her company. The CA goes through additional steps to ensure that she is who she says she is and that her company is legitimate, and not all CAs can issue this type of certificate. What type of certificate has she been issued?
EV Certificate
Valerie's Company is using smartcards that use near-field communication (NFC) rather than needing to be swiped. This is meant to make physical access to secure areas more secure. Which of the following vulnerability might this also create?
Eavesdropping
Bennie has deployed servers and storage to each of the facilities his organization runs to ensure that scientific equipment can send and receive data at the speed that it needs to function. What computational design concept describes this?
Edge computing
Sam is building a cloud system and wants to make sure that it can adapt to changes in its workload by provisioning or deprovisioning resources automatically. His goal is to make sure that the environment is not overprovisioned or under-provisioned and that he is efficiently spending money on his infrastructure. What concept describes this?
Elasticity
Which of the following terms describes using conversational tactics as part of a social engineering exercise to extract information from targets?
Elicitation
Sandra is concerned about attacks against her network's Spanning Tree Protocol (STP). She wants to ensure that a new switch introduced by an attacker cannot change the topology by asserting a lower bridge ID than the current configuration. What should she implement to prevent this?
Enable root guard
Kate is implementing biometrics in her company. Which of the following should be her biggest concern?
FAR - False Acceptance Rate
Juan is a network administrator for an insurance company. His company has a number of traveling salespeople. He is concerned about confidential data on their laptops. What is the best way for him to address this?
FDE
Brian has to obtain an image of a system that contains the operating system. Which of the following tools should he use on a Windows system that can also capture live memory?
FTK Imager
Matt has enabled port security on the network switches in his building. What does port security do?
Filters by MAC address
Chris wants to implement a biometric system for the entrance of his company. Which of the following systems is likely to be most accepted by members of his organization's staff?
Fingerprint
Juanita performs a vulnerability scan of a small business network and noticed that the organization's consumer-grade wireless router has a vulnerability in its web server. What issue should she solve in her discovering?
Firmware patch management
What term describes extending cloud computing to the edge of an enterprise network?
Fog computing
What is the main use of hashing in databases?
For indexing and retrieval
Frank works as a network administrator with a small financial services company. He has received a pop-up window that states his files are now encrypted and he must pay .5 bitcoins to get them decrypted. He attempts to check the files in question, but their extensions have changed, and he cannot open them. Which of the following best describes this situation?
Frank's machine has been infected with ransomware
Fred obtained data that is classified as health information that his company uses as part of their HR data. Which of the following statements is true for his organization's security policy?
Fred should review relevant law to ensure the health information is handled properly
Clover wants to test her company's web application to see if it is handling input validation and data validation properly. Which testing method would be most effective for this?
Fuzzing
Daniel is performing a dynamic code analysis technique that sends a broad range of data as inputs to the application she is testing. The inputs include data that is both within the expected ranges and types for the program and data that is different and, thus, unexpected by the program. What code testing technique is Daniel using?
Fuzzing
Keith wants to identify a subject from camera footage from a train station. What biometric technology is the best answer to this type of identification?
Gait analysis
Mason is responsible for security at a company that has traveling salespeople. The company has been using ABAC for access control to the network. Which of the following is an issue that is specific to ABAC and might cause it to incorrectly reject logins?
Geographic locations
Tracy wants to protect desktop and laptop systems in her organization from network attacks. She wants to deploy a tool that can actively stop attacks based on signatures, heuristics, and anomalies. What type of tool should she deploy?
HIPS - Host-based Intrusion Prevention System
Five is designing the security architecture for his organization's move into an infrastructure as a service cloud environment. In his on-site datacenter, he has deployed a firewall in front of the datacenter network to protect it, and he has built rules that allow necessary services in, as well as outbound traffic for updates and similar needs. He knows that his cloud environment will be different. Which of the following is not a typical concern for cloud firewall designs?
Hardware access for updates
Derek is in charge of his organization's certificate authorities and wants to add a new certificate authority. His organization already has three certificate authorities operating in a mesh: A. South American CA, B. the United States CA, and C, the European Union CA. As they expand into Australia, he wants to add D. the Australian CA. Which CAs will Derek need to issue certificates to from D. to ensure that systems in the Australian domain are able to access servers in A, B, and C's domains?
He needs to issue certificates from D to each of the other CAs systems and then have the other CAs issue D a certificate
Naomi has deployed her organization's cloud-based virtual datacenters to multiple Google datacenter locations around the globe. What does this design provide for her systems?
High availability across multiple zones
Matt sets up a network with intentional vulnerabilities and then instruments it so that he can watch attackers and catch details of their attacks and techniques. What has Matt set up?
Honeynet
In trying to observe hacker techniques, a security administrator configures a nonproduction network to be applied as a target so that she can covertly monitor network attacks. What is this type of network named?
Honeypot
Kathleen wants to implement a zero-trust network design and knows that she should segment the network. She remains worried about east/west traffic inside the network segments. What is the first security tool she should implement to ensure hosts remain secure from network threats?
Host-based firewalls
Lauriel is reviewing the configuration for an email server in her organization and discovers that there is a service running on TCP port 993. What secure email service has she most likely discovered?
IMAPS - Secure IMAP
Charles wants to use IPSec and needs to be able to determine the IPSec policy for traffic based on the port it is being sent to on the remote system. Which IPSec mode should he use?
IPSec transport mode
Sarah has implemented an OpenID-based authentication system that relies on existing Google accounts. What role does Google play in a federated environment like this?
IdP Identity Provider
The breached financial fee is an example of what component of risk calculations?
Impact
Daniel works for a mid-sized financial institution. The company has recently moved some of its data to a cloud solution. Daniel is concerned that the cloud provider may not support the same security policies as the company's internal network. What is the best way to mitigate this concern?
Implement a cloud access security broker
Emily manages the IDS/IPS for her network. She has a network-based intrusion prevention system (NIPS) installed and properly configured. It is not detecting obvious attacks on one specific network segment. She has verified that the NIPS is properly configured and working properly. What would be the most efficient way for her to address this?
Implement port mirroring for that segment
After running a vulnerability scan, Juanita finds that the Windows 10 workstations in her company's warehouse are vulnerable to multiple known Windows exploits. Which of the following should she identify as the main cause in her report to management?
Improper or weak patch management for the operating systems
Unusual outbound network traffic, geographical irregularities, and increases in database read volumes are all examples of what is the main element of threat intelligence?
Indicators of compromise
Selah discovers that a member of her organization's staff has installed a remote access Trojan on their accounting software server and has been accessing it remotely. What type of threat has she discovered?
Insider threat
Alex has been required to categorize the risk of outdated software in his company. Which types of risk categorization should he perform?
Internal
Tim is collecting information about an incident and needs to follow up on a report from an end user. Which of the following digital forensic techniques is commonly used when end users are a key part of the initial incident report?
Interviews
A user calls and asks you to send sensitive documents immediately because a salesperson needs them to close a multimillion-dollar deal and their files are corrupted. What form of social engineering is this?
Intimidation
What primary advantage does an elliptical curve cryptosystem have over an RSA-based cryptosystem?
It can use a smaller key length for the same resistance to being broken
What is not a benefit of a serverless architecture?
It is ideal for complex applications
Users are complaining that they couldn't connect to the wireless network. You find that the WAPs are being subjected to a wireless attack designed to block their Wi-Fi signals. The best label of this attack is?
Jamming
Olivia is discussing with local police about a forensic case and finds out that she needs data from a service provider in another state. What problem is likely to limit their ability to obtain data from the service provider?
Jurisdiction
What does Kerberos use to issue tickets?
Key distribution center
David has provided the BitLocker encryption keys for computers in his department to his organization's security office so that they can decrypt computers in the event of a breach of investigation. What is this concept called?
Key escrow
Cheryl knows that the OpenSSL passwd file protects passwords by using 1,000 rounds of MD5 hashing to help protect password information. What is this technique called?
Key stretching
Amanda is worried about LDAP injection attacks against her directory server. What is not a common technique to prevent LDAP injection attacks?
LDAP query parameterization
Gary wants to implement EAP-based protocols for his wireless authentication and wants to ensure that he uses only versions that support Transport Layer Security (TLS). Which of the following EAP-based protocols does not support TLS?
LEAP
Allan has been asked to explain the security implications for an embedded system that his company is considering building and selling. Which of the following answers is not a typical concern for embedded systems?
Lack of bulk storage
You are the new security administrator. You have discovered that your organization has no deterrent controls. Which of the following options would you update to meet your needs?
Lighting
Charlie is preparing a report on the most common application security issues for cloud applications. Which of the following is not a major concern for cloud applications?
Local machine access leading to compromise
What is the best description of malware that will execute some malicious activity when a particular condition is met (i.e., if the condition is met, then executed)?
Logic bomb
Adam has experienced problems with users plugging in cables between switches on his network, which results in multiple paths to the same destinations being available to systems on the network. When this occurs, the network experiences broadcast storms, causing network outages. What network configuration setting should he enable on his switches to prevent this?
Loop protection
Patrick has been asked to identify a UTM appliance for his organization. Which of the following capabilities is not a common feature for a UTM device?
MDM - Mobile Device Management
You work as a company's server administrator for your organization's private cloud. To supply service to staff, you are introduced to use reliable hard disks in the server to host a virtual environment. Which of the following best indicates the reliability of hard drives? -ALE -MTTR -MTBF -RPO
MTBF - Mean Time Between Failures
When you are concerned about application security, what is the most important issue in memory management?
Make sure you release any memory you allocate
Which of the following is the typical goal intent or goal of hacktivists?
Making a political statement
You work as a security administrator for Acme Corporation. You have found malware on some of your company's machines. This malware seems to intercept calls from the web browser to libraries and then manipulates the browser calls. Which of the following types of attack is this?
Man in the browser
What threat hunting concept involves thinking like a malicious actor to help recognize indicators of compromise that might otherwise be covered ?
Maneuver
Naomi hides the original data in a Social Security number field to make sure that it is not exposed to users of her database. What data security technique does this describe?
Masking
Louis is designing the physical layout for her wireless access point (WAP) placement in her organization. Which of the following items is not a common concern when designing a WAP layout?
Maximizing coverage overlap
Which of the following two techniques are most commonly associated with a pharming attack?
Modifying the host's file on a PC or exploiting a DNS vulnerability on a trusted DNS server
The co-location facility that John signs a contract to host her company's servers is in a floodplain in a hurricane zone. Which of the following types of risk best indicates the risk that John and other customers face?
Multiparty risk
John needs to make sure that the digital evidence he is gathering during his forensic investigation is acceptable. Which of the following is a common request for admissibility of evidence?
Must be relevant
Sim wants to know how much bandwidth was used during a compromise and determine where the traffic was directed to. What technique can he do before the event to show him this detail and allow him to get an effective bandwidth monitoring solution?
NetFlow
Dennis wants to deploy a firewall that can provide URL filtering. Which type of firewall should he deploy?
Next-generation firewall
What statement is expected to be correct for a post-quantum cryptography world?
Nonquantum cryptosystems will no longer be secure
The company that Nina works for has suffered from recent thefts of packages from a low-security delivery area. What type of camera capability can they use to make sure that a recently delivered package is properly monitored?
Object detection
Which of the following types of attack does an attacker's system appear to be the server to the real client and appear to be the client to the real server?
On-path
You have been asked to find an authentication service that is handled by a third party. The service should allow users to access multiple websites, as long as they support the third-party authentication service. What would be your best choice?
OpenID
Derek is making an effort to select an authentication method for his company. He needs one that will work with a broad range of services like those provided by Microsoft and Google so that users can bring their own identities. Which of the following would be his best solution?
OpenID Connect
Which of the following controlling types is the separation of duty? -technical -compensating -operational -physical
Operational
Wi-Fi Protected Setup (WPS) includes four modes for adding devices to a network. Which mode has significant security concerns due to a brute-force exploit?
PIN
Chris has been asked to do a penetration test of a company. He has been given general information but no details about the network. Which of the following types of tests is this?
Partially known environment (grey-box)
You are responsible for incident response at Acme Corporation. You have found that someone has been able to circumvent the Windows authentication process for a specific network application. It emerges that the attacker took the stored hash of the password and sent it directly to the backend authentication service, bypassing the application. Which of the following types of attack is this?
Pass the hash
Mahmoud is conducting a penetration test of a client's network. He is currently gathering information from sources such as archive.org, netcraft.com, social media, and information websites. What is best describes this stage?
Passive reconnaissance
Amanda reviews the authentication logs for her website and sees attempts from many different accounts using the same set of passwords. What is this attack technique named?
Password spraying
A penetration tester calls a staff member for her target organization and introduces herself as a member of the IT support team. She inquires if the staff member has addressed a problem with their system, then proceeds to ask for details about the individual, claiming she needs to verify that she is talking to the right person. Which of the following types of social engineering attack is this?
Pretexting
Frank finds that an attacker has used a vulnerability in a web application that his company runs and has then used that exploit to obtain root privileges on the web server. Which of the following types of attacks has he found?
Privilege escalation
Which is the following purpose of a fusion center serve in cyber intelligence activities?
Promotes information sharing between agencies or organizations
You are an IT security officer. You are configuring data label options for your organization's research and development file server. Typically, users can label documents as contractors, public, or internal. What label should be assigned to an organization's trade secrets?
Proprietary
What term indicates the ownership, custody, and acquisition of digital forensic artifacts and images? -provenance -e-discovery -jurisdiction -volatility
Provenance
Which of the following is not a main factor when considering on-premises versus cloud forensic investigations?
Provenance
Isabel is responsible for security at a mid-sized company. She wants to prevent users on her network from visiting job-hunting sites while at work. Which of the following would be the best device to accomplish this goal? -Proxy server -NAT -A packet filter firewall -NIPS
Proxy server
Which of the following is most suitable to describe the downside of quantitative risk analysis compared to qualitative risk analysis?
Quantitative risk analysis requires detailed financial data
What technique attempts to forecast the probability a threat will happen and assigns monetary values should a loss take place?
Quantitative risk assessment
Rick sets his antimalware solution to move infected files to a safe storage location without removing them from the system. What type of setting has he enabled?
Quarantine
Dan is required to sanitize several drives to make sure that sensitive data is not exposed when systems are removed from service. Which of the following methods should he not use to sanitize hard drives? -quick-formatting the drives -physical destruction -degaussing -zero-wiping the drives
Quick-formatting the drives
Mahmoud wants to implement an AAA service. Which of the following services should he apply?
RADIUS - Remote Authentication Dial-In User Service
Which level of RAID is a "stripe of mirrors"?
RAID 1+0
Chris is investigating a malware incident on one of the computers on his network. He has noticed unknown software that seems to be opening a port, allowing someone to remotely connect to the computer. This software seems to have been installed at the same time as a small shareware application. What is the best description for this malware?
RAT - Remote Access Trojan
What technology is typically used for proximity card readers?
RFID
Susan has noticed that a web application used by her company does not always handle multithreading properly, particularly when multiple threads access the same variable. This could allow an attacker who realized this vulnerability to exploit it and crash the server. What type of issue has Susan found?
Race conditions
Which of the following are the two most common goals of invoice scams?
Receiving money or acquiring credentials
During what phase of a penetration test is information such as employee names, phone numbers, and email addresses gathered?
Reconnaissance
Michael's organization uses self-signed certificates throughout its internal infrastructure. After a compromise, Michelle needs to revoke one of the self-signed certificates. How can she do that?
Remove the certificate from the whitelisted certificates from each machine that trusts it
Teresa is worried about attacks against an application programming interface (API) that her company supplies for its customers. What should she recommend to make sure that the API is only used by customers who have paid for the service?
Require authentication
Daryl wants to ensure that the on-site system integration that a vendor that his company is working with is done in accordance with industry best practices. What is not a common method of ensuring this?
Requiring a SOC report
Teresa implements a network-based IDS. What can she do to traffic that passes through the IDS?
Review the traffic based on rules and detect and alert about unwanted or undesirable traffic
Jean's organization has experienced a breach and they know that the attackers can access the organization's web servers. There is evidence that the private keys for the certificates for the server were exposed and that the passphrases for the certificates were put in the same directory. What Jean should do to deal with this issue?
Revoke the certificates
You are responsible for network security at Acme Company. Users have been complaining that personal data is being stolen when using the wireless network. They all insist they only connect to the corporate wireless access point (AP). However, logs for the AP show that these users have not connected to it. Which of the following would best explain this situation?
Rogue access point
Lucas is looking for an XML-based open standard for exchanging authentication information. Which of the following would best meet his needs?
SAML - Security Assertion Markup Language
What type of system is implemented to control and monitor power plant power generation systems?
SCADA - Supervisory Control and Data Acquisition
Your organization is considering transfer its mail server to a hosting company. This will help decreases hardware and server administrator fees at the local site. What document would formally show the reliability and recourse if the reliability is not met?
SLA
Robert's cloud service vendor claims to supply " five nines of uptime " and Robert's organization wants to take advantage of that service because their website loses thousands of dollars every hour that it is down. What business agreement can Robert take to help make sure that the reliability that the provider advertises is maintained?
SLA - Service Level Agreement
Charles is a CISO for an insurance company. He recently read about an attack where an attacker was able to enumerate all the network devices in an organization. All this was done by sending queries using a single protocol. Which protocol should Charles secure to mitigate this attack?
SNMP - Simple Network Management Protocol
All of your company's traffic flows via a single connection to the Internet. Which of the following terms is most suitable to indicate this scenario?
SPOF - Single Point of Failure
Gabby has been assigned to assess the security of smart meters. What is not a common concern for an embedded system like a smart meter?
SQL injection
Fiona knows that SNMPv3 provides additional security features that previous versions of SNMP did not. Which of the following is NOT a security feature provided by SNMPv3?
SQL injection prevention
Ian needs to connect to a system via an encrypted channel so that he can use a command-line shell. What protocol should he use?
SSH
Viktor is a network administrator for a medium-sized company. He wants to be able to access servers remotely so that he can perform small administrative tasks from remote locations. Which of the following would be the best protocol for him to use? -SNMP -Telnet -RSH -SSH
SSH - Secure Shell
Alana is concerned about the security of her NTP time synchronization service because she knows that protocols like TLS and BGP are susceptible to problems if fake NTP messages were able to cause time mismatches between systems. What tool could she use to quickly protect her NTP traffic between Linux systems?
SSH tunneling
Shurrell is concerned that users on his network have too many passwords to remember and might write down their passwords, therefore creating a significant security risk. Which of the following would be most helpful in mitigating this issue?
SSO Single Sign On
Olivia wants to apply a cloud service for her organization that does not require her to do any coding or system administration, and she wants to do a minimal configuration to perform the tasks that her organization needs to achieve. What type of cloud service is she most likely seeking?
SaaS
Fred discovers that businesses can use any classification labels they need, but there are some popular labels in use. What is not a popular data classification label for businesses in the listed below?
Secret
What term describes a cloud system that stores, manages, and allows auditing of API keys, passwords, and certificates?
Secrets manage
Derek is designing his cloud infrastructure and needs to provide a firewall-like capability for the virtual systems he is running. Which of the following cloud capabilities acts like a virtual firewall? -dynamic resource allocation -instance awareness -security groups -VPC endpoints
Security groups
Jack is following the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). He has finished the preparation and categorization steps. Which is the next step in the risk management framework?
Selecting controls
Lisa is setting up accounts for her company. She wants to set up accounts for the Oracle database server. Which of the following would be the best type of account to assign to the database service?
Service
Postings from Russian agents during the 2016 U.S. presidential campaign to Facebook and Twitter are an example of what type of effort?
Social media influence effort
After checking systems on his network, Chris has found that dozens of them are running copies of a CAD software package that the organization has not paid for. Which of the following risk types should he recognize this as?
Software compliance
Naomi wants to deploy a firewall that will protect her endpoint systems from other systems in the same security zone of her network as part of a zero-trust design. What type of firewall is best suited to this type of deployment?
Software firewalls
Ahmed works as a sales manager with a major insurance company. He has got an email that is encouraging him to click on a link and fill out a survey. He was suspicious of the email, but it did mention a major insurance association, and that made him think it might be legitimate. The best description of this attack is?
Spear phsihing
Susanie has configured a virtual private network (VPN) so that traffic destined for systems on her corporate network is routed over the VPN but traffic sent to other destinations is sent out via the VPN user's local network. What is this configuration called?
Split-tunnel
Megan is preparing to run automated security tests against the code that developers in her organization have done. Which environment is she most likely to operate them in if the next step is to deploy the code to production?
Staging
Lin's organization runs facilities in Illinois, California, and Ohio, but the headquarters is in Illinois. Which state laws does Lin have to check and handle as part of her security program?
State laws in Illinois, California, and Ohio
Carolyn wants to advise her organization's developers on secure coding techniques to avoid data exposure. What is not a common technique used to avoid sensitive data exposure?
Store data in plain text
Henry is responsible for physical security in his company. He wants to look for a good way to protect the USB thumb drives that have BitLocker keys stored on them. Which of the following would be the best answer for this situation?.
Store the drives in a secure cabinet or safe
Clover sends her team a scenario, and then requires them answer questions about how they would respond, what issues they expect to occur, and how they would deal with those issues. What type of exercise has she carried out?
Tabletop exercise
Nick has implemented an intrusion detection system. Which of the following categories and control types could he list for an IDS?
Technical, Detective
After operating Nmap against a system on a network, Patrick sees that TCP port 23 is open and a service is running on it. What problem should he detect?
Telnet is an insecure protocol
Mike's manager has asked him to verify that the certificate chain for their production website is valid. What has she asked Mike to validate?
That users who visit the website can verify that the site and the CAs in the chain are all trustworthy
Dan wants to find a tool to help him analyze malware and attacks and wants to cover the tactics and tools used by adversaries. Which of the following is broadly implemented in technical tools and covers techniques and tactics without asking for a particular order of operations?
The MITRE ATT&CK framework
Megan is preparing a certificate signing request (CSR) and knows that she needs to provide a CN for her web server. What information will she put into the CN field for the CSR?
The fully qualified domain name of the system
Valerie is responding to a full data center outage, and after referencing the documentation for the systems in the datacenter she brings the network back up, then focuses on the storage area network (SAN), followed by the database servers. Why does her organization list systems for her to bring back online in a particular series?
The organization wants to ensure that the systems are secure and have the resources they need by following a restoration order
Sally has found evidence of a compromise that happened about 5 months ago. She wants to carry out an incident investigation but is worried about if the data will exist. What policy indicates how long logs and other data are kept in most organizations?
The organization's retention policy
The type and scope of testing, client contact details, how sensitive data will be handled, and the type and frequency of status meetings and reports are all common elements of which of the following artifacts of a penetration test?
The rules of engagement
Fred adds the value 89EA443CCDA16B89 to every password as a salt. What issue might this cause?
The salt is reused
What is the primary threat model against physical tokens used for multi-factor authentication?
Theft
What is the primary threat model against static codes used for multi-factor authentication?
Theft
Gary has enabled automatic updates for the Windows systems that are used in the small business he works for. What hardening process will still need to be tackled for those systems if he wants a complete patch management system?
Third-party software and firmware patching
Kathleen checks bulletins and advisories to determine what threats her organization is likely to face. Which of the following types of activity is this connected with?
Threat hunting
What is the primary advantage of cloud-native security solutions when compared to third-party solutions deployed to the same cloud environment?
Tighter integration
Tim is building a Faraday cage around his server room. What is the major purpose of a Faraday cage?
To block EMI
Melisa's website provides users who access it via HTTPS with a Transport Layer Security (TLS) connection. Unfortunately, Melissa forgot to renew her certificate, and it is presenting users with an error. What happens to the HTTPS connection when a certificate expires?
Trust will be reduced, but traffic will still be encrypted
Jane is the security administrator for a small company. She is trying to improve security throughout the network. Which of the following steps should she take first?
Turn off unneeded services on all computers
What function does counter mode perform in a cryptographic system?
Turns a block cipher into a stream cipher
Type K fire extinguishers are intended for use on cooking oil fires. This type is a subset of which other type of fire extinguisher?
Type B
Gurvinder is the web security administrator for an online auction website. A small number of users are complaining that when they visit the website it does not appear to be the correct site. Gurvinder checks and she can visit the site without any issues, even from computers outside the network. He also checks the web server log and there is no record of those users ever connecting. The best explanation for this is?
Typosquatting
Scott is a network administrator for MB Company. He has found that someone has registered a domain name that is spelled just one letter different from his company's domain. The website with the misspelled URL is a phishing site. Which of the following is the best description for this attack?
Typosquatting
Alicia is traveling and wants to plug her phone into the charger in her hotel room. What security precaution can she use to ensure that her phone is not attacked by a malicious device built into the charger in her room?
USB data blocker
A penetration tester called a help desk staff member at the company that Charles works at and claimed to be a senior executive who needed her password changed immediately due to an important meeting they needed to conduct that would start in a few minutes. The staff member shifted the executive's password to a password that the penetration tester gave. What social engineering principle did the penetration tester leverage to achieve this attack?
Urgency
A user in your company complains that she got a call from someone claiming to be from the company technical support team. The caller stated that there was a virus spreading through the company and they needed immediate access to the employee's computer to stop it from being infected. What social-engineering principles did the caller used to attempt to trick the employee?
Urgency and authority
Your development team mainly uses Windows, but they need to develop a specific solution that will run on Linux. What is the best answer to get your programmers to access Linux systems for development and testing if you want to use a cloud solution where you could run the final systems in production as well?
Use IaaS
Chris wants to gain admission to a network that is protected by a network access control (NAC) system that recognizes the hardware address of systems. How could he bypass this protection?
Use MAC cloning to clone a legitimate MAC address
Michael wants to secure mail being retrieved via the Post Office Protocol Version 3 (POP3) because she knows that it is unencrypted by default. What is her best option to do this while leaving POP3 running on its default port?
Use TLS via port 110
Theresa is the network administrator for a small organization. The company is fond of a robust and modern network defense strategy but lacks the employees to support it. What would be the best answer for Teresa to use?
Use an MSSP - Managed Security Service Provider
Jim works as an administrator for a healthcare company. He has to support an older, legacy application. He is worried that this legacy application might have vulnerabilities that would affect the rest of the network. What is the most useful method to alleviate this?
Use an application container
Elias wants to secure a real-time operating system (RTOS). What technique is best suited to providing RTOS security?
Use secure firmware
Ahmed is responsible for incident response at a large financial institution. He finds that the company Wi-Fi has been breached. The attacker used the same login credentials that ship with the wireless access point (WAP). The attacker was able to use those credentials to access the WAP administrative console and make changes. Which of the following best describes what caused this vulnerability to exist? -default settings -improperly configured accounts -untrained users -failure to patch systems
Using default settings
Your company is implementing a new security awareness program. You are responsible for educating end users on a variety of threats, including social engineering. What is best defines social engineering?
Using people skills to obtain proprietary information
Gerald is responsible for managing the many virtual machines on his company's networks. Over the past two years, the organization has increased the number of virtual machines significantly. Gerald is no longer able to effectively manage a large number of machines. Which of the following is the term for this situation?
VM sprawl
Which of the following types of testing uses an automated process of proactively identifying vulnerabilities of the computing systems present on a network?
Vulnerability Scanning
Alex is required for vulnerability scan results by an incident responder. He wonders why he needs scan results. Which of the following explanations would you provide to him a clear answer why scan results are needed and are useful?
Vulnerable services will provide clues about what the attackers may have targeted
Which wireless standard uses CCMP to provide encryption for network traffic? -WPA2 -WEP -Infrared -Bluetooth
WPA2
Which Wi-Fi protocol implements simultaneous authentication of equals (SAE) to improve on previous security models?
WPA3
When phishing attacks are so concentrated that they target a specific high-ranking or important individual, they are called what?
Whaling
Peter has found a Windows 2008 web server running in his environment. Which of the following security concerns should he list for this system?
Windows 2008 has reached its end of life and cannot be patched
What is an attack that seeks to attack a website, based on the website's trust of an authenticated user?
XSRF - Cross-Site Request Forgery
Which of the following is the type of attack depends on the attacker entering JavaScript into a text area that is intended for users to enter the text that will be viewed by other users?
XSS - Cross-Site Scripting
What term is used to describe the general concept of " anything as a service " ?
XaaS
Juan wants to describe threat actors using common attributes. Under, what is not a common attribute used to describe threat actors?
Years of experience
John discovers that malware has been installed on one of the systems he is responsible for. Shortly afterward passwords used by the user that the system is assigned to are discovered to be in use by attackers. What type of malicious program should John look for on the compromised system?
a keylogger
Clary needs to conduct queries on all the hosts in a class C network. What tool can meet her requirement and also be used to discover non-contiguous IP blocks in an automated fashion?
dnsenum
Nick needs to know what DNS information can be queried for his company as well as what hostnames and subdomains may exist. Which tool can give him both DNS query information and Google search information about hosts and domains through a single tool?
dnsenum
Ran has found a newly discovered exploit and needs to check her IPS rules to ensure if the sample code will work properly. To use the exploit, she will send a particularly crafted UDP packet to a DHCP server. Which of the following tools can she use to craft and send this test to exploit to check if it is detected?
hping
Jack needs to review the mail servers for example.com . Which of the following tools and commands best suited for him to determine this?
nslookup -query =mx example.com
Catherine needs to view the last 10 lines of a log file and to see how it changes as modifications are applied. Which of the following commands should she run on the Linux system as she is signed in to?
tail -f logfile.log
Harry has a PCAP file that he saved while carrying out an incident response exercise. He needs to identify if his intrusion prevention system (IPS) could discover the attack after configuring new detection rules. What tool is best suited to help him use the PCAP file for his testing?
tcpreplay
Rick needs to implement a flexible and reliable remote logging environment for his Linux systems. What tool is not suitable for that task?
syslog