Idk

Question 1

A legal contract between the holder of confidential information and another person to whom that information is disclosed, prohibiting that other person from disclosing the confidential information to any other party is known as:

Answer 1

NDA

Question 2

A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources is referred to as:

Answer 2

AUP

Question 3

Which of the acronyms listed below refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?

Answer 3

RTO

Recovery Time Objective

Question 4

In business continuity planning, the maximum tolerable point in time to which systems and data must be recovered after an outage is called:

Answer 4

RPO

Recovery Point Objective

Question 5

Which of the following terms is used to describe an average time required to repair a failed component or device?

Answer 5

MTTR

Mean Time To Recovery

Question 6

Which term describes the predicted loss of value to an asset based on a single security incident?

Answer 6

SLE

Single Loss Expectancy

Question 7

Which of the acronyms listed below refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?

Answer 7

ALE

Annual Loss Expectancy

Question 8

An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:

Answer 8

ARO

Annualized Rate of Occurrence

Question 9

In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.

Answer 9

ARO

Annualized Rate of Occurrence

Question 10

In forensic analysis, taking hashes ensures that the collected digital evidence retains:

Answer 10

Integrity

Question 11

Disabling certain system functions or shutting down the system when risks are identified is an example of:

Answer 11

Risk Avoidance

Question 12

Contracting out a specialized technical component when the company’s employees lack the necessary skills is an example of:

Answer 12

Risk Transference

Question 13

Which of the following terms relates closely to the concept of residual risk?

Answer 13

Risk Acceptance

Question 14

Assessment of risk probability and its impact based on subjective judgment falls into the category of:

Answer 14

Qualitative Risk Assessment

Question 15

Quantitative Risk Assessment

Answer 15

A calculation of the Single Loss Expectancy (SLE) is an example of:

Question 16

Which of the following would be of help in preserving the integrity of a digital evidence? (Select 2 answers)

Answer 16

• Disk Imaging

* Hashing

Question 17

Indicating whether a file has been modified since the last backup.

Answer 17

Archive Bit

Question 18

Which of the answers listed below refer to examples of deterrent security controls? (Select 3 answers)

Answer 18

• Warning Signs
• Lighting
• Login Banner

Question 19

What are the examples of preventive security controls? (Select 3 answers)

Answer 19

• OS Hardening
• Separation of Duties
• Security Guards

Question 20

Which of the following answers refer to examples of detective security controls (Select 3 answers)

Answer 20

• System Logs
• Security Audits
• CCTV

Question 21

Which of the answers listed below refer to examples of corrective security controls? (Select 3 answers)

Answer 21

• IPS
• Alternate Site
• Backup Data Recovery

Question 22

Which of the following answers refers to a compensating security control?

Answer 22

Backup Generator

Question 23

Which of the terms listed below DO NOT fall into the category of technical security controls? (Select 3 answers)

Answer 23

• Barricades/Bollards
• Cable Locks
• Secure Cabinets/Enclosures

Question 24

What are the examples of administrative security controls? (Select 3 answers)

Answer 24

• Risk Assessments
• Escalation Procedures
• Contingency Planning

Question 25

Which of the following terms DO NOT fall into the category of physical security controls? (Select 3 answers)

Answer 25

• User password
• Encryption
• AV Software

Question 26

Which of the following methods provides the most effective way for permanent removal of data stored on a magnetic drive?

Answer 26

Degaussing

Question 27

Which of the acronyms listed below refers to any type of information pertaining to an individual that can be used to uniquely identify that person?

Answer 27

PII

Question 28

The US Health Insurance Portability and Accountability Act (HIPAA) provides privacy protection for: (Select best answer)

Answer 28

PHI

Question 29

A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: (Select 3 answers)

Answer 29

• Symmetric Encryption
• Session-Key Encryption
• Secret-Key Encryption

Question 30

Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use?

Answer 30

ECB

Question 31

Which of the block cipher modes listed below provides both data integrity and confidentiality?

Answer 31

GCM

Question 32

In asymmetric encryption, any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key. (True or False)

Answer 32

True

Question 33

Pseudo-random data added to a password before hashing is called:

Answer 33

Salt

Question 34

Which of the following answers refers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks?

Answer 34

Salt

Question 35

Pseudo-random data used in combination with a secret key in WEP and SSL encryption schemes is known as:

Answer 35

IV

Question 36

Examples of means that provide randomization during the encryption process include: (Select 3 answers)

Answer 36

• Cryptographic nonce
• Salting
• IV

Question 37

What are the characteristic features of Elliptic Curve Cryptography (ECC)? (Select 3 answers)

Answer 37

• Asymmetric encryption
• Low processing power
• Suitable for small wireless devices

Question 38

What are the examples of weak/deprecated cryptographic solutions? (Select 3 answers)

Answer 38

• WEP
• SSL
• DES

Question 39

Digital signatures provide: (Select 3 answers)

Answer 39

• Integrity
• Authentication
• Non-repudiation

Question 40

Which of the terms listed below is used to describe a situation where a small change introduced to the input data before encryption causes large changes in its encrypted version?

Answer 40

Diffusion

Question 41

Which of the following terms is used in conjunction with the assumption that the output of a cryptographic function should be considerably different from the corresponding plaintext input?

Answer 41

Confusion

Question 42

Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately. (True or False)

Answer 42

True

Question 43

In cryptography, the number of bits in a key used by a cryptographic algorithm is referred to as a key size or key length. The key size determines the maximum number of combinations required to break the encryption algorithm, therefore typically a longer key means stronger cryptographic security. (True or False)

Answer 43

True

Question 44

What are the characteristic features of a session key? (Select 2 answers)

Answer 44

• Used during a single session

* Symmetric key

Question 45

The term “Ephemeral key” refers to an asymmetric encryption key designed to be used only for a single session or transaction. (True or False)

Answer 45

True

Question 46

In cryptography, the term “Secret algorithm” refers to an algorithm designed in a way that prevents the examination of its inner workings. (True or False)

Answer 46

True

Question 47

Which of the three states of digital data requires data to be processed in an unencrypted form?

Answer 47

Data-in-use

Question 48

In cryptography, the term “Key stretching” refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks. (True or False)

Answer 48

True

Question 49

Which of the answers listed below refers to a solution designed to strengthen the security of session keys?

Answer 49

Perfect forward secrecy (PFS)

Question 50

Which of the following terms illustrate(s) the security through obscurity concept? (Select all that apply)

Answer 50

• Code obfuscation
• Steganography
• SSID broadcast suppression
• Substitution cipher

Question 51

Which of the answers listed below refer to the Advanced Encryption Standard (AES)? (Select 3 answers)

Answer 51

• Symmetric-key algorithm
• 128-, 192-, and 256-bit keys
• Block cipher algorithm

Question 52

Which of the algorithms listed below does not belong to the category of symmetric ciphers?

Answer 52

RSA (Public-key encryption)

Question 53

A cryptographic standard for digital signatures is known as:

Answer 53

Digital Signature Algorithm (DSA) (Public-key cryptography)

Question 54

Which of the following answers refers to a commonly used asymmetric algorithm for secure exchange of symmetric keys?

Answer 54

Diffie-Hellman

Question 55

Which of the following are hashing algorithms? (Select all that apply)

Answer 55

• MD5
• RIPEMD
• HMAC
• SHA

Question 56

What are the examples of key stretching algorithms? (Select 2 answers)

Answer 56

• Bcrypt

* PBKDF2

Question 57

Which of the answers listed below refer to obfuscation methods? (Select 3 answers)

Answer 57

• Steganography
• XOR cipher
• ROT13

Question 58

A security protocol designed to strengthen WEP implementations is known as:

Answer 58

TKIP

Question 59

What are the characteristic features of WPA/WPA2 Enterprise mode? (Select 2 answers)

Answer 59

• Suitable for large corporate networks

* Requires RADIUS authentication server

Question 60

Which of the following answers refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates?

Answer 60

Public Key Infrastructure (PKI)

Question 61

A type of trusted third party that issues digital certificates used for creating digital signatures and public-private key pairs is known as:

Answer 61

Certificate Authority (CA)

Question 62

Which of the following solutions allow to check whether a digital certificate has been revoked? (Select 2 answers)

Answer 62

• CRL

* OSCP

Question 63

What is the fastest way for validating a digital certificate?

Answer 63

OSCP

Question 64

Which of the answers listed below refers to a method for requesting a digital certificate?

Answer 64

Certificate Signing Request (CSR)

Question 65

Which of the following allows for checking digital certificate revocation status without contacting Certificate Authority (CA)?

Answer 65

OCSP Stapling (Determines if an SSL certificate is valid)

Question 66

A security mechanism that allows HTTPS websites to resist impersonation by attackers using fraudulent certificates is called:

Answer 66

HTTP Public Key Pinning (HPKP)

Question 67

Which of the answers listed below refer to examples of PKI trust models?

Answer 67

• Single CA model
• Hierarchical model (root CA + intermediate CAs)
• Mesh model (cross-certifying CAs)
• Web of trust model (all CAs act as root CAs)
• Client-server mutual authentication model
• *** All of the above

Question 68

A trusted third-party storage solution providing backup source for cryptographic keys is referred to as:

Answer 68

Key Escrow

Question 69

Copies of lost private encryption keys can be retrieved from a key escrow by recovery agents. Recovery agent is an individual with access to key database and permission level allowing him/her to extract keys from escrow.
(True or False)

Answer 69

True

Question 70

The term “Certificate chaining” refers to a process of verifying the authenticity of a newly received digital certificate. Such process involves checking all of the certificates in the chain of certificates from a trusted root CA, through any intermediate CAs, down to the certificate issued to the end user. A new certificate can only be trusted if each certificate in that certificate’s chain is properly issued and valid.
(True or False)

Answer 70

True

Question 71

Which digital certificate type allows multiple subdomains to be protected by a single certificate?

Answer 71

Wildcard certificate

Question 72

A digital certificate which allows multiple domains to be protected by a single certificate is known as:

Answer 72

Subject Alternative Name (SAN) certificate

Question 73

Which of the following certificate formats is used to store a binary representation of a digital certificate?

Answer 73

Distinguished Encoding Rules (DER)

Question 74

Which of the answers listed below refers to the most common format in which Certificate Authorities (CA) issue certificates?

Answer 74

Privacy Enhanced Mail (PEM)

Question 75

Which digital certificate formats are commonly used to store private keys? (Select 2 answers)

Answer 75

• PFX

* P12

Question 76

Which of the answers listed below refers to a technology designed to simplify network infrastructure management?

Answer 76

Software-Defined Networking (SDN)

Question 77

Which of the following answers refers to a data storage device equipped with a hardware-level encryption functionality?

Answer 77

Self-Encrypting Drive (SED)

Question 78

A hardware device or a plugin-in card used for secure management, processing and storage of cryptographic keys is known as:

Answer 78

Hardware Security Module (HSM)

Question 79

The term “Remote attestation” refers to a TPM’s capability to check a computer system’s integrity against a remote trusted third-party service.
(True or False)

Answer 79

True

Question 80

The concept of a secure supply chain is based on the assumption that all hardware/software should originate from reliable sources.
(True or False)

Answer 80

True

Question 81

EMI shielding protects the transferred data signals from: (Select all that apply)

Answer 81

• Outside interference

* Eavesdropping

Question 82

The term “Trusted OS” refers to an operating system:

Answer 82

Equipped with enhanced security features

Question 83

A system providing the capability for remote control, real-time monitoring, and gathering information related to industrial equipment is generally referred to as:

Answer 83

Industrial Control System (ICS)

Question 84

Which of the following answers lists an example of an industrial control system solution?

Answer 84

SCADA

Question 85

Which of the following would be the most effective in securing an ICS infrastructure?

Answer 85

Network isolation

Question 86

A document stored in the memory of this device can pose a risk of an unauthorized data access.

Answer 86

MFD

Question 87

Which of the answers listed below refer to technical security controls that can be applied to an UAV? (Select 2 answers)

Answer 87

• Wireless signal encryption

* Password protection

Question 88

An SDLC model featuring a linear design process consisting of distinct sequential stages is known as:

Answer 88

Waterfall

Question 89

One of the main premises behind the waterfall software development model is the adaptation to changes during the software development process rather than strict adherence to a well-documented sequence of steps.
(True or False)

Answer 89

False

Question 90

Which of the following terms refers to a DevOps software deployment approach in which applications and services are redeployed rather than modified whenever a need for introducing a change occurs?

Answer 90

Immutable systems

Question 91

A DevOps practice that replaces manual configuration of hardware with automatic deployment through code is called:

Answer 91

Infrastructure as Code (IaC)

Question 92

Which programming aspects listed below are critical in secure application development process? (Select 2 answers)

Answer 92

• Input validation

* Error and Exception handling

Question 93

Which of the following answers refers to a countermeasure against code injection?

Answer 93

Input validation

Question 94

The process of removing redundant entries from a database is known as:

Answer 94

Normalization

Question 95

What are the countermeasures against SQL injection attacks? (Select 2 answers)

Answer 95

• Stored procedures

* Input validation

Question 96

What is the purpose of code signing? (Select 2 answers)

Answer 96

• Confirms the application’s source of origin

* Validates the application’s integrity

Question 97

Code obfuscation techniques rely on encryption to protect the source code against unauthorized access.
(True or False)

Answer 97

False

Question 98

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:

Answer 98

Dead Code

Question 99

Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform?

Answer 99

Software Development Kit (SDK)

Question 100

A collection of commonly used programming functions designed to speed up a software development process is known as:

Answer 100

Library

Question 101

What type of third-party code poses increased security risks during the application development process? (Select all that apply)

Answer 101

• SDK

* Library

Question 102

A dynamic code analysis allows for detecting application flaws without the need for actual execution of the application code.
(True or False)

Answer 102

False

Question 103

The practice of finding vulnerabilities in an application by feeding it incorrect input is known as:

Answer 103

Fuzzing

Question 104

A type of code that has already been translated from a high-level programming language into a low-level programming language and converted into an executable file is referred to as:

Answer 104

Compiled code

Question 105

A type of code saved in the same format as it was entered and interpreted during program execution is called:

Answer 105

Runtime code

Question 106

In virtualization technology, a software program that manages multiple operating systems (or multiple instances of the same operating system) on a single computer system is called:

Answer 106

Hypervisor

Question 107

This occurs when the number of virtual machines on a network reaches a point where the administrator can no longer manage them effectively.

Answer 107

VM Sprawl

Question 108

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers)

Answer 108

• Usage audit

* Asset documentation

Question 109

An exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact indirectly with the hypervisor.

Answer 109

VM Escape

Question 110

What are the countermeasures against VM escape? (Select 2 answers)

Answer 110

• Sand boxing

* Patch management

Question 111

Which of the following answers refers to a security policy enforcement software tool or service placed between cloud service users and cloud applications?

Answer 111

Cloud Access Security Broker (CASB)

Question 112

A type of text file containing security configuration settings used for security policy automation in Windows-based environments is known as:

Answer 112

Template

Question 113

Method used by IPSec to create a secure tunnel by encrypting the connection between Authenticated peers.

Answer 113

Internet Key Exchange (IKE)

Question 114

Establishment of secure connections and shared security information using certificates or cryptographic keys.

Answer 114

Security Association (SA)

Question 115

Provides integrity, confidentiality, and authenticity of packets by encapsulating and encrypting them.

Answer 115

Encapsulating Security Payload (ESP)

Question 116

What IPSec protocol provides authentication, integrity and confidentiality?

Answer 116

ESP (Encapsulating Security Payload)

Question 117

Host to host transport mode only uses encryption of the payload of an IP packet but not it’s header.

Answer 117

Transport Mode within IPSec

Question 118

Protocol used in IPSec that provides integrity and authentication.

Answer 118

Authentication Header (AH)

Question 119

Is used for transmission between hosts on a private network.

Answer 119

Transport Mode

Question 120

A network tunnel is created which encrypts the entire IP packet (payload and header).

Answer 120

Tunnel Mode

Question 121

Commonly used for transmission between networks.

Answer 121

Tunnel Mode

Question 122

Provides data striping across multiple disks to increase performance.

Answer 122

RAID 0

Question 123

Provides redundancy by mirroring the data identically on two hard disks.

Answer 123

RAID 1

Question 124

Provides redundancy by striping data and parity data across the disk drives.

Answer 124

RAID 5

Question 125

Provides redundancy by striping and double parity data across the disk drives.

Answer 125

RAID 6

Question 126

Creates a striped RAID of two mirrored RAIDs

combines RAID 1 & RAID 0

Answer 126

RAID 10

Question 127

Two or more servers working together to perform a particular job function.

Answer 127

Cluster

Question 128

A secondary server can take over the function when the primary one fails.

Answer 128

Failover Cluster

Question 129

Servers are clustered in order to share resources such as CPU, RAM, and hard disks.

Answer 129

Load-Balancing Cluster

Question 130

A modification introduced to a computer code that changes its external behavior (e.g. to maintain compatibility between a newer OS and an older version of application software) is called:

Answer 130

Shimming

Question 131

The practice of optimizing existing computer code without changing its external behavior is known as:

Answer 131

Refactoring

Question 132

Which of the terms listed below refer(s) to software/hardware driver manipulation technique(s) that might be used to enable malware injection? (Select all that apply)

Answer 132

• Refactoring

* Shimming

Question 133

Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version?

Answer 133

Known-Plaintext Attack (KPA)

Question 134

A man-in-the-middle attack that forces modern clients (browsers) and servers (websites) to downgrade the security protocol to SSLv3 from TLSv1.0 or higher.

Answer 134

Poodle (Padding Oracle On Downgraded Legacy Encryption)

Question 135

Which of the following answers lists an example of a cryptographic downgrade attack?

Answer 135

Poodle

Question 136

Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)

Answer 136

• IPSec
• Kerberos
• CHAP

Question 137

Which of the statements listed below describe the purpose behind collecting OSINT? (Select 3 answers)

Answer 137

• Gaining advantage over competitors
• Passive reconnaissance in penetration testing
• Preparation before launching a cyberattack

Question 138

Penetration testing: (Select all that apply)

Answer 138

• Bypasses security controls
• Actively tests security controls
• Exploits vulnerabilities

Question 139

Vulnerability scanning: (Select all that apply)

Answer 139

• Identifies lack of security controls
• Identifies common misconfigurations
• Passively tests security controls

Question 140

Which of the following factors pose the greatest risk for embedded systems? (Select 2 answers)

Answer 140

• Inadequate vendor support

* Default configurations

Question 141

After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:

Answer 141

Improper error handling

Question 142

An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attackers IP address instead of the IP address of the default gateway.

Answer 142

ARP Poisoning

Question 143

An attacker intercepts user data and tries to use this information later to impersonate the user to obtain unauthorized access to resources on a network.

Answer 143

Replay Attack

Question 144

A wireless disassociation attack is a type of:

Answer 144

DoS attack

Question 145

Which of the statements listed below describe the purpose behind collecting OSINT?

Answer 145

• Gaining advantage over competitors
• Passive reconnaissance in penetration testing
• Preparation before launching a cyberattack

Question 146

An e-commerce store app running on an unpatched web server is an example of:

Answer 146

Vulnerable business process

Question 147

A situation in which an application fails to properly release memory allocated to it or continually request more memory than it needs is called:

Answer 147

Memory leak

Question 148

A situation in which an application writes to an area of memory that it is not supposed to access is referred to as:

Answer 148

Buffer overflow

Question 149

Which of the following terms describes an attempt to read a variable that stores a null value?

Answer 149

Pointer de-reference

Question 150

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

Answer 150

DLL

Question 151

Which of the terms listed below describes a type of attack that relies on executing a library of code?

Answer 151

DLL injection

Question 152

What is described as one of the aspects of poor asset management process?

Answer 152

System sprawl

Question 153

An effective asset management process provides countermeasures against?

Answer 153

• System sprawl
• Undocumented assets
• Architecture & Design weaknesses

Question 154

What applies to a request that doesn’t match the criteria defined in an ACL?

Answer 154

Implicit deny rule

Question 155

Jsjsjjsjs

Answer 155

Stateless Firewall

Question 156

Hdjfjj

Answer 156

Statefull Firewall

Question 157

VPNs can be either remote-access (used for connecting to a computer to a network) or site-to-site (used for connecting networks).

Answer 157

True

Question 158

What part of the IPSec protocol suite provides authentication and integrity?

Answer 158

AH (Authentication Header)

Question 159

Which of the terms listed below describes a type of VPN that alleviates bottlenecks and conserves bandwidth by allowing users simultaneously make use of both the VPN and public network links?

Answer 159

Split tunnel

Question 160

The term “Always-on VPN” refers to a type of persistent VPN connection that starts automatically as soon as the computer detects a network link.

Answer 160

True

Question 161

An IDS that detects intrusions by comparing network traffic against the previously established baseline can be classified as:

Answer 161

• Heuristic
• Anomaly-based
• Behavioral

Question 162

A type of IDS that relies on predetermined attack patterns to detect intrusions is referred to as a signature-based IDS.

Answer 162

True

Question 163

A security administrator configured an IDS to receive traffic from a network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the IDS?

Answer 163

• Passive

* Out-of-band

Question 164

Which of the following answers applies to a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?

Answer 164

IEEE 802.1X

Question 165

Which of the following protocols provide protection against switching loops?

Answer 165

• STP (?)

* RSTP (?)

Question 166

What is the name of a security mechanism that protects a network switch against populating it’s MAC table with invalid source addresses?

Answer 166

Flood Guard

Question 167

Which of the following statements describe the function of a forward proxy?

Answer 167

• Acts on behalf of a client

* Hides the identity of a client

Question 168

Which of the statements listed below describe the function of a reverse proxy?

Answer 168

• Acts on behalf of a server

* Hides the identity of a server

Question 169

What are the characteristic features of a transparent proxy?

Answer 169

• Doesn’t require client-side configuration
• Redirects clients requests and responses without modifying them
• Clients might be unaware of the proxy service

Question 170

A non-transparent proxy:

Answer 170

• Modifies clients request and responses

* Requires client-side configuration

Question 171

Which of the terms listed below refers to a method that ignores the load balancing algorithm by consistently passing requests from a given client to the same server?

Answer 171

Session Affinity

Question 172

In a round-robin method, each consecutive request is handled by:

Answer 172

Next server in the cluster

Question 173

In active-passive mode, load balancers distribute network traffic across:

Answer 173

Servers marked as active

Question 174

In active-active mode, load balancers distribute network traffic across:

Answer 174

All servers

Question 175

What type of IP address would be assigned to a software-based load balancer to handle an internet site hosted on several web servers, each with its own private IP address?

Answer 175

Virtual IP address

Question 176

An infrastructure device designed for connecting wireless/wired client device to a network is commonly referred to as:

Answer 176

Access Point (AP)

Question 177

Which of the tools listed below would be of help in troubleshooting signal loss and low wireless network signal coverage?

Answer 177

WAP power level controls

Question 178

Which of the following answers refers to a common antenna type used as a standard equipment on most access points (AP) for indoor Wireless Local Area Network (WLAN) deployment?

Answer 178

Dipole antenna

Question 179

Which of the antenna types listed below provide a 360-degree horizontal signal coverage?

Answer 179

• Dipole antenna

* Omnidirectional antenna

Question 180

Which of the following answers refer to highly directional antenna types used for long-range point-to-point bridging links?

Answer 180

• Dish antenna

* Unidirectional antenna

Question 181

A type of architecture in which most of the network configuration settings of an Access Point (AP) are set and managed with the use of a central switch or controller is called:

Answer 181

Thin AP

Question 182

The standard for web application security.

Answer 182

OWASP (Open Web Application Security Process)

Question 183

When multiple threads in an application are using the same variable.

Answer 183

Race Conditions

Question 184

A malfunction in preprogrammed sequential access to a shared resource is described as:

Answer 184

Race Condition

Question 185

The international standard used for maintaining security systems.

Answer 185

ISO 27002

Question 186

Used for cloud security.

Answer 186

ISO 27017

Question 187

A physical device used for authentication and can store digital certificates.

Answer 187

Tokens

Question 188

An attacker embeds malicious scripting commands on a trusted website.

Answer 188

XSS (Cross Site Scripting)

Question 189

An attacker forces a user to execute actions on a web server for which they are already authenticated.

Answer 189

XSRF/CSRF (Cross Site Request Forgery)

Question 190

An unauthorized user will be granted access.

Answer 190

FAR (False Acceptance Rate)

Question 191

An authorized user will be rejected access.

Answer 191

FRR (False Rejection Rate)

Question 192

Fastest to backup but slowest to restore.

Answer 192

Incremental

Question 193

Slowest to backup but fastest to restore.

Answer 193

Differential

Question 194

A client (generally either a user or a service) sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client’s password as the key, and sends the encrypted TGT back to the client.

Answer 194

Kerberos

Question 195

Which of the following terms is used to describe a text message containing system information details displayed after connecting to a service on a server?

Answer 195

Banner

Question 196

The practice of connecting to an open port on a remote host to gather more information about its configuration is known as:

Answer 196

Banner Grabbing

Question 197

What is the name of a command-line utility that allows for displaying protocol statistics and current TCP/IP network connections?

Answer 197

Netstat

Question 198

Netstat is a command-line utility which can be used for:

Answer 198

Displaying active TCP/IP connections

Question 199

Which netstat parameter allows to display all connections and listening ports?

Answer 199

-a

Question 200

Which netstat parameter displays addresses and port numbers in numerical form?

Answer 200

-n

Question 201

A network command-line utility in MS Windows that tracks and displays the route taken by an IP packet on its way to another host is called:

Answer 201

Tracert

Question 202

A Linux command-line utility for displaying intermediary points (routers) an IP packet is passed through on its way to another network node is known as:

Answer 202

Traceroute

Question 203

Which of the following CLI tools is used to troubleshoot DNS-related problems?

Answer 203

Nslookup

Question 204

ARP is used to perform what kind of resolution?

Answer 204

IP to MAC

Question 205

Which command in MS Windows displays a table consisting of IP addresses and their resolved physical addresses?

Answer 205

Arp-a

Question 206

Which of the answers listed below refers to a command-line packet capturing utility?

Answer 206

Tcpdump

Question 207

Which of the following command-line tools is used for discovering hosts and services on a network?

Answer 207

Nmap

Question 208

Which of the command-line utilities listed below can be used to perform a port scan? (Select 2 answers)

Answer 208

• Nmap

* Netcat

Question 209

A command-line tool that can be used for banner grabbing is called:

Answer 209

Netcat

Question 210

The term “Segmentation fault” refers to: (Select 2 answers)

Answer 210

• Access violation

* Memory management

Question 211

Which of the tools listed below can be used for troubleshooting problems related to digital certificates? (Select 2 answers)

Answer 211

• OSCP

* CRL

Question 212

A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as:

Answer 212

DLP

Question 213

An OS security feature designed to ensure safe memory usage by applications is known as:

Answer 213

DEP

Question 214

Which of the acronyms listed below refers to a firewall controlling access to a web server?

Answer 214

WAF

Question 215

A wireless connectivity technology primarily used in low-powered sports and fitness mobile devices is known as:

Answer 215

ANT

Question 216

A framework of protocols that allows for numerous methods of authentication including passwords, digital certificates, and public key infrastructure.

Answer 216

EAP

Extensible Authentication Protocol

Question 217

Which of the following EAP methods offers the highest level of security?

Answer 217

EAP-TLS

Question 217

Uses simple passwords for its challenge-authentication.

Answer 217

EAP-MD5

Question 219

Which of the EAP methods listed below relies on client-side and server-side certificates to perform authentication?

Answer 219

EAP-TLS

Question 220

Digital certificates for mutual authentication.

Answer 220

EAP-TLS

Question 221

Uses a server-side digital certificate and a client-side password for mutual authentication.

Answer 221

EAP-TTLS

Question 222

Provides flexible authentication via secure tunneling (FAST) by using a protected access credential instead of a certificate for mutual authentication.

Answer 222

EAP-FAST

Question 223

Supports mutual authentication by using server certificates and Microsoft’s Active Directory to authentication a clients password.

Answer 223

PEAP

(Protected EAP)

Question 224

Is a proprietary to Cisco-based networks.

Answer 224

LEAP

Question 225

In a persistent VDI:

Select 2 answers

Answer 225

• Each user runs their own copy of a virtual desktop.

* At the end of a session, user data and personal settings are saved.

Question 226

Characteristics of a non-persistent VDI:

Select 2 answers

Answer 226

• At the end of a session, user desktop reverts to its original state.
• Virtual desktop is shared among multiple users.

Question 227

What are the characteristics of TACACS+?

Select 3 answers

Answer 227

• Encrypts the entire payload of the access-request packet.
• Primarily used for device administration.
• Separates authentication and authorization.

Question 228

What are the characteristics of RADIUS?

Select 3 answers

Answer 228

• Primarily used for network access.
• Combines authentication and authorization.
• Encrypts only the password in the access-request packet.

Question 229

Which of the answers listed below refers to an XML-based markup language for exchanging authentication and authorization data?

Answer 229

SAML

Question 230

OpenID Connect is a protocol used for:

Answer 230

Authentication

Question 231

Which of the following answers refers to an open-standard reference architecture for authentication?

Answer 231

OATH

Question 232

OAuth is an open standard for:

Answer 232

Authorization

Question 233

Which of the answers listed below refers to a SAML-based SSO system?

Answer 233

Shibboleth

Question 234

Which of the following answers refers to a commonly used solution for tracking user access in a federated SSO system?

Answer 234

Secure token

Question 235

A proprietary suite of security protocols providing authentication, integrity, and confidentiality to users in MS Windows network is called:

Answer 235

NTLM

Question 236

Which of the answers listed below refers to a preferred authentication protocol recommended by MS Windows network?

Answer 236

Kerberos

Question 237

Which access control model defines access control rules with the use of statements that closely resemble natural language?

Answer 237

ABAC

Question 238

Group-based access control in MS Windows is an example of:

Answer 238

RBAC

Question 239

Which of the following answers refers to the correct formula to calculating probable financial loss due to a risk over a one-year period?

Answer 239

ALE = ARO x SLE

Question 240

If one service generates $10,000 per hour in revenue. The probability of this service failing during this year is estimated to be 10% and the failure would lead to 3 hours of downtime. What is the ALE?

Answer 240

SLE x ARO = ALE

AV = $10,000
EF = 3
10,000 x 3 = 30,000

SLE = $30,000
ARO = 10%
30,000 x .10 = 3,000

ALE = $3,000

Question 241

You have an asset valued at $16,000. The exposure factor of a risk affecting that asset is 35%. The annualized rate of occurrence is 75%. What is the SLE?

Answer 241

AV x EF = SLE

AV = $16,000
EF = 35%
16,000 x .35 = 5,600

SLE = $5,600

Question 242

Anything less than 10 has a (.0) in front of the core number.

Anything in the 10’s has a (.) in front of the core number.

Anything in the 100’s has a core number followed by (x.xx).

• Move decimal point 2 times from RIGHT-to-LEFT

Answer 242

1 = .01
2 = .02 : And so on! 

10 = .1
57 = .57 : And so on! 

100 = 1
101 = 1.01
267 = 2.67 : And so on!

Question 243

The loss that will happen in the asset as a result of the threat.
(Expresses as a percentage value)

Answer 243

EF (Exposure Factor)

Question 244

The method of assessing the worth of the organization’s information system assets based on its CIA security.

Answer 244

AV (Asset Value)