Pg 22 Flashcards
An organization wants a third-party vendor to do a penetration test that targets a specific device. The organization has provided basic information about the device. Which of the following best describes this kind of penetration test?
A. Partially known environment
B. Unknown environment
C. Integrated
D. Known environment
Partially known environment
Which of the following should a security team do first before a new web server goes live?
A. Harden the virtual host.
B. Create WAF rules.
C. Enable network intrusion detection.
D. Apply patch management.
Harden the virtual host.
Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?
A. Degaussing
B. Drive shredder
C. Retention platform
D. Wipe tool
Wipe tool
An attacker submits a request containing unexpected characters in an attempt to gain unauthorized access to information within the underlying systems. Which of the following best describes this attack?
A. Side loading
B. Target of evaluation
C. Resource reuse
D. SQL injection
. SQL injection
A security analyst has determined that a security breach would have a financial impact of $15,000 and is expected to occur twice within a three-year period. Which of the following is the ALE for this risk?
A. $7,500
B. $10,000
C. $15,000
D. $30,000
$10,000
A systems administrator discovers a system that is no longer receiving support from the vendor. However, this system and its environment are critical to running the business, cannot be modified, and must stay online. Which of the following risk treatments is the most appropriate in this situation?
A. Reject
B. Accept
C. Transfer
D. Avoid
Accept
A company discovered its data was advertised for sale on the dark web. During the initial investigation, the company determined the data was proprietary data. Which of the following is the next step the company should take?
A. Identify the attacker’s entry methods.
B. Report the breach to the local authorities.
C. Notify the applicable parties of the breach.
D. Implement vulnerability scanning of the company’s systems.
Notify the applicable parties of the breach.
Which of the following would be the best solution to deploy a low-cost standby site that includes hardware and internet access?
A. Recovery site
B. Cold site
C. Hot site
D. Warm site
Warm site
An organization needs to determine how many employees are accessing the building each day in order to configure the proper access controls. Which of the following control types best meets this requirement?
A. Detective
B. Preventive
C. Corrective
D. Directive
Detective
An organization wants to implement a secure solution for remote users. The users handle sensitive PHI on a regular basis and need to access an internally developed corporate application. Which of the following best meet the organization’s security requirements? (Choose two.)
A. Local administrative password
B. Perimeter network
C. Jump server
D. WAF
E. MFA
F. VPN
Jump server
VPN
A security officer is implementing a security awareness program and is placing security-themed posters around the building and is assigning online user training. Which of the following would the security officer most likely implement?
A. Password policy
B. Access badges
C. Phishing campaign
D. Risk assessment
Phishing campaign
A security consultant is working with a client that wants to physically isolate its secure systems. Which of the following best describes this architecture?
A. SDN
B. Air gapped
C. Containerized
D. Highly available
Air gapped
A company is in the process of migrating to cloud-based services. The company’s IT department has limited resources for migration and ongoing support. Which of the following best meets the company’s needs?
A. IPS
B. WAF
C. SASE
D. IAM
SASE
An employee clicks a malicious link in an email that appears to be from the company’s Chief Executive Officer. The employee’s computer is infected with ransomware that encrypts the company’s files. Which of the following is the most effective way for the company to prevent similar incidents in the future?
A. Security awareness training
B. Database encryption
C. Segmentation
D. Reporting suspicious emails
Security awareness training
Which of the following types of vulnerabilities is primarily caused by improper use and management of cryptographic certificates?
A. Misconfiguration
B. Resource reuse
C. Insecure key storage
D. Weak cipher suites
Insecure key storage
Which of the following best describe the benefits of a microservices architecture when compared to a monolithic architecture? (Choose two.)
A. Easier debugging of the system
B. Reduced cost of ownership of the system
C. Improved scalability of the system
D. Increased compartmentalization of the system
E. Stronger authentication of the system
F. Reduced complexity of the system
C. Improved scalability of the system
D. Increased compartmentalization of the system
A user’s workstation becomes unresponsive and displays a ransom note demanding payment to decrypt files. Before the attack, the user opened a resume they received in a message, browsed the company’s website, and installed OS updates. Which of the following is the most likely vector of this attack?
A. Spear-phishing attachment
B. Watering hole
C. Infected website
D. Typosquatting
Spear-phishing attachment
A penetration tester finds an unused Ethernet port during an on-site penetration test. Upon plugging a device into the unused port, the penetration tester notices that the machine is assigned an IP address, allowing the tester to enumerate the local network. Which of the following should an administrator implement in order to prevent this situation from happening in the future?
A. Port security
B. Transport Layer Security
C. Proxy server
D. Security zones
Port security
Which of the following should be used to ensure an attacker is unable to read the contents of a mobile device’s drive if the device is lost?
A. TPM
B. ECC
C. FDE
D. HSM
FDE
