ernesto Flashcards
What is the first step in an incident response?
A) Detection
B) Preparation
C) Analysis
D) Containment
B) Preparation
Which of the following cybersecurity frameworks is best suited for
integrating networking and security services into a single, cloud-based
platform to support the evolving secure access needs of
organizations?
A. Cloud-based Identity and Access Management (IAM)
B. Unified Threat Management (UTM)
C. Secure Access Service Edge (SASE)
D. Network Access Control (NAC)
C. Secure Access Service Edge (SASE)
A corporation is focusing on enhancing its security measures by
isolating critical applications from potential threats within a shared
physical server infrastructure. Which technology is MOST suitable for
achieving effective isolation of these critical systems?
A. Network Segmentation with VLANs
B. Access Control Lists (ACLs)
C. Data Encryption
D. Containerization
D. Containerization
Which of the following pairs falls into the category of directive security
controls? (NOTE: This question will only have acronyms)
A. IRP (Incident Response Plan) and AUP (Acceptable Use Policy)
B. IDS (Intrusion Detection System) and MFA (Multi-Factor
Authentication)
C. IPS (Intrusion Prevention System) and MFA (Multi-Factor
Authentication)
D. IRP (Incident Response Plan) and IDS (Intrusion Detection
System)
A. IRP (Incident Response Plan) and AUP (Acceptable Use Policy)
What is the primary objective of conducting an account audit in the
context of Privileged Access Management (PAM)?
A. To ensure compliance with regulatory standards
B. To monitor real-time user activities
C. To identify and rectify privilege creep
D. To track system performance and usage
C. To identify and rectify privilege creep
Employees have noticed fluctuating wireless connectivity in the office,
with the network being inaccessible on certain days but functioning well on others. Which type of attack could be causing these
intermittent wireless network disruptions?
A. Wireless jamming attack
B. IV (Initialization Vector) attack
C. Rogue Access Point installation
D. Wi-Fi Pineapple deployment
A. Wireless jamming attack
What is the primary purpose of EAP (Extensible Authentication
Protocol) in a network security context?
A. To provide a method for two systems to create a secure encryption
key for data transmission
B. To facilitate dynamic IP addressing for devices connecting to a
network.
C. To standardize the format of data packets for efficient routing and
delivery.
D. To provide a secure management framework for network devices
and services.
A. To provide a method for two systems to create a secure encryption
key for data transmission
What term is used to describe the likelihood that a potential danger
might exploit a weakness in a system, leading to negative
consequences for an organization?
A. Vulnerability
B. Threat
C. Risk
D. Exploit
C. Risk
An organization receives a phishing email claiming to be from a
vendor. This represents a:
A. Vulnerability
B. Exploit
C. Threat
D. Risk
C. Threat
After a cybersecurity incident involving a ransomware attack on your
company's network, which stage of the incident response process
involves analyzing the event to improve future security measures and
responses?
A. Lessons Learned
B. Eradication
C. Recovery
D. Preparation
A. Lessons Learned
In a corporate environment, what is the process called where an
independent and systematic examination of cybersecurity practices is
conducted to ensure compliance with internal and external policies
and standards?
A. Audit
B. Attestation
C. Assessment
D. Certification
A. Audit
As a cybersecurity analyst, your supervisor instructs you to create a
document outlining the step-by-step process for configuring firewall
rules in the organization's network infrastructure. What type of
document are you creating?
A. Policy
B. Procedure
C. Standard
D. Guideline
B. Procedure
When it comes to enforcing security policies and procedures for
employees and systems in a company, which term best describes the
responsibility and approach?
A. Due Care
B. Due Diligence
C. Regulatory Compliance
D. Risk Assessment
A. Due Care
A cybersecurity analyst, Taylor, is reviewing the logs of the
organization's web application and discovers an unusual log entry.
The entry shows a URL request to the web application:
http://example.com/products.php?id=105 OR 1=1. This pattern in the
URL raises security concerns.
A. Identify the type of attack suggested by this log entry and
determine what the attacker is trying to achieve.
B. Buffer Overflow, crash the server
C. Directory Traversal, access unauthorized files
D. SQL Injection, manipulate database query
E. Cross-Site Scripting, steal user data
D. SQL Injection, manipulate database query
Sarah, a cybersecurity analyst, is scrutinizing her organization's web
application logs for potential security threats. She encounters several
requests that are indicative of an attempt to exploit vulnerabilities in
the application. Notable log entries are:
1. Request from IP: 192.0.2.15 - URL: http://webapp.com/search?q=
2. Request from IP: 198.51.100.30 - URL:
http://webapp.com/comment?text=
3. Request from IP: 203.0.113.60 - URL:
http://webapp.com/login?username=
Task: Identify the specific type of threat represented by these log
entries.
A. XSS
B. RAT
C. SQL Injection
D. CSRF
A. XSS
When an individual or organization seeks to obtain a digital certificate from a Certificate Authority (CA), they must submit a specific type of request that includes their public key and identity information. What is this request known as in the context of digital certificate management?
A. CA
B. CRL
C. CSR
D. OCSP
C. CSR
A growing enterprise requires its IT infrastructure to accommodate increasing amounts of data and user traffic over time. Which characteristic is essential for their systems to effectively meet these evolving demands?
A. Elasticity
B. Scalability
C. Redundancy
D. Virtualization
B. Scalability
In a cybersecurity incident, an attacker captures encrypted authentication credentials as they are transmitted over a network. The attacker then uses these credentials later to impersonate the user and gain unauthorized system access. What type of attack does this scenario most closely represent?
A. Replay Attack
B. Session Hijacking
C. On-Path Attack
D. Cryptographic Attack
A. Replay Attack
Emily needs to protect all data on her company’s laptops from unauthorized access, especially in cases of theft or loss. Which security measure is most effective for this purpose?
A. TLS
B. File-level Encryption
C. FDE
D. Database Encryption
C. FDE
Which data obfuscation method uses a system of randomly generated values, mapped in a lookup table, to replace sensitive data, thereby preventing easy access to the actual values?
A. Hashing
B. Tokenization
C. Steganography
D. Masking
B. Tokenization
An online retail website experiences variable traffic patterns, with periods of low activity and sudden bursts of high user demand, especially during sales events. Which cloud computing principle should be implemented to efficiently manage these fluctuating resource requirements?
A. Scalability
B. Implementing a content delivery network (CDN)
C. Elasticity
D. Upgrading server hardware
C. Elasticity
A security analyst notices this suspicious URL in a web server log: http://companywebsite.com/app.php?file=../../config%00.txt. What kind of attack is indicated by this URL, and which file is being targeted?
A. SQL Injection, config.txt
B. Directory Traversal, config.txt
C. Cross-Site Scripting, config%00.txt
D. Denial of Service, config%00.txt
B. Directory Traversal, config.txt
A company has arranged a backup facility with some pre-installed hardware and connectivity capabilities, which can be activated relatively quickly in case of a major disruption. However, this site does not have real-time data synchronization. What type of disaster recovery site is this?
A. Cold Site
B. Warm Site
C. Hot Site
D. Mobile Site
B. Warm Site
The IT department of a company is planning its budget for the next fiscal year. Over the past three years, the company has observed a consistent 5% annual increase in the number of company-issued mobile devices that need replacement due to various reasons like damage, obsolescence, or loss. Which of the following best predicts the number of devices that will likely need replacement in the upcoming year?
A. ALE (Annualized Loss Expectancy)
B. ARO (Annual Rate of Occurence)
C. RPO (Recovery Point Objective)
D. SLE (Single Loss Expectancy)
B. ARO (Annual Rate of Occurence)
