Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sec+ Review > Architecture and Design > Flashcards

Architecture and Design Flashcards

1
Q

You are helping to set up a backup plan for your organization. The current plan states that all of the organization’s servers must have a daily backup conducted. These backups are then saved to a local NAS device. You have been asked to recommend a method to ensure the backups will work when needed for restoration. Which of the following should you recommend?

Create an additional copy of the backups in an off-site datacenter

Attempt to restore to a test server from one of the backup files to verify them

Set up scripts to automatically reattempt any failed backup jobs

Frequently restore the server from backup files to test them

A

Attempt to restore to a test server from one of the backup files to verify them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

When conducting forensic analysis of a hard drive, what tool would BEST prevent changing the hard drive contents during your analysis?

Forensic drive duplicator

Software write blocker

Degausser

Hardware write blocker

A

Hardware write blocker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Taylor needs to sanitize hard drives from some leased workstations before returning them to a supplier at the end of the lease period. The workstations’ hard drives contained sensitive corporate data. Which is the most appropriate choice to ensure that data exposure doesn’t occur during this process?

Clear, validate, and document the sanitization of the drives

Purge, validate, and document the sanitization of the drives

Clear the drives

The drives must be destroyed to ensure no data loss

A

Purge, validate, and document the sanitization of the drives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You work for Dion Training as a physical security manager. You are concerned that the physical security at the entrance to the company is not sufficient. To increase your security, you are determined to prevent piggybacking. What technique should you implement first?

Require all employees to wear security badges when entering the building

Install a mantrap at the entrance

Install a RFID badge reader at the entrance

Install CCTV to monitor the entrance

A

Install a mantrap at the entrance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

During a security audit, you discovered that customer service employees have been sending unencrypted confidential information to their personal email accounts via email. What technology could you employ to detect these occurrences in the future and send an automated alert to the security team?

UTM

SSL

MDM

DLP

A

DLP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following hashing algorithms results in a 160-bit fixed output?

NTLM

SHA-2

RIPEMD

MD-5

A

RIPEMD

RIPEMD creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A financial services company wants to donate some old hard drives from their servers to a local charity. The hard drives used in the servers are self-encrypting drives. Still, they are concerned about the possibility of residual data being left on the drives. Which of the following secure disposal methods would you recommend the company use?

Overwrite

Zero-fill

Secure erase

Cryptographic erase

A

Cryptographic erase

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the company’s owner if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donate them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer’s hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend?

Shredding

Degaussing

Wiping

Destroying

A

Wiping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following vulnerabilities involves leveraging access from a single virtual machine to other machines on a hypervisor?

VM migration

VM data remnant

VM sprawl

VM escape

A

VM escape

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Select four security features that you should use with a workstation or laptop within your organization?

Network Sniffer
Cellular Data
MDM
Location Tracking
Cable Lock
Host Based Firewall
CAT 5e STP
Remote Wipe

A

Host based firewall, network sniffer, cable lock, CAT5e STP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the lowest layer (bottom layer) of a bare-metal virtualization environment?

Host operating system

Physical hardware

Guest operating system

Hypervisor

A

Physical hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following describes the overall accuracy of a biometric authentication system?

Crossover error rate

False positive rate

False rejection rate

False acceptance rate

A

Crossover error rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which cloud computing concept is BEST described as focusing on replacing the hardware and software required when creating and testing new applications and programs from a customer’s environment with cloud-based resources?

IaaS

PaaS

SECaaS

SaaS

A

PaaS

Platform as a Service (PaaS) provides the end-user with a development environment without all the hassle of configuring and installing it themselves

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is the most important feature to consider when designing a system on a chip?

Ability to interface with industrial control systems

Type of real-time operating system in use

Space and power savings

Ability to be reconfigured after manufacture

A

Space and power savings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the owner of the company if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donate them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer’s hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend?

Purging

Degaussing

Wiping

Shredding

A

Wiping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Sarah is working at a startup that is focused on making secure banking apps for smartphones. Her company needs to select an asymmetric encryption algorithm to encrypt the data being used by the app. Due to the need for high security of the banking data, the company needs to ensure that whatever encryption they use is considered strong, but also need to minimize the processing power required since it will be running on a mobile device with lower computing power. Which algorithm should Sarah choose in order to provide the same level of high encryption strength with a lower overall key length?

Diffie-Hellman

ECC

RSA

Twofish

A

ECC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following vulnerabilities involves leveraging access from a single virtual machine to other machines on a hypervisor?

VM sprawl

VM data remnant

VM migration

VM escape

A

VM escape

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following hashing algorithms results in a 160-bit fixed output?

NTLM

SHA-2

SHA-1

MD-5

A

SHA-1

SHA-1 creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following cryptographic algorithms is classified as stream cipher?

AES

DES

RC4

Blowfish

A

RC4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Frank and John have started a secret club together. They want to ensure that when they send messages to each other, they are truly unbreakable. What encryption key would provide the STRONGEST and MOST secure encryption?

ECC with a 256-bit key

DES with a 56-bit key

AES with a 256-bit key

Randomized one-time use pad

A

Randomized one-time use pad

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following authentication mechanisms involves receiving a one-time use shared secret password, usually through a token-based key fob or smartphone app, that does not expire?

EAP

HOTP

Smart card

TOTP

A

HOTP (HMAC-based One-time Password Algorithm)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following would a virtual private cloud infrastructure be classified as?

Infrastructure as a Service

Function as a Service

Software as a Service

Platform as a Service

A

Infrastructure as a Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following is NOT considered part of the Internet of Things?

Laptop

ICS

SCADA

Smart television

A

Laptop

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You have just completed identifying, analyzing, and containing an incident. You have verified that the company uses older unencrypted SSDs as part of their default configuration and the manufacturer does not provide a SE utility for the devices. The storage devices contained top-secret data that would bankrupt the company if it fell into a competitor’s hands. After safely extracting the data from the device and saving it to a new self-encrypting drive, you have been asked to securely dispose of the SSDs. Which of the following methods should you use?

Use a secure erase (SE) utility on the storage devices

Physically destroy the storage devices

Conduct zero-fill on the storage devices

Perform a cryptographic erase (CE) on the storage devices

A

Physically destroy the storage devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which protocol is paired with OAuth2 to provide authentication of users in a federated identity management solution?

ADFS

SAML

OpenID Connect

Kerberos

A

OpenID Connect

OAuth 2 is explicitly designed to authorize claims and not to authenticate users. The implementation details for fields and attributes within tokens are not defined. Open ID Connect (OIDC) is an authentication protocol that can be implemented as special types of OAuth flows with precisely defined token fields.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Dion Training has set up a lab consisting of 12 laptops for students to use outside of normal classroom hours. The instructor is worried that a student may try to steal one of the laptops. Which of the following physical security measures should be used to ensure the laptop is not stolen or moved out of the lab environment?

Cable locks

Entry control roster

Biometric locks

USB locks

A

Cable locks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Dion Training has contracted a software development firm to create a bulk file upload utility for its website. During a requirements planning meeting, the developers asked what type of encryption is required for the project. After some discussion, Jason decides that the file upload tool should use a cipher that is capable of encrypting 8 bits of data at a time before transmitting the files from the web developer’s workstation to the webserver. What of the following should be selected to meet this security requirement?

Hashing algorithm

Stream cipher

CRC

Block cipher

A

Block cipher

A block cipher is used to encrypt multiple bits at a time prior to moving to the next set of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

You just received an email from Bob, your investment banker, stating that he completed the wire transfer of $10,000 to your bank account in Vietnam. The problem is, you do not have a bank account in Vietnam!, so you immediately call Bob to ask happened. Bob explains that he received an email from you requesting the transfer. You insist you never sent that email to Bob initiating this wire transfer. What aspect of PKI could be used to BEST ensure that a sender actually sent a particular email message and avoid this type of situation?

CRL

Trust models

Non-repudiation

Recovery agents

A

Trust models

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Using the image provided, select four security features that you should use to best protect your servers in the data center. This can include physical, logical, or administrative protections.

Antivirus, Mantrap, Cable lock, GPS tracking

Strong passwords, Biometrics, Mantrap, Cable lock

GPS tracking, Biometrics, Proximity badges, Remote wipe

FM-200, Biometric locks, Mantrap, Antivirus

A

FM-200, Biometric locks, Mantrap, Antivirus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What type of scan will measure the size or distance of a person’s external features with a digital video camera?

Signature kinetics scan

Facial recognition scan

Retinal scan

Iris scan

A

Facial recognition scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A company has recently experienced a data breach and has lost nearly 1 GB of personally identifiable information about its customers. You have been assigned as part of the incident response team to identify how the data was leaked from the network. Your team has conducted an extensive investigation, and so far, the only evidence of a large amount of data leaving the network is from the email server. There is one user that has sent numerous large attachments out of the network to their personal email address. Upon closer inspection, those emails only contain pictures of that user’s recent trip to Australia. What is the most likely explanation for how the data left the network?

Steganography was used to hide the leaked data inside the user’s photos

The data was encrypted and emailed it to their spouse’s email account

The files were downloaded from home while connected to the corporate VPN

The data was hashed and then emailed to their personal email account

A

Steganography was used to hide the leaked data inside the user’s photos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Fail To Pass Systems has just been the victim of another embarrassing data breach. Their database administrator needed to work from home this weekend, so he downloaded a copy of the corporate database to his work laptop. On his way home, he forgot the laptop in an Uber, and a few days later, the data was posted on the internet. Which of the following mitigations would have provided the greatest protection against this data breach?

Require data at rest encryption on all endpoints

Require all new employees to sign an NDA

Require data masking for any information stored in the database

Require a VPN to be utilized for all telework employees

A

Require data at rest encryption on all endpoints

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What sanitization technique uses only logical techniques to remove data, such as overwriting a hard drive with a random series of ones and zeroes?

Degauss

Purge

Clear

Destroy

A

Clear

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

You are configuring a RAID drive for a Media Streaming Server. Your primary concern is speed of delivery of the data. This server has two hard disks installed. What type of RAID should you install, and what type of data will be stored on Disk 1 and Disk 2?

RAID 1 - Disk 1 (Mirror) and Disk 2 (Mirror)

RAID 0 - Disk 1 (Mirror) and Disk 2 (Mirror)

RAID 0 - Disk 1 (Stripe) and Disk 2 (Stripe)

RAID 1 - Disk 1 (Stripe) and Disk 2 (Stripe)

A

RAID 0 - Disk 1 (Stripe) and Disk 2 (Stripe)

Since this is a Media Streaming Server, you should implement a RAID 0 which provides disk stripping across both drives. This will increase the speed of the data delivery, but provides no redundancy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Which of the following hashing algorithms results in a 160-bit fixed output?

SHA-2

NTLM

MD-5

RIPEMD

A

RIPEMD

RIPEMD creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is the lowest layer (bottom layer) of a bare-metal virtualization environment?

Host operating system

Hypervisor

Physical hardware

Guest operating system

A

Physical hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

You want to play computer-based video games from anywhere in the world using your laptop or tablet. You heard about a new product called a Shadow PC that is a virtualized Windows 10 Home gaming PC in the cloud. Which of the following best describes this type of service?

PaaS

IaaS

DaaS

SaaS

A

DaaS

Desktop as a Service (DaaS) provides a full virtualized desktop environment from within a cloud-based service. This is also known as VDI (Virtualized Desktop Infrastructure) and is coming in large enterprise businesses that are focused on increasing their security and minimizing their operational expenses

38
Q

You are installing Windows 2016 on a rack-mounted server and want to host multiple virtual machines within the physical server. You just finished the installation and now want to begin creating and provisioning the virtual machines. Which of the following should you utilize to allow you to create and provision the virtual machines?

Hypervisor

Terminal services

Device manager

Disk management

A

Hypervisor

A hypervisor, also known as a virtual machine monitor, is a process that creates and runs virtual machines (VMs). A hypervisor allows one host computer to support multiple guest VMs by virtually sharing its resources, like memory and processing

39
Q

Which technique would provide the largest increase in security on a network with ICS, SCADA, or IoT devices?

Implement endpoint protection platforms

Installation of anti-virus tools

User and entity behavior analytics

Use of a host-based IDS or IPS

A

User and entity behavior analytics

40
Q

Which of the following cryptographic algorithms is classified as symmetric?

Diffie-Hellman

RSA

ECC

RC4

A

RC4

RC4, or Rivest Cipher 4, is a symmetric stream cipher that was used in WEP and TLS. ECC, RSA, and Diffie-Hellman are all asymmetric algorithms.

41
Q

You have just received some unusual alerts on your SIEM dashboard and want to collect the payload associated with it. Which of the following should you implement to effectively collect these malicious payloads that the attackers are sending towards your systems without impacting your organization’s normal business operations?

Containerization

Honeypot

Jumpbox

Sandbox

A

Honeypot

42
Q

Joseph would like to prevent hosts from connecting to known malware distribution domains. What type of solution should be used without deploying endpoint protection software or an IPS system?

Anti-malware router filters

DNS blackholing

Subdomain whitelisting

Route poisoning

A

DNS blackholing

43
Q

Nicole’s organization does not have the budget or staff to conduct 24/7 security monitoring of their network. To supplement her team, she contracts with a managed SOC service. Which of the following services or providers would be best suited for this role?

SaaS

MSSP

PaaS

IaaS

A

MSSP

managed security service provider (MSSP) provides security as a service (SECaaS)

44
Q

Which type of authentication method is commonly used with physical access control systems and relies upon RFID devices embedded into a token?

TOTP

HOTP

Smart cards

Proximity cards

A

Proximity cards

45
Q

Which of the following authentication mechanisms involves receiving a one-time use shared secret password, usually through a token-based key fob or smartphone app, that automatically expires after a short period of time (for example, 60 seconds)?

Smart card

EAP

TOTP

HOTP

A

TOTP

The Time-based One-time Password Algorithm (TOTP) is a refinement of the HOTP. One issue with HOTP is that tokens can be allowed to persist unexpired, raising the risk that an attacker might be able to obtain one and decrypt data in the future. In TOTP, the HMAC is built from the shared secret plus a value derived from the device’s and server’s local timestamps. TOTP automatically expires each token after a short window (60 seconds, for instance).

46
Q

Keith wants to validate the application file that he downloaded from the vendor of the application. Which of the following should he compare against the file to verify the integrity of the downloaded application?

Public key of the file

File size and file creation date

Private key of the file

MD5 or SHA1 hash digest of the file

A

MD5 or SHA1 hash digest of the file

47
Q

Which party in a federation provides services to members of the federation?

SSO

IdP

RP

SAML

A

RP

Relying parties (RPs) provide services to members of a federation.

48
Q

Which of the following cryptographic algorithms is classified as stream cipher?

Blowfish

DES

AES

RC4

A

RC4

RC4, or Rivest Cipher 4, is a symmetric stream cipher that was used in WEP and TLS. AES, Blowfish, and DES are all block ciphers.

49
Q

Which of the following hashing algorithms results in a 160-bit fixed output?

SHA-1

SHA-2

MD-5

NTLM

A

MD-5

SHA-1 creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.

50
Q

Dave’s company utilizes Google’s G-Suite environment for file sharing and office productivity, Slack for internal messaging, and AWS for hosting their web servers. Which of the following cloud models type of cloud deployment models is being used?

Public

Private

Multi-cloud

Community

A

Multi-cloud

Multiple public clouds

51
Q

Frank and John have started a secret club together. They want to ensure that when they send messages to each other, they are truly unbreakable. What encryption key would provide the STRONGEST and MOST secure encryption?

ECC with a 256-bit key

AES with a 256-bit key

Randomized one-time use pad

DES with a 56-bit key

A

Randomized one-time use pad

52
Q

Sarah is working at a startup that is focused on making secure banking apps for smartphones. Her company needs to select an asymmetric encryption algorithm to encrypt the data being used by the app. Due to the need for high security of the banking data, the company needs to ensure that whatever encryption they use is considered strong, but also need to minimize the processing power required since it will be running on a mobile device with lower computing power. Which algorithm should Sarah choose in order to provide the same level of high encryption strength with a lower overall key length?

ECC

RSA

Diffie-Hellman

Twofish

A

ECC

One of the main benefits of ECC over non-ECC cryptography is an application that can achieve the same level of security provided by non-ECC cryptography while using a shorter key length

53
Q

You have recently been hired as a security analyst at Dion Training. On your first day, your supervisor begins to explain the way their network is configured, showing you the physical and logical placement of each firewall, IDS sensor, host-based IPS installations, the networked spam filter, and the DMZ. What best describes how these various devices are placed into the network for the highest level of security?

Load balancer

UTM

Defense in depth

Network segmentation

A

Defense in depth

54
Q

You are helping to set up a backup plan for your organization. The current plan states that all of the organization’s servers must have a daily backup conducted on them. These backups are then saved to a local NAS device. You have been asked to recommend a method to ensure the backups will work when they are needed for restoration. Which of the following should you recommend?

Set up scripts to automatically reattempt any failed backup jobs

Attempt to restore a test server from one of the backup files to verify them

Frequently restore the server from backup files to test them

Create an additional copy of the backups in an off-site datacenter

A

Attempt to restore a test server from one of the backup files to verify them

The only way to fully ensure that a backup will work when needed is to attempt to restore the files from the backups.

55
Q

Which of the following vulnerabilities involves leveraging access from a single virtual machine to other machines on a hypervisor?

VM escape

VM data remnant

VM sprawl

VM migration

A

VM escape

56
Q

You just received an email from Bob, your investment banker, stating that he completed the wire transfer of $10,000 to your bank account in Vietnam. The problem is, you don’t have a bank account in Vietnam! You immediately call Bob to ask what is happening. Bob explains that he received an email from you requesting the transfer. You insist you never sent that email to Bob initiating the transfer. What aspect of PKI is used to BEST ensure that a sender actually sent a particular email message?

Recovery Agents
CRL
Trust Models
Non-Repudiation

A

Non-Repudiation

Non-repudiation occurs when a sender cannot claim they didn’t send an email when they did. A digital signature should be attached to each email sent to achieve non-repudiation. This digital signature is comprised of a digital hash of the email’s contents, and then encrypting that digital hash using the sender’s private key.

57
Q

What sanitization technique uses only logical techniques to remove data, such as overwriting a hard drive with a random series of ones and zeroes?

Destroy
Purge
Degauss
Clear

A

Clear

Clear applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple non-invasive data recovery techniques. Clearing involves overwriting data once (and seldom more than three times) with repetitive data (such as all zeros) or resetting a device to factory settings. Purging data is meant to eliminate information from being feasibly recovered even in a laboratory environment. Destroy requires physical destruction of the media, such as pulverization, melting, incineration, and disintegration. Degaussing is the process of decreasing or eliminating a remnant magnetic field. Degaussing is an effective method of sanitization for magnetic media, such as hard drives and floppy disks

58
Q

Dion Training has contracted a software development firm to create a bulk file upload utility for its website. During a requirements planning meeting, the developers asked what type of encryption is required for the project. After some discussion, Jason decides that the file upload tool should use a cipher capable of encrypting 8 bits of data at a time before transmitting the files from the web developer’s workstation to the webserver. What of the following should be selected to meet this security requirement?

Block cipher
CRC
Hashing Algorithm
Stream Cipher

A

Block cipher

A block cipher is used to encrypt multiple bits at a time prior to moving to the next set of data. Block ciphers generally have a fixed-length block (8-bit, 16-bit, 32-bit, 64-bit, etc.). Stream ciphers encrypt a single bit at a time during its encryption process. Hashing algorithms would not meet the requirement because the data would be encrypted using a one-way hash algorithm and be unusable once on the webserver. A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.

59
Q

What type of scan will measure the size or distance of a person’s external features with a digital video camera?

Signature Kinetics Scan
Facial recognition scan
Iris Scan
Retinal Scan

A

Facial recognition scan

A face recognition system is a computer application capable of identifying or verifying a person from a digital image or a video frame from a video source. A signature kinetics scan measures the action of a user when signing their name and compares it against a known-good example or baseline.

60
Q

What is used as a measure of biometric performance to rate the system’s ability to correctly authenticate an authorized user by measuring the rate that an unauthorized user is mistakenly permitted access?

False rejection rate
Failure to capture
False acceptance rate
Crossover error rate

A

False acceptance rate

61
Q

Which cloud computing concept is BEST described as focusing on the replacement of applications and programs on a customer’s workstation with cloud-based resources?

DBaaS
IaaS
SaaS
PaaS

A

Software as a Service (SaaS) is used to provide web applications to end-users. This can be a calendar, scheduling, invoicing, word processor, database, or other programs. For example, Google Docs and Officer 365 are both word processing SaaS solutions.

62
Q

Keith wants to validate the application file that he downloaded from the vendor of the application. Which of the following should he compare against the file to verify the integrity of the downloaded application?

File size and file creation date
MD5 or SHA1 hash digest of the file
Public key of the file
Private key of the file

A

MD5 or SHA1 hash digest of the file

This file needs to be a verifiable MD5 hash file in order to validate the file integrity has not been compromised during the download. This is an important step to ensure the file was not modified in transit during the download

63
Q

Joseph would like to prevent hosts from connecting to known malware distribution domains. What type of solution should be used without deploying endpoint protection software or an IPS system?

DNS blackholing
Subdomain whitelisting
Anti-malware router filters
Route poisoning

A

DNS blackholing

DNS blackholing is a process that uses a list of known domains/IP addresses belonging to malicious hosts and uses an internal DNS server to create a fake reply.

64
Q

Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password, the email client generates an error messaging stating that “Invalid credentials” were entered. Chris assumes he must have forgotten his password, so he resets his email’s username and password and then reenters them into the email client. Again, Chris receives an “Invalid credentials” error. What is MOST likely causing the “Invalid credentials” error in regard to Chris’s email client?

His email account requires multifactor authentication
His email account is locked out
His smartphone has full device encryption enabled
His email account requires a strong password to be used
Overall explanation

A

His email account requires multifactor authentication

65
Q

used to encrypt multiple bits at a time prior to moving to the next set of data

A

Block ciphers

generally have a fixed-length block (8-bit, 16-bit, 32-bit, 64-bit, etc.)

66
Q

Which of the following cryptographic algorithms is classified as asymmetric?

RC4
ECC
Twofish
DES

A

ECC

67
Q

Twofish
RC4
DES
Blowfish

A

Symmetric algorithms

68
Q

You were conducting a forensic analysis of an iPad backup and discovered that only some of the information is contained within the backup file. Which of the following best explains why some of the data is missing?

The backup is stored in iCloud.
The backup is a differential backup
The backup was interrupted
The backup is encrypted

A

The backup is a differential backup

iPhone/iPad backups can be created as full or differential backups. In this scenario, it is likely that the backup being analyzed is a differential backup that only contains the information that has changed since the last full backup

69
Q

Your company has decided to move all of its data into the cloud. Your company is small and has decided to purchase some on-demand cloud storage resources from a commercial provider (such as Google Drive) as its primary cloud storage solution. Which of the following types of clouds is your company using?

Private
Community
Public
Hybrid

A

Public

the public cloud is defined as computing services offered by third-party providers over the public internet, making them available to anyone who wants to use or purchase them

70
Q

Which of the following cryptographic algorithms is classified as symmetric?

PGP
RSA
ECC
Blowfish

A

Blowfish

71
Q

PGP
RSA
ECC

A

Asymmetric algorithms

72
Q

An electronics store was recently the victim of a robbery where an employee was injured and some property was stolen. The store’s IT department hired an external supplier to expand the store’s network to include a physical access control system. The system has video surveillance, intruder alarms, and remotely monitored locks using an appliance-based system. Which of the following long-term cybersecurity risks might occur based on these actions?

These devices should be scanned for viruses before installation

These devices should be isolated from the rest of the enterprise network

There are no new risks due to the install and the company has a stronger physical security posture

These devices are insecure and should be isolated from the internet

A

These devices should be isolated from the rest of the enterprise network

73
Q

Dion Training has just suffered a website defacement of its public-facing webserver. The CEO believes this act of vandalism may have been done by the company’s biggest competitor. The decision has been made to contact law enforcement, so evidence can be collected properly for use in a potential court case. Laura is a digital forensics investigator assigned to collect the evidence. She creates a bit-by-bit disk image of the web server’s hard drive as part of her evidence collection. Which technology should Laura use after creating the disk image to verify the data integrity of the copy matches that of the original web server’s hard disk?

RSA
AES
SHA-256
3DES

A

SHA-256

74
Q

Your organization requires the use of TLS or IPSec for all communications with an organization’s network. Which of the following is this an example of?

Data in transit
Data in use
Data at rest
DLP

A

Data in transit

75
Q

Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password, the email client generates an error messaging stating that “Invalid credentials” were entered. Chris assumes he must have forgotten his password, so he resets his email’s username and password and then reenters them into the email client. Again, Chris receives an “Invalid credentials” error. What is MOST likely causing the “Invalid credentials” error in regard to Chris’s email client?

His email account requires multifactor authentication

His email account requires a strong password to be used

His email account is locked out

His smartphone has full device encryption enabled

A

His email account requires multifactor authentication

76
Q

You have signed up for a web-based appointment scheduling application to help you manage your new IT technical support business. What type of solution would this be categorized as?

IaaS
PaaS
DaaS
SaaS

A

SaaS

Software as a Service (SaaS) is used to provide web applications to end-users.

77
Q

You have just completed identifying, analyzing, and containing an incident. You have verified that the company uses self-encrypting drives as part of its default configuration. As you begin the eradication and recovery phase, you must sanitize the data on the storage devices before restoring the data from known-good backups. Which of the following methods would be the most efficient to use to sanitize the affected hard drives?

Incinerate and replace the storage devices
Conduct zero-fill on the storage devices
Use a secure erase (SE) utility on the storage devices
Perform a cryptographic erase (CE) on the storage devices

A

Perform a cryptographic erase (CE) on the storage devices

78
Q

Which of the following cryptographic algorithms is classified as asymmetric?

RC4
AES
DES
DSA

A

DSA

79
Q

Dave’s company utilizes Google’s G-Suite environment for file sharing and office productivity, Slack for internal messaging, and AWS for hosting their web servers. Which of the following cloud models type of cloud deployment models is being used?

Public
Community
Private
Multi-cloud

A

Multi-cloud

80
Q

You have recently been hired as a security analyst at Dion Training. On your first day, your supervisor begins to explain the way their network is configured, showing you the physical and logical placement of each firewall, IDS sensor, host-based IPS installations, the networked spam filter, and the DMZ. What best describes how these various devices are placed into the network for the highest level of security?

Defense in depth
Network segmentation
Load balancer
UTM

A

Defense in depth

81
Q

Frank and John have started a secret club together. They want to ensure that when they send messages to each other, they are truly unbreakable. What encryption key would provide the STRONGEST and MOST secure encryption?

AES with a 256-bit key
Randomized one-time use pad
DES with a 56-bit key
ECC with a 256-bit key

A

Randomized one-time use pad

82
Q

Sarah is working at a startup that is focused on making secure banking apps for smartphones. Her company needs to select an asymmetric encryption algorithm to encrypt the data being used by the app. Due to the need for high security of the banking data, the company needs to ensure that whatever encryption they use is considered strong, but also need to minimize the processing power required since it will be running on a mobile device with lower computing power. Which algorithm should Sarah choose in order to provide the same level of high encryption strength with a lower overall key length?

RSA
Diffie-Hellman
ECC
Twofish

A

ECC

Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields.

83
Q

You are working as part of the server team for an online retail store. Due to the upcoming holidays, your boss is worried that the current servers may not be able to handle the increased demand during a big sale. Which of the following cloud computing concepts can quickly allow services to scale upward during busy periods and scale down during slower periods based on the changing user demand?

Rapid elasticity
Metered services
Resource pooling
On-demand

A

Rapid elasticity

84
Q

Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the owner of the company if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donate them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer’s hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend?

Purging
Shredding
Wiping
Degaussing

A

Wiping

Data wiping or clearing occurs by using a software tool to overwrite the data on a hard drive in an effort to destroy all electronic data on a hard disk or other media. Degaussing a hard drive involves demagnetizing a hard drive to erase its stored data. You cannot reuse a hard drive once it has been degaussed. Therefore, it is a bad solution for this scenario. Purging involves the removal of sensitive data from a hard drive using the device’s own electronics or an outside source (like a degausser). A purged device is generally not reusable

85
Q

Which of the following biometric authentication factors relies on matching patterns on the surface of the eye using near-infrared imaging?

Facial recognition
Pupil dilation
Iris scan
Retinal scan

A

Iris scan

Iris scans rely on the matching of patterns on the surface of the eye using near-infrared imaging, and so is less intrusive than retinal scanning (the subject can continue to wear glasses, for instance), and much quicker. Iris scanners offer a similar level of accuracy as retinal scanners but are much less likely to be affected by diseases. Iris scanning is the technology most likely to be rolled out for high-volume applications, such as airport security. There is a chance that an iris scanner could be fooled by a high-resolution photo of someone’s eye.

86
Q

Which term is used in software development to refer to the method in which app and platform updates are committed to a production environment rapidly?

Continuous integration
Continuous delivery
Continuous deployment
Continuous monitoring

A

Continuous deployment

87
Q

Continuous deployment

A

a software development method in which app and platform updates are committed to production rapidly

88
Q

Continuous Delivery

A

Continuous delivery is a software development method in which app and platform requirements are frequently tested and validated for immediate availability

89
Q

Continuous integration

A

a software development method in which code updates are tested and committed to a development or build server/code repository rapidly

90
Q

Continuous Monitoring

A

the technique of constantly evaluating an environment for changes so that new risks may be more quickly detected and business operations improved upon

91
Q

Which of the following ports should you block at the firewall if you want to prevent a remote login to a server from occurring?

80
22
143
21

A

22

Port 22 is used for SSH, which is used by administrators to securely connect remotely to a server and issue commands via a command-line interface. Port 21 is used by FTP, Port 80 is used by HTTP, and port 143 is used by IMAP.

92
Q

Which of the following type of threats did the Stuxnet attack rely on to cross an airgap between a business and an industrial control system network?

Session hijacking
Directory traversal
Cross-site scripting
Removable media

A

Removable media

Airgaps are designed to remove connections between two networks in order to create a physical segmentation between them. The only way to cross an airgap is to have a physical device between these systems, such as using a removable media device to transfer files between them.

!!!! Obj 2.6

Sec+ Review (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions