Network Security Quiz 2

Ace your homework & exams now with Quizwiz!

Phases of software development life cycle

The phases of the software development life cycle in order are: Planning , Requirements , Design , Coding , Testing , Training and Transition , and Ongoing Operations and Maintenance .

Kevin would like to utilize a security control that can implement access restrictions across all of the SaaS solutions used by the organization. What control would best meet Kevin's needs?

CASB

Lilo is concerned about vehicles approaching the entrance to a building. What physical security control should Lilo implement.

Bollard

Lilo is conducting a penetration test for a client. The client provided Lilo with limited but important information on the configuration of the systems under test. What type of pentest is Lilo performing?

Gray-box test

Logging into an AWS environment to perform maintenance work is most commonly done through which tool?

SSH

Lyndsey wants to implement a striped drive solution. What RAID level does this describe?

RAID 0

Substitution Cipher

a type of coding or ciphering system that changes one character or symbol into another

Steganography

Art of using cryptographic techniques to embed secret messages within another file

Taylor is designing a pentest platform that needs to be able to expand and contract as needs change. Which of the following terms describes Taylor's goal?

Elasticity

Integrity

Data is not altered

Confidentiality

data remains private

Which of the CVSS metrics would contain information about the difficulty of exploiting the vulnerability?

AC

Taylor performs a backup that captures the changes since the last backup. What type of backup has Taylor performed?

an incremental backup

Which of the following techniques is considered passive reconnaissance?

WHOIS Lookups

Dr. Hwang is the CIS department chair and wishes to send a message to CIS students that does not need to be kept secret but students need to be assured that the message actually came from Dr. Hwang. What key should Dr. Hwang use to sign the message?

Dr Hwang's private key

Kelly installs a backdoor in a database server that was exploited as part of a penetration test which will provide ongoing access to the server in the future. Which term describes this action?

Persistence

Taylor is reviewing authentication frameworks for wireless networks. Which framework is Taylor likely to find most useful for wireless environments?

EAP

Miguel sends backups to a company that keeps them in a secure vault. What type of backup solution has Miguel implemented?

offline

Terry is investigating a security incident where the attacker entered a very long string into an input field, which was followed by a system command. What type of attack likely took place?

Buffer Overflow

The SWIFT club has 80 members and they all need the ability to communicate with one another securely using an asymmetric encryption system. The system allows any two members to communicate without other members eavesdropping. If an 81st member is added to the club, how many new keys must be added to the system?

2

In what cloud security model does the cloud service provider bear the least responsibility for implementing security controls?

IaaS

Sam wants to set an account policy that raises an alert if a user logs in from two different locations in a timeframe that is too short for reasonable travel. What type of account policy should Sam set?

Impossible travel time

Precompiled SQL statements that only require variables to be input are an example of what type of application security control?

Parametized Queries

Morgan is testing software by sending invalid and even random data to the application. What type of code testing is Morgan conducting?

fuzzing

Nonrepudiation

proving sender is original sender

Michael is wanting to implement numerous smaller servers for the data center and then deploy a load balancer to gain scalability. What type of scalability is Michael trying to implement?

Horizontal scalability

The Student Data Center (SDC) on campus ties together local computing capabilities within the SDC with capabilities from multiple public-cloud providers. Which deployment model best describes this environment?

Hybrid Cloud

Jen is engaged in a penetration test and wishes to eavesdrop on communications between a user and a web server. What type of attack would Jen likely use?

Man-in-the-middle

Terry identified a new security vulnerability and computed its CVSS base score as 3.5. Which risk category would this vulnerability fall into?

Low

What type of recovery site has all the infrastructure and data needed to operate the organization?

a hot site

Cipher

a method used to scramble or obfuscate characters to hide their value

Calculate the impact sub-score (ISS) given the following CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.56

Aubrey needs to implement LDAP service. What type of service is Aubrey attempting to enable?

a directory service

Which of the following measures would database administrators consider to be the best defense against data exposure?

data minimization

When making a change to a web application in use by an organization to fix a bug, the work should be completed in the _____________ environment.

production

Sana is deploying the organization's websites in the local AWS availability zone as well as an availability zone across the country. This plan will provide enhanced uptime and scalability, but why did Sana choose an availability zone on the far side of the country?

Geographic dispersal

Mackenzie was offered an on-the-job training opportunity that includes defending the organization's systems from attack as part of a security training exercise. What role is Mackenzie playing in this exercise?

Blue Team

Lilo is configuring a web server to use digital certificates and wishes to allow clients to quickly verify the status of the certificate without contacting a remote server. What technology can Lilo use to accomplish this outcome?

Certificate stapling

What type of cipher operates on one character at a time?

Stream cipher

An individual's name, location, and role in the organization are all examples of what?

attributes

Sam is using full disk encryption technology to protect the contents of laptops against theft. What goal of cybersecurity is Sam attempting to achieve?

confidentiality

Mac needs to utilize application-level virtualization in which multiple servers operate independently while sharing an operating system. What type of resource does Mac need to use?

containers

Which of the following controls will NOT affect scan results?

Audit requirements

What type of attack does an account lockout policy help to prevent?

Brute force

Taylor is seeking the Cloud Reference Architecture which offers a high-level taxonomy for cloud services. What document should Taylor access?

NIST SP thing

Benny needs to create an account for an application (e.g. a VM instance) to access other resources. What type of account should Benny use?

Service account

Sam has detected lateral network traffic that is not compliant with the organization's security policy creating a belief that a cybersecurity compromise has already occurred. Sam decides to search for evidence of the compromise, which type of security assessment technique should Sam utilize?

Threat Hunting

Taylor is conducting a penetration test and deploys a toolkit on a compromised system which is then used to gain access to other systems. What term best describes Taylor's activity?

Lateral movement

Maria wants to use an individuals job requirements as the basis for an access control scheme. Which scheme is best suited to this implementation?

RBAC

Sam wants to implement a RAID array upon which data is striped across drives, with drives used for parity (checksum) of the data. Sam also wants to ensure that the system can handle more than one drive failing at a time. What RAID type should Sam use?

Raid 6

Sam is conducting a penetration test in preparation for an external pentest engagement. Sam attempts a session hijacking attack which will require a __________ to be successful.

Session Cookie

What is an HSM used for?

To generate, manage, and securely store cryptographic keys

Jen is configuring a cloud environment and needs to define network traffic that is allowed into the organization's cloud environment while blocking other network traffic. What resource would a cloud provider typically offer to meet this need?

security groups

Lilo needs to provide access control in enterprise-systems applications such as database, microservice, and API access which requires considerable flexibility. Which access control scheme is Lilo likely to use?

ABAC

Mindy works for an automobile parts manufacturer and has access to a cloud environment that is exclusive to organizations that provide services or parts to a major automobile manufacturer. What model of of cloud computing does this environment represent?

Community Cloud

When CIS students receive an email from Dr. Hwang that has been digitally signed, what key should the students use to verify the digital signature?

Dr Hwang's public key

Kara discovered the web server was being overwhelmed by traffic causing a CPU bottleneck. Using an interface from the cloud provider, Kara added a second web server and a load balancer to balance the load between the two servers. What term best describes Kara's action?

Horizontal scaling

Taylor is saving hash values of data archives so that these same archives in the future can be tested to ensure that the archive has not been changed or modified. What goal of cybersecurity is Taylor attempting to achieve?

Integrity

Authentication

Verifying the claimed identity of system users

Kim creates open-source software tools and wants to assure users that the code they received is authentic code provided by the author. What technique can Kim use to provide this assurance?

Code signing

Sam is responsible for the deployment of IoT gateway devices located in close proximity to sensors that are collecting data. The gateway performs preprocessing of the data before sending results to the cloud. What term best describes this approach?

fog computing

During a periodic review of security controls, Maria discovered that individuals who breach the network security perimeter would be able to then attack IoT systems that operate manufacturing. Manufacturing is a closed system and does not require internet connectivity. What type of solution is best suited for this?

Air gap

Bob would like to send Alice a secure message using an asymmetric encryption algorithm. What key should Bob use to encrypt the message?

Alice's public key


Related study sets

chapter 19: blood (mastering A&P; practice)

View Set

Construction Materials Chapter 4 - TEST 1

View Set

Perspectives and Theories of Psychology - Multiple Choice Questions

View Set

Postoperative Nursing Management

View Set

Chapter 10: Promoting a Healthy Pregnancy

View Set