Pg 11 Flashcards
Which of the following would best explain why a security analyst is running daily vulnerability scans on all corporate endpoints?
A. To track the status of patching installations
B. To find shadow IT cloud deployments
C. To continuously the monitor hardware inventory
D. To hunt for active attackers in the network
To track the status of patching installations
Which of the following is classified as high availability in a cloud environment?
A. Access broker
B. Cloud HSM
C. WAF
D. Load balancer
Load Balancer
Which of the following security measures is required when using a cloud-based platform for IoT management?
A. Encrypted connection
B. Federated identity
C. Firewall
D. Single sign-on
Encrypted connection
Which of the following threat vectors is most commonly utilized by insider threat actors attempting data exfiltration?
A. Unidentified removable devices
B. Default network device credentials
C. Spear phishing emails
D. Impersonation of business units through typosquatting
Unidentified removable devices
Which of the following methods to secure credit card data is best to use when a requirement is to see only the last four numbers on a credit card?
A. Encryption
B. Hashing
C. Masking
D. Tokenization
Masking
The Chief Information Security Officer (CISO) has determined the company is non-compliant with local data privacy regulations. The CISO needs to justify the budget request for more resources. Which of the following should the CISO present to the board as the direct consequence of non-compliance?
A. Fines
B. Reputational damage
C. Sanctions
D. Contractual implications
Fines
Which of the following alert types is the most likely to be ignored over time?
A. True positive
B. True negative
C. False positive
D. False negative
False positive
A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch jobs locally and does not generate traffic, but the process is now generating outbound traffic over random high ports. Which of the following vulnerabilities has likely been exploited in this software?
A. Memory injection
B. Race condition
C. Side loading
D. SQL injection
Memory injection
An important patch for a critical application has just been released, and a systems administrator is identifying all of the systems requiring the patch. Which of the following must be maintained in order to ensure that all systems requiring the patch are updated?
A. Asset inventory
B. Network enumeration
C. Data certification
D. Procurement process
Asset inventory
Which of the following should a security operations center use to improve its incident response procedure?
A. Playbooks
B. Frameworks
C. Baselines
D. Benchmarks
Playbooks
Which of the following describes an executive team that is meeting in a board room and testing the company’s incident response plan?
A. Continuity of operations
B. Capacity planning
C. Tabletop exercise
D. Parallel processing
Tabletop exercise
A healthcare organization wants to provide a web application that allows individuals to digitally report health emergencies. Which of the following is the most important consideration during development?
A. Scalability
B. Availability
C. Cost
D. Ease of deployment
Availability
Which of the following agreement types defines the time frame in which a vendor needs to respond?
A. SOW
B. SLA
C. MOA
D. MOU
SLA
Which of the following is a feature of a next-generation SIEM system?
A. Virus signatures
B. Automated response actions
C. Security agent deployment
D. Vulnerability scanning
Automated response actions
To improve the security at a data center, a security administrator implements a CCTV system and posts several signs about the possibility of being filmed. Which of the following best describe these types of controls? (Choose two.)
A. Preventive
B. Deterrent
C. Corrective
D. Directive
E. Compensating
F. Detective
Detective
Deterrent
Which of the following examples would be best mitigated by input sanitization?
A.
B. nmap - 10.11.1.130
C. Email message: “Click this link to get your free gift card.”
D. Browser message: “Your connection is not private.”
A
An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards. Which of the following techniques is the attacker using?
A. Smishing
B. Disinformation
C. Impersonating
D. Whaling
Impersonating
After conducting a vulnerability scan, a systems administrator notices that one of the identified vulnerabilities is not present on the systems that were scanned. Which of the following describes this example?
A. False positive
B. False negative
C. True positive
D. True negative
False positive
A recent penetration test identified that an attacker could flood the MAC address table of network switches. Which of the following would best mitigate this type of attack?
A. Load balancer
B. Port security
C. IPS
D. NGFW
Port Security
A user would like to install software and features that are not available with a smartphone’s default software. Which of the following would allow the user to install unauthorized software and enable new features?
A. SQLi
B. Cross-site scripting
C. Jailbreaking
D. Side loading
Jailbreaking
