Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cybersecurity > 106-130 > Flashcards

106-130 Flashcards

1
Q

A security engineer is concerned about susceptibility to HTTP downgrade attacks because the current
customer portal redirects users from port 80 to the secure site on port 443. Which of the following would be
MOST appropriate to mitigate the attack?

A. DNSSEC
B. HSTS
C. Certificate pinning
D. OCSP

A

B. HSTS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A security analyst is deploying a next-generation firewall. The analyst wants to protect against malicious
payloads found on TLS-enabled websites. After enabling the firewall to scan encrypted HTTP traffic, the users
receive an error message on the browser, stating the connection is not private. Which of the following would
allow the analyst to inspect this traffic while preventing this error from appearing?

A. Enable TLS inspection in the firewall’s configuration settings.
B. Make an exception in the firewall, excluding URLs that begin with https:// from being scanned.
C. Disable public certificate pinning in the browser’s settings on every desktop computer.
D. Add the firewall’s certificate to the trusted root certificate store on all of the computers.
E. Use the company’s CA to issue certificates for the affected domains and add these certificates to the
firewall.

A

A. Enable TLS inspection in the firewall’s configuration settings.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security administrator found the following piece of code referenced on a domain controller’s task scheduler:
$var = GetDomainAdmins
If $var != ‘fabio’
SetDomainAdmins = NULL
With which of the following types of malware is the code associated?

A. RAT
B. Backdoor
C. Logic bomb
D. Crypto-malware

A

C. Logic bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An organization is considering utilizing a third-party web-hosting service for a human resources application.
The organization’s Chief Information Officer (CIO) is concerned the web-hosting service may not have a
sufficient level of security. The sales representative for the web-hosting service suggests that the CIO use
banner grabbing to test the security levels of an existing website hosted by the company (www.example.com).
Which of the following commands should the CIO use? (Select TWO).

A. nc
B. telnet
C. ifconfig
D. tracert
E. netstat
F. nslookup

A

A. nc
B. telnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An employee is observed taking photos of sensitive documents, but the employee is reportedly on a special
assignment. The company’s policies are:
No photography is allowed in the building without authorization.
If photographs are taken, do not confront the offender
Report incidents to the compliance officer.
Which of the following actions should be taken?

A. Confiscate the camera.
B. Ask if the employee needs assistance.
C. Report a policy violation.
D. Take custody of the sensitive documents.

A

C. Report a policy violation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An administrator is disposing of media that contains sensitive information. Which of the following will provide
the MOST effective method of dispose of the media while ensuring the data will be unrecoverable?

A. Wipe the hard drive.
B. Shred the hard drive.
C. Sanitize all of the data.
D. Degauss the hard drive.

A

B. Shred the hard drive.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is a security consideration for loT devices?

A. loT devices have built-in accounts that users rarely access.
B. loT devices have less processing capabilities.
C. loT devices are physically segmented from each other.
D. loT devices have purpose-built applications.

A

A. loT devices have built-in accounts that users rarely access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A manager makes an unannounced visit to the marketing department and performs a walk-through of the
office. The manager observes unclaimed documents on printers. A closer look at these documents reveals
employee names, addresses, ages, birth dates, marital/dependent statuses, and favorite ice cream flavors.
The manager brings this to the attention of the marketing department head. The manager believes this
information to be PII, but the marketing head does not agree. Having reached a stalemate, which of the
following is the most appropriate action to take NEXT?

A. Elevate to the Chief Executive Officer (CEO) for redress; change from the top down usually succeeds.
B. Find the privacy officer in the organization and let the officer act as the arbiter.
C. Notify employees whose names are on these files that their personal information is being compromised.
D. To maintain a working relationship with marketing, quietly record the incident in the risk register.

A

B. Find the privacy officer in the organization and let the officer act as the arbiter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An incident response analyst at a company is reviewing a SIEM alert that indicates an employee received a
message containing a potentially malicious attachment. The analyst confirms the attachment is malicious.
After removing the malware, the same incident reoccurs. Which of the following responses should have been
done to address the situation correctly?

A. Containment
B. Eradication
C. Identification
D. Lessors learned

A

D. Lessors learned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A company recently installed fingerprint scanners at all entrances to increase the facility’s security. The
scanners were installed on Monday morning, and by the end of the week it was determined that 1.5% of valid
users were denied entry. Which of the following measurements do these users fall under?

A. FRR
B. FAR
C. CER
D. SLA

A

A. FRR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A systems administrator has installed a new UTM that is capable of inspecting SSL/TLS traffic for malicious
payloads. All inbound network traffic coming from the Internet and terminating on the company’s secure web
servers must be inspected. Which of the following configurations would BEST support this requirement?

A. The web servers’ CA full certificate chain must be installed on the UTM.
B. The UTM’s certificate pair must be installed on the web servers.
C. The web servers’ private certificate must be installed on the UTM.
D. The UTM and web servers must use the same certificate authority.

A

A. The web servers’ CA full certificate chain must be installed on the UTM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A security administrator receives a request from a customer for certificates to access servers securely. The
customer would like a single encrypted file that supports PKCS and contains the private key. Which of the
following formats should the technician use?

A. PEM
B. DER
C. P12
D. PTX

A

C. P12

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following controls is implemented in lieu of the primary security controls?

A. Compensating
B. Corrective
C. Detective
D. Deterrent

A

A. Compensating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A systems administrator is increasing the security settings on a virtual host to ensure users on one VM cannot
access information fro another VM.
Which of the following is the administrator protecting against?

A. VM sprawl
B. VM escape
C. VM migration
D. VM sandboxing

A

B. VM escape

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A systems administrator wants to disable the use of usernames and passwords for SSH authentication and
enforce key-based authentication. Which of the following should the administrator do NEXT to enforce this
new configuration?

A. Issue a public/private key pair for each use and securely distrubute a private key to each employee.
B. Instruct users on how to create a public/private key pair and install users’ public keys on the server.
C. Disable the username and password authentication and enable TOTP in the sshd.conf file.
D. Change the default SSH port, enable TCP tunneling, and provide a pre-configured SSH client.

A

B. Instruct users on how to create a public/private key pair and install users’ public keys on the server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

After successfully breaking into several networks and infecting multiple machines with malware, hackers
contact the network owners, demanding payment to remove the infection and decrypt files. The hackers
threaten to publicly release information about the breach if they are not paid. Which of the following BEST
bescribes these attackers?

A. Gray hat hackers
B. Organized crime
C. Insiders
D. Hacktivist

A

B. Organized crime

17
Q

A security administrator is researching ways to improve the security of a manufacturing company’s systems
within the next three to six months.
Which of the following would provide the security administrator with the MOST diverse perspective?

A. Platform-specific security benchmark for the company’s specific systems
B. Manufacturing security auditing requirements
C. Academic security research on emerging technologies
D. Security regulations from other industry verticals

A

D. Security regulations from other industry verticals

18
Q

An administrator is beginning an authorized penetration test of a corporate network. Which of the following
tools would BEST assist in identifying potential attacks?

A. Netstat
B. Honeypot
C. Company directory
D. Nmap

A

D. Nmap

19
Q

A network technician discovered the usernames and passwords used for network device configuration have

been comprimised by a user with a packet sniffer. Which of the following would secure the credentials from
sniffing?

A. Implement complex passwords.
B. use SSH for remote access.
C. Configure SNMPv2 for device management.
D. Use TFTP to copy device donfiguration.

A

B. use SSH for remote access.

20
Q

A security engineer is looking to purchase a fingerprint scanner to improve the security of a datacenter.
Which of the following scanner characteristics is the MOST critical to successful implementation?

A. Low false rejection rate
B. High false rejection rate
C. High false acceptance rate
D. Low crossover error rate

A

D. Low crossover error rate

21
Q

A technician, who is managing a secure B2B connection, noticed the connection broke last night. All
networking equipment and media are functioning as expected, which leads the technician to question certain
PKI components. Which of the following should the technician use to validate this assumption? (Select
TWO).

A. PEM
B. CER
C. SCEP
D. CRL
E. OCSP
F. PFX

A

D. CRL
E. OCSP

22
Q

In order to prevent the possibility of a thermal shutdown, which of the following physical controls should be
implemented in the datacenter?

A. Hot and cold aisles
B. Air-gapped servers
C. Infrared detection
D. Halon suppression

A

A. Hot and cold aisles

23
Q

A user wants to send a confidential message to a customer to ensure unauthorized users cannot access the
information. Which of the following can be used to ensure the security of the document while in transit and at
rest?
A. BCRYPT
B. PGP
C. FTPS
D. S/MIME

A

D. S/MIME

24
Q

A penetration tester is checking to see if an internal system is vulnerability to an attack using a remote
listener. Which of the following commands should the penetration tester use to verify if this vulnerability
exists? (Select TWO).

A. tcpdump
B. nc
C. nmap
D. nslookup
E. tail
F. tracert

A

B. nc
C. nmap

25
Q

Which of the following is the MAIN disadvantage of using SSO

A. The architecture can introduce a single point of failure.
B. Users need to authenticate for each resource they access.
C. It requires an organization to configure federation.
D. The authentication is transparent to the user.

A

A. The architecture can introduce a single point of failure.

Cybersecurity (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions