Security+ Practice Test #8
At a meeting to develop a risk management strategy, employees of Striped Star Security are brainstorming events that could occur. Annette brings up the potential risk of a blizzard. Since Striped Star Security has all of its facilities near the equator, it seems unlikely that there would be a blizzard. However, it is possible. The Chief Security Officer declares, "If it happens, it happens. Let's move on to other events." Which risk management strategy is the company using to deal with the possibility of a blizzard?
Accept
Gerald, the IT manager, is implementing a system where employees must have a token to gain access to certain areas within the company building. What of the following would best explain the type of physical security they are implementing?
Access badges
Which of the following types of threat actors are MOST likely to have extensive knowledge of hacking techniques? (Select TWO.)
Advanced Persistent Threat (APT)
The New York Inquirer's main headquarters has a diverse IT infrastructure, including servers, workstations, and IoT devices. They have implemented a firewall to protect their internal network from external threats. The organization wants to modify the firewall rules to enhance security and minimize potential attack vectors. Which modification to firewall ports and protocols is NOT recommended for the organization to enhance security?
Allowing any outgoing traffic to any destination.
The Greedy Pencil, a stationary producer, is considering changing its security enterprise architecture. The most pressing concern is minimizing the paths of potential threats into systems. Which infrastructure consideration are they choosing as the most important?
Attack Surface
Kelly Innovations LLC is keen on adopting technology to ensure the integrity and transparency of its financial transactions. They are looking for a solution where each transaction record is secured using cryptography, and the hash value of one record is used in the hash calculation of the next. Which of the following technologies would be MOST suitable for this requirement?
Blockchain
Jamario, while analyzing the network logs at BetaLabs, observed multiple requests originating from a single IP address targeting the company's login portal. These requests used different alphanumeric combinations in rapid succession. Furthermore, Jamario's review of the server health metrics revealed periods of intense processing demand during these login attempts. Which of the following activities is MOST likely causing the observations made by Jamario?
Brute force attack
The management team at Albus Global is working to prepare for potential disruptions like natural disasters and cyber attacks. They want to ensure that they maintain critical business functions regardless of the type of disruption they encounter. What document should they create?
Business Continuity Policy
Which of the following BEST explains the difference between CVSS and CVE in the context of vulnerability management?
CVSS provides a standardized system for rating vulnerabilities, while CVE is a database for storing known vulnerabilities.
Which of the following BEST describes an example of a hardware supply chain vulnerability?
Compromised firmware in a device that allows unauthorized remote access.
You are a database administrator for a large corporation with a BYOD policy. This saves the company money, but creates headaches for you. With each new device, the company's network becomes more vulnerable to attack. You want to use a mitigation technique that will decrease the exposure. Which of the following mitigation techniques will be most effective in reducing your exposure?
Configuration enforcement
Which term BEST applies to an organization that aims to minimize risk exposure, focusing on cash preservation, maintaining a solid reputation, and meeting regulatory requirements rather than seeking significant growth?
Conservative risk appetite
Which of the following statements BEST explains the importance of continuous integration for the security or an organization?
Continuous integration makes collaboration of security teams and developers easier.
Which of the following control types BEST describes the capability of systems to automatically revert to their last known good configuration following a power outage or system disruption?
Corrective Control
An e-commerce company wants to protect its database containing customer names and credit card details when sharing it with its marketing team for analytics purposes. The marketing team doesn't need to view the actual data but requires a dataset of similar structure. Which of the following methods is BEST suited for this scenario?
Data Obfuscation
When Shirley is going through her onboarding procedures with a new company, she is told that her department will have the authority to make decisions about their areas of responsibility with minimal input from the Chief Operating Officer, the Board of Executives, and the CEO. What type of governance does the company use?
Decentralized governance
A manufacturing company produces IoT devices for home automation, including smart thermostats, security cameras, and smart locks. They want to enhance the security of their IoT devices to protect user privacy and prevent potential cyberattacks. Which security technique is NOT recommended for the manufacturer to apply to their IoT devices to enhance security?
Default Credentials
You are a cybersecurity analyst for a large enterprise that has experienced several security incidents resulting from insider threats and compromised user accounts. The organization wants to enhance its security posture by implementing User Behavior Analytics (UBA). Which of the following approaches would be the MOST effective way to implement User Behavior Analytics (UBA) for the given scenario?
Deploying UBA on all endpoint devices to monitor user interactions and application usage.
Sasha, a network administrator for Kelly Innovations LLC, notices increased latency during peak working hours on the company's NGFW, potentially affecting availability. Considering the high complexity of the NGFW, which of the following is the MOST suitable solution for filtering user traffic, such as web browsing and email, to ensure higher throughput and availability?
Deploying a Secure Web Gateway (SWG).
Kelly Innovations LLC is in the process of selecting a new vendor for their cloud storage solutions. As part of the selection process, the IT manager, Jamario, reviews the potential vendor's past financial stability, customer reviews, and history of cybersecurity incidents. Which aspect of the vendor selection process is Jamario emphasizing?
Due diligence
Which of the following BEST describes a method that assesses software in its running state, often evaluating it for potential vulnerabilities or flaws during real-time operations?
Dynamic analysis
For a company implementing a microservices architecture, which of the following considerations is essential to ensure a smooth and efficient set-up of the individual services?
Ease of deployment
Which of the following is the primary advantage of implementing automation to secure operational tasks?
Efficiency in handling repetitive tasks.
Which of the following mitigation techniques involves using mathematical algorithms to transform data into an unreadable format?
Encryption
What term is used for a unique characteristic of an organization's infrastructure, business environment, and operational context that can impact vulnerability assessments and risk analysis?
Environmental variable
Kelly Innovations LLC is hosting an offsite meeting at a hotel. Benjamin is trying to access the hotel's Wi-Fi network. Upon connecting, he's not required to input any credentials but is redirected to a splash page when he launches his browser. This page requests his room number and last name. Benjamin is aware of potential threats on open networks and wants to ensure his communications remain confidential. Given this situation, what should Benjamin do to ensure secure communication over the open Wi-Fi?
Establish a VPN connection after associating with the open hotspot.
Which of the following BEST portrays the Policy Engine in the context of Zero Trust?
Executes access decisions based on the policies set by the administrator.
Which of the following terms describes an organization that is inclined to pursue high returns or aggressive growth, accepting higher levels of risk, often in fast-changing markets?
Expansionary risk appetite
Kneading Dough, a retirement planning organization, wants to maximize network availability even if there are errors or intrusions on their system. They are confident that they can respond quickly enough to any event and prevent damage to the system. Which of the following will provide them with the level of availability they want?
Fail-open
Which of the following BEST describes a threat actor whose primary motivation is to obtain unauthorized access to credit card data?
Financial gain
Which of the following types of conflict of interest may occur when a vendor has a possibility of earning commissions that could influence their recommendations during vendor assessments?
Financial interests
New Beesness, a sustainable sugar producer, wants to create a fake server that appears to be vulnerable to attack in order to attract attackers. Which of the following does the company want to create?
Honeypot
Which mitigation technique uses software like Windows Firewall or ZoneAlarm to inspect and control incoming and outgoing network traffic on a per-application basis?
Host-based Firewall
Which of the following architecture models involves using a combination of cloud and on-premises resources to deliver services and applications?
Hybrid
Which statement BEST describes the significance of safeguarding legal information in an organization?
If legal data leaks it can result in legal liabilities and harm an organization's reputation.
What is the process of assessing and predicting the consequences of a proposed change and considering the effects of change on various parts of an organization or system?
Impact analysis
In your organization, you oversee the cybersecurity of workstations heavily used by the data analytics team. After a round of system updates, you've stepped into the "Maintain" phase of secure baselines. The operating system is loaded, and a template with essential configurations, patches, and security updates has been applied. Which of the following statements is the MOST appropriate next course of action to ensure ongoing system security?
Implement a routine schedule to kepp the configurations, patches, and security up-to-date.
Kelly Innovations LLC has identified a vulnerability in one of its systems. However, due to a critical ongoing project, the IT team decides it's not the right time to apply the recommended fix. Which of the following strategies is the MOST appropriate for Kelly Innovations LLC to implement?
Implement an vulnerability exception.
Kelly Innovations LLC is setting up a new office and wants to ensure only authenticated devices can access the wired network. Which of the following solutions would be MOST effective in enforcing this requirement?
Implementing 802.1X
An organization with a significant online presence is concerned about potential security threats and wants to enhance its cybersecurity measures. Which modification to enterprise capabilities would be the most suitable for the organization to enhance network security and proactively block access to known malicious or inappropriate websites?
Implementing DNS filtering
Dion Training recently set up a new web server for their e-learning platform. The IT team has been tasked with implementing security measures to mitigate potential attacks. Which of the following practices would be MOST effective for server hardening?
Implementing a least-privilege principle and patch management.
At WebDev Inc., Ryan, a software developer, is working on a project with a team spread across different geographical locations. When discussing the project's progress in a team meeting, they realized that two team members have been working on different versions of the same module. Which of the following procedures will resolve the conflict of working or two different instances of the module?
Implementing a version control system.
Kelly Financial Services has been experiencing unauthorized access to its databases during non-business hours. They want to implement a control that only allows access to critical systems between 8:00 AM to 6:00 PM, Monday to Friday, to reduce the chances of unauthorized or malicious activity. Which of the following security measures can BEST address this concern?
Implementing time-of-day restrictions.
Which of the following is a type of assessment of a vendor's security posture that is conducted by a third party?
Independent assessments
Which of the following types of threat actors is most likely to have authorized access to the systems they attack?
Insider Threat
Which of the following threat actors is most likely to have legitimate access to the system they attack?
Insider threat
Dion Training's IT department realized that during a hardware failure incident, they struggled to find necessary information about the affected assets, such as warranty status, location, and responsible personnel. Which of the following processes would have streamlined the identification and management of these details?
Inventory management
Which of the following BEST describes the primary purpose of e-discovery in digital investigations?
It aids in identifying, collecting, and producing electronically stored information for legal cases.
Which of the following refers to software applications that may be outdated but remain in use because they perform a critical function or are difficult to replace?
Legacy applications
Which of the following terms BEST represents the approach that divides a physical network into multiple distinct units to manage traffic and enhance security?
Logical segmentation
In reviewing the audit logs, the IT security team at Dion Training noticed several unauthorized attempts to read and copy a file that contains sensitive company data. Which of the following is MOST likely indicated by this finding?
Malicious activity
Hair and There, an online beauty supply store, has conducted a comprehensive risk assessment and identified potential vulnerabilities in their network infrastructure. They recognize that another global pandemic would seriously harm their business and is a considerable risk. After careful analysis, they determine that they simply cannot control whether another pandemic occurs. They take measures to help reduce the types of damage a pandemic will cause and then hope that it doesn't happen. Which risk management strategy is are they employing?
Mitigate
Soylent International employees use many types of devices to connect to the corporate network. Due to increased security incidents, Claude, Soylent's Chief Security Officer, has decided to implement Network Access Control (NAC) on the company network. Which of the following choices BEST explains the reason for implementing Network Access Control (NAC) in the given scenario?
NAC enables the organization to enforce security policies and controls for all devices connecting to the network.
A financial institution wants to improve its network security by ensuring that sensitive customer data is isolated from its public-facing applications. Which of the following techniques would be the MOST effective in achieving this goal?
Network Segmentation
Gross Games, a multi-media company, is located in a region prone to natural disasters. Which backup strategy offers the best protection against data loss from catastrophic events?
Offsite backups
An organization wants to adopt a technology that allows everyone to view every transaction equally, ensuring transparency and equal trust among users. Which attribute of cryptographic solutions would BEST fulfill this requirement?
Open public ledger
Which term MOST accurately defines the process of checking modifications or advancements in software collections, guaranteeing their security and the absence of vulnerabilities, particularly in environments with numerous dependencies such as node.js or Python libraries?
Package monitoring
Which computational method allows for the simultaneous testing of various restoration protocols to ensure swift system recovery after a security incident?
Parallel processing
Which of the following mitigation techniques can help prevent exploitation of known vulnerabilities on systems and devices by keeping the software current?
Patching
Which of the following motivations is common among Hacktivists?
Political beliefs
Barzun, a security engineer, is testing the security of new software and finds that it is relatively easy for a user to use the software to gain access to root user credentials on any device that uses the software. Which of the following application attacks is BEST described by this vulnerability?
Privilege escalation
Croma Soft, a game company, wants to reduce the public-facing attack surface for their company. They hope to achieve this by using a device that can handle and relay requests for servers. Which type of network appliance would be MOST appropriate for this purpose?
Proxy server
In risk analysis, which method involves assigning subjective values to risks based on descriptive terms such as "high," "medium," or "low"?
Qualitative risk analysis
In risk analysis, which method involves assigning numerical values to risks based on financial figures, such as costs or potential losses?
Quantitative risk analysis
Rippled, a drink vendor, is developing a disaster recovery plan to ensure the swift recovery of critical systems and processes in the event of a disruption. They are defining a specific metric which is the amount of acceptable amount of time it will take to return to normal business. What measure are they defining?
RTO
Which of the following terms refers to an operating system that is designed to process data or events within a specified time frame or deadline?
Real-time Operating System (RTOS)
Jamario, the network analyst at Kelly Innovations LLC, was analyzing the network traffic when he stumbled upon a peculiar pattern. He noticed that certain network packets seemed to be repeated verbatim at irregular intervals. These duplicate packets, when matched with the server logs, corresponded to prior legitimate requests made by users but were being resent without any user intervention. Which of the following BEST characterizes the type of attack Jamario detected on Kelly Innovations LLC's network?
Replay attack
What method of data backup involves routinely creating an exact copy of all data as a safeguard against loss or damage?
Replication
Which of the following attributes of actors refers to the amount of equipment that a threat actor has at their disposal?
Resources/funding
A large organization has multiple cloud-based applications and wants to enable its employees to authenticate to all of these applications using a single set of credentials. They want a standardized protocol that allows identity providers (IdP) to pass authentication information to service providers (SP) and vice versa. Which of the following protocols is MOST suitable for this requirement?
SAML
Sasha, a system administrator at Dion Training Solutions, is looking to enhance the security of her Linux servers by restricting processes to minimum necessary privileges and defining their behavior. Which Linux feature should Sasha MOST likely implement?
SELinux
You receive a text message from your bank asking you to verify your account details by clicking on a link. The message looks legitimate, but you are suspicious. What kind of threat vector was used in this attack?
SMS
Crosby Building has contracted Nash Smashing to demolish an old warehouse. Before demolition begins, Crosby and Nash reach an agreement on issues like when the demolition will take place and who will take care of removing the rubble. What is this agreement called?
SOW
You are a cybersecurity consultant working with a large enterprise that handles sensitive customer data and financial information. The organization is concerned about detecting unauthorized changes to critical files on their servers and workstations. As a security expert, you recommend implementing a File Integrity Monitoring (FIM) solution. Which of the following approaches would be the MOST effective way to implement File Integrity Monitoring (FIM) for the given scenario?
Scheduling the FIM to perform file integrity checks after business hours to minimize resource utilization.
Which of the following architecture models is BEST described as a model that allows developers to write and deploy code without concern for the underlying infrastructure because the cloud provider automatically manages the execution, scaling, and networking?
Serverless architecture
Sasha often travels for work. Her company's secure system detects her login attempts based on her geographical location, allowing access only if she's logging in from an approved country. This system considers which factor of multi-factor authentication?
Somewhere you are
Which of the following types of threat actors are MOST likely to have extensive knowledge of hacking techniques? (Select TWO.)
Sophisticated cybercriminal
Manar is reviewing logs and finds that many log on attempts were made using common words followed by numbers or symbols. Each password is attempted on the 20 computers in the accounting department. He suspects that these passwords were generated by an automated tool. Which of the following password attacks is BEST illustrated by this finding?
Spraying
Which of the following provides step-by-step instructions designed to assist in routine activities and ensure consistency and compliance within an organization?
Standard operating procedure
A tech company's devices are pre-installed with malicious software due to a compromised component from a supplier. What type of security threat does this represent?
Supply chain compromise
In the context of compliance monitoring, which of the following does "due diligence/care" refer to?
Taking steps to meet legal and other requirements.
Which of the following statements BEST explains the importance of considering technical debt?
Technical debt can increase the complexity of long term security issues, making automation and orchestration more diffficult.
Which of the following statements BEST explains the importance of guard rails in automation and orchestration?
They provide boundaries to ensure automated processes operate safely.
Ahmed, a software engineer, is considering using more Infrastructure as Code (IaC) within his company. This may be a challenge as a number of employees insist they need their own special configurations and software, commonly called "snowflake systems". Which of the following BEST describes the purpose of eliminating "snowflake systems"?
To avoid inconsistencies that lead to security and stability issues.
What is the primary purpose of a disaster recovery policy?
To ensure the availability and recovery of critical systems and data.
Which of the following BEST describes the primary purpose of designing sites as zones while deploying or upgrading physical security controls?
To maximize access controls for the most secure areas.
Sasha, the CEO of Dion Training is concerned about potential cybersecurity threats. She wants a systematic approach to managing security incidents, so she has had David, the CTO, develop an incident response policy. Which of the following BEST describes the purpose of an incident response policy?
To outline the steps for handling security incidents and breaches.
You are making an appointment to get your hair cut. When you enter your personal data into the website for Dye My Darling, the data is placed in a database and paired with a smaller set of symbols that will represent your data. To access your personal data, your stylists' computer will access the database. If an attacker gains access to the computer, they will only see the set of symbols, not your personal data. What method of concealment is Dye My Darling using?
Tokenization
The IT department at Feels Like Gnome is in the process of implementing a new AUP for the organization. They want to ensure that all employees are aware of the proper and acceptable ways to use company IT assets and systems to maintain a secure and efficient work environment. What will likely be included in this policy?
Whether computers can be used for personal online shopping.
While analyzing the company's network traffic, Michelle observed that a particular software was continuously replicating itself, hopping from one system to another within the company's intranet. The software's rapid spread was causing network slowdowns and affecting workstation performance. Which type of malware BEST describes the observed behavior?
Worm
Reed, a network engineer at Kelly Innovations LLC, configured an access list to restrict SSH access to the company's internal server. Only Susan, who has an IP address of 192.168.1.100, should be able to SSH into the server. After the configuration, Sasha, with an IP address of 192.168.1.101, reports she can still access the server via SSH. Which of the following access list entries might Reed have mistakenly added?
permit tcp any host 192.168.1.0 0.0.0.255 eq 22
