ITC 663 Final
What is a virtual firewall?
A firewall that runs in the cloud
Which type of access control scheme uses predefined rules that makes it the most flexible scheme?
ABAC
Which of these is a set of permissions that is attached to an object?
ACL
What can be used to provide both filesystem security and database security?
ACLs
Which of the following is NOT part of the AAA framework?
Access
Which firewall rule action implicitly denies all other traffic unless explicitly allowed?
Allow
Which type of monitoring methodology looks for statistical deviations from a baseline?
Anomaly monitoring
Pablo has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this?
Attestation
Which of the following is NOT a cloud computing security issue?
Bandwidth utilization
Which of the following is NOT an MFA using a smartphone?
Biometric gait analysis
Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be?
Bluesnarfing
Which of these attacks is the last-resort effort in cracking a stolen password digest file?
Brute force
Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate?
Brute force attack
Which of these is the encryption protocol for WPA2?
CCMP
Which of the following is a federal initiative that is designed to encourage organizations to address how critical operations will continue under a broad range of negative circumstances
COOP
Which of the following is the most fragile and should be captured first in a forensics investigation?
CPU cache
What is a platform used to provide telephony, video, and web conferences that can serve as an entry point to a threat actor?
Call manager
Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered?
Captive portal
Margaux is reviewing the corporate policy that stipulates the processes to be followed for implementing system changes. Which policy is she reviewing?
Change control policy
_____ biometrics is related to the perception, thought processes, and understanding of the user.
Cognitive
Aleksandra, the company HR manager, is completing a requisition form for the IT staff to create a type of cloud that would only be accessible to other HR managers like Aleksandra who are employed at manufacturing plants. The form asks for the type of cloud that is needed. Which type of cloud would best fit Aleksandra's need?
Community cloud
Which of the following is NOT correct about containers?
Containers require a full OS whenever APIs cannot be used
Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC?
Controller AP
What is a disadvantage of biometric readers?
Cost
Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking?
Custodian
Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user?
DNS poisoning attack
Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider?
DNS sinkhole
Which of these is NOT used in scheduling a load balancer?
Data within the application message itself
Nadia has been asked to perform dynamic resource allocation on specific cloud computing resources. What action is Nadia taking?
Deprovisioning resources that are no longer necessary
Ella wants to research an attack framework that incorporates adversary, infrastructure, capability, and victim. Which of the following would she choose?
Diamond Model of Intrusion Analysis
What is the difference between a DoS and a DDoS attack
DoS attacks use fewer computers than DDoS attacks
Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?
EAP-FAST
Which of the following will NOT protect a container?
Eliminate APIs
Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing?
Evil Twin
Which of the following functions does a network hardware security module NOT perform?
Fingerprint authentication
Alicia is working on a project to deploy automated guided vehicles on the industrial shop floor of the manufacturing plant in which she works. What location of computing would be best for this project?
Fog
Which of the following is NOT used to identify or enforce what mobile devices can do based on the location of the device?
Geo-Spatial
Which one-time password is event driven?
HOTP
Which human characteristic is NOT used for biometric identification?
Height
Which of the following contains honeyfiles and fake telemetry?
High-interaction honeypot
Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect?
Host Table and External DNS server
Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?
Hot site
Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack?
IEEE 802.iw separate
Mary Alice has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this?
IT Contingency Planning
Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key?
IV
Which cloud model requires the highest level of IT responsibilities?
IaaS (Infrastructure as a Service)
Thea has received a security alert that someone in London attempted to access the email account of Sigrid, who had accessed it in Los Angeles one hour before. What feature determined an issue and send this alert to Thea?
Impossible Travel
Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability?
It allows an attacker to bypass network security configs
How is the Security Assertion Markup Language (SAML) used?
It allows secure web domains to exchange user authentication and authorization data.
Which of the following is NOT a reason that threat actors use PowerShell for attacks
It can be invoked prior to system boot
Which statement regarding a demilitarized zone (DMZ) is NOT true?
It contains servers that are used only by internal network users.
How does BPDU guard provide protection?
It detects when a BPDU is received from an endpoint.
Which statement about Rule-Based Access Control is true?
It dynamically assigns roles to subjects based on rules
Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP?
It is a framework for transporting authentication protocols
Which of the following is NOT true about VBA
It is being phased out and replaced by PowerShell.
Which of the following is NOT true about RAID
It is designed primarily to backup data
Which of the following is NOT correct about L2TP?
It must be used on HTML5 compliant devices.
Which of the following is true about secrets management?
It provides a central repository
How is key stretching effective in resisting password attacks?
It takes more time to generate candidate password digests
Which access control scheme is the most restrictive?
MAC
Which of the following is not a basic configuration management tool?
MAC address schema
Which of these is a vulnerability of MAC address filtering in a WLAN?
MAC addresses are initially exchanged unencrypted
Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this?
MAC flooding attack
Which of the following is the Microsoft version of EAP?
MS-CHAP
The CEO is frustrated by the high costs associated with security at the organization and wants to look at a third party assuming part of their cybersecurity defenses. Nikola has been asked to look into acquiring requests for proposal (RFPs) from different third parties. What are these third-party organizations called?
MSSPs
Which attack intercepts communications between a web browser and the underlying computer?
Man-in-the-browser
Which of these creates a format of the candidate password to significantly reduce the time needed to crack a password?
Mask
Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use?
Masking
What is the average amount of time that it will take a device to recover from a failure that is not terminal failure?
Meant time to recovery (MTTR)
Linnea is researching a type of storage that uses a single storage device to serve files over a network and is relatively inexpensive. What type of storage is Linnea researching?
NAS
Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate?
NFC
Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend?
OAuth
What device is always running off its battery while the main power runs the battery charger
Online UPS
Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use?
Only use compiled and not interpreted Python code.
Which of these does not require authentication?
Open Method
Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack?
Operational Technology
Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?
PIN method
Olivia has been given a project to manage the development of a new company app. She wants to use a cloud model to facilitate the development and deployment. Which cloud model will she choose?
PaaS (Platform as a Service)
Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers?
Password crackers differ as to how candidates are created
Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts?
Password spraying attack
Which of the following will a BIA NOT help determine?
Percentage availability of systems
Which of the following should NOT be stored in a secure password database?
Plaintext password
Blaise needs to create a document that is a linear-style checklist of required manual steps and actions needed to successfully respond to a specific type of incident. What does she need to create?
Playbook
Which of the following is a document that outlines specific requirements or rules that must be met?
Policy
Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need?
Policy-based firewall
Which of the following can a UPS NOT perform?
Prevent certain applications from launching that will consume too much power
Which of the following sensors can detect an object that enters the sensor's field?
Proximity
Which commercial data classification level would be applied to a data set of the number of current employees an organization and would only cause a small amount of harm if disclosed?
Public
What is a difference between NFC and RFID
RFID is designed for paper-based tags while NFC is not.
Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust?
RFID spectrum
Zuzana is creating a report for her supervisor about the cost savings associated with cloud computing. Which of the following would she NOT include on her report on the cost savings?
Reduction in broadband costs
Which of these is NOT an incident response process step?
Reporting
A BIA can be a foundation for which of the following
Resumption Assessment plan
Which of the following is NOT an element that should be part of a BCP?
Robustness
Which WPA3 security feature is designed to increase security at the time of the handshake?
SAE
Which of the following virtualizes parts of a physical network?
SDN (Software-Defined Network)
Which of the following provides the highest level of security?
SFTP (Secure File Transfer Protocol)
Which of the following should be performed in advance of an incident?
Segmentation
Which of the following is NOT a feature of a next-generation SWG?
Send alerts to virtual firewalls
What does the term "serverless" mean in cloud computing?
Server resources of the cloud are inconspicuous to the end-user
Cheryl has been asked to set up a user account explicitly to provide a security context for services running on a server. What type of account will she create?
Service account
Which of the following is an authentication credential used to access multiple accounts or applications?
Single sign-on
Which of the following is NOT used for authentication?
Something you can find
Which of these is NOT a factor in determining restoration order?
Speed of implementation
Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose?
Split tunnel
Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this?
Stateful packet filtering
Which of the following is typically a monthly discussion of a scenario conducted in an informal and stress-free environment to evaluate an incident response plan?
Tabletop
Which of the following is a tool for editing packets and then putting packets back onto the network to observe their behavior
Tcpreplay
What is the result of an ARP poisoning attack
The ARP cache is compromised.
What is Bash?
The GNU Bourne Again Shell (bash) is based on the earlier Bourne shell for Unix but extends it in several ways. In Linux, bash is the most common default shell for user accounts.
Which of these is NOT a reason that users create weak passwords?
The length and complexity required force users to circumvent creating strong passwords
What is a definition of RPO
The maximum length of time that can be tolerated between backups
Which of the following is NOT correct about high availability across zones?
They require that specific security appliances be located on-prem so that the local data center can be considered as a qualified Zone
What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time?
Time offset
Which of the following is NOT a problem associated with log management?
Time-stamped log data
Wiktoria is frustrated that her company is using so many different cloud services that span multiple cloud provider accounts and even different cloud providers. She wants to implement a technology to give full control and visibility over all the cloud resources, including network routing and security. What product does Wiktoria need?
Transit gateway
Which of the following is NOT a Microsoft defense against macros?
Trusted domain
Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing?
Two-person integrity/control
Which type of hypervisor runs directly on the computer's hardware?
Type I
Which of these appliances provides the broadest protection by combining several security functions?
UTM
Which of the following is NOT a NAC option when it detects a vulnerable endpoint?
Update Active Directory to indicate the device is vulnerable.
Which of these is NOT created and managed by a microservices API?
User experience (UX)
Why are dictionary attacks successful?
Users often create passwords from dictionary words.
Which of the following is not a firewall rule parameter?
Visibility
Which of the following is NOT a characteristic of cloud computing?
Visible resource pooling
Which of these is NOT a type of wireless AP probe?
WNIC probe
Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network?
Wi-Fi direct
Which of these is NOT a risk when a home wireless router is not securely configured?
Wireless endpoints must be manually approved to connect to the WLAN
In which of the following configurations are all the load balancers always active?
active-active
Eros wants to change a config file on his Linux computer. He first wants to display the entire file contents. Which tool would he use?
cat
What does an incremental backup do?
copies all files changed since the last full or incremental backup
Which utility sends custom TCP/IP packets?
hping
Which of the following is a Linux utility that displays the contents of system memory?
memdump
Which of the following is a packet sampling protocol that gives a statistical sample instead of the actual flow of packets?
sFlow
Which of the following is a third-party OS penetration testings tool?
sn1per
Which tool is an open source utility for UNIX devices that includes content filtering?
syslog-ng
Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use?
traceroute
Which of the following does NOT describe an area that separates threat actors from defenders?
Containment space
Which device intercepts internal user requests and then processes those requests on behalf of the users?
Forward proxy server
Molly needs to access a setting in Microsoft Windows Group Policy to change the type of a network to which a computer is attached. Which setting must Molly change?
Network Location
