Multiple Choice 3 Flashcards
Which of the following would be the BEST method for creating a detailed diagram of wireless
access points and hotspots?
Footprinting
Footprinting is an ethical hacking technique used to gather as much data as possible about a specific targeted computer system, an infrastructure and networks to identify opportunities to penetrate them.
Which of the following will MOST likely adversely impact the operations of unpatched traditional
programmable-logic controllers, running a back-end LAMP server and OT systems with human-
management interfaces that are accessible over the Internet via a web interface? (Choose two.)
Weak encryption & Server-side request forgery
A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or
damaged corporate-owned mobile devices. Which of the following technologies would be BEST
to balance the BYOD culture while also protecting the company’s data?
Containerization
You cannot run a Full Disk Encryption on a Staff’s Device. Rather you place the official
application in a container.
A Chief Security Office’s (CSO’s) key priorities are to improve preparation, response, and
recovery practices to minimize system downtime and enhance organizational resilience to
ransomware attacks. Which of the following would BEST meet the CSO’s objectives?
Implement application whitelisting and centralized event-log management, and perform regular
testing and validation of full backups.
A network engineer has been asked to investigate why several wireless barcode scanners and
wireless computers in a warehouse have intermittent connectivity to the shipping server. The
barcode scanners and computers are all on forklift trucks and move around the warehouse during
their regular use. Which of the following should the engineer do to determine the issue? (Choose
two.)
Perform a site survey & Create a heat map
Heat map; a graphical representation of cyber risk data
A security administrator suspects an employee has been emailing proprietary information to a
competitor. Company policy requires the administrator to capture an exact copy of the
employee’s hard disk. Which of the following should the administrator use?
dd
duplicate disk/data dump show sources
DD file is a disk image file and replica of a hard disk drive
Which of the following is MOST likely to outline the roles and responsibilities of data controllers
and data processors?
GDPR
Phishing and spear-phishing attacks have been occurring more frequently against a company’s
staff. Which of the following would MOST likely help mitigate this issue?
Exact mail exchanger records in the DNS
A Mail Exchanger record (MX record) is a type of resource record in the Domain Name System that specifies a mail server responsible for accepting email messages on behalf of a recipient’s domain
On which of the following is the live acquisition of data for forensic analysis MOST dependent?
(Choose two.)
Value and volatility of data & Right-to-audit clauses
Data volatility measures how quickly data disappears from a system
A right to audit clause entitles your organization to review your vendor’s work product and reporting
Which of the following incident response steps involves actions to protect critical systems while
maintaining business operations?
Containment
A security auditor is reviewing vulnerability scan data provided by an internal security team.
Which of the following BEST indicates that valid credentials were used?
The scan enumerated software versions of installed programs
Enumeration is defined as a process which establishes an active connection to the target hosts to discover potential attack vectors in the system
Which of the following BEST explains the difference between a data owner and a data custodian?
The data owner is responsible for determining how the data may be used, while the data
custodian is responsible for implementing the protection to the data
A network engineer needs to build a solution that will allow guests at the company’s headquarters
to access the Internet via WiFi. This solution should not allow access to the internal corporate
network, but it should require guests to sign off on the acceptable use policy before accessing the
Internet. Which of the following should the engineer employ to meet these requirements?
Install a captive portal
A captive portal is a Web page that the user of a public-access network is obliged to view and interact with before access is granted
An organization with a low tolerance for user inconvenience wants to protect laptop hard drives
against loss or data theft. Which of the following would be the MOST acceptable?
SED
Self-Encrypting Devices
A security analyst receives a SIEM alert that someone logged in to the appadmin test account,
which is only used for the early detection of attacks. The security analyst then reviews the
following application log:
Which of the following can the security analyst conclude?
(SIEM) Security Information and Event Management
An injection attack is being conducted against a user authentication system.
An injection flaw is a vulnerability which allows an attacker to relay malicious code through an application to another system
An organization needs to implement more stringent controls over administrator/root credentials
and service accounts. Requirements for the project include:
- Check-in/checkout of credentials
- The ability to use but not know the password
- Automated password changes
- Logging of access to credentials
Which of the following solutions would meet the requirements?
A privileged access management system
The IT department’s on-site developer has been with the team for many years. Each time an
application is released, the security team is able to identify multiple vulnerabilities. Which of the
following would BEST help the team ensure the application is ready to be released to production?
Submit the application to QA before releasing it.
Quality Assurance
Quality assurance teams work to fill the gaps to minimize risks to the end quality of the product or user experience.
A cybersecurity analyst needs to implement secure authentication to third-party websites without
users’ passwords. Which of the following would be the BEST way to achieve this objective?
SAML
Security Assertion Markup Language
is an open federation standard that allows an identity provider (IdP) to authenticate users and then pass an authentication token to another application known as a service provider (SP).
An analyst needs to identify the applications a user was running and the files that were open
before the user’s computer was shut off by holding down the power button. Which of the following
would MOST likely contain that information?
Pagefile
In storage, a pagefile is a reserved portion of a hard disk that is used as an extension of random access memory (RAM) for data in RAM that hasn’t been used recently.
A remote user recently took a two-week vacation abroad and brought along a corporate-owned
laptop. Upon returning to work, the user has been unable to connect the laptop to the VPN.
Which of the following is the MOST likely reason for the user’s inability to connect the laptop to
the VPN?
Due to foreign travel, the user’s laptop was isolated from the network.
