Failed on Practice exam Flashcards
Context-aware authentication
Context-aware authentication can, for example, disable screen locks when the mobile device is in a trusted location, such as a home. It can also check whether the network connection is trusted before allowing apps to communicate externally.
What is the mechanism for restoring to a baseline system config?
Rollback to known configuration
What entity is responsible for validating and submitting certificate requests on behalf of end users?
Registration authority(RA)
A Registration Authority (RA) is a function of certificate enrollment, and its services would be combined with a Certificate Authority (CA) in a single CA hierarchy. An RA is responsible for validating and submitting a request on behalf of end users.
What relates to quality management processes to determine the effectiveness of a system
Measurement systems analysis (MSA)
application attack that targets vulnerabilities in the headers and payloads of specific application protocols.
Domain name system (DNS) amplification attack
attacks against the controllers in an operational technology (OT) network can use the same techniques as against computer networks to overwhelm the network. This network attack uses SYN or SYN/ACK flooding.
DDoS
What separates different containers from others?
Namespaces: Namespaces prevent one container from reading or writing processes in another.
What ensures one container cannot overwhelm others in a DoS-type attack
Control groups
What is secrets management?
Secrets management is the management of credentials specific for running or accessing services on a cloud service provider. This includes implementing multi-factor authentication (MFA) for interactive logons.
Which of these is the most volatile form of memory?
Random Access Memory (RAM)
Cache
Hard disk
Pagefile
System cache is one of the most volatile data, similar to the CPU. This data should be captured before powering a device off.
which environment allows for vulnerability scanning and penetration before being deployed to the staging environment.
Test
Which classification of data is likely to be immediately escalated in the case of a breach?
Public Data
Critical Data
PII
Non-PII customer data
Critical data, sometimes top-secret, is too valuable to permit any risk of a breach. Therefore, any detected abnormality should immediately be escalated to senior decision-makers.
An attack where the attacker has managed to obtain a database of password hashes from an Active Directory credential store
offline password attack
used to monitor social media for incidents, such as disgruntled consumers posting negative content.
Sentient analysis. In terms of security, this can be used to gather threat intelligence.
What allows a user to monitor and manage voltage and electrical current in an environment
Managed PDUs
How can an attacker sniff all traffic on a switched network?
ARP poisoning.
An appliance designed to perform centralized public key infrastructure (PKI) management, key generation, or key escrow for device
hardware security module (HSM)
Homomorphic encryption
Homomorphic encryption is an encryption method that allows computation to be performed directly on encrypted data without requiring access to a secret key. Analysis can apply functions on encrypted data without needing to reveal the values of the data.
A system administrator implements a process that provides two separate paths from each server node to every disk in a redundant array of inexpensive disks set up to remove a single point of failure. What concept has the administrator implemented?
Multipathing allows users to configure multiple input/output (I/O) paths between server nodes and storage arrays into a single device to remove a single point of failure and increase redundancy.
an adverse event impacts multiple organizations
Multiparty risk occurs when an adverse event impacts multiple organizations. If a breach occurs for one party, all parties share the risk.
ARO
The annual rate of occurrence (ARO) indicates how many times a loss will occur within a year. An ARO is used in conjunction with the single loss expectancy (SLE) to figure the annual loss expectancy (ALE).
ARO=Incidents/year
SLE
SLE is the estimate of the amount of damage that an asset will suffer due to a single incident.
SLE= Asset Value*Exposure factor
Exposure Factor (EF) is expressed as a percentage of the asset value.
ALE
ALE provides an estimate of the yearly financial impact to the organization from a particular risk.
Annualized Loss Expectancy = Single Loss Expectancy * Annual Rate of Occurrence
ALE = SLE * ARO
