Pg 25 Flashcards
A company is implementing a policy to allow employees to use their personal equipment for work. However, the company wants to ensure that only company-approved applications can be installed. Which of the following addresses this concern?
A. MDM
B. Containerization
C. DLP
D. FIM
MDM
An alert references attacks associated with a zero-day exploit. An analyst places a bastion host in the network to reduce the risk of the exploit. Which of the following types of controls is the analyst implementing?
A. Compensating
B. Detective
C. Operational
D. Physical
Compensating
A penetration test has demonstrated that domain administrator accounts were vulnerable to pass-the-hash attacks. Which of the following would have been the best strategy to prevent the threat actor from using domain administrator accounts?
A. Audit each domain administrator account weekly for password compliance.
B. Implement a privileged access management solution.
C. Create IDS policies to monitor domain controller access.
D. Use Group Policy to enforce password expiration.
. Implement a privileged access management solution.
Which of the following is an example of memory injection?
A. Two processes access the same variable, allowing one to cause a privilege escalation.
B. A process receives an unexpected amount of data, which causes malicious code to be executed.
C. Malicious code is copied to the allocated space of an already running process.
D. An executable is overwritten on the disk, and malicious code runs the next time it is executed.
Malicious code is copied to the allocated space of an already running process.
A security administrator is implementing encryption on all hard drives in an organization. Which of the following security concepts is the administrator applying?
A. Integrity
B. Authentication
C. Zero Trust
D. Confidentiality
Confidentiality
An administrator has configured a quarantine subnet for all guest devices that connect to the network. Which of the following would be best for the security team to perform before allowing access to corporate resources?
A. Device fingerprinting
B. Compliance attestation
C. Penetration test
D. Application vulnerability test
Compliance attestation
A customer has a contract with a CSP and wants to identify which controls should be implemented in the IaaS enclave. Which of the following is most likely to contain this information?
A. Statement of work
B. Responsibility matrix
C. Service-level agreement
D. Master service agreement
Responsibility matrix
A Chief Information Security Officer is developing procedures to guide detective and corrective activities associated with common threats, including phishing, social engineering, and business email compromise. Which of the following documents would be most relevant to revise as part of this process?
A. SDLC
B. IRP
C. BCP
D. AUP
IRP
Which of the following testing techniques uses both defensive and offensive testing methodologies with developers to securely build key applications and software?
A. Blue
B. Yellow
C. Red
D. Green
Yellow
An administrator wants to automate an account permissions update for a large number of accounts. Which of the following would best accomplish this task?
A. Security groups
B. Federation
C. User provisioning
D. Vertical scaling
User provisioning
Which of the following is the fastest and most cost-effective way to confirm a third-party supplier’s compliance with security obligations?
A. Attestation report
B. Third-party audit
C. Vulnerability assessment
D. Penetration testing
Attestation report
Various company stakeholders meet to discuss roles and responsibilities in the event of a security breach that would affect offshore offices. Which of the following is this an example of?
A. Tabletop exercise
B. Penetration test
C. Geographic dispersion
D. Incident response
Tabletop exercise
Which of the following is an example of a data protection strategy that uses tokenization?
A. Encrypting databases containing sensitive data
B. Replacing sensitive data with surrogate values
C. Removing sensitive data from production systems
D. Hashing sensitive data in critical systems
Replacing sensitive data with surrogate values
Which of the following is a type of vulnerability that refers to the unauthorized installation of applications on a device through means other than the official application store?
A. Cross-site scripting
B. Buffer overflow
C. Jailbreaking
D. Side loading
Side loading
Which of the following types of identification methods can be performed on a deployed application during runtime?
A. Dynamic analysis
B. Code review
C. Package monitoring
D. Bug bounty
Dynamic analysis
Topic 1
Which of the following cryptographic solutions is used to hide the fact that communication is occurring?
A. Steganography
B. Data masking
C. Tokenization
D. Private key
Steganography
Which of the following steps should be taken before mitigating a vulnerability in a production server?
A. Escalate the issue to the SDLC team.
B. Use the IR plan to evaluate the changes.
C. Perform a risk assessment to classify the vulnerability.
D. Refer to the change management policy.
Refer to the change management policy
A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most likely use?
A. Static
B. Sandbox
C. Network traffic
D. Package monitoring
Static
Which of the following should a company use to provide proof of external network security testing?
A. Business impact analysis
B. Supply chain analysis
C. Vulnerability assessment
D. Third-party attestation
Third-party attestation
A security administrator is addressing an issue with a legacy system that communicates data using an unencrypted protocol to transfer sensitive data to a third party. No software updates that use an encrypted protocol are available, so a compensating control is needed. Which of the following are the most appropriate for the administrator to suggest? (Choose two.)
A. Tokenization
B. Cryptographic downgrade
C. SSH tunneling
D. Segmentation
E. Patch installation
F. Data masking
C. SSH tunneling
D. Segmentation
