Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SEC > 601 > Flashcards

601 Flashcards

1
Q

The firewall administrator is adding a new certificate for the company’s remote access solution. The solution requires that the uploaded file contain the entire certificate chain for the certificate to load properly. The administrator loads the company certificate and the root CA certificate into the file. This file upload was rejected. Which of the following is required to complete the certificate chain?

A
  • Intermediate authority
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Joe, a user, wants to configure his workstation to make certain that the certificate he receives when connecting to websites is still valid. Which of the following should joe enable on his station to achieve this?

A

Certificate Revocation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following attacks could be used to initiate a subsequent man-in-the-middle attack?

A

ARP Poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following best describes a security exploit for which a vendor patch is not readily available?

A
  • Zero Day
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An organization wants to move its operations to the cloud. The orgs systems admin will still maintain control of the servers, firewalls, and load balancers in the cloud environment. Which of the following models is the organization considering?

A

Iaas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A CSO’s key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would best meet the CSOs objectives?

A

Implement application whitelisting and centralized even-log management, and perform regular testing and validation of full backups.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The IT dept is deploying new computers. To ease the transition, users will be allowed to access their old and new systems. The helpdesk is receiving reports that users are experiencing the following error when attempting to log in to their previous system:
Login failure: Access denied
Which of the following can cause the issue?

A
  • Misconfigured Devices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

During a routine audit, it is discovered that someone has been using a stale administrator account to log into a seldom used server. The person has been using the server to view inappropriate websites that are prohibited to end users. Which of the following could best prevent this from occurring again?

A
  • Account expiration policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An attacker captures the encrypted communication between two parties for a week but is unable to decrypt the message. The attacker then compromises the session keys during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications but is unable to. This is because the encryption scheme in use adheres to:

A
  • Perfect forward secrecy
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A chief information security officer (CISO) is concerned about the organization’s ability to continue business ops in the event of a prolonged Ddos attack on it’s local datacenter that consumes database resources. Which of the following will the CISO most likely recommend to mitigate this risk?

A
  • Implement a hot-site failover location
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A manufacturer creates designs for very high security products that are required to be protected and controlled by government regulations. These designs are not accessible by corporate networks of the internet. Which of the following is the best solution to protect these designs?

A
  • An air gap
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An organization wants to upgrade its enterprise-wide desktop computer solution. The organization currently has 500 PCs active on the network. The CISO suggests that the organization employ desktop imaging technology for such a large-scale upgrade. Which of the following is a security benefit of implementing an imaging solution?

A
  • It provides a consistent baseline
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An employee receives an email stating that he won the lottery. The email includes a link that requests a name, phone number, address and date of birth be provided to confirm joes ID before sending him the prize. Which of the following best describes the email?

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following can be used by PPP for authentication?

A
  • CHAP
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An attacker is attempting to determine the patch level version that a web server is running on its open ports. Which of the following is an active technique that will most efficiently determine the information the attacker is seeking?

A
  • Vulnerability scanning
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following scenarios would make a DNS sinkhole effective in thwarting attacks?

A
  • Malware is trying to resolve an unregistered domain name to determine if its still running in an isolated sandbox
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

In which of the following situations would it be best to use a detective control type for mitigation?

A
  • A company purchased an IPS system, but after reviewing the requirements, the appliance was supposed to monitor, not block, any traffic.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A user contacts the help the desk after being unable to log into a corporate website. The user can log into the site from another computer in the next office, but not from the PC. The users PC was able to connect earlier in the day. The helpdesk has the user restart NTP service. Afterwards, the user is able to log into the website . The most likely reason for the initial failure was that the website was configured to use which of the following authentication mechanisms?

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A penetration testing team deploys a specifically crafted payload to a web server, which results in operating a new session as the web server daemon. The session has full read/write access to the file system and the admin console. Which of the following best describes the attack?

A
  • Privilege escalation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A security analyst needs to produce a document that details how a security incident occurred, the steps that were taken for recovery, and how future incidents can be avoided. During which of the following stages of the response process will this activity take place?

A
  • Lessons learned
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

An organization received a subpoena requesting access to data that resides on an employees computer. The organization uses PKI. Which of the following is the best way to comply with the request?

A
  • Key recovery agent
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following access control methodologies provides an individual with the most restrictive access rights to successfully perform their authorized duties?

A

-Least Privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following best explains the reason why a server admin would place a doc named password.txt on the desktop of an admin account on a server?

A
  • The doc is a honeyfile and is meant to attract the attention of a cyberintruder
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

In which of the following common use cases would steganography be employed?

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Two companies are partnering to bid on a contract. Normally these companies are fierce competitors but for this procurement they have determined that a partnership is the only way they can the job. Each company is concerned about unauthorized data sharing and wants to ensure other divisions within each company will not have access to property data. To best protect against unauthorized data sharing they should each sign an

A
  • NDA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Several users computers are no longer responding normally and sending out spam email to the users entire contact list. This is an example of which of the following?

A
  • Worm Outbreak
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which of the following attacks initiates a connection by sending specially crafted packets in which multiple TCP flags are set to 1?

A

Xmas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

A company wants to ensure that the validity of publicly trusted certificates used by its web servers can be determined even during an extended internet outage. Which of the following should be implemented?

A

OCSP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

To reduce cost and overhead, an organization wants to move from an on-premises email solutions to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would best meet the needs of the organization?

A

Saas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A systems administrator wants to generate a self-signed certificate for an internal website. Which of the following steps should the systems admin complete prior to installing the certificate on the server?

A
  • Provide the public key to the internal CA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A pharmaceutical sales rep logs on to a laptop and connects to the public wifi to check emails and update reports. Which of the following would be best to prevent other devices on the network from directly accessing the laptop?

A

A host based firewall

- A VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

A security admin suspects there may be unnecessary services running on a server. Which of the following will the admin most likely use to confirm the suspicions?

A

Nmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Joe, a salesman, was assigned to a new project that requires him to travel to a client site. While waiting for a flight, Joe decides to connect to the airport wireless network without connecting to a VPN, and then sends confidential emails to fellow colleagues. A few days later, the company experiences a data breach. Upon investigation, the company learns joes emails were intercepted. Which of the following most likely caused the data breach?

A
  • Policy Violation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which of the following algorithms has well documented collisions?

A

MD5

- SHA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

The IT departments on-site developer has been with the team for many years. Each time an application is released, the security team is able to ID multiple vulnerabilities. Which of the following would best help the team ensure the application is ready to be released to production?

A
  • Submit the application to QA before releasing it
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Attackers have been using revoked certificates for MITM attacks to steal credentials from employees of company.com. Which of the following options should company.com implement to mitigate these attacks?

A

-OCSP Stapling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

An org wants to ensure servers and apps can be deployed rapidly, in a consistent manner, and allow flexible configuration changes. Which of the following should the org use to make this process repeatable across multiple locations?

A

Elasticity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Which of the following are moist susceptible to birthday attacks?

A
  • Hashed passwords
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

When generating a request for a new x.509 certificate for security a websie, which of the following is the most appropriate hashing algorithm?

A

MD5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

A company must implement management controls to deter system administrators from making unauthorized changes to sensitive systems. Which of the following should the company implement?

A

-Remove syslog server inaccessible by system administrators.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

A CIO recently saw on the news that a significant security flaw exists with a specific version of a technology the company uses to support many critical apps. The CIO wants to know if this reported vulnerability exists in the organization and, if so, to what extent the company could be harmed. Which of the following would best provide the needed information?

A

-Vulnerability Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following best indicates that valid credentials were used?

A
  • The scan enumerated software versions of installed programs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

A security analyst is hardening a WIFI infrastructure. The primary requirements are the following:
The infrastructure must allow staff to authenticate using the most secure method
The infrastructure must allow guests to use the “open” wifi network that logs valid email addresses before granting access to the internet.
Given these, which of the following statements best represents what the analyst should recommend and configure?

A
  • Configure a captive portal for guests and WPA2 Enterprise for staff
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Which of the following refers to applications and systems that are used within an org without consent or approval?

A

-Shadow IT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

A CSO is concerned about the amount of PII that is stored locally on each salespersons laptop. The sales department has a higher-than-average rate of lost equipment. Which of the following recommendations would best address the CSOs concern?

A
  • Implement managed FDE
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

A cyber security manager has scheduled biannual meeting with the IT team and dept leaders to discuss how they would respond to hypothetical cyber attacks. During these meetings, the manager presents a scenario and injects additional info throughout the session to replicate what might occur in a dynamic cybersecurity event involving the company, it’s facilities, it’s data, and its staff. Which of the following describes what the manager is doing?

A
  • Conducting a tabletop exercise
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

A technician is configuring a wireless guest network. After applying the most recent changes the technician finds that new devices can no longer find the wireless network by name but existing devices are still able to use the wireless network. Which of the following security measures did the technician most likely implement to cause this scenario?

A
  • Deactivation of SSID broadcast
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Which of the following is characterized by an attacker attempting to map out an organizations staff hierarchy in order to send targeted emails?

A

Whaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

The IT dept needs to prevent users from installing apps. Which of the following would provide the best solution?

A
  • Least Privilege
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

A technician needs to prevent data loss in a laboratory. The lab is not connected to any networks. Which of the following methods would best prevent the exfiltration of data?

A

Drive Encryption

- USB Blocker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

The process of applying a salt and a cryptographic hash to a password then repeating the process many times is known as which of the following?

A
  • Key Stretching
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

An org is developing a plan in the event of a complete loss of critical systems and data. Which of the following plans is the organization most likely developing?

A
  • Disaster recovery
53
Q

A Network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control type is an IDS?

A

Detective

54
Q

Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being described?

A

Vishing

55
Q

A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would best support the policy?

A
  • Mobile device management
56
Q

Pete’s corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number. Users then need to enter the code provided to them by the helpdesk technician prior to allowing the technician to work on their PC. Which of the following does this procedure prevent?

A

Impersonation

57
Q

While on a business trip, a users mobile device goes missing. The user immediately contacts the organizations service desk to report the incident. Which of the following actions is the best response to protect the data stored on the users mobile device?

A

-Remotely wipe the mobile device via the mobile device manager to ensure the data is not compromised

58
Q

Which of the following types of penetration test will allow the tester to have access only to the password hashes prior the penetration test?

A
  • Gray box
59
Q

A security engineer is making changes to a corporate network to facilitate the expansion of corporate connectivity to guest users. The security engineer is concerned with unauthorized users accessing sensitive systems that also require network connectivity. Given the engineers requirements, which of the following is the best method of securing the sensitive information?

A
  • Place an air gap around the sensitive systems
60
Q

Which of the following should be used to create a hash of a source code file that can be used to ensure the file was not altered during transmission?

A

MD5

61
Q

A company is implementing a system to transfer direct deposit information to a financial institution. One of the requirements is that the financial institution must be certain that the deposit amounts within the file have not been changed. Which of the following should be used to meet the requirement?

A
  • Digital signatures
62
Q

Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?

A
  • Mac Filtering
63
Q

After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult first to determine a priority list for forensic review?

A
  • The vulnerability scan output
64
Q

An admin wants to configure the security setting in the AD domain to force users to use a unique password at least 10 times before an old password can be used. Which of the following security controls is the admin enforcing?

A
  • Password history
65
Q

A consultant has been tasked to assess a clients network. The client reports frequent network outages. Upon viewing the spanning tree configuration, the consultant notices that an old and low performing edge switch on the network has been elected to be the root bridge. Which of the following explains the scenario?

A
  • The switch has the lowest MAC address
66
Q

A user is able to access shares that store confidential information that is not related to the users current job duties. Which of the following should be implemented to prevent this from occurring?

A

Authorization

67
Q

Every morning a systems admin monitors failed login attempts on the company’s log management server. The admin notices the DBAdmin account has five failed username and or password alerts during a ten minute window. The system admin determines the user account is a dummy account used to attack attackers. Which of the following techniques should the systems admin implement?

A

Honeypot

68
Q

On which of the following is the live acquisition of data for forensic analysis most dependent?

A
  • Value and volatility of data

- Cryptographic or hash algorithm

69
Q

Ann, a security admin, is hardening the user password policies. She currently has the following in place. Password expire every 60 days. Password at least eight characters. Password must contain at least one capital letter and one numeric character. Password cannot be reused until the password has bee changed eight times. She learns that several employees are still using their original password after the 60 day forced changed. Which of the following can she implement to best mitigate this?

A
  • Create a rule users can only change their passwords once every two weeks
70
Q

The help desk is receiving numerous password change alerts from users in the accounting department. These alerts occur multiple times on the same day for each of the affected user accounts. Which of the following controls should be implemented to curtail this activity?

A
  • Password minimum age
71
Q

The IT dept at a university is concerned about professors placing servers on the university in an attempt to bypass security controls. Which of the following best represents this type of threat?

A
  • Shadow IT
72
Q

While responding to an incident on a new Windows server, the admin needs to disable unused services. Which of the following commands can be used to see processes that are listening on a TCP port?

A

netstat

73
Q

A technician wants to verify the authenticity of the system files of a potentially compromised system. Which of the following can the technician use to verify if a system file was compromised?

A
  • SHA

- MD5

74
Q

A certificate authority takes which of the following actions in PKI?

A
  • Issues and signs all root certificates
75
Q

Joe, a website admin, believes he owns the intellectual property for a company invention and has been replacing image files on the company’s public facing website in the DMZ. Which of the following controls can be implemented to mitigate this type of insider threat?

A
  • File integrity monitoring
76
Q

A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would best prevent this attack from reoccurring?

A
  • Configure the perimeter firewall to deny inbound external connections to SMB ports
77
Q

An attacker uses a network sniffer to capture the packets of a transaction that adds $20 to a gift card. The attacker then uses a function of the sniffer to push those packets back onto the network again adding another $20. This can be done many times. Which of the following describes this type of attack?

A
  • Replay attack
78
Q

A company hosts sites for multiple vendors and provides info to users globally. Which of the following is a critical security consideration in this environment?

A

-Access controls to prevent users from accessing the entire data warehouse

79
Q

A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue?

A

Create a heatmap

-Perform a site survey

80
Q

Which of the following is the purpose of a risk register?

A
  • To formally log the type of risk mitigation strategy the organization is using
81
Q

A security analyst has been dealing with a large number of malware infections on workstations with legacy operating systems. The infections are not being detected by the current AV suite. Further analysis shows that signatures are up to date and the AV engines are functioning correctly. The company is unable to afford next generation AV that prevents these types of attacks. Which of the following methods should the security analyst employ to prevent future outbreaks?

A

-Patch Management

82
Q

An analyst needs to id the application a user was running and the files that were open before the users computer was shut off by holding down the power button. Which would most likely contain that info?

A

Pagefile

83
Q

The CSO has issued a new policy that requires that all internet websites be configured for HTTPS traffic only. The network admin has been tasked to update all internal sites without incurring additional costs. Which is the best solution for the network admin to secure each internal website?

A
  • Use certs signed by the company CA
84
Q

Which of the following remote authentication methods uses a reliable transport layer protocol for communication?

A

TACACS+

85
Q

A security analyst is investing a potential breach. Upon gathering, documenting, and securing the evidence, which is the next step to minimize the business impact?

A
  • Remove malware and restore the system to normal operation
86
Q

An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include- Check in chek out credentials. The ability to use but not know the password, Automated password changes. Logging of access to credentials. Which would meet the requirements?

A
  • An Open ID Connect authentication system
87
Q

A distributed denial of service attack can best be described as-

A
  • Multiple computers attacking a single target in an organized attempt to deplete its resources.
88
Q

Which is an asymmetric function that generates a new and separate key every time it runs?

A

PBKDF2

89
Q

Following a prolonged datacenter outage that affected web based sales, a company has decided to move its operations ti a private cloud solution. The security team has received the following requirements- Must be visibility into how teams are using cloud based services. The company must be able to identify when data related to payment cards is being sent to the cloud. Data must be available regardless of the end users geographic location. Admin needs a single pane of glass view into traffic and trends. Which should the security analyst recommend?

A
  • Implement a CASB solution
90
Q

Confidential emails from an organization were posted to a website without the organizations knowledge. Upon investigation it was determined that the emails were obtained from an internal actor who sniffed the emails in plain text. Which protocols, if properly implemented, would have most likely prevented the emails from being sniffed?

A

S/MIME

-SMTPS

91
Q

An employee has been writing a secure shell around software used to secure executable files. The employee has conducted the appropriate self-test and is ready to move the software into the next environment. Which environments is the employee currently working?

A

Development

92
Q

A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which is s key security implication of this heterogeneous device approach?

A
  • Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.
93
Q

An administrator is testing the collision resistance of different hashing algorithms. Which is the strongest collision resistance test?

A
  • Find a common hash between two specific messages
94
Q

A security administrator is developing training for corporate users on basic security principles for personal e-mail accounts. Which should be mentioned as the most secure way for password recovery?

A
  • Sending a pin to a smartphone thru text messages
95
Q

A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be non-disruptive and user friendly. Which technologies should the IT manager use when implementing MFA?

A
  • One Time Passwords
96
Q

A system admin wants to implement a wireless protocol that will allow the organization to authenticate mobile devices prior to providing users with a captive portal at login. Which should the systems admin configure?

A
  • EAP-TTLS
97
Q

Which is an active penetration testing method?

A
  • Running a port scanner against the targets network
98
Q

A security admin needs to address the following audit recommendations for a public-facing SFTP server. Users should be restricted to upload and download files to their own home directories only users should not be allowed to use interactive shell login. Which configuration parameters should be implemented?

A

ChootDiectory

-PermitTTY

99
Q

A Startup company is using multiple SaaS and IaaS platforms to stand up to a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be best to provide security, manageability, and visibility into platforms?

A

CASB

100
Q

A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which best describes this process?

A

-Continuous Integration

101
Q

A company is planning to encrypt the files in several sensitive directories of a file server with a symmetric key. Which could be used?

A

TwoFish

102
Q

An organization’s help desk is flooded with phone calls from users stating they can no longer access certain websites. The help desk escalates the issue to the security team, as these websites were accessible the previous day. The security analysts run the following command ipconfig/flushdns but the issue persists. Finally, an analyst changes the DNS server for an impacted machine and the issue goes away. Which most likely occurred on the original DNS server?

A

-DNS Cache Poisoning

103
Q

A company uses digital signatures to sign contracts. The company requires external entities to create an account with a third party digital signature provider and to sign an agreement stating that they will protect the account from unauthorized access. Which security goal is the company trying to address in the given scenario?

A
  • Due Diligence
104
Q

A security analyst is reviewing a new website that will soon be made publicly available. They see the following url…The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is able to browse the website with the following url…(different number at the end) Which application attack is being tested?

A
  • Session Replay
105
Q

A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third party libraries that were shared among several applications. Which would be best to prevent this issue from reoccurring?

A

Containerization

106
Q

In which of the following risk management strategies would cyber security insurance be used?

A

Transference

107
Q

Which would best deter an attacker trying to brute force 4-digit PIN numbers to access an account at a bank teller machine?

A

-Account lockout settings

108
Q

Which are primary differences between an incremental and differential backup?

A
  • Differential backups only backup files since the last full backup
  • Incremental backups take less time to complete
109
Q

A company recently set up an e-commerce portal to sell its products online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard. Which of the following standards must the company compy with before accepting credit cards on its ecommerce platform?

A

-PCI DSS

110
Q

Users are encouraged to click on a link in an email to obtain exclusive access to the newest version of a popular Smartphone. This is an example of

A

Scarcity

111
Q

A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility over the patch posture of all company’s clients. Which is being used?

A

-Gray box testing

112
Q

A company wants to ensure that all software executing on a corporate server has been authorized to do so by a central control point. Which can be implemented to enable such control?

A

-Mandatory access controlled

113
Q

An internal attacker can modify the ARP cache of an internal computer. Which type of attack is described?

A

Spoofing

114
Q

Which should be put in place when negotiating with a new vendor about the timelines of a response to a significant outage or incident?

A

SLA

115
Q

A university with remote campuses, which all use different service providers, lost internet connectivity across all locations. After a few minutes, internet and voip services are restored , only to go offline again at random intervals typically within four minutes of services being restored. Outages continue throughout the day, impacting all inbound and outbound connections and services. Later that day, the edge router manufacturer releases a cve outlining the ability of an attacker to exploit the SIP protocol handling on devices, leading to resource exhaustion and system reloads. Which best describes the attack?

A

Memory leak

-DoS

116
Q

A company recently transitioned to a BYOD culture due to the cost of replacing lost or damaged corporate owned mobile devices. Which technologies best balance BYOD culture while also protecting company data?

A

Containerization

117
Q

A network admin has a separate user account with rights to the domain admin group. However, they cannot remember the password to this account and are not able to login to the server when needed. Which is most accurate in describing the type of issue the admin is experiencing?

A

Authentication

118
Q

An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following best explains the appliances vulnerable state?

A
  • The system was configured with weak default security settings
119
Q

Which attack type is most likely to cause damage or data loss for an organization and be difficult to investigate?

A
  • Malicious insider
120
Q

A company hires a penetration testing team to test its overall security posture. The org has not disclosed any info to the penetration testing team and has allocated five days for testing. Which of the following types of testing will the penetration testing team have to conduct?

A

-Black box

121
Q

Vendor diversity is considered an architectural best practice because

A
  • It mitigates the risk of a programming flaw affecting the entire architecture
122
Q

A company wants to implement an access management solution that allows employees to use the same username and passwords for multiple applications without having to keep multiple credentials synchronized. Which would best meet these requirements?

A

SSO

-Federation

123
Q

A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be best for the company to implement?

A

Mandatory

124
Q

A RAT that was used to compromise an organization’s banking credentials was found on a users computer. The RAT evaded antivirus detection. It was installed by a user who has local admin rights to the system as a part of a remote management tool set. Which recommendations would best prevent this from reoccurring?

A

-Enforce application whitelisting

125
Q

Which of the following will help prevent smurf attacks?

A
  • Disabling directed broadcast on border routers
126
Q

Which of the following is most likely to outline the roles and responsibilities of data controllers and data processors?

A

GDPR

127
Q

An enterprise needs to be able to receive files that contain PII from many customers at different times. The data must remain encrypted during transport and while at rest. Which encryption solutions would meet these requirements?

A

PGP

128
Q

Which of the following will most likely adversely impact the operations of unpatched traditional programmable-logic controllers, running a back end LAMP server and OT systems with human management interfaces that are accessible over the internet via web interface?

A
  • server side request forgery

- data exfiltration

129
Q

An administrator must select an algorithm for creating hashes of critical system files in order to later detect any unauthorized changes. Which could the admin use?

A

SHA512

-RIPEMD

SEC (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions