Security+ Practice Test #6
A business has determined that a potential data breach could lead to a loss of $300,000. If the organization experiences such breaches twice every ten years, what is the Annual Loss Expectancy (ALE) for this risk?
$60,000
Jamario, a network technician at Kelly Innovations LLC, is setting up a new server. He wants to ensure that users can only access secure web pages on the server and secure ports for remote access to and from it. Jamario should ensure which of the following ports are open? (Select TWO.)
22 (SSH)
Jamario, a network technician at Kelly Innovations LLC, is setting up a new server. He wants to ensure that users can only access secure web pages on the server and secure ports for remote access to and from it. Jamario should ensure which of the following ports are open? (Select TWO.)
443 (HTTPS)
In a cybersecurity playbook, what typically initiates the process of detecting and handling an incident?
A SIEM report and query designed to detect the incident.
Emily from Kelly Innovations LLC recently implemented a WPA3-Enterprise authentication method for the company's wireless network. One morning, Jake, an IT specialist at the company, is reviewing the logs and notices that a single unidentified device attempted to connect to the network multiple times within a span of 5 minutes. Each time, the access point forwarded the device's credentials to the RADIUS server for validation. The logs showed that the device was never successfully authenticated, but its persistent connection attempts raised Jake's concerns. Which of the following should Jake MOST consider this behavior as?
A potential brute-force attack on the WPA3-Enterprise system.
Several employees at Dion Training Solutions reported that they were unable to access their accounts early in the morning, even though they were sure they inputted their passwords correctly. On investigation, the IT team found that these accounts had been locked after multiple failed login attempts in rapid succession during the night. Which of the following terms BEST describes the what was responsible for the issue?
Account lockout policies
Dion Training is implementing a security device tasked with inspecting live network traffic and taking immediate action to mitigate potential threats. Which of the following types of security devices would MOST effectively satisfy this requirement?
An Active device
What is a fundamental principle behind RBAC that contributes to an enhanced access control policy?
Assigning permissions to job functions rather than individual users.
You are the security administrator for a financial institution that deals with highly sensitive customer data. As part of your identity and access management (IAM) strategy, you are implementing an attestation process to ensure the accuracy and validity of user access rights. Which of the following statements best describes the purpose of attestation in this scenario?
Attestation is a process where data owners periodically review, validate and confirm the access rights of all users.
Glenn's boss has suggested that they introduce year round tent based family camping at their Wisconsin campground. As part of his job to assess the risks involved in such a change. When he takes into consideration the likelihood of blizzards and cold winters Glenn recommends that the campground not offer tent based family camping in the winter. What risk management strategy is Glenn using?
Avoid
Enrique, a security analyst at QuantumCorp, was verifying the integrity of two documents by comparing their MD5 hashes. Surprisingly, two entirely different documents had the same hash value. Aware of the weaknesses associated with the MD5 hashing algorithm, he suspected that the company might be vulnerable to a specific type of cryptographic attack. What type of cryptographic attack is Enrique concerned about?
Birthday attack
Which of the following types of penetration tests is conducted without any prior knowledge of the target environment, simulating the perspective of an external attacker with no insider information?
Black box
Things have not been going well as Massive Dynamics, a cloud providing company. They had been using a governance structure where diverse groups of employees worked together to make decisions and implement policies. However, this structure has led to a confusing mix of policies and, most importantly, a confused security strategy. Following a massive data breach, the Massive Dynamics CEO has restructured the company. Decision making and policy implementation will now be in the hands of a group of experienced individuals from outside the company. This group will work with the CEO to set policies and make decisions. What governance structure does Massive Dynamics now have?
Board
You are browsing the web and you see an advertisement for a product that you have been looking for. You click on the link and it takes you to a website that looks like the official website of the product. However, you notice that the website has a slightly different logo and name than the original one. What type of attack is this an example of?
Brand impersonation
Enrique noticed an unusually high number of failed login attempts across multiple user accounts in the AlphaTech systems over the past 48 hours. The majority of these login attempts varied widely in terms of the combinations tried, starting from the simplest possible passwords. Enrique also observed a sudden spike in the computational resource usage on the company's external-facing server during the same time frame. Which of the following BEST describes the potential security risk observed by Enrique?
Brute force attack
Dynamics is a marketing firm. They have allowed employees to use devices the employees already own. However, a recent security breach has led them to hire a security consultant. The consultant indicates that the company needs much more control over the security of the employee's devices. The employees want to be able to modify their devices, adding software and games they use for life outside of work. Which of the following deployment models is the consultant most likely to suggest to meet the needs and wants of Dynamics and its employees?
COPE
A company runs a system that requires very high uptime. It decides to distribute its workload on multiple machines. If one component fails, the others take over smoothly. What is this method MOST accurately called?
Clustering
Wonka Industries, a multinational company, is planning to open a new office in a different city. The company's IT team wants to determine if any new security requirements are needed for the new office. They want to ensure that the computing resources will be adequately protected against potential threats. Which of the following should Wonka Industries do to determine if new requirements are needed?
Conducting a vulnerability assessment and penetration testing.
Which of the following terms refers to preserving authorized restrictions on access and disclosure to prevent unauthorized access?
Confidentiality
What describes the capability of a system to continue its operations even in the event of a failure or disaster?
Continuity of operations
In the Zero Trust model, which of the following components focuses on making decisions about who can access what resources based on policies, identity verification, and threat analysis?
Control Plane
Which strategy is BEST suited for ensuring that personal, which is often subject to government regulations due to its sensitive nature, is only accessed by authorized personnel and is kept confidential?
Data encryption
Dion Training is designing a system to store student records. They wish to encrypt the entire collection of records at once, ensuring efficient encryption and decryption processes when querying. What encryption level is MOST suitable for this design?
Database encryption
Ipanema Co. is owns a diverse group of boutiques in a variety of countries. Security needs vary from location to location. Central management has decided that each boutique will have a security officer who works with the manager to formulate security policies and decisions. What type of governance is used by Ipanema Co.?
Decentralized governance
You are a database administrator for a large corporation that stores and processes huge amounts of data in on-site servers. You are shifting to cloud based data storage. Which of the following mitigation techniques is most important in dealing with the on-site servers?
Decommissioning
Which of the following threat vectors is associated with the risks stemming from not changing pre-set login information on systems, potentially allowing easy unauthorized access?
Default credentials
Jason is working with David to enhance the security of the switches at Dion Training. Which technique would be the BEST for them to prioritize?
Disable unused ports
Scherazade suspects an attacker has gained access to a network which includes both wireless and wired devices. As she is checking the server configurations, she discovers that a server is using an older encryption protocol. The servers configurations are standardized, so this seems strange. Which of the following network attacks has MOST likely given the attacker access to the network?
Downgrade
Sasha, a system administrator at Dion Training, recently received a directive to ensure that all data backups are compliant with privacy regulations. Given that these backups occasionally need to be transported offsite, which of the following measures would be MOST critical for her to implement?
Encryption of backups
Susan, a cybersecurity specialist at Kelly Innovations LLC, has been tasked with hardening the company's mobile devices. Which technique would provide the MOST effective protection against potential threats?
Enforce 2FA for all device logins.
Which of the following motivations is MOST likely to drive a nation-state threat actor to launch an attack?
Espionage
During testing of a security architecture, what method ensures the system can quickly switch to a standby system when the primary system doesn't work?
Fail over
Dion Training's hardware devices were compromised and sensitive data was stolen. Upon investigation, it was discovered that an attacker was able to exploit a vulnerability in the device's low-level software. Which of the following vulnerabilities BEST describes this scenario?
Firmware vulnerability
An organization wants to ensure that all data on an employee's laptop, including the operating system, boot files, and user files, are encrypted. Which type of encryption would be MOST appropriate for this purpose?
Full-disk encryption
Which of the following is MOST needed by threat actors to obtain resources such as customized attack tools and skilled personnel?
Funding
Which of the following is designed to provide electricity for an extended period during power outages and relies on fuel sources such as diesel or natural gas?
Generators
Acme Anvils, a hardware supplier, is developing a continuity of operations plan. Among the many things they will change about their operations, they plan to create multiple data backups that will be stored in different locations throughout the country. What is the term used to describe the backup aspect of their plan?
Geographic dispersion
At Dion Training, an international training company that operates in multiple countries, the management is concerned about privacy compliance and the legal implications because of the scope of their business. Which of the following BEST describes the scope of legal implications in this scenario?
Global
Which of the following technologies would be primarily utilized to detect unauthorized changes or potential breaches in computer hardware components, operating systems, and core services supporting applications?
HIDS
Kelly Innovations LLC has discovered a vulnerability in one of its software applications. The vulnerability is difficult to exploit and exploiting it would require a significant level of expertise. However, if successfully exploited, it could have severe consequences. Which of the following is the MOST appropriate CVSS vulnerability classification?
High
Wise Technologies has created fake usernames or passwords in order to attract attackers who are trying to gather login credentials for their accounting and finance applications. They hope this will lure attackers away from real login credentials. Which of the following have they created?
Honeytoken
Which standard provides guidelines specific to cloud service providers, extending the principles of ISO/IEC 27001 to the cloud computing environment?
ISO/IEC 27017
Which of the following activities take place during the detection phase in the incident response process?
Identifying and classifying incidents based on their severity and impact to the organization.
Which policy outlines the steps to be taken in response to data breaches?
Incident response policy
You are the security administrator for a medium-sized company that operates in multiple time zones. The company's management wants to implement time-of-day restrictions for user access to the company's sensitive data and systems. The goal is to enhance security by limiting access during non-business hours. Which of the following options would meet all password practices and successfully implement and maintain time-of-day restrictions?
Integrating single sign-on (SSO) with role-baed access control (RBAC) and applying time-based policies to restrict access to specific resources.
Jamario, an IT administrator for Dion Training Solutions, is considering deploying an agent-based web filter solution to manage and monitor web traffic for remote employees. Which of the following is the MOST important advantage of implementing agent-based web filters over traditional gateway-based filters for this purpose?
It allows for consistent policy enforcement regardless of the user's location.
Which of the following statements BEST explains the importance of automating resource provisioning?
It helps in rapid scaling of resources based on demand.
At Kelly Innovations LLC, David recently noticed some unusual patterns in his team's workflow. Jamario, an otherwise diligent employee, suddenly started accessing files unrelated to his department and was found uploading large amounts of data to an external cloud service. Enrique mistakenly clicked on a suspicious email link but immediately reported it. Susan noticed her computer was much slower than usual, even though she hadn't made any changes or updates. Given these situations, which of the following employees exhibited both risky and unexpected anomalous behavior that could indicate a potential security threat?
Jamario
Toby, a Security Analyst, has suggested that his company begin using a device that will act as a gateway to the company's perimeter network. Once installed, it will be the only opening into the perimeter network, increasing security on the company's most critical data. What is Toby suggesting his company begin using?
Jump server
Some Spike It Hot, a cafe, wants to use a physical control that acts as a deterrent. Which of the following would be best for this purpose?
Lighting
Which of the following statements BEST explains the concept of Log aggregation?
Log aggregation collects and normalizes log data from various sources to make it easier to analyze.
A system administrator at Kelly Innovations LLC is responsible for managing the company's cloud storage services. After setting up a new cloud storage bucket to store sensitive employee data, the administrator intended to restrict access to a select group of IP addresses but accidentally left the settings open to the public. Soon after, unauthorized users were able to access and download the sensitive data stored in the bucket. Which of the following terms BEST describes the cause of this security incident?
Misconfiguration
Which of the following activities take place during the containment phase in the incident response process?
Mitigate the impact of the incident by preventing it any other devices from being affected.
Which of the following statements BEST explains the purpose of Netflow?
Netflow is a network tool that provides visibility into network traffic and helps identify potential security threats.
Your company possesses exclusive formulas and business processes that offer a competitive edge. Which of the following strategies would BEST prevent unauthorized dissemination or replication of this crucial information?
Non-disclosure agreements
Which of the following statements BEST describes the Data Plane within the Zero Trust framework?
Oversees data conveyance post-access approval.
Which of the following involves an authorized testing of the security of a third-party by actively engaging the third-party's system?
Penetration testing
Which of the following will provide finer level detail in access control through classifying user roles and responsibilities?
Permission Restrictions
What is the name of the attack vector that involves sending fraudulent emails to trick recipients into revealing sensitive information or clicking malicious links?
Phishing
You're reviewing an organization's security measures and come across a rule set which states that employees in the HR department can only use payroll systems, and IT staff can only use systems administration tools. Which of the following principles of Zero Trust are in place?
Policy-driven access control
Dion Training needs to regulate the devices connecting to its network. To make things more secure, the devices should be regulated based on their unique physical addresses. Which of the following features would BEST address their needs?
Port Security
At Kelly Innovations LLC, an internal audit has highlighted some concerning practices. Employee Jason routinely ignores reminders to update his security software, contrary to the company's strict update policy. Concurrently, Jamario, known for jotting down his passwords on post-it notes around his workspace, has inadvertently shared his credentials with several coworkers. On a separate occasion, sensitive information was uploaded to a public cloud service without a VPN, and a phishing email was clicked, triggering a malware alarm. Based on the audit findings at Kelly Innovations LLC, which of the following is the risky behavior that needs the MOST immediate attention to prevent potential security breaches?
Postponing security software updates and poor password management.
Which of the following statements represents the correct order of steps in the incident response process?
Preparation, Detection, Containment, Eradication, Recovery
Which of the following is kept secret by Kelly Innovations LLC and used to decrypt messages that are encrypted with its corresponding public key?
Private key
A leading technology company specializes in designing and manufacturing embedded systems for critical infrastructure. Their devices are used in various sectors such as healthcare, transportation, and energy. The company is concerned about the security of their embedded systems and wants to implement the most appropriate security technique to protect their computing resources from potential threats. Which security technique would be the most suitable for the company to secure their embedded systems used in critical infrastructure?
Real-Time Operating System (RTOS)
Dion Training Solutions, a software-as-a-service company, began facing latency issues and, in some cases, outages. The IT team found that a massive amount of traffic was flooding in, but the peculiarity was that the incoming data appeared to be responses to requests that the company never made. These responses came from a wide range of IP addresses scattered globally. Which of the following types of malicious activities is BEST described in this scenario?
Reflected DDos attack
Which of the following practices is MOST effective in mitigating software supply chain vulnerabilities?
Regular security test of third-party software products.
Kendra is testing the security of a web application and finds that it is vulnerable to a type of attack that involves capturing and retransmitting data, such as authentication tokens or credentials, to impersonate a legitimate user. Which of the following application attacks is BEST able to exploit this vulnerability?
Replay
Which of the following concepts to consider when deciding on an architecture model refers to the ability of a system to provide timely and accurate feedback to user requests?
Responsiveness
Which of the following is included in a vendor contract that allows an organization to conduct its own evaluation and verification of a vendor's security controls and practices?
Right-to-audit clause
Which of the following terms refers to the individual responsible for managing a particular risk, ensuring appropriate mitigation measures are implemented and monitored?
Risk owner
In a large financial institution, the access control mechanism utilizes a set of predefined conditions to determine access rights to various resources. The system evaluates a number of factors which are compared to the predefined conditions to determine access. Users and administrators do not have the discretion to modify or override the access control policies. Which type of access control mechanism is being used in this scenario?
Rule-Based
Dion Training wants to consolidate its network security services into a cloud-centric model to simplify its security operations. Which of the following is the BEST solution?
Secure access service edge (SASE)
Morris has arranged an exercise for his security team to test the new plans they have developed. He has set up a table with equipment and arranged chairs on opposite sides of the table. On each side, he has set up groups of parallel experience and size. Some team members will be the good guys, defending the system. Others will be the bad guys and try to breakdown the defenses that the new plans have created. The winners will have lunch catered in. What is Morris creating?
Simulation
Kelly Innovations LLC is looking for an authentication method that generates a unique and temporary code to be used for verifying the identity of its remote employees. This code can be generated by a software application installed on the employees' smartphones. Which of the following BEST describes the authentication method the company is considering?
Software authentication tokens
You are a security analyst tasked with investigating a suspected security breach. As part of your investigation, you decide to examine the automated security reports generated by your security tools. Which of the following pieces of information from these reports would be MOST valuable to investigate the incident?
Specific details of security alerts triggered around the time of the suspected incident.
Kylie, an IT technician at Dion Training, received complaints from employees about unexpected browser redirects. They were being taken to unfamiliar websites when they tried to access common web destinations. Further, some employees mentioned their webcams activating on their own, and unauthorized screenshots were found on a few desktops. Which of the following types of malware MOST aligns with the issues faced by Dion Training?
Spyware
Dion Training has implemented a Zero Trust model. Which of the following components of the data plane is responsible for the user or device being verified before it interacts with the network?
Subject
An organization recently upgraded its network infrastructure to improve performance and security. As part of the upgrade, they are implementing various security techniques to protect their computing resources and ensure data confidentiality and integrity. Which network device would be the most suitable for the organization to enhance network security by segmenting and isolating network traffic between devices in different departments?
Switches
Which of the following statements BEST explains the difference between a tabletop exercise and a simulation in the incident response process?
Tabletop exercises are theoretical exercised conducted through discussions and planning, while Simulations are interactive drills that involve practicing incident response procedures in a controlled environment.
Which of the following statements is NOT true regarding the importance of Technical Debt?
Technical debt is a measure of the RTO of security systems and security departments as costs accumulate over time.
What does "right to be forgotten" refer to in privacy compliance?
The right of data subjects to request their personal data be erased.
Abdul has suggested that his company perform a supply chain analysis of all of the company's vendors. This will be expensive and time consuming. Why is it important that the company conduct a supply chain analysis despite the costs?
To identify potential security risks associated with the vendor's supply chain.
The Bright Elf, a Christmas pop-up store, has experienced many issues with their web services. Recent vulnerability scans have shown that their system is vulnerable to malware, DoS, network intrusions, and on-path attacks. Since it is nearing the Christmas season, they want to have one solution to their problems. Which of the following will provide the BEST solution?
UTM
You are using an old laptop that runs on Windows XP and has not been updated for several years. You use it for browsing the web and checking your email. However, you notice that your laptop is behaving strangely and you suspect that it has been infected with malware. What type of vulnerability have you exposed yourself to?
Unsupported systems and applications
The IT team at Dion Training Solutions noticed that one of their servers was suddenly using 95% of its processing power. This was highly unusual as the typical utilization was around 40%. Upon investigation, they found a process they didn't recognize consuming a large portion of the resources. Which of the following statements BEST describes the situation faced by the Dion Training Solutions IT team?
Unusual resource consumption by an unfamiliar process.
Which aspect is NOT typically included in key management procedures within encryption standards?
User password management
Which of the following statements is NOT true about the importance of user provisioning in relation to secure operations?
User provisioning automates the creation and destruction of new virtual machines as employees are hired and leave.
Which of the following hardening techniques can help prevent buffer overflow attacks on a system or device by using software that can detect and prevent any attempts to write data beyond the allocated memory space of a program?
Using a HIPS
A company's web application allows users to search for products using a search bar. The search query is then used in a SQL query to fetch relevant products from the database. Additionally, the web application allows users to leave comments on product pages. The comments are displayed on the website without any restrictions. The company's security team is concerned about the risk of SQL injection and XSS attacks. Which of the following security techniques should be applied to address these concerns effectively?
Validating and sanitizing user input for both search and comments.
A security officer is using a system that involves the use of cameras to monitor activities in a given area. What is this system known as?
Video surveillance
