ITC 663 Final

Ace your homework & exams now with Quizwiz!

What is a virtual firewall?

A firewall that runs in the cloud

Which type of access control scheme uses predefined rules that makes it the most flexible scheme?

ABAC

Which of these is a set of permissions that is attached to an object?

ACL

What can be used to provide both filesystem security and database security?

ACLs

Which of the following is NOT part of the AAA framework?

Access

Which firewall rule action implicitly denies all other traffic unless explicitly allowed?

Allow

Which type of monitoring methodology looks for statistical deviations from a baseline?

Anomaly monitoring

Pablo has been asked to look into security keys that have a feature of a key pair that is "burned" into the security key during manufacturing time and is specific to a device model. What feature is this?

Attestation

Which of the following is NOT a cloud computing security issue?

Bandwidth utilization

Which of the following is NOT an MFA using a smartphone?

Biometric gait analysis

Nyla is investigating a security incident in which the smartphone of the CEO was compromised and confidential data was stolen. She suspects that it was an attack that used Bluetooth. Which attack would this be?

Bluesnarfing

Which of these attacks is the last-resort effort in cracking a stolen password digest file?

Brute force

Timur was making a presentation regarding how attackers break passwords. His presentation demonstrated the attack technique that is the slowest yet most thorough attack that is used against passwords. Which of these password attacks did he demonstrate?

Brute force attack

Which of these is the encryption protocol for WPA2?

CCMP

Which of the following is a federal initiative that is designed to encourage organizations to address how critical operations will continue under a broad range of negative circumstances

COOP

Which of the following is the most fragile and should be captured first in a forensics investigation?

CPU cache

What is a platform used to provide telephony, video, and web conferences that can serve as an entry point to a threat actor?

Call manager

Flavio visits a local coffee shop on his way to school and accesses its free Wi-Fi. When he first connects, a screen appears that requires him to agree to an acceptable use policy (AUP) before continuing. What type of AP has he encountered?

Captive portal

Margaux is reviewing the corporate policy that stipulates the processes to be followed for implementing system changes. Which policy is she reviewing?

Change control policy

_____ biometrics is related to the perception, thought processes, and understanding of the user.

Cognitive

Aleksandra, the company HR manager, is completing a requisition form for the IT staff to create a type of cloud that would only be accessible to other HR managers like Aleksandra who are employed at manufacturing plants. The form asks for the type of cloud that is needed. Which type of cloud would best fit Aleksandra's need?

Community cloud

Which of the following is NOT correct about containers?

Containers require a full OS whenever APIs cannot be used

Imani has been asked to purchase wireless LAN controllers (WLCs) for the office. What type of APs must she also purchase that can be managed by a WLC?

Controller AP

What is a disadvantage of biometric readers?

Cost

Raul has been asked to serve as the individual to whom day-to-day actions have been assigned by the owner. What role is Raul taking?

Custodian

Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user?

DNS poisoning attack

Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider?

DNS sinkhole

Which of these is NOT used in scheduling a load balancer?

Data within the application message itself

Nadia has been asked to perform dynamic resource allocation on specific cloud computing resources. What action is Nadia taking?

Deprovisioning resources that are no longer necessary

Ella wants to research an attack framework that incorporates adversary, infrastructure, capability, and victim. Which of the following would she choose?

Diamond Model of Intrusion Analysis

What is the difference between a DoS and a DDoS attack

DoS attacks use fewer computers than DDoS attacks

Minh has been asked to recommend an EAP for a system that uses both passwords and tokens with TLS. Which should she recommend?

EAP-FAST

Which of the following will NOT protect a container?

Eliminate APIs

Zariah is writing an email to an employee about a wireless attack that is designed to capture the wireless transmissions from legitimate users. Which type of attack is Zariah describing?

Evil Twin

Which of the following functions does a network hardware security module NOT perform?

Fingerprint authentication

Alicia is working on a project to deploy automated guided vehicles on the industrial shop floor of the manufacturing plant in which she works. What location of computing would be best for this project?

Fog

Which of the following is NOT used to identify or enforce what mobile devices can do based on the location of the device?

Geo-Spatial

Which one-time password is event driven?

HOTP

Which human characteristic is NOT used for biometric identification?

Height

Which of the following contains honeyfiles and fake telemetry?

High-interaction honeypot

Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect?

Host Table and External DNS server

Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?

Hot site

Which of the following is NOT a means by which a threat actor can perform a wireless denial of service attack?

IEEE 802.iw separate

Mary Alice has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this?

IT Contingency Planning

Which of these is a 24-bit value that changes each time a packet is encrypted and then is combined with a shared secret key?

IV

Which cloud model requires the highest level of IT responsibilities?

IaaS (Infrastructure as a Service)

Thea has received a security alert that someone in London attempted to access the email account of Sigrid, who had accessed it in Los Angeles one hour before. What feature determined an issue and send this alert to Thea?

Impossible Travel

Fatima has just learned that employees have tried to install their own wireless router in the employee lounge. Why is installing this rogue AP a security vulnerability?

It allows an attacker to bypass network security configs

How is the Security Assertion Markup Language (SAML) used?

It allows secure web domains to exchange user authentication and authorization data.

Which of the following is NOT a reason that threat actors use PowerShell for attacks

It can be invoked prior to system boot

Which statement regarding a demilitarized zone (DMZ) is NOT true?

It contains servers that are used only by internal network users.

How does BPDU guard provide protection?

It detects when a BPDU is received from an endpoint.

Which statement about Rule-Based Access Control is true?

It dynamically assigns roles to subjects based on rules

Maryam is explaining the Extensible Authentication Protocol (EAP). What would be the best explanation of EAP?

It is a framework for transporting authentication protocols

Which of the following is NOT true about VBA

It is being phased out and replaced by PowerShell.

Which of the following is NOT true about RAID

It is designed primarily to backup data

Which of the following is NOT correct about L2TP?

It must be used on HTML5 compliant devices.

Which of the following is true about secrets management?

It provides a central repository

How is key stretching effective in resisting password attacks?

It takes more time to generate candidate password digests

Which access control scheme is the most restrictive?

MAC

Which of the following is not a basic configuration management tool?

MAC address schema

Which of these is a vulnerability of MAC address filtering in a WLAN?

MAC addresses are initially exchanged unencrypted

Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this?

MAC flooding attack

Which of the following is the Microsoft version of EAP?

MS-CHAP

The CEO is frustrated by the high costs associated with security at the organization and wants to look at a third party assuming part of their cybersecurity defenses. Nikola has been asked to look into acquiring requests for proposal (RFPs) from different third parties. What are these third-party organizations called?

MSSPs

Which attack intercepts communications between a web browser and the underlying computer?

Man-in-the-browser

Which of these creates a format of the candidate password to significantly reduce the time needed to crack a password?

Mask

Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use?

Masking

What is the average amount of time that it will take a device to recover from a failure that is not terminal failure?

Meant time to recovery (MTTR)

Linnea is researching a type of storage that uses a single storage device to serve files over a network and is relatively inexpensive. What type of storage is Linnea researching?

NAS

Aaliyah has been asked to do research in a new payment system for the retail stores that her company owns. Which technology is predominately used for contactless payment systems that she will investigate?

NFC

Ilya has been asked to recommend a federation system technology that is an open source federation framework that can support the development of authorization protocols. Which of these technologies would he recommend?

OAuth

What device is always running off its battery while the main power runs the battery charger

Online UPS

Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use?

Only use compiled and not interpreted Python code.

Which of these does not require authentication?

Open Method

Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack?

Operational Technology

Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?

PIN method

Olivia has been given a project to manage the development of a new company app. She wants to use a cloud model to facilitate the development and deployment. Which cloud model will she choose?

PaaS (Platform as a Service)

Fernando is explaining to a colleague how a password cracker works. Which of the following is a valid statement about password crackers?

Password crackers differ as to how candidates are created

Which attack uses one or a small number of commonly used passwords to attempt to log in to several different user accounts?

Password spraying attack

Which of the following will a BIA NOT help determine?

Percentage availability of systems

Which of the following should NOT be stored in a secure password database?

Plaintext password

Blaise needs to create a document that is a linear-style checklist of required manual steps and actions needed to successfully respond to a specific type of incident. What does she need to create?

Playbook

Which of the following is a document that outlines specific requirements or rules that must be met?

Policy

Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need?

Policy-based firewall

Which of the following can a UPS NOT perform?

Prevent certain applications from launching that will consume too much power

Which of the following sensors can detect an object that enters the sensor's field?

Proximity

Which commercial data classification level would be applied to a data set of the number of current employees an organization and would only cause a small amount of harm if disclosed?

Public

What is a difference between NFC and RFID

RFID is designed for paper-based tags while NFC is not.

Adabella was asked by her supervisor to adjust the frequency spectrum settings on a new AP. She brought up the configuration page and looked through the different options. Which of the following frequency spectrum settings would she NOT be able to adjust?

RFID spectrum

Zuzana is creating a report for her supervisor about the cost savings associated with cloud computing. Which of the following would she NOT include on her report on the cost savings?

Reduction in broadband costs

Which of these is NOT an incident response process step?

Reporting

A BIA can be a foundation for which of the following

Resumption Assessment plan

Which of the following is NOT an element that should be part of a BCP?

Robustness

Which WPA3 security feature is designed to increase security at the time of the handshake?

SAE

Which of the following virtualizes parts of a physical network?

SDN (Software-Defined Network)

Which of the following provides the highest level of security?

SFTP (Secure File Transfer Protocol)

Which of the following should be performed in advance of an incident?

Segmentation

Which of the following is NOT a feature of a next-generation SWG?

Send alerts to virtual firewalls

What does the term "serverless" mean in cloud computing?

Server resources of the cloud are inconspicuous to the end-user

Cheryl has been asked to set up a user account explicitly to provide a security context for services running on a server. What type of account will she create?

Service account

Which of the following is an authentication credential used to access multiple accounts or applications?

Single sign-on

Which of the following is NOT used for authentication?

Something you can find

Which of these is NOT a factor in determining restoration order?

Speed of implementation

Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose?

Split tunnel

Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this?

Stateful packet filtering

Which of the following is typically a monthly discussion of a scenario conducted in an informal and stress-free environment to evaluate an incident response plan?

Tabletop

Which of the following is a tool for editing packets and then putting packets back onto the network to observe their behavior

Tcpreplay

What is the result of an ARP poisoning attack

The ARP cache is compromised.

What is Bash?

The GNU Bourne Again Shell (bash) is based on the earlier Bourne shell for Unix but extends it in several ways. In Linux, bash is the most common default shell for user accounts.

Which of these is NOT a reason that users create weak passwords?

The length and complexity required force users to circumvent creating strong passwords

What is a definition of RPO

The maximum length of time that can be tolerated between backups

Which of the following is NOT correct about high availability across zones?

They require that specific security appliances be located on-prem so that the local data center can be considered as a qualified Zone

What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time?

Time offset

Which of the following is NOT a problem associated with log management?

Time-stamped log data

Wiktoria is frustrated that her company is using so many different cloud services that span multiple cloud provider accounts and even different cloud providers. She wants to implement a technology to give full control and visibility over all the cloud resources, including network routing and security. What product does Wiktoria need?

Transit gateway

Which of the following is NOT a Microsoft defense against macros?

Trusted domain

Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing?

Two-person integrity/control

Which type of hypervisor runs directly on the computer's hardware?

Type I

Which of these appliances provides the broadest protection by combining several security functions?

UTM

Which of the following is NOT a NAC option when it detects a vulnerable endpoint?

Update Active Directory to indicate the device is vulnerable.

Which of these is NOT created and managed by a microservices API?

User experience (UX)

Why are dictionary attacks successful?

Users often create passwords from dictionary words.

Which of the following is not a firewall rule parameter?

Visibility

Which of the following is NOT a characteristic of cloud computing?

Visible resource pooling

Which of these is NOT a type of wireless AP probe?

WNIC probe

Which technical specification of the Wi-Fi Alliance is the same as ad hoc mode in a Wi-Fi network?

Wi-Fi direct

Which of these is NOT a risk when a home wireless router is not securely configured?

Wireless endpoints must be manually approved to connect to the WLAN

In which of the following configurations are all the load balancers always active?

active-active

Eros wants to change a config file on his Linux computer. He first wants to display the entire file contents. Which tool would he use?

cat

What does an incremental backup do?

copies all files changed since the last full or incremental backup

Which utility sends custom TCP/IP packets?

hping

Which of the following is a Linux utility that displays the contents of system memory?

memdump

Which of the following is a packet sampling protocol that gives a statistical sample instead of the actual flow of packets?

sFlow

Which of the following is a third-party OS penetration testings tool?

sn1per

Which tool is an open source utility for UNIX devices that includes content filtering?

syslog-ng

Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use?

traceroute

Which of the following does NOT describe an area that separates threat actors from defenders?

Containment space

Which device intercepts internal user requests and then processes those requests on behalf of the users?

Forward proxy server

Molly needs to access a setting in Microsoft Windows Group Policy to change the type of a network to which a computer is attached. Which setting must Molly change?

Network Location


Related study sets

CSCE 312 - Midterm Review - Q1-4, P1-3

View Set

Intro to programming Chapter 1-9 Questions Answers

View Set

NU272 PrepU Week 1 (Visual Impairment)

View Set