Security+ Post Assessment, Network Security Final Exam Review 2602, Implementing Operating System Security CIST 2602 Final Review, Network Security 2602 Final Review

Ace your homework & exams now with Quizwiz!

What is not a main feature of the Cisco Email Security Appliance?

Inbound Message Control

What security goal do the following common controls address: hashing, digital signatures, certificates, nonrepudiation tools?

Integrity and Non-repudiation.

What type of management system can help distribute and manage public and corporate apps?

Mobile Device Management

What is a series of commands that determines whether a device forwards or drops packets based on information found in the packet header?

Packet forwarding tool (FPL)

Bluetooth is an example of what type of technology?

Personal Area Network (PAN)

Which of the following social engineering attacks continues to be a primary weapon used by threat actors?

Phishing

Most enterprise networks must be up and running at all times. The term used to measure network down minutes per year is known as ?

Preferred uptime

PC1 and PC3 are on different networks separated by a router, RT1. PC1 issues an ARP request because it needs to send a packet to PC3. In this scenario, what will happen next?

RT1 will send an ARP reply with its own MAC address

An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point?

Rogue

What is not a job role in the Security Operations Center (SOC)?

SOC Director

Which of the following threat actors is considered to be the least skilled?

Script Kiddie

What is the name for a cumulative package of all patches and hot-fixes as well as additional features up to a given point?

Service Pack

Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer

Smurf Attack

Name the method for classifying the various instances of malware by using the primary trait that the malware possesses?

Source

Which type of phishing attack targets specific users?

Spear Phishing

Name the type of phishing attack that targets specific users.

Spear phishing

Which major types of access involving system resources are controlled by ACLs?

System Access, User Access, Application Access

Which application protocol is used to exchange cyber threat intelligence over HTTP?

TAXII

Syslog logging service does not provide which of the following?

The ability to specify the source of captured syslog messages

Which of the below is not an example of Personally Identifiable Information (PII):

The name of your high school

Which of the following SOC functions is considered to be a role of a Tier 3 analyst?

Threat Hunting

Know the definition of virtualization:

To create a virtual version of something (like a virtual machine).

Why would you use a cable lock?

To protect computers and other devices from theft.

TFTP is a simplified file transfer protocol that uses the port:

UDP 69

The term VPN stands for ?

Virtual Private Network (VPN)

Which is NOT a basic characteristic of IP?

Wired and connectionless

Which of the following can be used to enforce strong credential policies for an organization?

a. Acceptable Use Policy

Which of the following can be used to enhance privacy data protection?

a. Data anonymization

Which of the following is a valid biometric authentication method?

a. Gait recognition

What is virtual desktop infrastructure?

a. It is the process of running a user desktop inside a VM residing on a server.

What is data masking?

b. Creating the copy of data by obfuscating sensitive elements

Rob made a physical security review report of his organization in which he proposed replacing physical locks with electronic ones. Which of the following is the best justification for Rob to include in his report?

b. Electronic locks keep track of the accessing time and user identity.

Which of the following is a snooping malware?

b. Keylogger

Which of the following is the Windows network analysis tool that checks the connection to each hop between source and destination?

b. Pathping

Jennifer created an e-learning web application where a login form has to be filled by the user entering the application. Jennifer created an 8-byte buffer for the user name file while developing the application. One day, the application halted with denial of service. An attack on the web application due to the incorrect entry of input values in the login screen was then discovered. What caused the denial of service issue?

b. This is due to a buffer overflow attack.

The company that developed the office productivity software used on both static and mobile devices by your organization has audited some code and noticed a potential security issue. To address the issue, they have released and automatically scheduled an update to ensure that all users receive it. Which of the following might still be vulnerable after the patch?

c. Firmware

Which of the following accounts is the least vulnerable to cyberattacks?

c. Personal account

What is NOT a firewall feature?

d. Deceiving attackers

Know the definition of a hub.

A network device that sends information passing through it to any other connected device.

Know the definition of a smurf attack.

A type of denial of service attack where a system is flooded with spoofed ping messages.

Which algorithm can ensure data confidentiality?

AES

What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks?

ARP Poisoning

Which of the following statements is false?

All of the above statements are true

Name the two most common asymmetric cryptographic algorithms.

DH, RSA

Which technique added to cryptographic algorithms can change a single character of plaintext into multiple characters of ciphertext?

Diffusion

Know that ELLIPTIC CURVE cryptography and DIGITAL SIGNATURE ALGORITHMS are common asymmetric cryptographic algorithms

Elliptic Curve Digital Signature Algorithm

What type of threat is a threat related to the natural surroundings of an enterprise?

Environmental Threat

What type of threat is a threat related to the natural surroundings of an enterprise?

Environmental threat

Which technology should not be included in a SOC information and event management system?

Event log management

At what stage can a certificate no longer be used for any type of authentication?

Expiration

Know that FTP is an unsecured protocol

FTP ports 20/21

T/F - One of the functions of a digital signature is to protect the public key

False

TCP also provides for ___, which is the amount of data that the destination can receive and process reliably.

Flow Control

In a hierarchical CA topology, where can a subordinate CA obtain a certificate for itself?

From the root CA or another subordinate CA at a higher level

What uses location services on mobile devices?

GPS and other location-based apps like Uber.

Know the definition of GEO location

Geolocation

To add authentication to integrity assurance, ___ is used.

HMAC

An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as?

Hub

What is the main weakness associated with the use of passwords?

Human Memory

What is the weakness associated with the use of passwords?

Human memory

After a security incident is verified in a SOC, an incident responder reviews the incident but cannot identify the source of the incident and form an effective mitigation procedure. To whom should the incident tickets be escalated?

A subject matter expert for further investigation

A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?

A type of ransomware

Know the definition of a vulnerability scan.

A vulnerability scan detects and classifies system weaknesses in computers and networks.

What item defines the actions a user may perform while accessing systems and networking equipment?

Acceptable Use Policies

Know the definition of an AUP.

Acceptable Use Policy - A list of rules you must follow in order to use a website or Internet service.

What is the entry in an ACL called?

An access control entry (ACE)

When Bob needs to send Alice a message with a digital signature, whose private key is used to encrypt the hash?

Bob's private key

When bob needs to send Alice a message with a digital signature, whose private key is used to encrypt the hash?

Bob's private key

Which type of attack does the use of HMACs protect against?

Brute Force

How can the security information and event management system in a SOC be used to help personnel to fight against security threats?

By collecting and filtering data

Know the definition of an asset.

It's any item that has a positive economic value.

Know Stateful packet filtering and stateless packet filtering:

Stateful packing filtering inspects packets and blocks/allows them based on the source/destination IP or other factors; stateless filtering does not do this (Access Control Lists).

Which layer of the OSI model contains the TCP protocol, which is used for establishing connections and reliable data transport between devices?

Transport Layer

Quinton has been asked to analyze the TTPs of an attack that recently occurred and prepare an SOP to hunt for future treats. When researching the recent attack, Quinton discovered that after penetrating the system, the threat actor moved through the network using elevated credentials. Which technique was the threat actor using to move through the network?

b. Lateral movement

Which agreement specifies how confidential material will be shared between certain parties but restricted to others?

c. Nondisclosure agreement

Which protocol can send cryptographic confirmation that an endpoint is who it claims to be so that ARP poisoning is hindered?

c. SEND

Which of the following protocols can protect network equipment from unauthorized access?

c. SNMP

Which of the following is NOT a characteristic of a trusted platform module (TPM)?

d. TPM includes a pseudorandom number generator.

Which organization is an international nonprofit organization that offers the CISSP certification?

(ISC)2

In both Windows and Linux, what port (number) must be open to provide for Internet (HTTP) access?

80

Which IPV4 address class is designed to support the largest number of host addresses?

A

What is a Certificate practice statement (CPS)?

A document from a certificate authority or a member of a web of trust which describes their practice for issuing and managing public key certificates.

Know the definition of a security policy.

A document that states in writing how a company plans to protect the company's physical and IT assets.

Know the definition of nounce.

An arbitrary number that can be used just once in a cryptographic communication.

Know each OSI layer and what it is responsible for (Not the TCP/IP OSI layer)

Application: Network applications. Presentation: Encoding, formatting, and encryption. Session: Establishes and maintains sessions. Transport: End to end delivery. Network: Transmission of data from one host to another (and routing). Data Link: Node to node delivery of the message. Physical: Physical connections between devices.

What type of cryptography uses the two keys instead of just one, generating both a private and public key?

Asymmetric

Name the type of cryptography which uses two keys instead of just one, generating both a private and a public key?

Asymmetric cryptography

When you bring your own phone to work, it is called?

BYOD

Which enterprise deployment model allows users to use their personal mobile devices for business purposes?

BYOD

What term is used to describe an attack that sends unsolicited messages to Bluetooth enabled devices?

Bluejacking

A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as

Bluesnarfing

Most portable devices, and some computer monitors have a special steel bracket security slot built into the case. What is this device called?

Cable Lock

A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?

Certificate Practice Statement (CPS)

What is the purpose of the cd\ command?

Changes directory to the root directory

When setting up an IPV4 address on a computer, which setting identifies the device used to reach remote networks

Default Gateway

Know that Google Glass is known as Wearable Technology.

Google Glass

What name is given to hackers who hack for a political or social cause?

Hacktivist

Know the definition of confidentiality, integrity, and availability.

Integrity

What type of attack intercepts communication between parties to steal or manipulate the data?

Man-in-the-Middle attack

Which of the following is an input value that must be unique within some specified scope, such as for a given period or an entire session?

Nonce

Which protocol is used to manage network equipment and is supported by most network equipment manufacturers?

SNMP

Know the term used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so.

Script Kiddies

Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so?

Script Kiddies

What is not considered to be one of the three categories of network components?

Services

Know the definition of antivirus.

Software designed to detect and remove computer malware.

Know the definition of an asset.

Something with value to an organization.

Which of the following data types have the highest level of data sensitivity?

a. Confidential

Which of the following refers to the method by which an iOS user can access root privileges on the device?

a. Jailbreaking

In an interview, you are provided the following statements regarding virtualization security. Which statement should you identify as correct?

b. A software-defined network virtualizes parts of the physical network to be more quickly and easily reconfigured.

In a device driver manipulation attack, which of the following changes a device driver's existing code design?

b. Refactoring

Rachel has taken over as a systems administrator of Creative Network, which has a network of 300 computers in two different domains. Rachel has been instructed by the CEO to ensure all employees have access to a certain set of folders on the server. The individual workstations may have the personal data of employees in a particular folder. She was informed that there have been previous instances where employees misused the machines.

c. Rachel should set the least functionality for both servers and user desktops.

Which of the following can be a log data source for investigating a security breach?

c. metadata

Know what a mail gateway is.

A machine that handles connections between networks that run different communications protocols or communications between different networks that use the same protocol.

A digital certificate is equivalent to a(n)

An electronic passport

In order to work in an SOC, it is good to study and earn various cybersecurity certifications. In addition to certifications, which of the skills shown below would be particularly useful in a SOC career?

Computer programming

What is the database in which Windows stores all information about hardware, applications, users and system settings?

In the registry

A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology?

Stateful Packet Filtering

Which of the following encrypts one character at a time?

Stream

What is Bluejacking?

The sending of unsolicited messages (spam) over Bluetooth to Bluetooth-enabled devices.

Know the definition of Bluesnarfing.

The unauthorized access of information from a wireless device through a Bluetooth connection.

When two individuals trust each other because of the trust that exists between the individuals and a separate entity, what type of trust has been established?

Third-Party

Which type of vulnerability scan mimics the work of a threat actor who has already exploited a vulnerability and compromised credentials to access the network?

b. Credentialed scan

Which of the following are country-specific requirements that apply to data?

b. Data sovereignty

Which attack creates false deauthentication management frames that appear to come from another client device, which causes the client to disconnect from AP?

b. Disassociation

Which application intercepts user requests from the secure internal network and then processes them on behalf of the user?

b. Forward proxy

Which part of the NIST Cybersecurity frameworks defines the activities needed to attain the different cybersecurity results?

b. Framework core

Which of the following systems combines the functions of a printer, copier, scanner, fax machine, and special-purpose computer with a CPU?

b. MFP

In WPA3, what is designed to increase security at the handshake, when keys are being exchanged, even if the password is small or weak?

b. SAE

Which of the following only encrypts the IP packet data and leaves the header unencrypted?

b. Transport mode

Identifying the attack, containing its spread, recovering, and improving the defenses can be done by which of the following?

c. Preparing incident response plans

Which of the following is a VPN protocol?

c. SSTP

Ricky entered a restricted lab by scanning his finger on the fingerprint scanner outside the door. Which type of authentication credential allowed Ricky to enter the lab?

c. Something you are.

Which of the following best describes artifacts?

c. Technology devices that may contain evidence

You are working in a data center when you suddenly notice a fire in the server room. Which of the following measures should you take first to suppress the fire?

d. Use the stationary fire suppression system

You are the security administrator for an enterprise that follows the bring your own device (BYOD) deployment model. What is the first action that you should take to protect sensitive enterprise data from exposure if an employee device is stolen and can't be located?

d. You should perform a remote wipe.

There are many websites and mobile applications that advertise for jobs in the technology field. Which of the below is not considered one of these sites?

glassdoor.com

In a Windows DOS shell the "dir" command is used to display the contents of the current directory. In Linux what is the equivalent command?

ls

Know the definition of ARP poisoning.

An attack where an attacker changes the Media Access Control (MAC) address and attacks an Ethernet LAN by changing the target computer's ARP cache with a forged ARP request and reply packets. The target computer then unintentionally sends the frames to the hacker's computer first instead of sending it to the original destination.

What specific software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus?

Antivirus

Name the method four methods for classifying the various instances of malware by using the primary trait that the malware possesses?

Circulation, Infection, Concealment, and Payload Capabilities

Which technology is a means of managing and presenting computer resources by function without regard to their physical layout or location?

Cloud Computing

Name the three protections. Which of the three protections ensures that only authorized parties can view information?

Confidentiality, Integrity, Availability. Confidentiality ensures that only authorized parties can view information.

A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?

Create a DMZ, add necessary hosts

Name the major types of access involving system resources that are controlled by ACLs.

Discretionary, mandatory, role-based

When assessing risks, you found that a customer database in your enterprise has a higher risk calculation than a product database and allocated more resources to protect the customer database. Which risk assessment was used here?

c. Quantitative risk assessment

Which of the following is an attack that affects data availability?

d. DDoS attack

You want to install a non-biometric authentication method to reduce overall costs. Which of the following is the best fit?

d. Security keys

ABC Automobiles is a large manufacturing company based in Munich, Germany. To ensure productivity, all departments like Finance, Purchase, Sales, R&D, Management, etc., are using computers, and for security, each department is placed in different physical and logical networks while interconnected. Johnson, the Vice President of IT, has requested your service in identifying a problem. Details provided by Johnson and your initial probe include the following: The problem started a few weeks ago in the sales department. Videos of six employees working on the computer are shared outside the organization without the users switching on the cameras or the webcam. Their personal phone numbers and email IDs are also found compromised from these devices. At specific times during the day, these computers exhibited substantial amounts of network traffic. Johnson removed these compromised machines from the network immediately to avoid vulnerabilities spreading in the network. He monitored these machines for any unusual behavior for 40 continuous hours. He could not find anything unusual, except that employees who were using these machines were receiving spam messages on their phones. He also scanned these computers using antivirus software but could not find any viruses. He connected these machines back to the network after these checks, but the computers showed the same behaviors. While the infected machines were off the network, a few other machines started showing similar issues, including sudden network traffic during certain times. During the next three days, the Finance and Purchase departments reported similar complaints on their devices. Johnson was contacted yesterday by the IT admin of Silicon Graphics, saying that their web server crashed. A large number of requests coming from various computers at ABC caused the crash. Silicon Graphics's claims were correct; ABC's computers were sending large amounts of HTTP data packets during the specified time. What is your inference based on the discussion with Johnson?

d. This is most probably a bot attack.

In Linux the term CLI referst to the?

Command Line Interface

Which of the following performs a real-time lookup of a certificate status?

b. Online certificate status protocol (OCSP)

John is appointed as a vulnerability assessment engineer in a financial organization. An audit report published by a third-party auditing firm revealed that most of the web servers have cross-site scripting and XML entity injection vulnerabilities. John has been told to perform a vulnerability assessment on these servers to verify if the audit report is valid. He is also told that he should not attempt to engage or exploit any vulnerabilities. By applying his knowledge of vulnerability assessment concepts, which type of vulnerability scanning should John use?

d. Credentialed

Know the definition of Access Control Entry.

It's is an entry in an ACL (ACE).

Know the definition of a security policy.

Security policy, which is A written document that states how an organization plans to protect the company's information technology assets.

What is a malicious computer code that reproduces itself on the same computer?

Virus

Bob is sending a message to John. Which algorithm should John use to ensure that Bob is the actual sender of the message and not anyone else?

b. Digital signature algorithm

You have been instructed to set up a system in a conference room where only trusted employees can access both the secure internal corporate network and the internet, and public users are restricted from accessing the internet from the same network. Which protocol or standard should you use?

b. IEEE 802.1x

Which devices are used as a contactless alternative to cash or a credit card payment system?

b. NFC

Which policy restricts the introduction of malicious programs into an enterprise network or server?

b. Onboarding and offboarding

You want to use different passwords for different accounts by remembering just one password. Which of the following tools fits your need?

b. Password vault

Which of the following classifications of data is least important?

b. Proprietary

Accounting is an important security concept in an enterprise environment. Which of the following best describes accounting in this context?

c. Accounting refers to recording actions of a user on enterprise resources.

Which of the following is the safest authentication method?

c. Authentication using security keys

An enterprise's annual financial statement reported an overall profit when there was actually a loss. Which of the following risks has occurred?

c. Control risk

Which layer of the OSI model is targeted by the threat actors for layer 2 attack?

c. Data link layer

Which of the following provides multiple forensic tools in a single interface?

c. FTK imager

Which of the following is a physical security measure?

c. Industrial camouflage

A zero-day vulnerability has been found in an e-commerce website used to purchase electronics. Neither the website owner nor the general public knows about the vulnerability; it was discovered by a computer security specialist making a purchase. What should the specialist do?

c. Privately share their findings regarding the zero-day vulnerability with the e-commerce company.

Which of the following best describes attacks due to application vulnerabilities that trick the vulnerable application(s) into producing more executable files in the system?

c. Process spawning control

Which objective of secure communications is achieved by encrypting data?

Confidentiality

Which of the three protections ensures that only authorized parties can view information?

Confidentiality

The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done?

Create a VLAN (Virtual Local Area Network)

The management in your corporate office want to group users on the network together logically even though they are attached to separate network switches.- Know the definition of VLAN.

Create a VLAN and add the users' computers/ports to the correct VLAN

When an attack is designed to prevent authorized users from accessing a system, it is called what kind of attack?

Denial of Service

Which cryptography method provides cryptographic solutions uniquely customized to low-power devices that need to manage resources instead of security constraints?

c. Lightweight cryptography

An attack where the threat actor changes the value of the variable outside of the programmer's intended range is known as _____________.

d. Integer overflow

What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks?

Easter Egg

What is SNMP?

Simple Network Management Protocol

The term SNMP is

Simple Network Management Protocol (SNMP)

Typically, certain employees of an organization get texts that update them on various IT activities. If there is a support ticket or downtime, they will receive texts to let them know about the activity. They have started to receive some messages via text instructing them to call the IT help desk at the provided number. When they call the help desk number, a recording asks them for their employee ID. Assuming that the IT department did not send those texts, which of the following social engineering attacks is this?

Smishing

What is geolocation?

The process of finding, determining, and providing the exact physical location of a computer or other device.

Know the definition of third-party trust.

Third-party trust refers to a situation in which two individuals implicitly trust each other even though they have not previously established a personal relationship.

Which scan examines the current security, using a passive method?

Vulnerability Scan

What is the default Virus/Malware protection program provided by windows?

Windows Defender

What is the name of the following is malicious computer code that reproduces itself on the same computer?

Worm

Which of the following contains self propagation mechanism.

Worm

Which IETF standard defines the PKI digital certificate format?

X.590

Which of the following trust models has only one CA signing digital certificates?

a. Hierarchical trust model

Which of the following recovery sites is more expensive to maintain?

a. Hot site

Why is the UEFI framework considered to be better than the BIOS framework?

a. It has a better user interface and supports remote troubleshooting.

You are the security administrator in your organization and have been asked to choose a deployment method that ensures the utmost security, where the data is stored in a centralized server and can be accessed by authorized employees using their own devices. Which of the following should you choose?

a. Virtual desktop infrastructure (VDI)

Your firewall is configured to deny all packets from the address range 192.110.20.30-192.110.20.100, but you want to allow packets from 192.168.20.73. How should you resolve this issue?

b. Make a force allow rule for source address 192.168.20.73.

In a practical test, you are given a computer with a Windows host OS. You are asked to install a guest machine with Linux OS. What should you do?

b. Use Type II hypervisor program

Which configuration of WLANs has the following flaws? The last PIN character is only a checksum. The PIN is divided into two shorter values. There is no lockout limit for entering PINs.

b. WPS

Which of the following is an improvement of UEFI over BIOS?

b. enhanced boot security

Frank is authorized to issue mandatory security guidelines for IoT device manufacturers in the United States. Which of the following guidelines should Frank NOT issue?

c. The devices should present a cost-effective solution for consumers.

The mean time to recovery (MTTR) of a system is zero. What does this imply?

c. The system is highly resilient.

Hassan has been asked to choose a mobile management tool that can provide a single management interface for application, content, and device management. Which of the following is the best solution?

c. Unified environment management (UEM) tool

Which category of cybersecurity vulnerability is exploited by attackers before anyone else knows about it?

c. Zero day

Which keys are supposed to be kept confidential and not shared with anyone?

d. Private key

Name the type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks?

Easter egg

Which of the following types of hackers are strongly motivated by ideology?

Hacktivists

Which statement describes the use of hashing?

Hashing can be used to detect accidental changes, but does not protect against deliberate changes.

What term is frequently used to describe the tasks of securing information that is in a digital format?

Information Security

Which term below is frequently used to describe the tasks of securing information that is in a digital format?

Information Security

Name the three functions of a digital signature.

Integrity, Authentication, Non-repudiation

In a modern computer network, end devices are connected to the network

Intermediary devices

What is a rogue wireless hotspot?

Is a hotspot that appears to be from a legitimate business but was actually set up by someone without the permission from the business

What is cyber warfare?

It is an attack designed to disrupt, corrupt, or exploit national interests.

Which group is generally not considered to be a potential cybercrime victim?

Linux Programmers

Know that mobile devices with GPS make use of Location Services.

Location Services

Which is not a symmetric encryption algorithm?

MD5

What specific software can examine a computer for any infections as well as monitor computer activity and scan new documents that might contain a virus?

Mail Gateway

What type of attack intercepts communication between parties to steal or manipulate the data ?

Man-in-the-middle

What type of management system below can help distribute and manage public and corporate apps?

Mobile device management

What is NTP?

Network Time Protocol (NTP)

How do you protect a web server from outside threats?

Only have necessary services running; harden the OS; put the server behind a firewall; use input validation; audit logs; perform regular backups.

Computer programming is an essential skill for anyone wishing to pursue a career in cybersecurity. What might be a good "first language to learn" when learning to program?

Python

Which of the following is NOT a digital certificate that authenticates the source, guarantees the integrity of the data, and provides non-repudiation for the transaction?

SMTP

Which one of the following is not a means to secure network infrastructure devices and hosts?

SMTP protocols

What position is considered an entry-level position for a person who has the necessary technical skills?

Security Technician

For which of the following systems is resilience through redundancy the least important?

a. Desktops

Joseph, a black hat hacker, is approached by Sigma Technology to check the enterprise's security. He is told that the system is being checked to verify whether the higher-security mode of operations is moved automatically to another version during a cyberattack on the network, making it easier to attack. Which mode should Joseph use to test this vulnerability, and why?

a. Downgrade attack because, in a downgrade attack, an attacker forces the system to abandon the current mode of operation and instead move it to implement a less secure mode.

What is a thin client?

b. A thin client is a computer that runs from resources stored on a central cloud server.

For which of the following is the encapsulating security payload (ESP) protocol applied?

b. Confidentiality

Which wireless probe is designed exclusively to monitor the airwaves for RF transmissions?

b. Dedicated probes

Shaun is an external penetration testing consultant. The Chief Information Security Officer (CISO) of the organization he is working with indicated that none of the internal higher management executives should receive any kind of spear-phishing emails during Shaun's testing. Which part of the rules of engagement would cover this limitation?

b. Internal targets

Meta is a penetration testing engineer assigned to pen test the security firm's network. So far, she cannot tunnel through the network looking for additional systems accessible through advanced privileges. What should Meta do to gain repeated and long-term access to the system in the future?

b. Perform backdoor installation

Which of the below cryptographic protocol is an encrypted alternative to the Telnet protocol used to access remote computers?

b. Secure shell (SSH)

Which of the following best describes password spraying?

b. Trying a common password on different user accounts

Your enterprise network's security was breached when a non-employee connected a device to the network. In a security review meeting, you were asked to employ appropriate measures to prevent this from happening in the future while, at the same time, continuing to allow outsiders to connect to the network. Which of the following actions should you take?

c. Set up a network access control

David, a software engineer, recently bought a brand new laptop because his enterprise follows the BYOD (bring your own device) model. David was part of a software development project where the software code was leaked before its release. Further investigation proved that a vulnerability in David's laptop caused the exposure. David insists he never used the laptop to access any network or integrate any devices, and the laptop was kept in a vault while not in use. Which of the following attack vectors was used by the threat actor?

c. Supply chain

PDC Bank is working on creating an AI application that enables customers to send SMS to the AI application to allow banking activities from their registered ID. Jane, the project engineer, has taken bank customer data from the last few years from the server and is using it to train the ML to recognize and authenticate actual users and to ensure unauthorized users are barred from entering the application. Suppose the AI application has been compromised, and the reason has been identified as compromised data being used to improve the ML accuracy. What kind of attack is the PDC Bank application subjected to?

c. Tainted training data for ML


Related study sets

Topic 48 Other Tax-Advantaged Retirement Plans

View Set

L4 今天几号 jīntiān jǐ hào?(What's today's date)- Sentences

View Set

Chapter 2 - Pitch, Dynamics, and Tone Color

View Set

Herbal pharm chapter 24/23 final

View Set

CISSP Domain 1 - Security and Risk Management

View Set