Exam7

Question 1

Content categorization in web filtering involves classifying web content into predefined categories based on its subject matter or type. This technique enables organizations to apply filtering policies selectively, for example restricting access to certain categories during work hours or blocking access to categories associated with security risks or non-work-related activities.

Answer 1

True
False

Question 2

In Windows Active Directory environment, this feature enables centralized management and configuration of operating systems, applications, and user account settings.

Answer 2

A. Local Users and Groups
B. Resource Monitor
C. Group Policy
D. User Account Control

Question 3

What is SELinux?

Answer 3

A. A security feature in Linux OSs
B. A secure boot mechanism implemented in certain Linux distributions
C. An open-source web server software
D. A Linux distribution

Question 4

Which of the following answers refers to a security mechanism imposed by SELinux over system access?

Answer 4

A. DAC
B. RBAC
C. MAC
D. ABAC

** Message Authentication Code (MAC)**, also referred to as a tag, is used to authenticate the origin and nature of a message. MACs use authentication cryptography to verify the legitimacy of data sent through a network or transferred from one person to another.

Question 5

Which of the protocols listed below is used to enable secure web browsing?

Answer 5

A. L2TP
B. HTTPS
C. SSH
D. IPsec

Question 6

Which of the following protocols allow(s) for secure file transfer? (Select all that apply)

Answer 6

A. FTPS
B. TFTP
C. FTP
D. SFTP

Question 7

FTPS is an extension to the SSH protocol and runs by default on TCP port 22.

Answer 7

True
False

Question 8

Which of the answers listed below refers to a secure replacement for Telnet?

Answer 8

A. RSH
B. IPsec
C. SSH
D. RTPS

Question 9

Which of the following answers refers to a deprecated protocol designed as a secure way to send emails from a client to a mail server and between mail servers?

Answer 9

A.I MAPS
B. SFTP
C. POP3S
D. SMTPS

Question 10

Which of the protocols listed below enable secure retrieval of emails from a mail server to an email client? (Select 2 answers)

Answer 10

A. FTPS
B. IMAPS
C. POP3S
D. STARTTLS
E. SMTPS

Question 11

Which of the following protocols enables secure access and management of emails on a mail server from an email client?

Answer 11

A. POP3S
B. SMTPS
C. IMAPS
D. S/MIME

Question 12

Which of the answers listed below refers to a secure network protocol used to provide encryption, authentication, and integrity for real-time multimedia communication?

Answer 12

A. IPsec
B. SIP
C. VoIP
D. SRTP

Secure Real-Time Transport Protocol (SRTP) is a security extension of the Real-time Transport Protocol (RTP) that protects audio and video traffic from eavesdropping, tampering, and replay attacks.

An Extension of Real-time Transport Protocol (RTP) that features enhanced security measures. The protocol provides encryption, confidentiality, message authentication, and replay protection to your transmitted audio and video traffic.

Question 13

A type of firewall used for protecting a single computer is commonly referred to as: (Select 2 answers)

Answer 13

A. Hardware firewall
B. Host-based firewall
C. Proxy firewall
D. Network-based firewall
E. Personal firewall

Question 14

UDP is a connection-oriented protocol using a three-way handshake which is a set of initial steps required for establishing network connection. UDP supports retransmission of lost packets, flow control (managing the amount of data that is being sent), and sequencing (rearranging packets that arrived out of order). Example applications of UDP include transmission of text and image data.

Answer 14

True
False

Question 14

TCP is an example of a connectionless protocol. Because TCP does not support three-way handshake while establishing a network connection, it is referred to as unreliable or best-effort protocol. Example applications of TCP include transmission of video and audio streaming data.

Answer 14

True
False

Question 15

Which of the answers listed below refer to the concept of data isolation? (Select 2 answers)

Answer 15

A. DLP
B. SDN
C. EFS
D. SWG
E. EDR

Question 16

Which of the following provides active network security breach response on an individual computer system?

Answer 16

A. NIDS
B. HIDS
C. NIPS
D. HIPS

A Host Intrusion Prevention System (HIPS) is a security mechanism that can detect and take action against threats to maintain the integrity of a computer system. It monitors various aspects like memory, kernel, network state, and process execution to prevent unauthorized access and attacks.

Question 17

The importance of changing default usernames and passwords can be illustrated on the example of certain network devices (such as routers) which are often shipped with default and well-known admin credentials that can be looked up on the web.

Answer 17

True
False

Question 17

The process of securing networking devices should include the practice of disabling unused physical and logical ports.

Answer 17

True
False

Question 17

The term “Hybrid cloud” refers to a mixed computing environment that can include different cloud service models like public and private clouds, as well as on-premises infrastructure.

Answer 17

True
False

Question 18

A type of document outlining the shared responsibilities between a CSP and its customers for securing and managing data and resources is known as: (Select best answer)

Answer 18

A. Service level agreement
B. Acceptable use policies
C. Cloud responsibility matrix
D. Master Service agreement

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution.

Question 19

Which of the terms listed below refers to a method for managing infrastructure resources through scripts and templates?

Answer 19

A. IaaS
B. ML
C. IaC
D. SDN

Question 20

A serverless architecture allows developers to create apps and services without having to manage the required infrastructure resources (such as servers, databases, and storage systems), which are handled by:

Answer 20

A. CSP
B. ISP
C. MSP
D. IdP

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution.

Question 21

In software engineering, the term “Microservice” describes independent and self-contained code components that can be put together to form an application.

Answer 21

True
False

Question 22

Which of the following provides isolation from external computer networks?

Answer 22

A. Network segmentation
B. Air gap
C. Hardware firewall
D. Protected cable distribution

An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection.

Question 23

Which of the answers listed below refers to a means for logical network segmentation?

Answer 23

A. Switch
B. VLAN
C. Screened subnet
D. Router

VLANs function by offering network segmentation, which can enhance management, security, and performance. VLANs can increase security by preventing unwanted access to critical data and network resources by segregating network traffic and limiting access to particular network resources.

Question 24

Which of the following answers refers to software technology designed to simplify network infrastructure management?

Answer 24

A. SDN
B. SaaS
C. VDI
D. SNMP

Software-Defined Network security (SDN) involves virtualizing security functions from the traditional hardware they tend to operate on. They enforce virtual network functions, with data and monitoring accessible through one intuitive interface.

Question 25

Which of the answers listed below refers to the process of packaging an application and its dependencies into a single, self-contained unit, which can run across different computing environments?

Answer 25

A. Edge computing
B. Containerization
C. Virtualization
D. Cloud computing

Container security is the practice of protecting containerized applications and their infrastructure from threats. It includes processes, policies, and tools that ensure the safety and integrity of containers throughout their lifecycle.

Question 26

Which of the following answers refers to a solution that allows multiple OSs to work simultaneously on the same hardware?

Answer 26

A. Clustering
B. Hyperthreading
C. Multitasking
D. Virtualization

Question 27

Which of the answers listed below refers to a network of interconnected devices equipped with sensors (such as wearable tech or home automation devices) that can interact with each other to perform various tasks and functions?

Answer 27

A. ICS
B. PAN
C. IoT
D. SoC

Question 28

Which of the following refers to a broad term that encompasses various control and automation systems used in industrial settings to control and monitor physical processes and machinery?

Answer 28

A. ICS
B. PLC
C. SCADA
D. HMI

Industrial control system (ICS) security focuses on ensuring the security and safe function of industrial control systems. This includes the hardware and software the system and its operators use.

Question 29

Which of the answers listed below refers to a specific type of ICS?

Answer 29

A. SoC
B. CMS
C. SCADA
D. RTOS

A Supervisory Control And Data Acquisition system involves monitoring and controlling processes from a central location. The system is intended for remote monitoring and management of complex processes, making it susceptible to ransomware, malware, and other cyberthreats.

Question 30

Which of the following answers refers to an OS type characterized by low delay between the execution of tasks required in specific applications, such as in military missile guidance systems or in automotive braking systems?

Answer 30

A. Unix-like OS
B. SoC
C. Firmware
D. RTOS

A Real-Time Operating system (RTOS) is an operating system with two key features: predictability and determinism.

In an RTOS, repeated tasks are performed within a tight time boundary, while in a general-purpose operating system, this is not necessarily so.

Question 31

Which of the answers listed below refer(s) to embedded systems? (Select all that apply)

Answer 31

A. Often designed to operate in real-time or with low latency.
B. Typically equipped with constrained computing resources and storage
C. Designed to perform a single task or a few closely related tasks within a larger system.
D. Often integrated with hardware components like sensors and actuators

Question 32

Which of the following terms can be used to describe a system designed to aim for minimized downtime and uninterrupted operation?

Answer 32

A. ICS
B. HA
C. RTOS
D. SoC

Question 33

Which of the answers listed below refers to a device failure mode in which maintaining service availability is prioritized over security?

Answer 33

A. Fail-safe
B. Fail-close
C. Fail-open
D. Fail-secure

A security, fail-open is a configuration that allows a system to continue operating when a failure occurs, instead of shutting down. This is in contrast to fail-closed, which means the system stops working when a failure occurs

Question 34

Which failure mode prioritizes security over availability, ensuring that no potentially malicious traffic can get through the device?

Answer 34

A. Fail-soft
B. Fail-through
C. Fail-safe
D Fail-close

Fail-closed, also known as fail-secure, is a security concept that means a device or system will prevent access or data from falling into the wrong hands if it fails. It’s often used when security concerns are more important than the need for access.

Question 35

Which of the following answers refer to passive network monitoring techniques? (Select 2 answers)

Answer 35

A. Network tap
B. Trunk port
C. Port mirroring
D. SNMP trap
E. Registered port

Question 36

A type of hardened server used as a secure gateway for remote administration of devices placed in a different security zone is called:

Answer 36

A. C2 server
B. Jump server
C. UC server
D. Proxy server

Question 37

Which of the following answers can be used to describe technical security controls? (Select 3 answers)

Answer 37

A. Focused on protecting material assets
B. Sometimes called logical security controls
C. Executed by computer systems (instead of people)
D. Also known as administrative controls
E. Implemented with technology
F. Primarily implemented and executed by people (as opposed to computer systems)

Question 38

Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)

Answer 38

A. Security audits
B. Encryption
C. Organizational security policy
D. IDSs
E. Configuration management
F. Firewalls

Question 39

Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)

Answer 39

A. Security audits
B. Encryption
C. Organizational security policy
D. IDSs
E. Configuration management
F. Firewalls

Question 40

Which of the following answers can be used to describe technical security controls? (Select 3 answers)

Answer 40

A. Focused on protecting material assets
B. Sometimes called logical security controls
C. Executed by computer systems (instead of people)
D. Also known as administrative controls
E Implemented with technology
F Primarily implemented and executed by people (as opposed to computer systems)

Question 41

Which of the following answers refer to the characteristic features of managerial security controls? (Select 3 answers)

Answer 41

A. Also known as administrative controls
B. Sometimes referred to as logical security controls
C. Focused on reducing the risk of security incidents
D. Executed by computer systems (instead of people)
E. Documented in written policies
F. Focused on protecting material assets

Question 42

Examples of managerial security controls include: (Select 3 answers)

Answer 42

A. Configuration management
B. Data backups
C. Organizational security policy
D. Risk assessments
E. Security awareness training

Question 43

Which of the answers listed below can be used to describe operational security controls (Select 3 answers)

Answer 43

A. Also known as administrative controls
B. Focused on the day-to-day procedures of an organization
C. Executed by computer systems (instead of people)
D. Used to ensure that the equipment continues to work as specified
E. Focused on managing risk
F. Primarily implemented and executed by people (as opposed to computer systems)

Question 44

Which of the following examples fall into the category of operational security controls? (Select 3 answers)

Answer 44

A. Risk assessments
B. Configuration management
C. System backups
D. Authentication protocols
E. Patch management

Question 45

Which of the answers listed below refers to security controls designed to deter, detect, and prevent unauthorized access, theft, damage, or destruction of material assets?

Answer 45

A. Managerial security controls
B. Physical security controls
C. Technical security controls
D. Operational security controls

Question 46

Which of the following examples do not fall into the category of physical security controls? (Select 3 answers)

Answer 46

A. Lighting
B. Access control vestibules
C. Data backups
D. Fencing/Bollards/Barricades
E. Firewalls
F. Security guards
G. Asset management

Question 47

What are the examples of preventive security controls? (Select 3 answers)

Answer 47

A. Encryption
B. IDS
C. Sensors
D. Firewalls
E. Warning signs
F. AV software

Question 48

Examples of deterrent security controls include: (Select 3 answers)

Answer 48

A. Warning signs
B. Sensors
C. Lighting
D. Video surveillance
E. Security audits
F. Fencing/Bollards

Question 49

Which of the answers listed below refer(s) to detective security control(s)? (Select all that apply)

Answer 49

A. Lighting
B. Log monitoring
C. Sandboxing
D. Security audits
E. CCTV
F. IDS
G. Vulnerability scanning

Question 50

Which of the following answers refer(s) to corrective security control(s)? (Select all that apply)

Answer 50

A. Recovering data from backup copies
B. Applying software updates and patches to fix vulnerabilities
C. Developing and implementing IRPs to respond to and recover from security incidents
D. Regularly reviewing logs for anomalies or patterns indicative of attacks
E. Activating and executing DRPs to restore operations after a major incident

Question 51

Which of the answers listed below refer(s) to compensating security control(s)? (Select all that apply)

Answer 51

A. Backup power systems
B. Video surveillance
C. MFA
D. Application sandboxing
E. Network segmentation

Question 52

The term “Directive security controls” refers to the category of security controls that are implemented through policies and procedures.

Answer 52

True
False

Question 53

Which of the following terms fall into the category of directive security controls? (Select 2 answers)

Answer 53

A. IRP
B. AUP
C. IDS
D. MFA
E. IPS

An Incident Response Plan is a written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.

An Acceptable Use Policy (AUP) is a set of rules that outline how to use an organization’s technology resources, such as the computer network, website, or other devices.