N2K - Quiz - General Security Concepts

Question 1

When planning physical security, which type of sensor would be appropriate to detect a person’s body heat when the person enters a controlled space such as a server room?

A)Pressure sensor
B)Infrared sensor
C)Microwave sensor
D)Ultrasonic sensor

Answer 1

Infrared Sensor

Question 2

Which technique can tip off an investigator that data files have been altered from a previous version?

A)Salting
B)Sandboxing
C)Hashing
D)Nonce

Answer 2

Hashing

Question 3

You are a cybersecurity advisor for your organization. In a recent audit conducted by an external party, it was found that your organization lacks a process to track and manage assets and their relation to one another.

To remediate the finding, you have been asked to suggest a solution. What should you suggest?

A)Maintain an Excel file for all the IT assets and resources.
B)Implement a change management process
C)Implement a release management process.
D)Implement a configuration management process.

Answer 3

Implement a configuration management process.

Question 4

Which type of deception and disruption technology contains decoy data that the attacker exfiltrates from the system?
A)Honeynet
B)Honeypot
C)Honeyfile
D)Honeytoken

Answer 4

Honeytoken

Question 5

An accounting job role requires separation of duties to reduce the risk of fraud, with tasks spread across two employees. Due to a staffing shortage, you only have one person available to perform all of the tasks. You ask your business’s bank to start sending you weekly statements instead of monthly, and to create an automated email that will alert you if a withdrawal above a certain threshold is made.

Which type or category of control did you implement? Choose the BEST answer.

A)Managerial category
B)Operational category
C)Deterrent type
D)Preventative type
E)Compensating type

Answer 5

Compensating Type

Question 6

Which concepts are associated with the zero-trust data plane? (Select two.)

A)Implicit trust zones
B)Policy administrator
C)Subject/system
D)Policy-driven access control

Answer 6

Implicit trust zones
Subject/System

Question 7

What concept is demonstrated by representing a credit card number as --**-1234?

A)Tokenization
B)Steganography
C)Hashing
D)Data masking

Answer 7

Data Masking

Question 8

Which element is created to ensure that your company is able to resume operation after unplanned downtime in a timely manner?

A)disaster recovery plan
B)business impact analysis (BIA)
C)vulnerability analysis
D)business continuity plan

Answer 8

Disaster Recovery Plan

Question 9

Which of the following encryption tools is also known as a trusted execution environment (TEE)?

A)HSM
B)Key management system
C)TPM
D)Secure enclave

Answer 9

Secure Enclave

Question 10

Which of the following options could be affected during the course of the change management process and should be considered in the impact analysis? (Choose as many as apply.)

A)Restricted activities
B)Stakeholder interests
C)Service restart
D)Allow lists/deny lists
E)Dependencies

Answer 10

Restricted activities
Service restart
Allow lists/deny lists
Dependencies

Question 11

What is a physical barrier that acts as the first line of defense against an intruder?

A)a fence
B)an access control vestibule
C)a turnstile
D)a lock
E)a bollard

Answer 11

A Fence

Question 12

When connecting to a website using SSL/TLS, the client browser uses the root CA’s public key to decrypt the digital signature of each certificate until finally verifying the identity associated with the website’s certificate. Which term or phrase describes this public key infrastructure (PKI) concept?

A)Certificate revocation
B)Certificate chaining
C)Key escrow
D)Key pairing

Answer 12

Certificate Chaining

Question 13

Which of the following encryption levels offers the most granular control?

A)Partition
B)Record
C)Database
D)Volume

Answer 13

Record

Question 14

Management wants you to provide full disk encryption for several of your organization’s computers. You purchase specialized chips that will be plugged into the computers’ motherboards to provide the encryption. Which security protocol, practice, or mechanism does this represent?

A)TPM
B)PAP
C)GPG
D)TwoFish
E)RipeMD

Answer 14

TPM

Question 15

Which concepts are associated with the Zero Trust control plane? (Select two.)

A)Threat scope reduction
B)Implicit trust zones
C)Adaptive identity
D)Policy enforcement point

Answer 15

Threat Scope Reduction
Adaptive Identity

Question 16

Your client operates a 24-hour call center. Several different employees may log in to the same workstation in the course of a week. Machine (computer) certificates are currently used, but they do not provide sufficient security safeguards because more than one employee logs in to each machine. You need to ensure that each employee has their own credentials. What should you implement?

A)Wildcard certificate
B)Domain validation
C)User certificate
D)Self-signed certificate

Answer 16

User Certificate

Question 17

Which of the following security concepts identifies one or more weaknesses in an organization’s security operations when compared against a standard?

A)Threat scope reduction
B)Bollards
C)Gap analysis
D)Risk assessment

Answer 17

Gap Analysis

Question 18

Which of the following describes a recurring period when patches and configuration changes are performed?

A)Maintenance exclusion
B)Escalation
C)Service level objectives
D)Maintenance window

Answer 18

Maintenance Window

Question 19

Which practice helps ensure that users are running the most currently updated application?

A)Updating policies/procedures
B)Updating diagrams
C)Implementing managerial controls
D)Using version control

Answer 19

Using Version Control

Question 20

Which type of controls are an example of a detective control? Choose three.

A)log files
B)closed-circuit television (CCTV)
C)firewalls
D)fences
E)lighting
F)IR sensors

Answer 20

Log Files
CCTV
IR Sensors

Question 21

You have been promoted to security administrator. Recently, management implemented a security policy that states that symmetric cryptography must be used. However, your research indicates the asymmetric cryptography is a better choice for your organization. Which statement is true of symmetric cryptography?

A)Symmetric cryptography is faster than asymmetric cryptography.
B)Symmetric cryptography uses different keys to encrypt and decrypt messages.
C)Symmetric cryptography provides better security compared to asymmetric cryptography.
D)Symmetric cryptography does not require a secure mechanism to properly deliver keys.

Answer 21

Symmetric cryptography is faster than asymmetric cryptography.

Question 22

Which of the following security control types includes acceptable use policies, handbooks, and posted warning signs?

A)Detective controls
B)Compensating controls
C)Directive controls
D)Preventive controls

Answer 22

Directive Controls

Question 23

You are designing an access control system for a new company. The company has asked that you ensure that users are authenticated with a central server. In addition, users should only have access to the files they need to perform their jobs. When implementing access control, what is the appropriate order?

A)identification, authorization, authentication
B)authentication, identification, authorization
C)identification, authentication, authorization
D)authentication, authorization, identification

Answer 23

Identification, Authentication, Authorization

Question 24

Which of the following network architecture concepts consists of a policy engine, a policy administrator, and a policy enforcement point?

A)Secure Access Service Edge
B)Cloud
C)Zero-trust
D)Hybrid

Answer 24

Zero-Trust

Question 25

Which of the following is difficult when used with symmetric key encryption, but much easier with asymmetric key encryption?

A)Key exchange
B)Hardware security module
C)Key length
D)Algorithms

Answer 25

Key Exchange

Question 26

Which of the following is an independent third party which provides validation services to assure that a digital certificate is genuine?

A)Certificate signing request
B)OCSP
C)Root of trust
D)Certificate authority

Answer 26

Certificate authority

Question 27

Company management has discovered that systems administrators have made critical changes to operational policies and procedures without management’s consent or knowledge. To keep this from happening again, which change management component should be implemented?

A)Ownership
B)Approval process
C)Test results
D)Stakeholders

Answer 27

Approval Process

Question 28

You have found that your system for validating keys has a latency period of 24-48 hours. As a result, a key that had been breached was accepted. You want to provide a real-time solution that will reduce this latency period. Which technology should you implement?

A)OCSP
B)OID
C)CSR
D)CRL

Answer 28

OCSP

Question 29

Which of the following are accomplished through identity validation? (Select two.)

A)Authenticating systems
B)Authenticating people
C)Gap analysis
D)Authorization models

Answer 29

Authenticating systems
Authenticating people

Question 30

When implementing a security solution for mobile devices, which two common use cases are of primary concern? (Choose two.)

A)Lower power devices
B)Obfuscation
C)Authentication
D)Non-repudiation
E)Low latency

Answer 30

Lower power devices
Low latency