Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CYSA > CYSA > Flashcards

CYSA Flashcards

1
Q

You need to add a new network route on a Linux host. Which command syntax should you use?
a. add route
b. nslookup
c. ifconfig route add
d. ip route add

A

D. ip route add

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which type of VPN is firewall friendly?
a. IPsec
b. SSL
c. PPTP
d. L2TP

A

B. SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which IPsec configuration provides confidentiality?
a. IPsec does not provide confidentiality
b. Authentication header
c. Transport Mode
d. Encapsulating security payload

A

D. Encapsulating security payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

You have used the ‘chrony’ package to configure an NTP server in Linux. Which command show connected time consumers?
a. chronyc activity
b. chronyc clients
c. date
d. timedatectl

A

B. chronyc clients

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You have created a new VLAN. The DHCP server exists on a separate network. You need to ensure that clients receive their IP configuration through DHCP. Which solution represents the least amount of administrative effort?
a. Enable a shorter DHCP lease interval
b. Configure a DHCP relay agent on the new VLAN
c. Install a new DHCP server on the new VLAN
d. Enable DNS forwarding

A

b. Configure a DHCP relay agent on the new VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which type of DNS zone record resolves IP addresses to DNS names?
a. AAAA
b. A
c. PTR
d. CNAME

A

c. PTR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How many bits exist in the IPv6 address space?
a. 32
b. 64
c. 128
d. 16

A

c. 128

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

To which layer of the OSI model does traffic routing apply?
a. Layer 4 (Transport)
b. Layer 2 (Data Link)
c. Layer 3 (Network)
d. Layer 5 (Session)

A

c. Layer 3 (Network)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which port is normally used for NTP communication?
a. 123
b. 80
c. 110
d. 443

A

a. 123

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which TCP/IP protocol resolves IP addresses to MAC addresses?
a. ARP
b. UDP
c. TCP
d. ICMP

A

a. ARP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which Wi-Fi authentication method facilitates central log event monitoring for network authentication?
a. WPA Enterprise
b. WPS
c. WPA PSK
d. WEP

A

a. WPA Enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which benefits can be derived from creating VLANS?
a. Network integrity
b. Network encryption
c. Improved network throughput
d. Network traffic isolation

A

c. Improved network throughput
d. Network traffic isolation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

You need a VMware virtual machine’s virtual network adapter to connect directly to the physical network. Which type of network connection should the adapter be configured with?
a. VMnet5
b. Host-only
c. Bridged
d. NAT

A

c. Bridged

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

You have created a new public IP address resource in the Microsoft Azure cloud, but your existing virtual machine does not show a public IP address. What is the problem?
a. The public IP address must be associated with the virtual machine network adapter
b. Cloud virtual machines cannot have public IP addresses
c. The public IP address must exist before the virtual machine is deployed
d. The Azure portal web page needs to be refreshed

A

c. The public address must exist before the virtual machine is deployed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Your existing Microsoft Azure virtual network is currently configured with an IPv4 address range of 10.0.0.0/16. Future virtual machines deployed to this virtual network will be configured with addresses in the 192.168.0.0/24 IPv4 address range. What should you do to ensure the virtual machines will communicate correctly in the cloud?
a. Create a subnet using the 192.168.0.0/24 range
b. Add the 192.168.0.0/24 range to the virtual network
c. Create a new vnet using the 192.168.0.0/24 range
d. The 192.168.0.0/24 range cannot be used with vnets

A

a. Create a subnet using the 192.168.0.0/24
b. Add the 192.168.0.0/24 range to the virtual network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which Linux command can be used to display network interfaces and associated IP addresses?
a. lsmod
b. chmod
c. ipconfig
d. ip a

A

D. ip a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which DNS option digitally signs records in a DNS zone?
a. HTTPS
b. SSH
c. DNSSEC
d. Vendor class identifiers

A

c. DNSSEC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

You need to configure IPsec on a Windows server. Where should you configure this?
a. Add the IPsec settings in the Windows registry
b. Create an IPsec configuration in Active Directory
c. Add an inbound rule in Windows Defender
d. Add a Connection Security Rule in the Windows Defender advanced settings

A

d. Add a connection security rule in the Windows Defender advanced settings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which protocol removes the need for configuring IP settings on each station?
a. FTP
b. SSH
c. DNS
d. DHCP

A

d. DHCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

You need to configure a default route through an Internet Gateway for your AWS environment. Which IP address should you specify when adding a new route to a routing table in AWS?
a. ::/1
b. 127.0.0.1
c. ::/0
d. 0.0.0.0/0

A

d. 0.0.0.0/0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which Wi-Fi authentication method forwards network connection request to a centralized authentication server?
a. WPA2 Enterprise
b. WEP
c. WPS
d. WPA2 PSK

A

a. WPA2 Enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

You need to ensure that custom code running within a Microsoft Azure virtual machine has access to read blobs in an Azure storage account. What should you do FIRST?
a. Run the custom code in a Docker container
b. Configure a managed identify for the virtual machine
c. Assign storage account permissions to the virtual machine
d. Embed storage account credentials within the custom code

A

b. Configure a managed identify for the virtual machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which authentication options are available when deploying a Linux virtual machine in the Microsoft Azure Cloud?
a. Username
b. Password
c. PKI
d. SSH public key authentication

A

d. SSH public key authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which type of cloud works best for multiple organizations with the same type of computing and security needs?
a. Public
b. Private
c. Hybrid
d. Community

A

d. Community

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

You have deployed a database in the AWS cloud. Which type of cloud service model is this?
a. PaaS
b. IaaS
c. XaaS
d. SaaS

A

a. PaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

You have created a CDN profile object in Azure but have not yet specified an origin location for content to be cached. What should you do?
a. Create a storage account and link it to the CDN profile
b. Import the .CSV CDN configuration file to the CDN profile
c. Add an endpoint to the storage account
d. Add an endpoint to the CDN profile

A

d. Add an endpoint to the CDN profile

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which is the default DNS suffix for Microsoft Azure web apps?
a. Azurewebsites.net
b. Azureedge.net
c. Onmicrosoft.com
d. Stor.azure.net

A

a. Azurewebsites.net

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which CCM-related item can be used as cloud security checklist?
a. CAIQ
b. SLO
c. SLA
d. ISO

A

a. CAIQ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is the primary benefit of a Content Delivery Network?
a. Application proxy
b. Reduced network latency
c. Increase user sign-in security
d. Increased network latency

A

b. Reduced network latency

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Your organization uses a PaaS database solution. In order to remain compliant with various security standards, the underlying server OS must be patched regularly. Who bears this responsibility?
a. Auditors
b. Cloud Tenant
c. Cloud Service provider
d. Auditors and cloud service provider

A

c. Cloud service provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

You are deploying a Microsoft Windows Server virtual machine in the Microsoft Azure cloud. All Windows virtual machines need to allow RDP and HTTPS connections from an on-premises network. Which strategy works best for setting OSI layer 4 rules to control traffic coming into the servers?
a. Create a network security group and associated it with each VM network interface
b. Create a route table and associate it with the VM subset
c. Create a network security group and associate it with the VM subnet
d. Create a route table and associate it with each VM network interface

A

b. Create a network security group and associate it with the VM subnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Which detail differentiates application containers from virtual machines?
a. Containers do not contain an entire full operating system
b. Containers cannot have network listening ports enabld
c. Containers have their own file system
d. Containers require a host with special software installed

A

a. Containers do not contain an entire full operating system
d. Containers require a host with special software installed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which operating system component is recommended to be installed prior to installing Docker Desktop on Windows?
a. Group Policy
b. WSL
c. RDP
d. Web Server

A

b. WSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which Docker CLI command is used to view running containers?
a. Docker rmi
b. Docker images
c. Dockers ps
d. Dockers stop

A

c. docker ps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

In which type of virtualization environment do users connect to a remote desktop using a thin client?
a. Operating system virtualization
b. Cloud computing
c. Desktop virtualization
d. Application virtualization

A

c. Desktop virtualization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

You need to ensure that Microsoft Hyper-V guests can interact on the physical network. Which type of virtual network switch should you configure?
a. Public
b. Internal
c. Private
d. External

A

d. External

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Which data security standard applies to cardholder data?
a. HIPAA
b. PCI DSS
c. PIPEDA
d. GDPR

A

b. PCI DSS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Which AWS service is used for data discovery and classification?
a. EC2
b. GuardDuty
c. Macie
d. S3

A

c. Macie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Which data sensitivity regulation applies to European Union citizens private data?
a. PCI DSS
b. HIPAA
c. GDPR
d. PIPEDA

A

c. GDPR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

You are reviewing the Amazon Web Service S3 Bucket SLA. Which metric is used to determine whether service credits will be awarded to customers?
a. Daily uptime in seconds
b. Monthly uptime percentage
c. % CPU utilization
d. Storage capacity

A

b. Monthly uptime percentage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Which data privacy regulation is directly related to the medical industry?
a. HIPAA
b. GDPR
c. PIPEDA
d. PCI DSS

A

a. HIPAA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Your organization is collecting information regarding political party affiliations for government statistic purposes. Which type of data is this?
a. PHI
b. SPI
c. PCI
d. PII

A

b. SPI

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What prevents drone from operating in no-fly zones?
a. Control range
b. The operator
c. Firmware
d. Restricting chip

A

c. Firmware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

You have installed Microsoft File Server Resource Manager on a Windows server. You would like to search for PII and set a flag to “Yes” or “No” when PII is detected. What is the first thing you should do?
a. Run the classification rule
b. Create a local property
c. Set a classification schedule
d. Set permissions for file scanning

A

b. Create a local property

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

You would like to enforce data loss prevention policies on user stations running word processor and spreadsheet programs. What should you do?
a. Run the programs centrally from a server
b. Set the policies to “enforce”
c. Install ad configure DLP agents on client devices
d. Nothing; DLP policies only work with cloud programs

A

c. Install and configure DLP agents on client devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Which security framework addresses the most common web application vulnerabilities?
a. CIS
b. OWASP Top 10
c. CVE
d. OSSINT

A

b. OWASP Top 10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Which OWASP Top 10 item addresses the problem of granting too many permissions to users?
a. cryptographic failures
b. Broken access control
c. Injection
d. Insecure design

A

b. Broken Access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

How do APTs differ from other common cybersecurity threats?
a. Their CVE rating always falls between 1 and 5
b. Their CVSS rating always falls between 1 and 5
c. Threat actors commonly include highly skilled nation-state or organized crime members
d. The malware propagates itself over the network

A

c. Threat actors commonly include highly skilled nation-state or organized crime members

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Which MITRE ATT&CK categories includes determining whether Microsoft Active Directory is being used?
a. Discovery
b. Persistence
c. Evasion
d. Reconnaissance

A

a. Discovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What should be done to address the organization’s current security posture and realizing security goals?
a. Perform a network scan
b. Patch systems
c. Perform a gap analysis
d. Perform a vulnerability assessment

A

c. Perform a gap analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Which ISO/IEC standard focuses on information security management?
a. 27001
b. 2022
c. 7001
d. 2000

A

a. 27001

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Which format is used for CVE naming?
a. Digits-Year-Score
b. CVE-Year-Digits
c. Year-Digits-CVE
d. Score-Year-Digits

A

b. CVE-Year-Digits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Which type of security policy details how remote workers should connect to company private networks?
a. Email policy
b. Acceptable use policy
c. VPN policy
d. Social media policy

A

c. VPN policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

To which IT components do CIS security benchmarks apply?
a. Operating Systems
b. Identify federation
c. Web servers
d. Authentication
factors

A

a. Operating Systems
c. Web Servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Which CVSS score represents the most serious threat?
a. 10
b. 16
c. 5
d. 0

A

a. 10

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Which risk management framework stems from a European agency?
a. ISO
b. NIST
c. ENISA
d. OSI

A

c. ENISA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Which Microsoft Windows Performance Monitor tool can be used to establish a performance baseline?
a. Group Policy
b. DCS
c. RDP
d. SLA

A

b. DCS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Which risk treatment applies when the level of risk is unacceptable?
a. Risk Reduction
b. Risk Transfer
c. Risk Avoidance
d. Risk Acceptance

A

c. Risk Avoidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Which risk treatment is synonymous with risk retention?
a. Risk Reduction
b. Risk Transfer
c. Risk Avoidance
d. Risk Acceptance

A

d. Risk Acceptance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Which type of risk treatment applies security controls to reduce threat impact?
a. Risk transfer
b. Risk avoidance
c. Risk reduction
d. Risk acceptance

A

c. Risk Reduction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

How does configuration management differ from change management?
a. Configuration management applies solely to security controls, change management applies to long-term system desired performance
b. Configuration management keeps systems performance at a desired level over time, change management is short-term
c. Change management keeps systems performance at a desired level over time, configuration management is short-term
d. Change management keeps systems performance above a specified level over time configuration management is short term

A

b. Configuration management keeps systems performace at a desired level over time, change management is short term

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Cybersecurity insurance is considered to be which kind of risk treatment?
a. Risk Avoidance
b. Risk acceptance
c. Risk Transfer
d. Risk Reduction

A

c. Risk Transfer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Which items normally appear is a risk registry?
a. Past security incidents
b. Compliance mapping
c. Owner
d. Mitigation

A

c. Owner
d. Mitigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What is the purpose of calculating the Annual Loss Expectancy (ALE)?
a. To determine compliance with applicable regulations
b. To determine threat likelihood
c. To determine the maximum cost that should be spent on mitigating security controls
d. To determine the percentage of asset loss

A

c. To determine the maximum cost that should be spent on mitigating security controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

You are deploying a new antimalware program to user smartphones. Which type of security control is this?
a. Administrative
b. Compensating
c. Detective
d. Preventative

A

c. Detective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

You have enabled Microsoft Azure account replication. When the primary region for the storage account is not reachable, what should you do?
a. Failback to the primary region
b. Failover to the primary region
c. Nothing; replication is enabled
d. Failover to the secondary region

A

d. Failover to the secondary region

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Where are Azure backup items stored?
a. Key Vault
b. Recovery services vault
c. Storage account
d. Cosmos DB

A

b. Recovery Services vault

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Which business continuity metric relates to the maximum tolerable amount of data loss?
a. RTO
b. SLA
c. RPO
d. MTTR

A

c. RPO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Which business continuity metric relates to the maximum tolerable amount of down time?
a. RPO
b. MTTR
c. RTO
d. SLA

A

c. RTO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

After eradicating threats using IRP, which step is done next?
a. Patch vulnerable systems
b. Generate an incident summary report
c. Verify that the threat has been eradicated
d. Update the IRP

A

c. Verify that the threat has been eradicated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

Which Cyber Kill Chain step relates to tricking users into installing malware on their devices?
a. Installing
b. Reconnaissance
c. Delivery
d. Weaponization

A

c. Delivery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

What is the primary purpose of incident containment?
a. Report generation
b. Prevent spread
c. Eradication
d. Patching

A

b. Prevent Spread

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What do incident response plans that strive to return disrupted systems to a functional state quickly adhere to?
a. RPO
b. GDPR
c. RTO
d. SLA

A

c. RTO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

You are updating the incident response plan (IRP) for an automated assembly line process. Which IRP component will facilitate speedy escalations when needed?
a. Revision history
b. Definition of terms
c. Eradication procedures
d. Communication plan

A

d. Communication plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

After eradicating and verifying a malware outbreak on the network, you perform post-incident analysis to determine how quickly the IRP was applied. Which metric should you analyze?
a. Recovery time objective
b. Disk write bytes
c. Disk read bytes
d. Mean time to respond

A

d. mean time to respond

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Which type of DNS record query is rare and could indicated command and control traffic?
a. A
b. AAAA
c. TXT
d. CNAME

A

c. TXT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

Which pilar of the Diamond Model of Intrusion Analysis focuses on communication channels?
a. Victim
b. Infrastructure
c. Capability
d. Adversary

A

b. Infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

Which Linux command is used to create a filesystem?
a. Partrobe
b. Mkfs
c. Fdisk
d. Mount

A

b. mkfs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

Your windows server performance has degraded significantly. You need to determine if a specific is consuming most of the CPU time. Which tool should you use?
a. Group Policy
b. Task Manager
c. Performance
d. Regecit

A

b. Task Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

Which hardware security component can be used to store BitLocker encryption keys?
a. TPM
b. PCI
c. HSM
d. SLA

A

a. TPM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

What is wrong with this Linux command?
sudo status service ssh
a. ‘ssh’ is not a valid daemon name
b. The words ‘status’ and ‘service’ must be interchanged
c. ‘sudo’ must be removed
d. ‘service’ should be ‘serviceunit’

A

b. The words ‘status’ and ‘service’ must be interchanged

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

Which type of disk initialization is limited to 4 partitions?
a. TPM
b. GPT
c. HSM
d. MBR

A

d. MBR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

Which tool can be used to view and modify the Windows registry?
a. CertUtil
b. RDP
c. Regedit
d. MMC

A

c. Regedit

84
Q

Which Linux runlevel reboots a system?
a. 6
b. 0
c. 5
d. 3

A

a. 6

85
Q

Which Linux command can be used to view BIOS version information?
a. lsusb
b. cpuinfo
c. lsblk
d. dmidecode

A

d. dmidecode

86
Q

How does a Windows data collector set (DCS) differ from using Performance Monitor?
a. A DCS cannot monitor memory utilization
b. A DCS can be scheduled
c. Performance Monitor can be scheduled
d. Performance Monitor cannot monitor memory utilization

A

b. A DSC can be scheduled

87
Q

Which type of authentication is based on physical characteristics?
a. Multifactor
b. Something you have
c. Biometric
d. Something you know

A

c. Biometric

88
Q

Which command is used to set a password for an LDAP user?
a. ldappasswd
b. slapcat
c. slapd
d. usermod

A

a. ldappasswd

89
Q

Which server file stores SSH public keys for users?
a. /etc/resolv.conf
b. authorized_keys
c. id_rsa
d. id_rsa.pub

A

b. authorized_keys

90
Q

Where are Microsoft Azure cloud user accounts configured?
a. Within a virtual machine
b. IAM
c. Azure AD
d. Microsoft Active Directory

A

c. Azure AD

91
Q

You have configured Group Policy password settings in Active Directory. You want to test the settings on a domain-joined computer. Which command forces the computer to pull down the latest Group Policy settings?
a. Gpupdate
b. Ipconfig
c. Certutil
d. Gpedit.msc

A

a. gpupdate

92
Q

Where are Linux user password hases stored?
a. /etc/shadow
b. /etc/pam.d
c. /etc/passwd
d. /etc/resolve.conf

A

a. /etc/shadow

93
Q

What is the benefit of Microsoft Active Directory user accounts?
a. Enhanced user sign-in security
b. The accounts are replicated among domain controllers
c. The accounts must be secured with MFA
d. Ability to sign in from any domain-joined computer

A

b. The accounts are replicated among domain controllers
d. Ability to sign in from any domain-joined computers

94
Q

You need to verify that the OpenLDAP server daemon is running. What should you type?
a. Sudo slapd status
b. Sudo openldap status
c. Sudo service openldap status
d. Sudo service slapd status

A

d. sudo service slapd status

95
Q

You are configuring MFA for an AWS IAM user. Which MFA device options are available?
a. Smartcard
b. Authenticator APP
c. Hardware Token
d. DVD

A

b. Authenticator App
c. Hardware Token

96
Q

Which configuration is commonly used to establish trust between an identify provider and a resource provider?
a. The resource provider is configured with the identify provider private key
b. The identity provider is configured with the resource provider public key
c. The identify provider is configured with the identity provider public key
d. The resource provider is configured with th identity provider public key

A

d. The resource provider is configuring with the identity provider public key

97
Q

Microsoft Azure dynamic group membership constitutes which type of access control?
a. MAC
b. DAC
c. RBAC
d. ABAC

A

d. ABAC

98
Q

You need to determine how an attacker has gained access to the file system of a Windows server. Which file system configurations should you check?
a. Size of disk
b. Shared folder permissions
c. Compression
d. NTFS permissions

A

b. Shared folder permissions
d. NTFS permissions

99
Q

Which security principal strives to grant only those permissions required to perform a specific task?
a. Principle of least privilege
b. Single sign-on
c. Multifactor authentication
d. Deference in-depth

A

a. Principle of least privilege

100
Q

Which access control model uses the operating system to determine resource access?
a. MAC
b. DAC
c. ABAC
d. RBAC

A

a. MAC

101
Q

You are using the Azure portal to configure RBAC. You have opened the properties of a resource group. What should you click on to configure, RBAC?
a. Security
b. Access Control (IAM)
c. Properties
d. Monitoring

A

b. Access control (IAM)

102
Q

You are configuring Windows Dynamic Access Control. You have created a user claim, enabled the “Department” resource property, and you have created an Access Control Rule. What must you also do?
a. Add the central rule to the server audit list
b. Add the central access rule to a Central Access Policy (CAS), deploy the CAS using Group Policy
c. Install File Server Resource Manager on file servers
d. Install Routing and Remote Access on file servers

A

b. Add the central access rule to a Central Access Policy (CAS), deploy the CAS using Group Policy
c. Install File Server Resource Manager on file servers

103
Q

Which Linux command is sued to set file system permissions?
a. Chmod
b. Chgrp
c. Visudo
d. Chown

A

a. chmod

104
Q

Which Linux command can be used to grant regular users the ability to run privilege commands?
a. Visudo
b. Grep
c. Chmod
d. Ps

A

a. visudo

105
Q

BitLocker is designed to encrypt which types of objects?
a. Folders
b. Files
c. File Systems
d. Cloud Resources

A

c. File Systems

106
Q

Hashing applies to which aspect of the CIA security triad?
a. Authentication
b. Availability
c. Confidentiality
d. Integrity

A

d. Integrity

107
Q

Which term identifies encrypted data?
a. Algorithm
b. Plain Text
c. Ciphertext
d. Hash Value

A

c. Ciphertext

108
Q

You need to order an HSM solution for your data center. Which options are available?
a. PCIe card
b. Cloud-based virtual machine
c. Network-attached appliance
d. Firmware chip added to server motherboard

A

a. PCIe card
c. Network-attached appliance

109
Q

You would like to securely generate and store keys for Microsoft Azure storage account encryption. Which type of Azure resources stores cryptographic items?
a. Resource group
b. Key vault
c. Virtual machine
d. Storage account

A

b. Key vault

110
Q

Which Linux commands can be used to generate file hashes?
a. Md5sum
b. Sha265sum
c. Sha5sum
d. Md256sum

A

a. md5sum
b. sha256sum

111
Q

Which command line tool can be used to manage EFS?
a. Chmod
b. Certutil
c. Sudo
d. Cipher

A

d. Cipher

112
Q

Which PowerShell cmdlet is used to generate file hashes?
a. New-MD5Hash
b. New-SHA256Hash
c. Get-FileHash
d. New-CryptHash

A

c. Get-FileHash

113
Q

What is the default listening port number for HTTPS?
a. 22
b. 25
c. 80
d. 443

A

d. 443

114
Q

Which Microsoft PowerShell cmdlet is used generate a file hash?
a. Get-FileHash
b. Add-FileHash
c. New-FileHash
d. Set-FileHash

A

a. Get-FileHash

115
Q

You have installed a Windows Private CA, but you do not see the option of working with certificate templates. Why is this?
a. Certificate templates are not available for private Cas
b. Your server is not joined to an Active Directory domain
c. Your user account does not have sufficient permissions
d. Certificate templated must be managed directly in the file system

A

b. Your server is not joined to an Active Directory domain

116
Q

What is required to allow the enabling of an HTTPS binding?
a. The server must be joined to an Active Directory domain
b. A DNSSEC zone
c. PKI certificate
d. MFA token

A

b. A DNSSEC zone

117
Q

You are managing a Windows 11 device. You would like to view existing computer and user certificates installed on the machine. What should you do?
a. Run the Get-FileHash PowerShell cmdlet
b. Start MMC and add the Certificates snapin
c. Open the Group Policy editor and view certificates settings
d. Windows 11 does not support PKI certificates

A

b. Start MMC and add the Certificates snapin

118
Q

You must ensure a highly sensitive internal web site uses PKI client authentication. What must be done on the web server?
a. The web server be configured with a public CA-issued certificate
b. Enable the option to require client PKI certificates
c. The web server must be configured with a private CA-issued ertificate
d. Ensure the web server in configured to use HTTPS

A

b. Enable the option to require client PKI certificates
d. Ensure the web server is configured to use HTTPS

119
Q

Which PKI component issues certificates?
a. CRL
b. User
c. CA
d. Device

A

c. CA

120
Q

What must be done for internal clients to trust private CA-issued certificates?
a. The computers must be joined to an Active Directory domain
b. Install the private CA trusted root certificate on each client device
c. The private CA software must be installed on each client device
d. Each client device must have a smartcard reader

A

b. Install the private CA trusted root certificate on each client device

121
Q

Which PKI solutions allow for preventing the use of untrusted certificates?
a. OCSP
b. CA
c. Chain of Trust
d. CRL

A

a. OSCP
d. CRL

122
Q

Which snort command starts the snort engine of Linux?
a. Snort -A console -I eth0 -c /etc/snort/snort.conf
b. Snort -T console -I eth0
c. Snort -A console -I eth0
d. Snort -T console -I eth0 /etc/snort/snort.conf

A

Snort -A console -I eth0 -c /etc/snort/snort.conf

123
Q

Which is reverse proxying similar in concept to?
a. IPsec
b. Packet Filtering
c. Port Forwarding
d. Load Balancing

A

d. Load Balancing

124
Q

Which are commonly used to configure firewall rules on Linux hosts?
a. ipconfig
b. iptables
c. Ufw
d. ifconfig

A

b. iptables
c. Ufw

125
Q

Which type of firewall works up to layer 4 of the OSI model?
a. Reverse proxy
b. Packet filtering
c. Content filtering
d. Forward proxy

A

b. Packet Filtering

126
Q

Your organization uses Microsoft Active Directory with domain joined computers. You need to deploy the same Windows Defender inbound rules to a subset of those computers. What should you do?
a. Create a PowerShell script to create the rules; run the script on each computer
b. Configure the rules on each computer
c. Configure a GPO targeting the appropriate computers, create inbound rules in the GPO
d. Configure the rules on one computer, export them, then import them to the remaining computers

A

c. Configure a GPO targeting the appropriate computers, create inbound rules in the GPO

127
Q

Which additional feature does an IPS provide over an IDS?
a. Enhanced security rule configuration
b. Ability to send alerts when suspicious activity is detected
c. Ability to stock attacks in progress
d. Ability to log suspicious activity

A

c. Ability to stop attacks in progress

128
Q

You need to configure the Squid proxy server. Which file should you edit?
a. /var/squid/squid.conf
b. /etc/snort/snort.conf
c. /var/log/squid.conf
d. /etc/squid/squid.conf

A

d. /etc/squid/squid.conf

129
Q

To which types of Azure resources can network security groups be associated with?
a. Network interfaces
b. Vnets
c. Subnets
d. Virtual machines

A

a. Network interfaces
c. Subnets

130
Q

Which type of security solution is Azure Bastion?
a. Proxy server
b. Jump Box
c. DDoS mitigation
d. Packet filtering firewall

A

b. Jump Box

131
Q

Which Windows Server feature is used to centralize update deployment?
a. PKI
b. AD
c. GPO
d. WSUS

A

d. WSUS

132
Q

You would like a centralized and scalable option for applying updates to numerous Azure VMs. What should you create?
a. Threat model
b. Log analytics workspace
c. Automation account
d. WSUS workspace

A

c. Automation account

133
Q

Which Windows solution can be used to manage Microsoft updates?
a. WSUS
b. IIS
c. BitLocker
d. EFS

A

a. WSUS

134
Q

What is the default listening port for a WSUS server?
a. 3389
b. 25
c. 443
d. 8530

A

d. 8530

135
Q

Which command updates group policy on a single device?
a. Gpuupdate
b. Cipher
c. Ipconfig
d. Netsh

A

a. Gpupdate

136
Q

What is the overall purpose of IT system hardening?
a. Scale the system horizontally
b. Reduce the attack surface
c. Increase the attack surface
d. Scale the system vertically

A

b. Reduce the attack surface

137
Q

What can be done to harden an iSCSI SAN?
a. Enable iSCSI target authentication
b. Patch network printers
c. Configure a dedicated iSCSI VLAN
d. Enable iSCSI initiator authentication

A

a. Enable iSCSI target authentication
c. Configure a dedicated iSCSI VLAN

138
Q

What lets attackers know that infected machines are ready to retrieve instructions?
a. Malware beaconing
b. Command a control servers
c. Host port scans
d. DNS TXT queries

A

a. Malware beaconing

139
Q

Which file extension is commonly used for Python scripts?
a. PS1
b. SH
c. BAT
d. PY

A

d. PY

140
Q

Which items could indicate malicious application activity?
a. Missing log entries
b. Changes to user app permissions
c. Updates applies to hosts
d. Periodic host reboots

A

a. Missing log entries
b. Changes to user app permissions

141
Q

Which regular expression symbol matches any one character?
a. ;(semicolon)
b. ,(comma)
c. :(colon)
d. .(dot)

A

d. .(dot)

142
Q

Which type of threat actor promotes an ideology and does not normally conceal their malicious activities?
a. Nation-state
b. Organized crime
c. Script Kiddie
d. Hacktivist

A

d. Hacktivist

143
Q

What do IT security baseline facilitate?
a. The performance improvement of slow applications
b. Detection of security anomalies
c. The merger of two companies
d. The reduction of security-relates costs

A

b. Detection of security anomalies

144
Q

Which Kali Linux command is used to clone a site in an attempt to harvest user credentials?
a. Setoolkit
b. Chmod
c. Hydra
d. Nc

A

a. Setoolkit

145
Q

Which malware analysis technique contain the malware?
a. Configuring a reverse shell
b. Detonate malware is a sandbox
c. Debug the malware
d. Apply updates

A

b. Detonate malware is a sandbox

146
Q

Which scripting language uses a shebang line at the beginning of the script?
a. Korn
b. Bash
c. Python
d. PowerShell

A

b. Bash

147
Q

Which type of malware appears benign but in fact is not?
a. Trojan
b. Ransomware
c. Worm
d. Virus

A

a. Trojan

148
Q

Which type of attack attempts to trick users with what appears to be a legitimate email message?
a. Reverse shell
b. Phishing
c. Ransomware
d. APT

A

b. Phishing

149
Q

What could indicate malicious activity on a host?
a. Periodic host reboots
b. Windows registry changes
c. Update applies to hosts
d. Web browser homepage changes

A

b. Windows registry changes
d. Web browser home page changes

150
Q

Which file extension is commonly used for PowerShell scripts?
a. SH
b. BAT
c. PS1
d. PY

A

c. PS1

151
Q

Which action can help prevent buffer overflows?
a. Firewall rules
b. The use of customer-managed encryption keys
c. DDos mitigation
d. Input validation

A

d. Input validation

152
Q

What is the result of using the slowhttptest tool against a web site?
a. The site home page is defaces
b. An XSS page is placed on the server
c. The server is rebooted
d. The site stops responding

A

d. The site stops responding

153
Q

What can be done to mitigate the possibility of reverse shell attacks?
a. PKI certificates
b. Antimalware scanner
c. MFA
d. Firewall rules

A

b. Antimalware scanner

154
Q

What can be done to mitigate RDP brute-force attacks?
a. Block port 3389 at the firewall
b. Enable user MFA
c. Install a PKI certificate on the server
d. Do not expose servers with RDP to the Internet

A

b. Enable user MFA
d. Do not expose servers with RDP to the Internet

155
Q

Which XML tag should be limited in its inclusion for server-side apps?
a. BODY
b. ENTITY
c. H1
d. HR

A

b. ENTITY

156
Q

Which type of attack uses bots to flood a victim network with useless traffic?
a. Privilege escalation
b. Buffer overflow
c. DDos
d. DoS

A

c. DDoS

157
Q

You need to ensure special characters are removed from a web form field. Which techniques should you use?
a. Input sanitization
b. Memory allocation checking
c. Input Validation
d. Fuzzing

A

c. Input Validation

158
Q

Which type of XSS attack is remembered by the server?
a. Reflected
b. Refracted
c. Persistent/stored
d. MiTM

A

a. Reflected

159
Q

What is the result of a SYN flood attack?
a. Multiple closed sessions on the server
b. Multiple injection attacks on the server
c. Multiple buffer overflows on the server
d. Multiple half-open connections on the server

A

d. Multiple half-open connections on the server

160
Q

Which Wi-Fi protocols are depracted?
a. SSL
b. WEP
c. TLS
d. WPA3

A

b. WEP

161
Q

Which techniques are the most effective in mitigating SQL injection attacks?
a. Fuzzing
b. Input Validation
c. Input Sanitization
d. Memory allocation checking

A

b. Input Validation
c. Input Sanitization

162
Q

Which command starts the BeEF service?
a. Run beef
b. Beef-xss -h
c. Beef -start
d. Start -start

A

b. Beef-xss -h

163
Q

Which items can be analyzed using Joe Sandbox?
a. Data Files
b. URL
c. Applications
d. Network router

A

a. Data Files
c. Application

164
Q

What is the primary incentive for bug bounty hunters?
a. Promotion of ideology
b. Financial gain
c. Peer recognition
d. Espionage

A

b. Financial Gain

165
Q

You are using a third-party network analysis tool on your Windows computer. Windows Virus & Threat Protection detects this as a threat and prevents the program from running. You need to run the program. What should you do?
a. Add the tool as an allowed threat
b. Disable Virus & Threat Protection real-time detection
c. Update virus definitions
d. Run the tool in a virtual machine

A

a. Add the tool as an allowed threat

166
Q

What is the purpose of using the Tor Browser?
a. To increase the speed of loading web pages
b. Regular web content is not accessible
c. Visited websites are unaware of the true origin of the connection
d. Dark web content is accessible

A

c. Visited websites are unaware of the true origin of the connection
d. Dark web content is accessible

167
Q

Which type of items can be analyzed using the VirusTotal websites?
a. Web component
b. Network router
c. URL
d. File

A

c. URL
d. File

168
Q

Which items can indicate that an email message is fraudulent?
a. Low resolution graphic logos
b. Lack a digital signature
c. Bad grammar
d. corporate email addresses ending in Hotmail.com

A

c. Bad grammar
d. corporate email addresses ending in Hotmail.com

169
Q

Which types of artifacts can an Azure Blueprint consists of?
a. Azure policy assignment
b. Subscription
c. ARM template
d. Virtual machine

A

a. Azure policy assignment
c. ARM template

170
Q

In which file format does Zenmap save scans?
a. CSV
b. XML
c. PDF
d. TXT

A

b. XML

171
Q

Which type of attacks is in effect when malicious actors use the Burpsuite?
a. Man-in-the-middle
b. Denial of service
c. Brute force
d. Distributed denial of service

A

a. Man-in-the-middle

172
Q

Which term is commonly used to describe penetration testing?
a. Scheduled testing
b. Recurring testing
c. Active testing
d. Passive Testing

A

c. Active testing

173
Q

Which type of SCADA component executes instructions on industrial devices?
a. PLC
b. DCS
c. CAN
d. ICS

A

a. PLC

174
Q

How do vulnerability scanning tools differ from network scanning tools?
a. Networks scanners cannot enumerate host ports
b. Vulnerability scanners use a vulnerability database
c. Vulnerability scanners cannot enumerate host ports
d. Network scanners use a vulnerability database

A

b. Vulnerability scanners use a vulnerabilities database

175
Q

Which term describes a collection of related Microsoft Azure policies?
a. Policy group
b. Subscription
c. Initiative
d. Resource Group

A

c. Initiative

176
Q

Which nmap command line parameter attempts to identify the operating system?
a. T
b. A
c. sU
d. O

A

d. O

177
Q

You need to run a vulnerability assessment against hosts that mimic an infected host. Which type of scan should you run?
a. Non-credentialed
b. Scheduled
c. Credentialed
d. Web Application

A

c. Credentialed

178
Q

You have installed Nessus and would like to login to configure a scan. Which should you connect to?
a. http://localhost:443
b. http://localhost:8834
c. http://localhost?443
d. http://localhost:80

A

http://localhost:8834

179
Q

Which command allows you to interact with the Metasploit framework?
a. Use
b. Msfconsole
c. msfadmin
d. Exploit

A

b. msfconsole

180
Q

Which data must be supplied when using the OWASP ZAP tool?
a. The web application URL
b. The web server type
c. The web application PKI certification public key
d. The web application PKI certification private key

A

a. The web application URL

181
Q

Which threat hunting model takes a proactive approach?
a. Hypothesis-based
b. Custom
c. Agile
d. Intel-based

A

a. Hypothesis-based

182
Q

Which software development methodology fits best with CI/CD?
a. Waterfall
b. PKI
c. SDLC
d. Agile

A

d. Agile

183
Q

You are exploring a suspect disk image using Autopsy. You have come across a handful of files that you would like to revisit easily. What should you do?
a. Tag the files
b. Make a list of the file names
c. Copy file hashes to the clipboard
d. Export each file

A

a. Tag the files

184
Q

To what does the “chain of custody” apply?
a. Encryption
b. Maximum assigned privilege assignments
c. Evidence
d. Digital signatures

A

c. Evidence

185
Q

Which COBIT maturity level represents an effective and refined set of governance practices?
a. 5
b. 0
c. 1
d. 3

A

a. 5

186
Q

You are using Git for file version control. You need to create a standalone copy of a repository. What should you do?
a. Create a fork
b. Create a new repository
c. Create a branch
d. Create a clone

A

a. Create a fork

187
Q

A software developer needs to modify code but would like to ensure that offer developers cannot modify that same segment of code. What should the developer do?
a. Digitally sign the code
b. Check the code out
c. Export the code
d. Check the code in

A

d. Check the code in

188
Q

You are attempting to remove a legal hold policy that you have enabled for an Azure storage account container, but when you edit the policy, you cannot save changes to it. What is the problem?
a. Legal hold tags have not been deleted
b. You must wait for the legal hold time frame to expire
c. Legal hold policies can never be removed after they have been set
d. You lack the correct permissions

A

a. Legal hold tags have not deleted

189
Q

Which type of digital evidence is considered the most volatile?
a. File on DVDs
b. RAM contents
c. Files on a USB thumb drive
d. Temporary swap files

A

b. RAM contents

190
Q

What purpose does an IT-based honeypot provide?
a. IT system decoy to require user SSO
b. IT system decoy to track hacker activity
c. IT system decoy to require user MFA
d. IT system decoy to protect production data

A

b. IT system decoy to track hacker activity

191
Q

Which Linux command show kernal log messages?
a. Chmod
b. Dmesg
c. Logger
d. Lsblk

A

b. dmesg

192
Q

In which Windows log will user smartcard logon auditing appear?
a. System
b. Application
c. Security
d. Hardware

A

c. Security

193
Q

What is the default port number used for Linux syslog forwarding?
a. 389
b. 443
c. 514
d. 80

A

c. 514

194
Q

Which is the default compression type used when logrotate compresses older logs?
a. 7zip
b. Bzip
c. Gzip
d. Zip

A

c. Gzip

195
Q

Where are most Linux logs located in the file system?
a. /var/logs
b. /bin/logs
c. /etc/logs
d. /usr/logs

A

a. /var/logs

196
Q

You have configured a honeypot listening on TCP port 80. Fron another station, which tool can you use to run a port scan to trigger honeypot alerts?
a. Ping
b. Nmap
c. SSH
d. Traceroute

A

b. Nmap

197
Q

You are configuring Windows Event Viewer log forwarding for Windows clients joined to an Actie Directory domain. The logging server will reach out to clients to pull log data to itself. What must be done on each client machine?
a. Run Winrm qc
b. Run gpupdate /force
c. The logging server must be added to the EventLogReaders group
d. An Event Viewer subscription must be configured on each client

A

a. Run Winrm qc
c. The logging server must be added to the EventLogReaders group

198
Q

You need to restrict access to specific Splunk indexes for searching purposes. What should you create in Splunk?
a. Role
b. Policy Initiative
c. Group
d. User

A

a. Role

199
Q

You are viewing a WireShark packet capture. To which OSI model layer does the IP header correspond to?
a. 1
b. 3
c. 4
d. 2

A

b. 3

200
Q

Which role does machine learning play in cyber security?
a. Denial of service attack mitigation
b. Threat hunting
c. Conditional authentication
d. Permissions restrictions

A

b. Threat hunting

201
Q

You are managing a Linux system and need to capture SSH traffic regardless of the packet size. Which command should you use?
a. Tcpdump -I ens33 -v -tcpport 22 -A -s0
b. TCPdump -I ens33 -v -port 22 -A -s0
c. Tcpdump -I ens33 -v -tcp 22 -A
d. Tcpdump -I ens33 -v -port 22 -A -s0

A

b. tcpdump -I ens33 -v -port 22 -A -s0

202
Q

What is the name of the default Splunk index?
a. First
b. Default
c. Main
d. Initial

A

c. Main

203
Q

Which description defines a false poisitive?
a. Benign item or activity is incorrectly identified as being malicious
b. Current configuration does not detect malicious item or activity
c. No alerts because problematic conditions are absent
d. Correctly identified malicious item or activity truly exists

A

a. Benign item or activity is incorrectly identified as being malicious

204
Q

Which Splunk command determine which local host items are tracked and sent to the Splunk server?
a. Splunk monitor
b. Splunk enable
c. Splunk set
d. Splunk add

A

a. Splunk monitor

205
Q

Which phrase defines a situation where activity is determined to be acceptable, and it truly is?
a. True negative
b. False negative
c. False positive
d. True positive

A

a. True negative

206
Q

Which network protocol is common in industrial control environments?
a. Modbus
b. HTTP
c. PLC
d. NFS

A

a. Modbus

207
Q

Which is a core function of a SIEM system?
a. CI/CD
b. Applying patches
c. Threat hunting
d. Project management

A

c. Threat Hunting

CYSA (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions