Failed on Practice exam Flashcards
Context-aware authentication
Context-aware authentication can, for example, disable screen locks when the mobile device is in a trusted location, such as a home. It can also check whether the network connection is trusted before allowing apps to communicate externally.
What is the mechanism for restoring to a baseline system config?
Rollback to known configuration
What entity is responsible for validating and submitting certificate requests on behalf of end users?
Registration authority(RA)
A Registration Authority (RA) is a function of certificate enrollment, and its services would be combined with a Certificate Authority (CA) in a single CA hierarchy. An RA is responsible for validating and submitting a request on behalf of end users.
What relates to quality management processes to determine the effectiveness of a system
Measurement systems analysis (MSA)
application attack that targets vulnerabilities in the headers and payloads of specific application protocols.
Domain name system (DNS) amplification attack
attacks against the controllers in an operational technology (OT) network can use the same techniques as against computer networks to overwhelm the network. This network attack uses SYN or SYN/ACK flooding.
DDoS
What separates different containers from others?
Namespaces: Namespaces prevent one container from reading or writing processes in another.
What ensures one container cannot overwhelm others in a DoS-type attack
Control groups
What is secrets management?
Secrets management is the management of credentials specific for running or accessing services on a cloud service provider. This includes implementing multi-factor authentication (MFA) for interactive logons.
Which of these is the most volatile form of memory?
Random Access Memory (RAM)
Cache
Hard disk
Pagefile
System cache is one of the most volatile data, similar to the CPU. This data should be captured before powering a device off.
which environment allows for vulnerability scanning and penetration before being deployed to the staging environment.
Test
Which classification of data is likely to be immediately escalated in the case of a breach?
Public Data
Critical Data
PII
Non-PII customer data
Critical data, sometimes top-secret, is too valuable to permit any risk of a breach. Therefore, any detected abnormality should immediately be escalated to senior decision-makers.
An attack where the attacker has managed to obtain a database of password hashes from an Active Directory credential store
offline password attack
used to monitor social media for incidents, such as disgruntled consumers posting negative content.
Sentient analysis. In terms of security, this can be used to gather threat intelligence.
What allows a user to monitor and manage voltage and electrical current in an environment
Managed PDUs