Pg 16

Question 1

A security officer is implementing a security awareness program and has placed security-themed posters around the building and assigned online user training. Which of the following will the security officer most likely implement?

A. Password policy
B. Access badges
C. Phishing campaign
D. Risk assessment

Answer 1

Phishing campaign

Question 2

A malicious update was distributed to a common software platform and disabled services at many organizations. Which of the following best describes this type of vulnerability?

A. DDoS attack
B. Rogue employee
C. Insider threat
D. Supply chain

Answer 2

Supply chain

Question 3

A company web server is initiating outbound traffic to a low-reputation, public IP on non-standard pat. The web server is used to present an unauthenticated page to clients who upload images the company. An analyst notices a suspicious process running on the server hat was not created by the company development team. Which of the following is the most likely explanation for his security incident?

A. A web shell has been deployed to the server through the page.
B. A vulnerability has been exploited to deploy a worm to the server.
C. Malicious insiders are using the server to mine cryptocurrency.
D. Attackers have deployed a rootkit Trojan to the server over an exposed RDP port.

Answer 3

A web shell has been deployed to the server through the page.

Question 4

An organization requests a third-party full-spectrum analysis of its supply chain. Which of the following would the analysis team use to meet this requirement?

A. Vulnerability scanner
B. Penetration test
C. SCAP
D. Illumination tool

Answer 4

Illumination tool

Question 5

A systems administrator deployed a monitoring solution that does not require installation on the endpoints that the solution is monitoring. Which of the following is described in this scenario?

A. Agentless solution
B. Client-based soon
C. Open port
D. File-based solution

Answer 5

Agentless solution

Question 6

A security analyst is reviewing the source code of an application in order to identify misconfigurations and vulnerabilities. Which of the following kinds of analysis best describes this review?

A. Dynamic
B. Static
C. Gap
D. Impact

Answer 6

Static

Question 7

Which of the following agreement types is used to limit external discussions?

A. BPA
B. NDA
C. SLA
D. MSA

Answer 7

NDA

Question 8

A security analyst is evaluating a SaaS application that the human resources department would like to implement. The analyst requests a SOC 2 report from the SaaS vendor. Which of the following processes is the analyst most likely conducting?

A. Internal audit
B. Penetration testing
C. Attestation
D. Due diligence

Answer 8

Due diligence

Question 9

Which of the following is used to conceal credit card information in a database log file?

A. Tokenization
B. Masking
C. Hashing
D. Obfuscation

Answer 9

Masking

Question 10

An organization recently started hosting a new service that customers access through a web portal. A security engineer needs to add to the existing security devices a new solution to protect this new service. Which of the following is the engineer most likely to deploy?

A. Layer 4 firewall
B. NGFW
C. WAF
D. UTM

Answer 10

WAF

Question 11

Which of the following topics would most likely be included within an organization’s SDLC?

A. Service-level agreements
B. Information security policy
C. Penetration testing methodology
D. Branch protection requirements

Answer 11

Branch protection requirements

Question 12

Which of the following control types is AUP an example of?

A. Physical
B. Managerial
C. Technical
D. Operational

Answer 12

Managerial

Question 13

An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use. Each application has a separate log-in, so the security team wants to reduce the number of credentials each employee must maintain. Which of the following is the first step the security team should take?

A. Enable SAML.
B. Create OAuth tokens.
C. Use password vaulting.
D. Select an IdP.

Answer 13

Select an IdP.

Question 14

Which of the following would be the best way to test resiliency in the event of a primary power failure?

A. Parallel processing
B. Tabletop exercise
C. Simulation testing
D. Production failover

Answer 14

Production failover

Question 15

Which of the following would be the most appropriate way to protect data in transit?

A. SHA-256
B. SSL3.0
C. TLS 1.3
D. AES-256

Answer 15

TLS 1.3

Question 16

Which of the following is a common, passive reconnaissance technique employed by penetration testers in the early phases of an engagement?

A. Open-source intelligence
B. Port scanning
C. Pivoting
D. Exploit validation

Answer 16

Open-source intelligence

Question 17

Which of the following threat actors is the most likely to seek financial gain through the use of ransomware attacks?

A. Organized crime
B. Insider threat
C. Nation-state
D. Hacktivists

Answer 17

Organized crime

Question 18

Which of the following would a systems administrator follow when upgrading the firmware of an organization’s router?

A. Software development life cycle
B. Risk tolerance
C. Certificate signing request
D. Maintenance window

Answer 18

Maintenance window