Security Plus 3
Which switch port security initiative is referred to as port-based network access control (PNAC)?
802.1X
Concatenates files and displays the output to the standard output (usually the shell)
Cat
What technique improves certificate security by only trusting certificates issues by specific certificate authorities, such as Chrome only trusting Google?
Certificate Pinning
Changes the access permissions of files and folders
ChMod
Authenticates the source and integrity of device drivers
Code signing certificate
What tool is commonly used as a better substitute for the Task Manager in Windows systems?
Process Hacker
What type of cryptography derives its power from the fact that qubits can represent numerous possible combinations of 1 and 0 at the same time?
Quantum Cryptography
Which of these IPsec mechanisms are used for origin authentication?
RSA Signatures
What is the final section of an after-action report?
Reccommendations
Trust anchor for digital certificates in the chain of trust
Root certificate
What technique grants full access to an Android device, where every line of code in the Linux-based device becomes editable, with options that are only restricted by coding skills?
Rooting
Signs and encrypts email messages
S/MIME Certificate
What represents the software used to collect and send data to other systems in a power plant?
SCADA
What is a type of hard drive that automatically and continuously encrypts the data on the drive without any user interaction?
SED
What is a collection of contrasting technologies that empowers enterprises to collect data and alerts from various sources?
SOAR
What browser security policy forces the client to get another web page on a site from the same source server?
SOP
What service uses UDP port 1434?
SQL
Which of these mitigating features on a WAF WebACL will look for attackers attempting to modify the back-end database of a front-end web server?
SQL Injection
Signed by the entity it certifies, such as the root CA
Self-signed certificate
What type of account would be a privileged domain account used under the context of a facility to interact with the network operating system?
Service Account
Defines quality and availability commitments between a provider and external consumer
Service level agreement (SLA)
Focuses on specific scenarios and areas using real DRP resources like recovery sites
Simulation
Examination of documented plans, diagrams, and virtual walkthroughs to eliminate gaps/errors
Tabletop
Passes the name of a file and will show you the last ten lines from that file
Tail
What is a well-known write-blocking data preview and imaging tool?
FTK Imager
Which service in AWS is generated by an application elastic load balancer?
Flow logs
Takes messages from various sources then filters and forwards them
Syslog-NG
Which of these are characteristics of block ciphers?
- Must include padding - Messages bigger than key size are broken up into size of key - Uses counter modes - 3DES and AES are common
Which of these are activities of a cyber forensic investigation?
-Analyzing indicators of compromise -Reporting on the findings of the analysis -Examining electronic evidence -Collecting the available evidence
What are valid activities when designing a wireless LAN?
-Antenna strength and placement -Detecting interference -WAP placement -RF channel selection
Which technologies represent valid IoT devices?
-Facility automation -Appliance sensors -Smart meters -Medical systems
Which of these protocols is commonly load balanced?
-HTTP -TCP -UDP -TLS
Which of these are common attributes for labeling and handling data?
-Monetary value -Age -Utility -Personal association
Which of these are common inputs to next-generation SIEM systems?
-Network devices -Appliances -Users -Threat intelligence feeds
Which of these are exploitation frameworks and kits?
-Rig EK - GreenFlash Sundown - Ransomware EKs - GrandSoft EK
What is used to remotely generate, back up, restore and utilize RSA and ECC cryptographic keys on a lightweight HSM?
COPE
Which of these security frameworks is focused on cloud computing security?
CSA
In the change management lifecycle, what step comes directly after the "Submitting" phase?
Approving
What is an open-source electronic prototyping platform that enables users to create interactive electronic objects?
Arduino
Logs command execution on RedHat and SE Linux
Auditd
Which specialty appliance would be used to make SSH2 connections to a backend database or directory service to perform secure dedicated management and administration as opposed to direct connections?
Bastion host
What is a technique to improve an organization's information security management by establishing an original standard starting point?
Benchmark
Declares the contributions, rights, and responsibilities of each business associate
Business partners agreement (BPA)
According to NIST SP 800-34, Revision 1, which of these activities will happen earliest in the incident response life cycle?
Conduct the business impact analysis (BIA)
What technology involves orchestrating the packaging, isolation, and encapsulation of apps and work data into a separate segmented user-space within the device?
Containerization
What is a suite of tools used to identify and report on fraudulent, illegal, or other undesirable behavior concerning data in transit or at rest?
DAM
What service engine is used to prevent the leakage of corporate intellectual property?
DLP
To facilitate signature validation, DNSSEC adds a few new DNS record types. Which record contains the hash of a DNSKEY record?
DS
What 4-phased innovative technology has emerged over the last decade to lower the risks and costs associated with big data, especially in litigation and internal corporate and government investigations?
E-Discovery
Which EAP variant uses a Protected Access Credential (PAC) file?
EAP-FAST
Which of these versions of Diffie-Hellman is commonly used in TLS and uses elliptic-curve public/private key pairs and forward secrecy?
ECDHE
What tools are primarily focused on detecting and investigating suspicious activities and indicators of compromise (IoCs) on workstations, laptops, and mobile devices?
EDR
Which of these IPsec protocols offers additional confidentiality services?
ESP
What type of key is used for only one single key establishment process and is never stored in memory or retained?
Ephemeral Key
What is a network with resources under the control of another organization such as a strategic partner in which your organization also needs access?
Extranet
Cost-prohibitive, real-world drill that ceases all business activities
Full interruption
Searches a regular expression against text in a file, multiple files, or a stream of input
GREP
Prints the top N number of data of the given input
Head
Which of these is a non-regulatory framework?
ITIL
What phase of an incident response plan implements techniques for categorizing and prioritizing the incident based on an established risk register or risk ledger?
Identification
Which type of mobile communication uses either point-to-point or diffuse methods?
Infrared
Which cryptographic service ensures that the original sender cannot deny sending data or engaging in a digital transaction based on the usage of a secret or private key?
Non-repudiation
Documents the security and technical aspects of connections between two organizations
Interconnection security agreement (ISA)
What emerging solution will protect new areas such as sensor networks, healthcare, distributed control systems, and IoT, in which highly constrained devices are interconnected?
Lightweight Cryptography
According to the "order of volatility", which of these is MOST volatile?
Logged data to a remote location
Adds log files to /var/log/syslog from the command line, scripts, or other files
Logger
Offers automatic rotation, compression, disposal, and emailing of log files
Logrotate
Which of these cryptographic hashing algorithms should not be used in a new modern implementation?
MD5
What device is a combination of email, fax, photocopier, printer, and scanner?
MFP
What is a knowledge base composed of assertive attack methods and practices based on real-world interpretations?
MITRE Attack
A typically non-binding declaration of intent of further relationships between two parties
Memorandum of understanding (MOU)
What is used to remotely generate, back up, restore and utilize RSA and ECC cryptographic keys on a lightweight HSM?
MicroSD
What type of agreement identifies confidential information that two parties wish to share with each other but not with external entities?
NDA (Non-disclosure)
Which of these secure protocols would be used for synchronizing clocks on network infrastructure devices?
NTPv3
What tool has been called the "Swiss Army Knife" of tools?
Netcat
Visualizes TCP connections
Netstat
What initiative defines a hierarchy of security management standards to secure data from theft and tampering by unauthorized persons who can access a storage device or host system where the storage device resides?
OPAL
What common cryptographic feature is an aspect of white-box cryptography where keys are protected from extraction when under the control of the penetration tester or attacker?
Obfuscation
Defines responsibilities and support levels between a provider and an internal business unit often through a service desk
Organizational level agreement (OLA)
What is a configuration for Layer 2 isolation from other ports within the same broadcast domain or subnet called?
PVLAN
Real-world drill while still operating business
Parallel
When presenting reports to executive management, what format should be avoided in lieu of other visibility tools?
Pie charts
Group discussion, plan auditing, Delphi, and brainstorming sessions with stakeholders
Plan Review (Read-through)
What is a task automation and configuration management framework created by Microsoft?
Powershell
What is the term for the process of permissively allowing certain traffic and implicitly denying the rest?
Whitelisting
Used with multiple subdomains
Wildcard Certificate
What tool was originally named Ethereal?
Wireshark
What database security technique involves sending sensitive data through an API call to a provider that replaces the data with non-sensitive placeholders?
Tokenization
Shows the Linux processes in real-time
Top
What interface replaced the legacy BIOS on older system boards?
UEFI
How is the public key of the customer's digital certificate signed?
Using the private key of the CA
What is a Wi-Fi Alliance standardized method for simplifying station setup and initial configuration?
WPS
Planned rehearsals and drills performed in stages and by department/building only
Walkthrough (exercise)
