Pg 18 Flashcards
A company installed cameras and added signs to alert visitors that they are being recorded. Which of the following controls did the company implement? (Choose two.)
A. Directive
B. Deterrent
C. Preventive
D. Detective
E. Corrective
F. Technical
Deterrent
Detective
Which of the following is the best way to securely store an encryption key for a data set in a manner that allows multiple entities to access the key when needed?
A. Public key infrastructure
B. Open public ledger
C. Public key encryption
D. Key escrow
Key escrow
For which of the following reasons would a systems administrator leverage a 3DES hash from an installer file that is posted on a vendor’s website?
A. To test the integrity of the file
B. To validate the authenticity of the file
C. To activate the license for the file
D. To calculate the checksum of the file
To test the integrity of the file
A company is redesigning its infrastructure and wants to reduce the number of physical servers in use. Which of the following architectures is best suited for this goal?
A. Isolation
B. Segmentation
C. Virtualization
D. Redundancy
Virtualization
Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?
A. Availability
B. Non-repudiation
C. Integrity
D. Confidentiality
Availability
A security manager created new documentation to use in response to various types of security incidents. Which of the following is the next step the manager should take?
A. Set the maximum data retention policy.
B. Securely store the documents on an air-gapped network.
C. Review the documents’ data classification policy.
D. Conduct a tabletop exercise with the team.
Conduct a tabletop exercise with the team.
After failing an audit twice, an organization has been ordered by a government regulatory agency to pay fines. Which of the following causes this action?
A. Non-compliance
B. Contract violations
C. Government sanctions
D. Rules of engagement
Non-compliance
A company is developing a critical system for the government and storing project information on a fileshare. Which of the following describes how this data will most likely be classified? (Choose two.)
A. Private
B. Confidential
C. Public
D. Operational
E. Urgent
F. Restricted
Confidential
Restricted
Which of the following activities is included in the post-incident review phase?
A. Determining the root cause of the incident
B. Developing steps to mitigate the risks of the incident
C. Validating the accuracy of the evidence collected during the investigation
D. Reestablishing the compromised system’s configuration and settings
Determining the root cause of the incident
Which of the following attacks exploits a potential vulnerability as a result of using weak cryptographic algorithms?
A. Password cracking
B. On-path
C. Digital signing
D. Side-channel
On-path
Which of the following is a preventive physical security control?
A. Video surveillance system
B. Bollards
C. Alarm system
D. Motion sensors
Bollards
Which of the following is most likely to be used as a just-in-time reference document within a security operations center?
A. Change management policy
B. Risk profile
C. Playbook
D. SIEM profile
PlayBook
A security engineer configured a remote access VPN. The remote access VPN allows end users to connect to the network by using an agent that is installed on the endpoint, which establishes an encrypted tunnel. Which of the following protocols did the engineer most likely implement?
A. GRE
B. IPSec
C. SD-WAN
D. EAP
IPSec
Executives at a company are concerned about employees accessing systems and information about sensitive company projects unrelated to the employees’ normal job duties. Which of the following enterprise security capabilities will the security team most likely deploy to detect that activity?
A. UBA
B. EDR
C. NAC
D. DLP
UBA
Several customers want an organization to verify its security controls are operating effectively and have requested an independent opinion. Which of the following is the most efficient way to address these requests?
A. Hire a vendor to perform a penetration test
B. Perform an annual self-assessment.
C. Allow each client the right to audit
D. Provide a third-party attestation report
Provide a third-party attestation report
A university employee logged on to the academic server and attempted to guess the system administrators’ log-in credentials. Which of the following security measures should the university have implemented to detect the employee’s attempts to gain access to the administrators’ accounts?
A. Two-factor authentication
B. Firewall
C. Intrusion prevention system
D. User activity logs
User activity logs
Which of the following consequences would a retail chain most likely face from customers in the event the retailer is non-compliant with PCI DSS?
A. Contractual impacts
B. Sanctions
C. Fines
D. Reputational damage
Reputational damage
An administrator is installing an SSL certificate on a new system. During testing, errors indicate that the certificate is not trusted. The administrator has verified with the issuing CA and has validated the private key. Which of the following should the administrator check for next?
A. If the wildcard certificate is configured
B. If the certificate signing request is valid
C. If the root certificate is installed
D. If the public key is configured
If the root certificate is installed
An employee emailed a new systems administrator a malicious web link and convinced the administrator to change the email server’s password. The employee used this access to remove the mailboxes of key personnel. Which of the following security awareness concepts would help prevent this threat in the future?
A. Recognizing phishing
B. Providing situational awareness training
C. Using password management
D. Reviewing email policies
Recognizing phishing
