90 min timer Flashcards by Guadalupe Banuelos

How well did you know this?

Not at all

Perfectly

What should a contract with a cloud provider include so that the customer may check that the cloud provider is adhering to their stated security requirements?

A
SLA

B
Clean desk policy

C
Right-to-audit clause

D
SOW

C
Right-to-audit clause

How well did you know this?

Not at all

Perfectly

A company has a satellite office that needs a constant connection to the headquarters’ network. What type of solution should they implement to create a secure network channel between locations?

A
Remote access VPN

B
Network emulator

C
Site-to-site VPN

D
Managed switch

C
Site-to-site VPN

How well did you know this?

Not at all

Perfectly

In which of the following exercises might participants be required to restore from backups or have systems turned off to emulate outages?

A
Simulation

B
Tabletop

C
Documentation review

D
Walkthrough

A
Simulation

How well did you know this?

Not at all

Perfectly

An administrator has created a set of standard security settings that should be applied to all workstations. They realize that they need to make changes to the default security settings. Using a centralized management tool, they make adjustments to the security baseline.

What stage of the baseline lifecycle are they in?

A
Establishing a baseline

B
Patch management

C
Maintaining a baseline

D
Deploying a baseline

C
Maintaining a baseline

How well did you know this?

Not at all

Perfectly

Which activity involves actively probing systems to discover vulnerabilities?

A
Reporting

B
Scanning

C
Log aggregation

D
Alerting

B
Scanning

How well did you know this?

Not at all

Perfectly

Which framework is used to standardize the sharing of security-related information?

A
SCAP

B
EAP

C
RADIUS

D
OCSP

A
SCAP

How well did you know this?

Not at all

Perfectly

A technician is on-site at a manufacturing plant attempting to troubleshoot a system that manages the industrial control system. The information from this system is piped to a booth where a human-interface component displays all the relevant information and warnings.

Which of the following is being described in this scenario?

A
SCADA

B
RTOS

C
IoT

D
SoC

A
SCADA

How well did you know this?

Not at all

Perfectly

Which of the following types of security controls is a highly visible CCTV camera?

A
Corrective

B
Preventative

C
Deterrent

D
Compensating

C
Deterrent

How well did you know this?

Not at all

Perfectly

Which type of attack does not get installed directly onto a system, but runs only in memory?

A
Backdoor

B
Spyware

C
Fileless

D
Rootkit

C
Fileless

How well did you know this?

Not at all

Perfectly

An attack has just been discovered within a production server. The administrators scramble to collect information in a forensic manner while alerting the authorities. The concern now is how to ensure that evidence of the attack is preserved.

Which term is used to summarize the life expectancy of various types of data that should be captured during forensic analysis?

A
Order of volatility

B
Time of check

C
Chain of custody

D
Time of use

A
Order of volatility

How well did you know this?

Not at all

Perfectly

An e-commerce site wants to allow users to store their credit card numbers without keeping the actual account numbers in their database. What security solution can they use that allows them to substitute the numbers for the real ones when needed?

A
Salting

B
Hashing

C
Tokenization

D
Attestation

C
Tokenization

How well did you know this?

Not at all

Perfectly

The Coca-Cola secret recipe would likely be classified as which of the following?

A
Critical

B
Private

C
Proprietary

D
Sensitive

C
Proprietary

How well did you know this?

Not at all

Perfectly

A company is making considerations for the infrastructure of their web application. They want to include a clause in the SLA with their cloud provider that guarantees that if there is a problem with the load balancer, they will fix it within 1 hour.

What type of factor are they looking to implement in this situation?

A
Ease of deployment

B
Inability to patch

C
Scalability

D
Risk transference

How well did you know this?

Not at all

Perfectly

Which term describes the moment when a system accesses a resource it has been granted access to?

A
Time-of-check

B
Out-of-cycle

C
Target-of-evaluation

D
Time-of-use

How well did you know this?

Not at all

Perfectly

How well did you know this?

Not at all

Perfectly

Which of the following is the amount of risk associated with an activity if NO risk mitigation is applied?

A
Control risk

B
Risk appetite

C
Inherent risk

D
Residual risk

C
Inherent risk

How well did you know this?

Not at all

Perfectly

A computer manufacturer needs to select a supplier of memory modules. To do so, they are currently evaluating some vendors’ financial stability, business reputation, quality, and compliance with regulations.

What process are they engaged in?

A
Due diligence

B
Conflict of interest

C
Right-to-audit clause

D
Supply chain analysis

A
Due diligence

How well did you know this?

Not at all

Perfectly

Which of the following techniques is commonly used on receipts to conceal credit card numbers?

A
Pseudo-anonymization

B
Data masking

C
Data minimization

D
Tokenization

B
Data masking

How well did you know this?

Not at all

Perfectly

Which of the following attacks takes advantage of weaknesses in how passwords are stored?

A
Password spraying

B
Brute force

C
Rainbow table

D
Dictionary

C
Rainbow table

How well did you know this?

Not at all

Perfectly

A security administrator is creating a plan that lays out the steps to perform to restore services in case there is a fire in their new data center. It outlines what to prioritize to return the system to its normal operating state.

Which of the following is the administrator creating?

A
DRP

B
BCP

C
SDLC

D
AUP

A
DRP

How well did you know this?

Not at all

Perfectly

A security engineer has discovered a vulnerability in a web application they are testing. One of the fields for user input provides an ability for a user to run code against the database.

Which type of attack takes advantage of a website that runs malformed database code?

A
Session hijacking

B
SQL injection

C
XSS

D
Brute force

B
SQL injection

How well did you know this?

Not at all

Perfectly

A company is evaluating biometric authentication devices. They discover that one type frequently authenticates users who should not be allowed in the system. What type of issue is that system experiencing?

A
UA

B
IAPMR

C
FAR

D
FRR

C
FAR

How well did you know this?

Not at all

Perfectly

You are instructing a group of junior administrators on the OSI model. You’ve explained that the data link layer is the one that transfers information between adjacent network nodes. Several different protocols operate on this level, including the two sublayers, logical link control, and media access control. This layer also houses several authentication technologies.

What is an example of a data link layer authentication technology?

A
802.16

B
802.11

C
802.1x

D
802.3

C
802.1x

How well did you know this?

Not at all

Perfectly

Transport encryption is important during transmission of data to retain confidentiality and prevent unauthorized individuals from having access to the information, especially over the internet. What is used for secure web browsing? A PPTP B SNMP C SSL D S/MIME

C SSL

Which of the following techniques is difficult to perform effectively since it involves stripping all PII from a user's record? A Data minimization B Data masking C Tokenization D Anonymization

D Anonymization

Which of the following refers to disconnecting critical systems from the rest of the network to protect them? A Containment B Segmentation C Isolation D Microsegmentation

C Isolation

Which of the following types of malware uses cryptography? A Logic bomb B Ransomware C Keylogger D RAT

B Ransomware

An administrator runs a vulnerability scan on their network. They discover a vulnerability on a web server that is classified as Error Messages. Which of the following situations is MOST likely causing this classification? A The web server is allowing telnet access to it B The web server has default user credentials C The web server is in debug mode D The web server is running on an outdated operating system

C The web server is in debug mode

Various outages have forced the SysOps manager at Acme Inc. to review the overall incidents to predict potential failures. They are trying to identify the arithmetic mean time for a system to be made functional again. Considering they have several maintenance contracts, they want to ensure that these values are within their contractual limits. Which of the following would the SysOps manager be calculating? A RTO B MTBF C MTTR D RPO

C MTTR

The organization is growing and adding more systems to its environment. They are realizing that updating each individual machine is not only cumbersome, but is causing compatibility issues with a variety of their business software. What should they use to test, handle, and deploy updates to multiple machines at the same time? A Segmentation B Encryption C Configuration enforcement D Patch management

D Patch management

Where can a security analyst find and share information about threats with a community of others in the same industry? A OSINT B Penetration testing C ISAC D Bug bounty system

C ISAC

The Smith Corporation has begun to grow, and they are looking for solutions to administer to ensure compliance in their bring-your-own-device (BYOD) environment that has now grown beyond 30. What administrative tool is used by an enterprise to manage BYOD devices? A RADIUS B MDM C IDS D SASE

B MDM

A company wants to give their users the freedom to install any extra applications they feel that they need to be more productive. However, there are a few applications they do not want users to install because they may impact productivity. What type of solution should they implement for this? A Allow list B Block list C Quarantine D Isolation

B Block list

Diffie-Hellman (DH) provides a solution for someone who wants to securely exchange encryption keys for primary communications but needs to do it in a way that prevents eavesdroppers from obtaining the key. The process DH uses to prevent the key from being obtained involves creating temporary public and private keys that expire after a set time. What type of keys are these? A Static B Dynamic C Ephemeral D Self-destructive

C Ephemeral

A security auditor is evaluating the risk of a proposed change that has come in the form of a change request. The auditor determines that the change introduces a great risk and that it should not be implemented. What is the term used when an organization decides not to carry out a proposed plan because the risk factor is too great? A Risk avoidance B Risk acceptance C Risk transference D Risk mitigation

A Risk avoidance

Which of the following database security solutions conceals sensitive information but makes it available for later use if needed? A Normalization B Tokenization C Salting D Hashing

B Tokenization

A company has a critical web application that needs extra security against web-based attacks. Which should be placed in front of the server to aid in protecting it? A UTM B WAF C NGFW D Application-layer firewall

B WAF

A user received an email indicating that they had a virus and needed to download the attached report. The attachment was actually a malicious file that gave the attacker direct access to the user's workstation. What did the hacker likely use to bypass normal authentication methods to gain access to the system? A Privilege escalation B Brute force attack C Backdoor D SQL injection

C Backdoor

A company is concerned about the ease of recovery of their marketing website that they are hosting in the cloud. Which of the following measures makes it easiest to recover after an issue? A Keeping virtual machine backups B Storing backups offsite on tapes C Implementing incremental backups D Burning data backups to DVD

A Keeping virtual machine backups

Which of the following hashing algorithms, designed by the NSA and published by the NIST, is grouped into four families of varying usage and currency? A SHA B MD5 C Blowfish D AES

A SHA

An attacker is using open-source intelligence to build a picture of the potential victim but is not using any tools to send information to the target and analyze responses. Which of the following BEST describes what they are doing? A Passive reconnaissance B Self-assessment C Phishing D Attestation

A Passive reconnaissance

A company has been managing its IT infrastructure manually, which has led to errors in configuration. What practice can they start using to define and manage their IT infrastructure through scripts to improve automation, scalability, and repeatability? A SaaS B IaC C IaaS D IDF

B IaC

Which of the following types of logs could record information about failed driver launches or a computer shutting down? A Security B System C Dump files D Application

B System

While sitting in a coffee shop, an individual decides to play a prank. They send maintenance messages and other carrier codes to users in the shop to make their devices act strangely. Which attack is this person performing that sends messages to mobile devices to make it appear that they are malfunctioning? A War driving B DDoS C Bluejacking D IV attack

C Bluejacking

Which of the following types of log files might a program use to record normal events? A System B Application C Dump file D Security

B Application

Which type of sensor is commonly used for security and relies on heat radiation? A Ultrasonic B Pressure C Infrared D Microwave

C Infrared

Which of the following types of plans is necessary to ensure that individuals know who to share information with during the containment phase of an incident response? A Retention policy B Business continuity plan C Disaster recovery plan D Communication plan

D Communication plan

A developer is looking to test their application across several versions of an operating system but only has one physical machine to perform the work on. What allows a machine to run multiple virtual machines on one physical machine? A Infrastructure as code B RTOS C Hypervisor D SCADA

C Hypervisor

Which of the following protocols should they use? A RADIUS B OAuth C Kerberos D TACACS+

D TACACS+

An attacker is trying to crack a password. When the list of common words and phrases fails, the attacker switches gears and begins to use a password attack that generates guesses for every potential password combination. What password attack is being used? A Brute force B Spraying C Guessing D Dictionary

A Brute force

An administrator found a word processing document and wants to find out who authored it. Where can they look for this information? A Endpoint log B Packet captures C Metadata D Firewall log

C Metadata

Who is responsible for overseeing the enforcement of policies that govern the usage and protection of data? A Data steward B Data processor C Data controller D Data owner

D Data owner

An attacker intercepts a user's authentication mechanism to a system and reuses it to gain unauthorized access to the system. What type of attack is being done in this scenario? A Downgrade attack B CSRF C DDoS D Credential replay

D Credential replay

Which SSO system is commonly used by organizations for directory services? A LDAP B OpenID C Auth0 D Shibboleth

A LDAP

Which of the following is an example of a fail-closed failure mode? A A web application server sends unencrypted data if it cannot contact its hardware security module B An IPS allows all network traffic through if it encounters an error C A switch broadcasts all packets after a MAC flood attack D A door locks shut in case of a power failure

D A door locks shut in case of a power failure

In a federation, which term describes the entity that attests a user is who they claim to be? A RP B Principal C IdP D SP

C IdP

Which of the following vectors exploits trust relationships with third parties? A Email B Supply chain C Removable media D Social media

B Supply chain

You are explaining the elements of security to a junior administrator in the organization. You are discussing methods that a hacker has used to gain access to a system. These are examples of which of the following? A Intelligence sources B Threat actors C Risks D Threat vectors

D Threat vectors

A company has a BYOD mobile device deployment method. Some employees keep sensitive corporate information on their devices. Which feature of an MDM tool ensures that corporate data is kept separate from personal data on users' devices? A Application management B Remote wipe C Intrusion detection systems D Content management

D Content management

Which architecture type is used to add security to blockchain technology? A Serverless B Logical segmentation C On-premises D Decentralized

D Decentralized

A company is classifying its data. They have some user manuals for products they have created. How should this type of data be classified? A Sensitive B Critical C Public D Confidential

C Public

An organization is working to improve the security of their email to prevent spam and phishing attempts. They are currently creating a policy that determines if messages should be accepted, rejected, or quarantined. What type of protocol are they working with? A DKIM B SPF C DNS D DMARC

D DMARC

An administrator has a web server that they want to make public on their network. They place the web server between two firewalls, with one firewall facing the internet and the other facing a network of workstations. What term BEST describes the location of the web server? A Air-gap network B Perimeter network C Private LAN D Intranet

B Perimeter network

Which threat vector can be identified by performing regular scans on internal networks? A Open service ports B Memory leaks C Watering holes D Removable devices