Level up 4 Flashcards
Which of the following password policies may involve a list of approved special characters for a password?
A
Password length
B
Password complexity
C
Password resemblance
D
Password history
B
Password complexity
What does a firewall use to permit or deny actions?
A
EDR
B
FIM
C
Honeypots
D
Access lists
D
Access lists
An auditor is examining a company’s network. They discover that there is only one device responsible for providing internet access to the internal network. What type of issue does the company have?
A
Ongoing supportability
B
Technical debt
C
Single point of failure
D
Least privilege
C
Single point of failure
A user swipes her finger on the biometric sensor for the data center but receives an “Access Denied” notification. She was recently in the server room and is simply returning. She tries the scanner again and is permitted inside.
What is the term used when a system denies access to a user who should actually be allowed on the system?
A
False acceptance
B
False rejection
C
Runtime error
D
Parity error
B
False rejection
An incident has been handled, and the administrators have documented the vulnerability, incident response, and any remaining damages. With this completed, the organization wants to discuss the incident and make sure it does not occur again.
What is this phase?
A
Lessons Learned
B
Recovery
C
Eradication
D
Containment
A
Lessons Learned
Which activity involves actively probing systems to discover vulnerabilities?
A
Reporting
B
Scanning
C
Log aggregation
D
Alerting
Why is this the correct answer?
Continously probes systems to discover vulnerabilities
B
Scanning
After identifying the infected systems in a security breach, the administrator moves the systems into their own logical network where they cannot interact with other systems. What type of strategy are they implementing?
A
Verification
B
Exemptions
C
Exceptions
D
Segmentation
D
Segmentation
An attacker is examining a company they will potentially attack. They are looking at the company’s social media and website in order to create a profile of the CEO. They were able to derive the CEO’s email address, as well as potential subordinates.
Of the following, which did the attacker use in this attack?
A
Open-source intelligence
B
IoCs
C
Vulnerability scan
D
ISAC
Why is this the correct answer?
Some Info is readily available
A
Open-source intelligence
A penetration tester has been hired by Acme Inc. to investigate a corporate application that is responsible for an important organizational function. The tester discovers that a buffer overflow attack allows them to execute code on the system as an administrative account.
What type of vulnerability is the application susceptible to?
A
Directory traversal
B
Credential replay
C
Collision
D
Privilege escalation
D
Privilege escalation
A workstation that was recently cleaned of infection is showing signs of malware again. The administrator is concerned and runs an antivirus scan, but it reports that the system is clear. As the administrator attempts to open Task Manager, they get a “permission denied” error.
Which of the following is the MOST likely culprit?
A
Worm
B
Spyware
C
Rootkit
D
Trojan
C
Rootkit
