Exam Flashcards
EndPoint Security Settings: - Archives
Client Server - Allow - Alert - None
EndPoint Security Settings: - Documents
Client Server - Allow - Alert - None
EndPoint Security Settings: - Email
Client - Allow - Alert - None
EndPoint Security Settings: - Executables
Client - Wait - Quarantine - Development
EndPoint Security Settings: - Scripts
Client - Wait - Quarantine - Development
What does Carving Refer to?
Data Recovery
Determine a solution that can combine with a cloud access security broker (CASB) to provide a wholly cloud-hosted platform for client access?
Next Generation Security Web Gateweay
IT discovers a flaw in a web application where it allows queries without encryption. As a result, requests are being spoofed and directories containing private files are viewable. What is happening?
Extensible Markup Language (XML) injection
What is Homomorphic?
Homomorphic encryption is an encryption method that allows computation to be performed directly on encrypted data without requiring access to a secret key. Analysis can apply functions on encrypted data without needing to reveal the values of the data.
Users are only allowed to work in the office. Account policies must provide login security measures. So, users are only working during normal business hours. Identify the policy that establishes the maximum amount of time an account may be logged in for at the workplace?
Time-based login policy
A logistics company requires a supervisory control and data acquisition (SCADA) system to collect and analyze real-time tracking of equipment and to monitor delays in shipping and receiving. The SCADA must provide reports to management to facilitate data-driven decisions on transporting equipment. What is the SCADA a part of?
An industrial control system (ICS) is a complex integration of hardware and software with network connectivity to support the critical infrastructure of a large industry. Supervisory control and data acquisition (SCADA) controls an ICS and can be used in the logistics industry.
A company allows the use of corporate apps on employee-owned mobile devices. Mobile application management (MAM) services make this possible. Examining the list of available enterprise mobility management (EMM) features in today’s market, which of the following would NOT be available for use in this case? (Select all that apply.)
Manage camera use and Ability to Remote Wipe
The company’s current network utilizes EAP-TTLS (EAP-Tunneled TLS) for supplicant clients connecting to the network. Newer model devices and systems are deployed on the network and are not compatible with EAP-TTLS. These systems require MS-CHAPv2 for authentication. Which of the following options will support these new systems?
PEAP uses MSCHAPv2 in PEAPv0 (also known as EAP-MSCHAPv2). Where required, another iteration called PEAPv2 (also known as EAP-GTC), which is a Cisco implementation, can be used.
What is an antivirus and anti-malware software capable of doing to protect a computer system? (Select all that apply.)
Signature-based detection
Detect Trojans
Which of the following is a computer that uses remote desktop protocol to run resources stored on a central server instead of a localized hard drive and provides minimal operating system services?
Thin client
Which control types does a systems engineer implement when an initial locking mechanism does not perform as expected? (Select all that apply.)
Compensating
Preventative
A global corporation assesses risk appetite and how risks in various regions could influence mission-critical operations. They are assessing compliance with local laws and licensing requirements to prevent financial risk or resolve security risks, and changing the risk posture and implementing risk controls to compensate. Conclude what type of assessment the team is performing.
Risk control assessment
Which of the following will reduce the risk of data exposure between containers on a cloud platform? (Select all that apply.)
Namespaces
Control Groups
hile assisting a customer over the phone to connect a laptop to a new wireless router, the user suddenly reports it is connected. Upon further inquiry into how the connection occurred, the user stated they pushed a circular button. Analyze the situation and determine which button the user pressed, and how it functions. (Select all that appl
WPS and 8 Character PIN
A network administrator sets up a stateless firewall using an open-source application running on a Linux virtual machine. The immediate benefit of this setup is that it was easy to set up quickly with basic rules. What other reasons may have influenced the administrator’s decision to deploy a stateless rather than a stateful firewall? (Select all that apply.)
Block TCP ports
Allow network protocols
Finance representatives at an organization meet professional standards by providing reports that are highly detailed and designed to be restricted. As members of the American Institute of Certified Public Accountants (AICPA), which standards do the finance representatives follow?
SSAE SOC 2 Type II
Which of the following attacks would allow an attacker to sniff all traffic on a switched network?
Address Resolution Protocol (ARP) poisoning
An attacker is preparing a phishing email mimicking the contents of a legitimate company email. The email will include a fake invoice to request payment for medical services and an email address that looks convincing. What can the attacker modify on the email to make it more convincing?
Prepend “RE:” to the subject line.
MTD?
96
RTO
Amount of Data loss a system can sustain = 10
MTBF
Devices * hours/failures = 1500
MTTF
devices * hours/devices = 1000
MTTR
24
