Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CyberSecurity > Final Test Part 3 > Flashcards

Final Test Part 3 Flashcards

1
Q

A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Choose two.)

A. The order of volatility
B. A CRC32 checksum
C. The provenance of the artifacts
D. The vendor’s name
E. The date and time
F. A warning banner

A

C. The provenance of the artifacts
E. The date and time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An organization is migrating several SaaS applications that support SSO. The security manager wants to ensure the migration is completed securely. Which of the following application integration aspects should the organization consider before focusing into underlying implementation details? (Choose two.)

A. The back-end directory source
B. The identity federation protocol
C. The hashing method
D. The encryption method
E. The registration authority
F. The certificate authority

A

B. The identity federation protocol
F. The certificate authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security analyst has been tasked with finding the maximum amount of data loss that can occur before ongoing business operations would be impacted. Which of the following terms BEST defines this metric?

A. MTTR
B. RTO
C. RPO
D. MTBF

A

C. RPO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A company has a flat network that is deployed in the cloud. Security policy states that all production and development servers must be segmented. Which of the following should be used to design the network to meet the security requirements?

A. CASB
B. VPC
C. Perimeter network
D. WAF

A

B. VPC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A company wants to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategy to implement?

A. Incremental backups followed by differential backups
B. Full backups followed by incremental backups
C. Delta backups followed by differential backups
D. Incremental backups followed by delta backups
E. Full backups followed by differential backups

A

E. Full backups followed by differential backups

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable?

A. SED
B. HSM
C. DLP
D. TPM

A

A. SED

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

After segmenting the network, the network manager wants to control the traffic between the segments. Which of the following should the manager use to control the network traffic?

A. A DMZ
B. A VPN
C. A VLAN
D. An ACL

A

D. An ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following BEST describes when an organization utilizes a ready-to-use application from a cloud provider?

A. IaaS
B. SaaS
C. PaaS
D. XaaS

A

B. SaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following BEST helps to demonstrate integrity during a forensic investigation?

A. Event logs
B. Encryption
C. Hashing
D. Snapshots

A

C. Hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holiday or outsource work to a third-party organization in another country. The Chief Information Officer (CIO) believes the company can implement some basic controls to mitigate the majority of the risk. Which of the following would be BEST to mitigate the CEO’s concerns? (Choose two.)

A. Geolocation
B. Time-of-day restrictions
C. Certificates
D. Tokens
E. Geotagging
F. Role-based access controls

A

A. Geolocation
B. Time-of-day restrictions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

While checking logs, a security engineer notices a number of end users suddenly downloading files with the .tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on an external email containing an infected MHT file with an href link a week prior. Which of the following is MOST likely occurring?

A. A RAT was installed and is transferring additional exploit tools.
B. The workstations are beaconing to a command-and-control server.
C. A logic bomb was executed and is responsible for the data transfers.
D. A fileless virus is spreading in the local network environment

A

A. A RAT was installed and is transferring additional exploit tools.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A business is looking for a cloud service provider that offers a la carte services, including cloud backups, VM elasticity, and secure networking. Which of the following cloud service provider types should the business engage?

A. IaaS
B. PaaS
C. XaaS
D. SaaS

A

C. XaaS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A security analyst is hardening a network infrastructure. The analyst is given the following requirements:

  • Preserve the use of public IP addresses assigned to equipment on the core router.
  • Enable “in transport” encryption protection to the web server with the strongest ciphers.

Which of the following should the analyst implement to meet these requirements? (Choose two.)

A. Configure VLANs on the core router.
B. Configure NAT on the core router.
C. Configure BGP on the core router.
D. Enable AES encryption on the web server.
E. Enable 3DES encryption on the web server.
F. Enable TLSv2 encryption on the web server.

A

B. Configure NAT on the core router.
F. Enable TLSv2 encryption on the web server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?

A. Nmap
B. Wireshark
C. Autopsy
D. DNSEnum

A

A. Nmap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

While reviewing pcap data, a network security analyst is able to locate plaintext usernames and passwords being sent from workstations to network switches. Which of the following is the security analyst MOST likely observing?

A. SNMP traps
B. A Telnet session
C. An SSH connection
D. SFTP traffic

A

B. A Telnet session

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An attacker replaces a digitally signed document with another version that goes unnoticed. Upon reviewing the document’s contents, the author notices some additional verbiage that was not originally in the document but cannot validate an integrity issue. Which of the following attacks was used?

A. Cryptomalware
B. Hash substitution
C. Collision
D. Phishing

A

C. Collision

17
Q

Which of the following can reduce vulnerabilities by avoiding code reuse?

A. Memory management
B. Stored procedures
C. Normalization
D. Code obfuscation

A

D. Code obfuscation

18
Q

Which of the following is an example of risk avoidance?

A. Installing security updates directly in production to expedite vulnerability fixes
B. Buying insurance to prepare for financial loss associated with exploits
C. Not installing new software to prevent compatibility errors
D. Not taking preventive measures to stop the theft of equipment

A

C. Not installing new software to prevent compatibility errors

19
Q

An organization wants to enable built-in FDE on all laptops. Which of the following should the organization ensure is installed on all laptops?

A. TPM
B. CA
C. SAML
D. CRL

A

A. TPM

20
Q

An organization is concerned about intellectual property theft by employees who leave the organization. Which of the following should the organization MOST likely implement?

A. CBT
B. NDA
C. MOU
D. AUP

A

B. NDA

21
Q

A major manufacturing company updated its internal infrastructure and just recently started to allow OAuth applications to access corporate data. Data leakage is now being reported. Which of the following MOST likely caused the issue?

A. Privilege creep
B. Unmodified default settings
C. TLS protocol vulnerabilities
D. Improper patch management

A

B. Unmodified default settings

22
Q

The help desk has received calls from users in multiple locations who are unable to access core network services. The network team has identified and turned off the network switches using remote commands. Which of the following actions should the network team take NEXT?

A. Disconnect all external network connections from the firewall.
B. Send response teams to the network switch locations to perform updates.
C. Turn on all the network switches by using the centralized management software.
D. Initiate the organization’s incident response plan.

A

D. Initiate the organization’s incident response plan.

23
Q

Audit logs indicate an administrative account that belongs to a security engineer has been locked out multiple times during the day. The security engineer has been on vacation for a few days. Which of the following attacks can the account lockout be attributed to?

A. Backdoor
B. Brute-force
C. Rootkit
D. Trojan

A

B. Brute-force

24
Q

An information security manager for an organization is completing a PCI DSS self-assessment for the first time. Which of the following is the MOST likely reason for this type of assessment?

A. An international expansion project is currently underway.
B. Outside consultants utilize this tool to measure security maturity.
C. The organization is expecting to process credit card information.
D. A government regulator has requested this audit to be completed

A

C. The organization is expecting to process credit card information.

25
Q

Which of the following technologies is used to actively monitor for specific file types being transmitted on the network?

A. File integrity monitoring
B. Honeynets
C. Tcpreplay
D. Data loss prevention

A

D. Data loss prevention

26
Q

The marketing department at a retail company wants to publish an internal website to the internet so it is reachable by a limited number of specific, external service providers in a secure manner. Which of the following configurations would be BEST to fulfil this requirement?

A. NAC
B. ACL
C. WAF
D. NAT

A

B. ACL

27
Q

A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive’s accounts. Which of the following security practices would have addressed the issue?

A. A non-disclosure agreement
B. Least privilege
C. An acceptable use policy
D. Offboarding

A

D. Offboarding

28
Q

An engineer wants to inspect traffic to a cluster of web servers in a cloud environment. Which of the following solutions should the engineer implement?

A. CASB
B. WAF
C. Load balancer
D. VPN

A

B. WAF

29
Q

A company received a “right to be forgotten” request. To legally comply, the company must remove data related to the requester from its systems. Which of the following is the company MOST likely complying with?

A. NIST CSF
B. GDPR
C. PCI DSS
D. ISO 27001

A

B. GDPR

30
Q

A network-connected magnetic resonance imaging (MRI) scanner at a hospital is controlled and operated by an outdated and unsupported specialized Windows OS. Which of the following is MOST likely preventing the IT manager at the hospital from upgrading the specialized OS?

A. The time needed for the MRI vendor to upgrade the system would negatively impact patients.
B. The MRI vendor does not support newer versions of the OS.
C. Changing the OS breaches a support SLA with the MRI vendor.
D. The IT team does not have the budget required to upgrade the MRI scanner.

A

B. The MRI vendor does not support newer versions of the OS.

31
Q

The marketing department at a retail company wants to publish an internal website to the internet so it is reachable by a limited number of specific, external service providers in a secure manner. Which of the following configurations would be BEST to fulfil this requirement?

A. NAC
B. ACL
C. WAF
D. NAT

A

B. ACL

32
Q

As part of the building process for a web application, the compliance team requires that all PKI certificates are rotated annually and can only contain wildcards at the secondary subdomain level. Which of the following certificate properties will meet these requirements?

A. HTTPS://.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00 2022
B. HTTPS://app1.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00 2022
C. HTTPS://.app1.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00 2022
D. HTTPS://*.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00 2023

A

C. HTTPS://*.app1.comptia.org, Valid from April 10 00:00:00 2021 - April 8 12:00:00 2022

CyberSecurity (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions