Architecture and Design Flashcards
You are helping to set up a backup plan for your organization. The current plan states that all of the organization’s servers must have a daily backup conducted. These backups are then saved to a local NAS device. You have been asked to recommend a method to ensure the backups will work when needed for restoration. Which of the following should you recommend?
Create an additional copy of the backups in an off-site datacenter
Attempt to restore to a test server from one of the backup files to verify them
Set up scripts to automatically reattempt any failed backup jobs
Frequently restore the server from backup files to test them
Attempt to restore to a test server from one of the backup files to verify them
When conducting forensic analysis of a hard drive, what tool would BEST prevent changing the hard drive contents during your analysis?
Forensic drive duplicator
Software write blocker
Degausser
Hardware write blocker
Hardware write blocker
Taylor needs to sanitize hard drives from some leased workstations before returning them to a supplier at the end of the lease period. The workstations’ hard drives contained sensitive corporate data. Which is the most appropriate choice to ensure that data exposure doesn’t occur during this process?
Clear, validate, and document the sanitization of the drives
Purge, validate, and document the sanitization of the drives
Clear the drives
The drives must be destroyed to ensure no data loss
Purge, validate, and document the sanitization of the drives
You work for Dion Training as a physical security manager. You are concerned that the physical security at the entrance to the company is not sufficient. To increase your security, you are determined to prevent piggybacking. What technique should you implement first?
Require all employees to wear security badges when entering the building
Install a mantrap at the entrance
Install a RFID badge reader at the entrance
Install CCTV to monitor the entrance
Install a mantrap at the entrance
During a security audit, you discovered that customer service employees have been sending unencrypted confidential information to their personal email accounts via email. What technology could you employ to detect these occurrences in the future and send an automated alert to the security team?
UTM
SSL
MDM
DLP
DLP
Which of the following hashing algorithms results in a 160-bit fixed output?
NTLM
SHA-2
RIPEMD
MD-5
RIPEMD
RIPEMD creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.
A financial services company wants to donate some old hard drives from their servers to a local charity. The hard drives used in the servers are self-encrypting drives. Still, they are concerned about the possibility of residual data being left on the drives. Which of the following secure disposal methods would you recommend the company use?
Overwrite
Zero-fill
Secure erase
Cryptographic erase
Cryptographic erase
Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the company’s owner if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donate them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer’s hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend?
Shredding
Degaussing
Wiping
Destroying
Wiping
Which of the following vulnerabilities involves leveraging access from a single virtual machine to other machines on a hypervisor?
VM migration
VM data remnant
VM sprawl
VM escape
VM escape
Select four security features that you should use with a workstation or laptop within your organization?
Network Sniffer
Cellular Data
MDM
Location Tracking
Cable Lock
Host Based Firewall
CAT 5e STP
Remote Wipe
Host based firewall, network sniffer, cable lock, CAT5e STP
What is the lowest layer (bottom layer) of a bare-metal virtualization environment?
Host operating system
Physical hardware
Guest operating system
Hypervisor
Physical hardware
Which of the following describes the overall accuracy of a biometric authentication system?
Crossover error rate
False positive rate
False rejection rate
False acceptance rate
Crossover error rate
Which cloud computing concept is BEST described as focusing on replacing the hardware and software required when creating and testing new applications and programs from a customer’s environment with cloud-based resources?
IaaS
PaaS
SECaaS
SaaS
PaaS
Platform as a Service (PaaS) provides the end-user with a development environment without all the hassle of configuring and installing it themselves
Which of the following is the most important feature to consider when designing a system on a chip?
Ability to interface with industrial control systems
Type of real-time operating system in use
Space and power savings
Ability to be reconfigured after manufacture
Space and power savings
Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the owner of the company if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donate them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer’s hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend?
Purging
Degaussing
Wiping
Shredding
Wiping
Sarah is working at a startup that is focused on making secure banking apps for smartphones. Her company needs to select an asymmetric encryption algorithm to encrypt the data being used by the app. Due to the need for high security of the banking data, the company needs to ensure that whatever encryption they use is considered strong, but also need to minimize the processing power required since it will be running on a mobile device with lower computing power. Which algorithm should Sarah choose in order to provide the same level of high encryption strength with a lower overall key length?
Diffie-Hellman
ECC
RSA
Twofish
ECC
Which of the following vulnerabilities involves leveraging access from a single virtual machine to other machines on a hypervisor?
VM sprawl
VM data remnant
VM migration
VM escape
VM escape
Which of the following hashing algorithms results in a 160-bit fixed output?
NTLM
SHA-2
SHA-1
MD-5
SHA-1
SHA-1 creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.
Which of the following cryptographic algorithms is classified as stream cipher?
AES
DES
RC4
Blowfish
RC4
Frank and John have started a secret club together. They want to ensure that when they send messages to each other, they are truly unbreakable. What encryption key would provide the STRONGEST and MOST secure encryption?
ECC with a 256-bit key
DES with a 56-bit key
AES with a 256-bit key
Randomized one-time use pad
Randomized one-time use pad
Which of the following authentication mechanisms involves receiving a one-time use shared secret password, usually through a token-based key fob or smartphone app, that does not expire?
EAP
HOTP
Smart card
TOTP
HOTP (HMAC-based One-time Password Algorithm)
Which of the following would a virtual private cloud infrastructure be classified as?
Infrastructure as a Service
Function as a Service
Software as a Service
Platform as a Service
Infrastructure as a Service
Which of the following is NOT considered part of the Internet of Things?
Laptop
ICS
SCADA
Smart television
Laptop
You have just completed identifying, analyzing, and containing an incident. You have verified that the company uses older unencrypted SSDs as part of their default configuration and the manufacturer does not provide a SE utility for the devices. The storage devices contained top-secret data that would bankrupt the company if it fell into a competitor’s hands. After safely extracting the data from the device and saving it to a new self-encrypting drive, you have been asked to securely dispose of the SSDs. Which of the following methods should you use?
Use a secure erase (SE) utility on the storage devices
Physically destroy the storage devices
Conduct zero-fill on the storage devices
Perform a cryptographic erase (CE) on the storage devices
Physically destroy the storage devices
Which protocol is paired with OAuth2 to provide authentication of users in a federated identity management solution?
ADFS
SAML
OpenID Connect
Kerberos
OpenID Connect
OAuth 2 is explicitly designed to authorize claims and not to authenticate users. The implementation details for fields and attributes within tokens are not defined. Open ID Connect (OIDC) is an authentication protocol that can be implemented as special types of OAuth flows with precisely defined token fields.
Dion Training has set up a lab consisting of 12 laptops for students to use outside of normal classroom hours. The instructor is worried that a student may try to steal one of the laptops. Which of the following physical security measures should be used to ensure the laptop is not stolen or moved out of the lab environment?
Cable locks
Entry control roster
Biometric locks
USB locks
Cable locks
Dion Training has contracted a software development firm to create a bulk file upload utility for its website. During a requirements planning meeting, the developers asked what type of encryption is required for the project. After some discussion, Jason decides that the file upload tool should use a cipher that is capable of encrypting 8 bits of data at a time before transmitting the files from the web developer’s workstation to the webserver. What of the following should be selected to meet this security requirement?
Hashing algorithm
Stream cipher
CRC
Block cipher
Block cipher
A block cipher is used to encrypt multiple bits at a time prior to moving to the next set of data
You just received an email from Bob, your investment banker, stating that he completed the wire transfer of $10,000 to your bank account in Vietnam. The problem is, you do not have a bank account in Vietnam!, so you immediately call Bob to ask happened. Bob explains that he received an email from you requesting the transfer. You insist you never sent that email to Bob initiating this wire transfer. What aspect of PKI could be used to BEST ensure that a sender actually sent a particular email message and avoid this type of situation?
CRL
Trust models
Non-repudiation
Recovery agents
Trust models
Using the image provided, select four security features that you should use to best protect your servers in the data center. This can include physical, logical, or administrative protections.
Antivirus, Mantrap, Cable lock, GPS tracking
Strong passwords, Biometrics, Mantrap, Cable lock
GPS tracking, Biometrics, Proximity badges, Remote wipe
FM-200, Biometric locks, Mantrap, Antivirus
FM-200, Biometric locks, Mantrap, Antivirus
What type of scan will measure the size or distance of a person’s external features with a digital video camera?
Signature kinetics scan
Facial recognition scan
Retinal scan
Iris scan
Facial recognition scan
A company has recently experienced a data breach and has lost nearly 1 GB of personally identifiable information about its customers. You have been assigned as part of the incident response team to identify how the data was leaked from the network. Your team has conducted an extensive investigation, and so far, the only evidence of a large amount of data leaving the network is from the email server. There is one user that has sent numerous large attachments out of the network to their personal email address. Upon closer inspection, those emails only contain pictures of that user’s recent trip to Australia. What is the most likely explanation for how the data left the network?
Steganography was used to hide the leaked data inside the user’s photos
The data was encrypted and emailed it to their spouse’s email account
The files were downloaded from home while connected to the corporate VPN
The data was hashed and then emailed to their personal email account
Steganography was used to hide the leaked data inside the user’s photos
Fail To Pass Systems has just been the victim of another embarrassing data breach. Their database administrator needed to work from home this weekend, so he downloaded a copy of the corporate database to his work laptop. On his way home, he forgot the laptop in an Uber, and a few days later, the data was posted on the internet. Which of the following mitigations would have provided the greatest protection against this data breach?
Require data at rest encryption on all endpoints
Require all new employees to sign an NDA
Require data masking for any information stored in the database
Require a VPN to be utilized for all telework employees
Require data at rest encryption on all endpoints
What sanitization technique uses only logical techniques to remove data, such as overwriting a hard drive with a random series of ones and zeroes?
Degauss
Purge
Clear
Destroy
Clear
You are configuring a RAID drive for a Media Streaming Server. Your primary concern is speed of delivery of the data. This server has two hard disks installed. What type of RAID should you install, and what type of data will be stored on Disk 1 and Disk 2?
RAID 1 - Disk 1 (Mirror) and Disk 2 (Mirror)
RAID 0 - Disk 1 (Mirror) and Disk 2 (Mirror)
RAID 0 - Disk 1 (Stripe) and Disk 2 (Stripe)
RAID 1 - Disk 1 (Stripe) and Disk 2 (Stripe)
RAID 0 - Disk 1 (Stripe) and Disk 2 (Stripe)
Since this is a Media Streaming Server, you should implement a RAID 0 which provides disk stripping across both drives. This will increase the speed of the data delivery, but provides no redundancy.
Which of the following hashing algorithms results in a 160-bit fixed output?
SHA-2
NTLM
MD-5
RIPEMD
RIPEMD
RIPEMD creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.
What is the lowest layer (bottom layer) of a bare-metal virtualization environment?
Host operating system
Hypervisor
Physical hardware
Guest operating system
Physical hardware
You want to play computer-based video games from anywhere in the world using your laptop or tablet. You heard about a new product called a Shadow PC that is a virtualized Windows 10 Home gaming PC in the cloud. Which of the following best describes this type of service?
PaaS
IaaS
DaaS
SaaS
DaaS
Desktop as a Service (DaaS) provides a full virtualized desktop environment from within a cloud-based service. This is also known as VDI (Virtualized Desktop Infrastructure) and is coming in large enterprise businesses that are focused on increasing their security and minimizing their operational expenses
You are installing Windows 2016 on a rack-mounted server and want to host multiple virtual machines within the physical server. You just finished the installation and now want to begin creating and provisioning the virtual machines. Which of the following should you utilize to allow you to create and provision the virtual machines?
Hypervisor
Terminal services
Device manager
Disk management
Hypervisor
A hypervisor, also known as a virtual machine monitor, is a process that creates and runs virtual machines (VMs). A hypervisor allows one host computer to support multiple guest VMs by virtually sharing its resources, like memory and processing
Which technique would provide the largest increase in security on a network with ICS, SCADA, or IoT devices?
Implement endpoint protection platforms
Installation of anti-virus tools
User and entity behavior analytics
Use of a host-based IDS or IPS
User and entity behavior analytics
Which of the following cryptographic algorithms is classified as symmetric?
Diffie-Hellman
RSA
ECC
RC4
RC4
RC4, or Rivest Cipher 4, is a symmetric stream cipher that was used in WEP and TLS. ECC, RSA, and Diffie-Hellman are all asymmetric algorithms.
You have just received some unusual alerts on your SIEM dashboard and want to collect the payload associated with it. Which of the following should you implement to effectively collect these malicious payloads that the attackers are sending towards your systems without impacting your organization’s normal business operations?
Containerization
Honeypot
Jumpbox
Sandbox
Honeypot
Joseph would like to prevent hosts from connecting to known malware distribution domains. What type of solution should be used without deploying endpoint protection software or an IPS system?
Anti-malware router filters
DNS blackholing
Subdomain whitelisting
Route poisoning
DNS blackholing
Nicole’s organization does not have the budget or staff to conduct 24/7 security monitoring of their network. To supplement her team, she contracts with a managed SOC service. Which of the following services or providers would be best suited for this role?
SaaS
MSSP
PaaS
IaaS
MSSP
managed security service provider (MSSP) provides security as a service (SECaaS)
Which type of authentication method is commonly used with physical access control systems and relies upon RFID devices embedded into a token?
TOTP
HOTP
Smart cards
Proximity cards
Proximity cards
Which of the following authentication mechanisms involves receiving a one-time use shared secret password, usually through a token-based key fob or smartphone app, that automatically expires after a short period of time (for example, 60 seconds)?
Smart card
EAP
TOTP
HOTP
TOTP
The Time-based One-time Password Algorithm (TOTP) is a refinement of the HOTP. One issue with HOTP is that tokens can be allowed to persist unexpired, raising the risk that an attacker might be able to obtain one and decrypt data in the future. In TOTP, the HMAC is built from the shared secret plus a value derived from the device’s and server’s local timestamps. TOTP automatically expires each token after a short window (60 seconds, for instance).
Keith wants to validate the application file that he downloaded from the vendor of the application. Which of the following should he compare against the file to verify the integrity of the downloaded application?
Public key of the file
File size and file creation date
Private key of the file
MD5 or SHA1 hash digest of the file
MD5 or SHA1 hash digest of the file
Which party in a federation provides services to members of the federation?
SSO
IdP
RP
SAML
RP
Relying parties (RPs) provide services to members of a federation.
Which of the following cryptographic algorithms is classified as stream cipher?
Blowfish
DES
AES
RC4
RC4
RC4, or Rivest Cipher 4, is a symmetric stream cipher that was used in WEP and TLS. AES, Blowfish, and DES are all block ciphers.
Which of the following hashing algorithms results in a 160-bit fixed output?
SHA-1
SHA-2
MD-5
NTLM
MD-5
SHA-1 creates a 160-bit fixed output. SHA-2 creates a 256-bit fixed output. NTLM creates a 128-bit fixed output. MD-5 creates a 128-bit fixed output.
Dave’s company utilizes Google’s G-Suite environment for file sharing and office productivity, Slack for internal messaging, and AWS for hosting their web servers. Which of the following cloud models type of cloud deployment models is being used?
Public
Private
Multi-cloud
Community
Multi-cloud
Multiple public clouds
Frank and John have started a secret club together. They want to ensure that when they send messages to each other, they are truly unbreakable. What encryption key would provide the STRONGEST and MOST secure encryption?
ECC with a 256-bit key
AES with a 256-bit key
Randomized one-time use pad
DES with a 56-bit key
Randomized one-time use pad
Sarah is working at a startup that is focused on making secure banking apps for smartphones. Her company needs to select an asymmetric encryption algorithm to encrypt the data being used by the app. Due to the need for high security of the banking data, the company needs to ensure that whatever encryption they use is considered strong, but also need to minimize the processing power required since it will be running on a mobile device with lower computing power. Which algorithm should Sarah choose in order to provide the same level of high encryption strength with a lower overall key length?
ECC
RSA
Diffie-Hellman
Twofish
ECC
One of the main benefits of ECC over non-ECC cryptography is an application that can achieve the same level of security provided by non-ECC cryptography while using a shorter key length
You have recently been hired as a security analyst at Dion Training. On your first day, your supervisor begins to explain the way their network is configured, showing you the physical and logical placement of each firewall, IDS sensor, host-based IPS installations, the networked spam filter, and the DMZ. What best describes how these various devices are placed into the network for the highest level of security?
Load balancer
UTM
Defense in depth
Network segmentation
Defense in depth
You are helping to set up a backup plan for your organization. The current plan states that all of the organization’s servers must have a daily backup conducted on them. These backups are then saved to a local NAS device. You have been asked to recommend a method to ensure the backups will work when they are needed for restoration. Which of the following should you recommend?
Set up scripts to automatically reattempt any failed backup jobs
Attempt to restore a test server from one of the backup files to verify them
Frequently restore the server from backup files to test them
Create an additional copy of the backups in an off-site datacenter
Attempt to restore a test server from one of the backup files to verify them
The only way to fully ensure that a backup will work when needed is to attempt to restore the files from the backups.
Which of the following vulnerabilities involves leveraging access from a single virtual machine to other machines on a hypervisor?
VM escape
VM data remnant
VM sprawl
VM migration
VM escape
You just received an email from Bob, your investment banker, stating that he completed the wire transfer of $10,000 to your bank account in Vietnam. The problem is, you don’t have a bank account in Vietnam! You immediately call Bob to ask what is happening. Bob explains that he received an email from you requesting the transfer. You insist you never sent that email to Bob initiating the transfer. What aspect of PKI is used to BEST ensure that a sender actually sent a particular email message?
Recovery Agents
CRL
Trust Models
Non-Repudiation
Non-Repudiation
Non-repudiation occurs when a sender cannot claim they didn’t send an email when they did. A digital signature should be attached to each email sent to achieve non-repudiation. This digital signature is comprised of a digital hash of the email’s contents, and then encrypting that digital hash using the sender’s private key.
What sanitization technique uses only logical techniques to remove data, such as overwriting a hard drive with a random series of ones and zeroes?
Destroy
Purge
Degauss
Clear
Clear
Clear applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple non-invasive data recovery techniques. Clearing involves overwriting data once (and seldom more than three times) with repetitive data (such as all zeros) or resetting a device to factory settings. Purging data is meant to eliminate information from being feasibly recovered even in a laboratory environment. Destroy requires physical destruction of the media, such as pulverization, melting, incineration, and disintegration. Degaussing is the process of decreasing or eliminating a remnant magnetic field. Degaussing is an effective method of sanitization for magnetic media, such as hard drives and floppy disks
Dion Training has contracted a software development firm to create a bulk file upload utility for its website. During a requirements planning meeting, the developers asked what type of encryption is required for the project. After some discussion, Jason decides that the file upload tool should use a cipher capable of encrypting 8 bits of data at a time before transmitting the files from the web developer’s workstation to the webserver. What of the following should be selected to meet this security requirement?
Block cipher
CRC
Hashing Algorithm
Stream Cipher
Block cipher
A block cipher is used to encrypt multiple bits at a time prior to moving to the next set of data. Block ciphers generally have a fixed-length block (8-bit, 16-bit, 32-bit, 64-bit, etc.). Stream ciphers encrypt a single bit at a time during its encryption process. Hashing algorithms would not meet the requirement because the data would be encrypted using a one-way hash algorithm and be unusable once on the webserver. A cyclic redundancy check (CRC) is an error-detecting code commonly used in digital networks and storage devices to detect accidental changes to raw data.
What type of scan will measure the size or distance of a person’s external features with a digital video camera?
Signature Kinetics Scan
Facial recognition scan
Iris Scan
Retinal Scan
Facial recognition scan
A face recognition system is a computer application capable of identifying or verifying a person from a digital image or a video frame from a video source. A signature kinetics scan measures the action of a user when signing their name and compares it against a known-good example or baseline.
What is used as a measure of biometric performance to rate the system’s ability to correctly authenticate an authorized user by measuring the rate that an unauthorized user is mistakenly permitted access?
False rejection rate
Failure to capture
False acceptance rate
Crossover error rate
False acceptance rate
Which cloud computing concept is BEST described as focusing on the replacement of applications and programs on a customer’s workstation with cloud-based resources?
DBaaS
IaaS
SaaS
PaaS
Software as a Service (SaaS) is used to provide web applications to end-users. This can be a calendar, scheduling, invoicing, word processor, database, or other programs. For example, Google Docs and Officer 365 are both word processing SaaS solutions.
Keith wants to validate the application file that he downloaded from the vendor of the application. Which of the following should he compare against the file to verify the integrity of the downloaded application?
File size and file creation date
MD5 or SHA1 hash digest of the file
Public key of the file
Private key of the file
MD5 or SHA1 hash digest of the file
This file needs to be a verifiable MD5 hash file in order to validate the file integrity has not been compromised during the download. This is an important step to ensure the file was not modified in transit during the download
Joseph would like to prevent hosts from connecting to known malware distribution domains. What type of solution should be used without deploying endpoint protection software or an IPS system?
DNS blackholing
Subdomain whitelisting
Anti-malware router filters
Route poisoning
DNS blackholing
DNS blackholing is a process that uses a list of known domains/IP addresses belonging to malicious hosts and uses an internal DNS server to create a fake reply.
Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password, the email client generates an error messaging stating that “Invalid credentials” were entered. Chris assumes he must have forgotten his password, so he resets his email’s username and password and then reenters them into the email client. Again, Chris receives an “Invalid credentials” error. What is MOST likely causing the “Invalid credentials” error in regard to Chris’s email client?
His email account requires multifactor authentication
His email account is locked out
His smartphone has full device encryption enabled
His email account requires a strong password to be used
Overall explanation
His email account requires multifactor authentication
used to encrypt multiple bits at a time prior to moving to the next set of data
Block ciphers
generally have a fixed-length block (8-bit, 16-bit, 32-bit, 64-bit, etc.)
Which of the following cryptographic algorithms is classified as asymmetric?
RC4
ECC
Twofish
DES
ECC
Twofish
RC4
DES
Blowfish
Symmetric algorithms
You were conducting a forensic analysis of an iPad backup and discovered that only some of the information is contained within the backup file. Which of the following best explains why some of the data is missing?
The backup is stored in iCloud.
The backup is a differential backup
The backup was interrupted
The backup is encrypted
The backup is a differential backup
iPhone/iPad backups can be created as full or differential backups. In this scenario, it is likely that the backup being analyzed is a differential backup that only contains the information that has changed since the last full backup
Your company has decided to move all of its data into the cloud. Your company is small and has decided to purchase some on-demand cloud storage resources from a commercial provider (such as Google Drive) as its primary cloud storage solution. Which of the following types of clouds is your company using?
Private
Community
Public
Hybrid
Public
the public cloud is defined as computing services offered by third-party providers over the public internet, making them available to anyone who wants to use or purchase them
Which of the following cryptographic algorithms is classified as symmetric?
PGP
RSA
ECC
Blowfish
Blowfish
PGP
RSA
ECC
Asymmetric algorithms
An electronics store was recently the victim of a robbery where an employee was injured and some property was stolen. The store’s IT department hired an external supplier to expand the store’s network to include a physical access control system. The system has video surveillance, intruder alarms, and remotely monitored locks using an appliance-based system. Which of the following long-term cybersecurity risks might occur based on these actions?
These devices should be scanned for viruses before installation
These devices should be isolated from the rest of the enterprise network
There are no new risks due to the install and the company has a stronger physical security posture
These devices are insecure and should be isolated from the internet
These devices should be isolated from the rest of the enterprise network
Dion Training has just suffered a website defacement of its public-facing webserver. The CEO believes this act of vandalism may have been done by the company’s biggest competitor. The decision has been made to contact law enforcement, so evidence can be collected properly for use in a potential court case. Laura is a digital forensics investigator assigned to collect the evidence. She creates a bit-by-bit disk image of the web server’s hard drive as part of her evidence collection. Which technology should Laura use after creating the disk image to verify the data integrity of the copy matches that of the original web server’s hard disk?
RSA
AES
SHA-256
3DES
SHA-256
Your organization requires the use of TLS or IPSec for all communications with an organization’s network. Which of the following is this an example of?
Data in transit
Data in use
Data at rest
DLP
Data in transit
Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password, the email client generates an error messaging stating that “Invalid credentials” were entered. Chris assumes he must have forgotten his password, so he resets his email’s username and password and then reenters them into the email client. Again, Chris receives an “Invalid credentials” error. What is MOST likely causing the “Invalid credentials” error in regard to Chris’s email client?
His email account requires multifactor authentication
His email account requires a strong password to be used
His email account is locked out
His smartphone has full device encryption enabled
His email account requires multifactor authentication
You have signed up for a web-based appointment scheduling application to help you manage your new IT technical support business. What type of solution would this be categorized as?
IaaS
PaaS
DaaS
SaaS
SaaS
Software as a Service (SaaS) is used to provide web applications to end-users.
You have just completed identifying, analyzing, and containing an incident. You have verified that the company uses self-encrypting drives as part of its default configuration. As you begin the eradication and recovery phase, you must sanitize the data on the storage devices before restoring the data from known-good backups. Which of the following methods would be the most efficient to use to sanitize the affected hard drives?
Incinerate and replace the storage devices
Conduct zero-fill on the storage devices
Use a secure erase (SE) utility on the storage devices
Perform a cryptographic erase (CE) on the storage devices
Perform a cryptographic erase (CE) on the storage devices
Which of the following cryptographic algorithms is classified as asymmetric?
RC4
AES
DES
DSA
DSA
Dave’s company utilizes Google’s G-Suite environment for file sharing and office productivity, Slack for internal messaging, and AWS for hosting their web servers. Which of the following cloud models type of cloud deployment models is being used?
Public
Community
Private
Multi-cloud
Multi-cloud
You have recently been hired as a security analyst at Dion Training. On your first day, your supervisor begins to explain the way their network is configured, showing you the physical and logical placement of each firewall, IDS sensor, host-based IPS installations, the networked spam filter, and the DMZ. What best describes how these various devices are placed into the network for the highest level of security?
Defense in depth
Network segmentation
Load balancer
UTM
Defense in depth
Frank and John have started a secret club together. They want to ensure that when they send messages to each other, they are truly unbreakable. What encryption key would provide the STRONGEST and MOST secure encryption?
AES with a 256-bit key
Randomized one-time use pad
DES with a 56-bit key
ECC with a 256-bit key
Randomized one-time use pad
Sarah is working at a startup that is focused on making secure banking apps for smartphones. Her company needs to select an asymmetric encryption algorithm to encrypt the data being used by the app. Due to the need for high security of the banking data, the company needs to ensure that whatever encryption they use is considered strong, but also need to minimize the processing power required since it will be running on a mobile device with lower computing power. Which algorithm should Sarah choose in order to provide the same level of high encryption strength with a lower overall key length?
RSA
Diffie-Hellman
ECC
Twofish
ECC
Elliptic curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields.
You are working as part of the server team for an online retail store. Due to the upcoming holidays, your boss is worried that the current servers may not be able to handle the increased demand during a big sale. Which of the following cloud computing concepts can quickly allow services to scale upward during busy periods and scale down during slower periods based on the changing user demand?
Rapid elasticity
Metered services
Resource pooling
On-demand
Rapid elasticity
Your company has just finished replacing all of its computers with brand new workstations. Colleen, one of your coworkers, has asked the owner of the company if she can have the old computers that are about to be thrown away. Colleen would like to refurbish the old computers by reinstalling a new operating system and donate them to a local community center for disadvantaged children in the neighborhood. The owner thinks this is a great idea but is concerned that the private and sensitive corporate data on the old computer’s hard drives might be placed at risk of exposure. You have been asked to choose the best solution to sanitize or destroy the data while ensuring the computers will still be usable by the community center. What type of data destruction or sanitization method do you recommend?
Purging
Shredding
Wiping
Degaussing
Wiping
Data wiping or clearing occurs by using a software tool to overwrite the data on a hard drive in an effort to destroy all electronic data on a hard disk or other media. Degaussing a hard drive involves demagnetizing a hard drive to erase its stored data. You cannot reuse a hard drive once it has been degaussed. Therefore, it is a bad solution for this scenario. Purging involves the removal of sensitive data from a hard drive using the device’s own electronics or an outside source (like a degausser). A purged device is generally not reusable
Which of the following biometric authentication factors relies on matching patterns on the surface of the eye using near-infrared imaging?
Facial recognition
Pupil dilation
Iris scan
Retinal scan
Iris scan
Iris scans rely on the matching of patterns on the surface of the eye using near-infrared imaging, and so is less intrusive than retinal scanning (the subject can continue to wear glasses, for instance), and much quicker. Iris scanners offer a similar level of accuracy as retinal scanners but are much less likely to be affected by diseases. Iris scanning is the technology most likely to be rolled out for high-volume applications, such as airport security. There is a chance that an iris scanner could be fooled by a high-resolution photo of someone’s eye.
Which term is used in software development to refer to the method in which app and platform updates are committed to a production environment rapidly?
Continuous integration
Continuous delivery
Continuous deployment
Continuous monitoring
Continuous deployment
Continuous deployment
a software development method in which app and platform updates are committed to production rapidly
Continuous Delivery
Continuous delivery is a software development method in which app and platform requirements are frequently tested and validated for immediate availability
Continuous integration
a software development method in which code updates are tested and committed to a development or build server/code repository rapidly
Continuous Monitoring
the technique of constantly evaluating an environment for changes so that new risks may be more quickly detected and business operations improved upon
Which of the following ports should you block at the firewall if you want to prevent a remote login to a server from occurring?
80
22
143
21
22
Port 22 is used for SSH, which is used by administrators to securely connect remotely to a server and issue commands via a command-line interface. Port 21 is used by FTP, Port 80 is used by HTTP, and port 143 is used by IMAP.
Which of the following type of threats did the Stuxnet attack rely on to cross an airgap between a business and an industrial control system network?
Session hijacking
Directory traversal
Cross-site scripting
Removable media
Removable media
Airgaps are designed to remove connections between two networks in order to create a physical segmentation between them. The only way to cross an airgap is to have a physical device between these systems, such as using a removable media device to transfer files between them.
!!!! Obj 2.6
