Pg 23 Flashcards
Which of the following is the primary reason why false negatives on a vulnerability scan should be a concern?
A. The system has vulnerabilities that are not being detected.
B. The time to remediate vulnerabilities that do not exist is excessive.
C. Vulnerabilities with a lower severity will be prioritized over critical vulnerabilities.
D. The system has vulnerabilities, and a patch has not yet been released.
The system has vulnerabilities that are not being detected.
A company is concerned about theft of client data from decommissioned laptops. Which of the following is the most cost-effective method to decrease this risk?
A. Wiping
B. Recycling
C. Shredding
D. Deletion
Wiping
A company that has a large IT operation is looking to better control, standardize, and lower the time required to build new servers. Which of the following architectures will best achieve the company’s objectives?
A. IoT
B. IaC
C. IaaS
D. ICS
IaC
A government official receives a blank envelope containing photos and a note instructing the official to wire a large sum of money by midnight to prevent the photos from being leaked on the internet. Which of the following best describes the threat actor’s intent?
A. Organized crime
B. Philosophical beliefs
C. Espionage
D. Blackmail
Blackmail
Which of the following is the best security reason for closing service ports that are not needed?
A. To mitigate risks associated with unencrypted traffic
B. To eliminate false positives from a vulnerability scan
C. To reduce a system’s attack surface
D. To improve a system’s resource utilization
To reduce a system’s attack surface
Which of the following would a security administrator use to comply with a secure baseline during a patch update?
A. Information security policy
B. Service-level expectations
C. Standard operating procedure
D. Test result report
Standard operating procedure
A malicious actor conducted a brute-force attack on a company’s web servers and eventually gained access to the company’s customer information database. Which of the following is the most effective way to prevent similar attacks?
A. Regular patching of servers
B. Web application firewalls
C. Multifactor authentication
D. Enabling encryption of customer data
Multifactor authentication
Which of the following options will provide the lowest RTO and RPO for a database?
A. Snapshots
B. On-site backups
C. Journaling
D. Hot site
Hot site
Which of the following is a possible consequence of a VM escape?
A. Malicious instructions can be inserted into memory and give the attacker elevated permissions.
B. An attacker can access the hypervisor and compromise other VMs.
C. Unencrypted data can be read by a user who is in a separate environment.
D. Users can install software that is not on the manufacturer’s approved list.
An attacker can access the hypervisor and compromise other VMs.
A security team at a large, global company needs to reduce the cost of storing data used for performing investigations. Which of the following types of data should have its retention length reduced?
A. Packet capture
B. Endpoint logs
C. OS security logs
D. Vulnerability scan
Packet capture
Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client’s web browser?
A. SQL injection
B. Cross-site scripting
C. Zero-day exploit
D. On-path attack
Cross-site scripting
Due to a cyberattack, a company’s IT systems were not operational for an extended period of time. The company wants to measure how quickly the systems must be restored in order to minimize business disruption. Which of the following would the company most likely use?
A. Recovery point objective
B. Risk appetite
C. Risk tolerance
D. Recovery time objective
E. Mean time between failure
Recovery time objective
Which of the following actors attacking an organization is the most likely to be motivated by personal beliefs?
A. Nation-state
B. Organized crime
C. Hacktivist
D. Insider threat
Hacktivist
Which of the following should a security team use to document persistent vulnerabilities with related recommendations?
A. Audit report
B. Risk register
C. Compliance report
D. Penetration test
Risk register
An organization purchased a critical business application containing sensitive data. The organization would like to ensure that the application is not exploited by common data exfiltration attacks. Which of the following approaches would best help to fulfill this requirement?
A. URL scanning
B. WAF
C. Reverse proxy
D. NAC
WAF
A company wants to improve the availability of its application with a solution that requires minimal effort in the event a server needs to be replaced or added. Which of the following would be the best solution to meet these objectives?
A. Load balancing
B. Fault tolerance
C. Proxy servers
D. Replication
Load balancing
A company is performing a risk assessment on new software the company plans to use. Which of the following should the company assess during this process?
A. Software vulnerabilities
B. Cost-benefit analysis
C. Ongoing monitoring strategies
D. Network infrastructure compatibility
Software vulnerabilities
A malicious actor is trying to access sensitive financial information from a company’s database by intercepting and reusing log-in credentials. Which of the following attacks is the malicious actor attempting?
A. SQL injection
B. On-path
C. Brute-force
D. Password spraying
On-path
A new employee accessed an unauthorized website. An investigation found that the employee violated the company’s rules. Which of the following did the employee violate?
A. MOU
B. AUP
C. NDA
D. MOA
AUP
