Pg 10 Flashcards
An IT manager is increasing the security capabilities of an organization after a data classification initiative determined that sensitive data could be exfiltrated from the environment. Which of the following solutions would mitigate the risk?
A. XDR
B. SPF
C. DLP
D. DMARC
DLP
Which of the following is used to protect a computer from viruses, malware, and Trojans being installed and moving laterally across the network?
A. IDS
B. ACL
C. EDR
D. NAC
EDR
Client files can only be accessed by employees who need to know the information and have specified roles in the company. Which of the following best describes this security concept?
A. Availability
B. Confidentiality
C. Integrity
D. Non-repudiation
Confidentiality
Which of the following describes the category of data that is most impacted when it is lost?
A. Confidential
B. Public
C. Private
D. Critical
Critical
A new employee logs in to the email system for the first time and notices a message from human resources about onboarding. The employee hovers over a few of the links within the email and discovers that the links do not correspond to links associated with the company. Which of the following attack vectors is most likely being used?
A. Business email
B. Social engineering
C. Unsecured network
D. Default credentials
Social engineering
Which of the following describes the understanding between a company and a client about what will be provided and the accepted time needed to provide the company with the resources?
A. SLA
B. MOU
C. MOA
D. BPA
SLA
A company that is located in an area prone to hurricanes is developing a disaster recovery plan and looking at site considerations that allow the company to immediately continue operations. Which of the following is the best type of site for this company?
A. Cold
B. Tertiary
C. Warm
D. Hot
Hot
Which of the following security controls is most likely being used when a critical legacy server is segmented into a private network?
A. Deterrent
B. Corrective
C. Compensating
D. Preventive
Compensating
Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?
A. Compliance reporting
B. GDPR
C. Due diligence
D. Attestation
Due diligence
Which of the following considerations is the most important for an organization to evaluate as it establishes and maintains a data privacy program?
A. Reporting structure for the data privacy officer
B. Request process for data subject access
C. Role as controller or processor
D. Physical location of the company
Role as controller or processor
A security analyst is investigating a workstation that is suspected of outbound communication to a command-and-control server. During the investigation, the analyst discovered that logs on the endpoint were deleted. Which of the following logs would the analyst most likely look at next?
A. IPS
B. Firewall
C. AСL
D. Windows security
Firewall
An IT manager is putting together a documented plan describing how the organization will keep operating in the event of a global incident. Which of the following plans is the IT manager creating?
A. Business continuity
B. Physical security
C. Change management
D. Disaster recovery
Business continuity
A business needs a recovery site but does not require immediate failover. The business also wants to reduce the workload required to recover from an outage. Which of the following recovery sites is the best option?
A. Hot
B. Cold
C. Warm
D. Geographically dispersed
Warm
A security team is setting up a new environment for hosting the organization’s on-premises software application as a cloud-based service. Which of the following should the team ensure is in place in order for the organization to follow security best practices?
A. Virtualization and isolation of resources
B. Network segmentation
C. Data encryption
D. Strong authentication policies
Virtualization and isolation of resources
A manager receives an email that contains a link to receive a refund. After hovering over the link, the manager notices that the domain’s URL points to a suspicious link. Which of the following security practices helped the manager to identify the attack?
A. End user training
B. Policy review
C. URL scanning
D. Plain text email
End user training
A company wants to verify that the software the company is deploying came from the vendor the company purchased the software from. Which of the following is the best way for the company to confirm this information?
A. Validate the code signature.
B. Execute the code in a sandbox.
C. Search the executable for ASCII strings.
D. Generate a hash of the files.
Validate the code signature.
A systems administrator notices that one of the systems critical for processing customer transactions is running an end-of-life operating system. Which of the following techniques would increase enterprise security?
A. Installing HIDS on the system
B. Placing the system in an isolated VLAN
C. Decommissioning the system
D. Encrypting the system’s hard drive
Placing the system in an isolated VLAN
The Chief Information Security Officer (CISO) at a large company would like to gain an understanding of how the company’s security policies compare to the requirements imposed by external regulators. Which of the following should the CISO use?
A. Penetration test
B. Internal audit
C. Attestation
D. External examination
Internal audit
A systems administrator notices that the research and development department is not using the company VPN when accessing various company-related services and systems. Which of the following scenarios describes this activity?
A. Espionage
B. Data exfiltration
C. Nation-state attack
D. Shadow IT
Shadow IT
The marketing department set up its own project management software without telling the appropriate departments. Which of the following describes this scenario?
A. Shadow IT
B. Insider threat
C. Data exfiltration
D. Service disruption
Shadow IT
