Incorrect Answers Flashcards
What term refers to an organization’s predetermined level of acceptable risk exposure?
Risk tolerance
Risk tolerance refers to an organization’s predetermined level of acceptable risk exposure. It represents the extent to which an organization is willing to tolerate potential risks before taking action to mitigate or avoid them.
Reginald, an IT Manager, is the owner of a file on a server and wants to grant his colleagues access to the file. He is the only one who can decide who is allowed access to the file and what actions they can perform on it. Which authorization model is being used in this scenario?
DAC
Discretionary Access Control (DAC) is an authorization model where the owner of the resource decides who is allowed to access it.
Which of the following terms refer to the specific laws and regulations set by a country’s government that dictate how the personal data of its citizens should be collected, stored, and processed?
National legal implications
National legal implications are laws and regulations set at the country level that outline the requirements and boundaries for data protection and privacy.
At Kelly Innovations Corp., Sarah noticed that their core business application, which tracks customer orders, was not updating inventory levels accurately. A recent update seemed to have introduced a bug. Which of the following would offer the BEST solution?
Application rollback
Reverting an application to a previous state or version from a backup to correct issues caused by updates or changes. In this scenario, restoring the application from a backup taken two days earlier is an example of an application rollback and would be the most effective solution.
Which of the following statements BEST explains the importance of environmental variables in regard to vulnerability management?
Environmental variables refer to the unique characteristics of an organization’s infrastructure that can affect vulnerability assessments and risk analysis
Environmental variables refer to the unique characteristics of an organization’s infrastructure, business environment, and operational context that can impact vulnerability assessments and risk analysis. Understanding these variables is crucial to conducting effective vulnerability management and developing appropriate risk mitigation strategies.
Dion Training Solutions is aiming to optimize their wide-area network (WAN) while ensuring advanced network management and performance optimization. They are considering a solution that can be deployed both on-premises and in the cloud. Which of the following technologies would BEST match their requirements?
SD-WAN
SD-WAN (Software-defined wide area network) provides centralized network management, flexible routing, and traffic management capabilities. It can be hosted both on-premises and in the cloud, giving it an edge for comprehensive WAN optimization.
What element of backup strategy involves making data copies regularly at set intervals?
Frequency
Frequency refers to how often data backups are carried out. Regular backups at set intervals are crucial to minimize the potential loss of data.
When evaluating the introduction of automated systems in a security operations center (SOC), which of the following is a prominent time-related benefit that security professionals might expect?
Reduced response time to security incidents.
Automated systems can instantly detect and respond to threats, ensuring faster mitigation compared to manual responses. Automation can speed up patching, but it doesn’t necessarily extend the time patching takes.
Which of the following BEST describes an approach where the foundational systems are set up and overseen using scripts and automated instruments instead of hands-on methods?
IaC
Infrastructure as code (IaC) allows infrastructure to be provisioned and managed using code, making it easier to manage, replicate, and scale.
Kelly Innovations Corp, an IT company, is implementing a process of encryption where two parties establish a shared secret for communication purposes. Which of the following MOST accurately describes this process?
Key exchange
Key exchange is a process in which two communicating parties establish a shared secret key, typically used for symmetric encryption. This key is established in a manner so that eavesdroppers, even if they intercept the key exchange messages, cannot determine the shared key.
When sending an encrypted message to Dion Training, a client would use which of the following to ensure only Dion Training can decrypt and read the message?
Public key
The client would use the company’s public key to encrypt the message. Only Dion Training, with the corresponding private key, can decrypt and read the message, ensuring confidentiality and demonstrating the importance of public-key cryptography.
Which of the following is an aspect of asset management that ensures that each IT asset is clearly associated with a specific individual or department, providing clarity on responsibilities and access rights?
Ownership
Ownership helps in determining who is responsible for the asset, ensuring clear lines of accountability and often helping in deciding the access rights.
Reed, a cybersecurity specialist at Dion Training Solutions, is optimizing the company’s IPS. He notes that while signature-based detection is highly effective against known threats, it has some limitations. Which of the following BEST describes a limitation of signature-based detection in an IPS?
It might not detect zero-day exploits.
Signature-based detection relies on a database of known threat patterns. Therefore, it might not recognize or stop new threats or zero-day exploits because their signatures aren’t in the database yet.
Which mitigation technique involves the use of tools like Nagios or Splunk to continuously observe and check the operation of a system or network?
Monitoring
Monitoring, the continuous observation and checking of system or network operations, often involves tools like Nagios or Splunk to ensure its functionality and security.
Susan, a security analyst at Kelly Innovations LLC, is reviewing alerts from the IPS. She recognizes a pattern of false positives from signature-based detections. Which of the following is the MOST likely cause for false positives in signature-based detection systems?
The signatures require tuning.
When signatures are overly broad or not precisely defined, they might incorrectly match legitimate network traffic, leading to false positives. Signature-based detection works by inspecting traffic patterns, whether encrypted or not.
Which of the following characteristics of a cloud architecture model describes a model that can quickly recover from failures due to adverse conditions?
Ease of Deployment
Resilience
Resilience in cloud architecture refers to the ability of the system to quickly recover from failures and maintain operational performance, crucial for ensuring availability during adverse conditions.
Clumsy Contraptions Engineering is seeking to change its security footing. In the past, they have found that too many pieces of malicious software have gotten past the system. Their Chief Security Officer believes they need a device which will actively evaluate traffic and reject or modify packets according to policies the company sets. What type of device is the CSO suggesting?
Inline
Inline devices are designed to interact with network traffic actively and can take actions such as accepting, rejecting, or modifying packets, making them the optimal choice for this scenario.
Florence is the CEO of a company. She has the final say over all decisions made regarding the business, IT, accounting, and other departments. What type of governance does Florence’s company have?
Centralized governance
Centralized governance involves decision-making authority concentrated in a single authority or department within an organization. In this structure, key decisions are made at the top level and are then disseminated throughout the organization.
Which of the following ports, if left open and unmonitored, might allow database queries from unauthorized external sources?
Port 1433
Port 1433 is the default for Microsoft SQL Server. Organizations typically restrict or monitor access to this port to prevent unauthorized database operations. Domain Name System (DNS) uses port 53 for resolving domain names into IP addresses. It isn’t associated with database operations. Port 443 is used for secure web traffic through SSL/TLS. It’s not directly related to database queries. File Transfer Protocol (FTP) uses port 21 for unencrypted data transfers, not for database operations.
Reed & Jamario Security Services has recommended your company use a port based system to prevent unauthorized users and devices. Which of the following are they recommending?
802.1X
802.1x is a standard developed by the IEEE to govern port-based network access. When used with a RADIUS based authentication server it provides authentication services, checking user credentials to ensure that the user is a legitimate part of the organization and granting access to only those areas of the system that the user is allowed to access.
Which asymmetric encryption technique provides a comparable level of security with shorter key lengths, making it efficient for cryptographic operations?
ECC
ECC (Elliptic curve cryptography) is a type of trapdoor function that is efficient with shorter key lengths. For instance, ECC with a 256-bit key provides roughly the same security as RSA with a 2048-bit key. The primary advantage is that ECC has no known shortcuts to cracking it, making it particularly robust.
Dion Training has recently implemented a new web portal for their customers. During a routine security review, the IT team notices that some suspicious activities have been logged. An unknown user attempted to access the system with a strange pattern: when requesting a particular user file, instead of the usual URL structure ( /users/[username]/profile ) the system registered requests like ( /users/../admin/config ). Within a short span of time, several such patterns were identified, each trying to reach different sensitive files and directories. Given this information, which of the following types of attack is the user MOST likely attempting?
Attempting to access files outside of intended directories.
This scenario is a classic example of directory traversal. The described activities are consistent with an attacker trying to move up the directory structure and access files or directories they shouldn’t. This often involves navigating directories in ways the system didn’t intend.
Horizon Security, a cybersecurity training company, experienced a data breach due to a vendor’s negligence. This breach led to a significant loss of sensitive customer information. What type of consequence is Horizon MOST likely to face?
Reputational damage
Reputational damage refers to the potential harm or negative impact on Horizon’s reputation due to its failure to comply with data protection regulations. As a result of the data breach, customers may come to believe that Horizon doesn’t know enough about cybersecurity to prevent the breach and/or properly protect its customer data. Its reputation in the cybersecurity training industry may be tarnished.
The executive team at a software development firm decides that any project with a potential financial impact greater than $500,000 due to a security incident will require an immediate review and intervention. This financial impact figure represents which of the following in risk management
Risk threshold
The $500,000 financial impact figure is an example of a risk threshold, as it is the specific point at which the company must act to mitigate risk.
