Pg 7 Flashcards
A company is required to perform a risk assessment on an annual basis. Which of the following types of risk assessments does this requirement describe?
A. Continuous
B. Ad hoc
C. Recurring
D. One time
Recurring
After a recent ransomware attack on a company’s system, an administrator reviewed the log files. Which of the following control types did the administrator use?
A. Compensating
B. Detective
C. Preventive
D. Corrective
Detective
Which of the following exercises should an organization use to improve its incident response process?
A. Tabletop
B. Replication
C. Failover
D. Recovery
Tabletop
Which of the following best ensures minimal downtime and data loss for organizations with critical computing equipment located in earthquake-prone areas?
A. Generators and UPS
B. Off-site replication
C. Redundant cold sites
D. High availability networking
Off-site replication
A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability quickly?
A. Insurance
B. Patching
C. Segmentation
D. Replacement
Segmentation
After an audit, an administrator discovers all users have access to confidential data on a file server. Which of the following should the administrator use to restrict access to the data quickly?
A. Group Policy
B. Content filtering
C. Data loss prevention
D. Access control lists
Access control lists
A client demands at least 99.99% uptime from a service provider’s hosted security services. Which of the following documents includes the information the service provider should return to the client?
A. MOA
B. SOW
C. MOU
D. SLA
SLA
A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from the vendor?
A. Certification
B. Inventory list
C. Classification
D. Proof of ownership
Certification
A company is planning a disaster recovery site and needs to ensure that a single natural disaster would not result in the complete loss of regulated backup data. Which of the following should the company consider?
A. Geographic dispersion
B. Platform diversity
C. Hot site
D. Load balancing
Geographic dispersion
A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file’s creator. Which of the following actions would most likely give the security analyst the information required?
A. Obtain the file’s SHA-256 hash.
B. Use hexdump on the file’s contents.
C. Check endpoint logs.
D. Query the file’s metadata.
Query the file’s metadata.
Which of the following teams combines both offensive and defensive testing techniques to protect an organization’s critical systems?
A. Red
B. Blue
C. Purple
D. Yellow
Purple
A small business uses kiosks on the sales floor to display product information for customers. A security team discovers the kiosks use end-of-life operating systems. Which of the following is the security team most likely to document as a security implication of the current architecture?
A. Patch availability
B. Product software compatibility
C. Ease of recovery
D. Cost of replacement
Patch availability
Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclosed?
A. A full inventory of all hardware and software
B. Documentation of system classifications
C. A list of system owners and their departments
D. Third-party risk assessment documentation
A full inventory of all hardware and software
Which of the following best practices gives administrators a set period to perform changes to an operational system to ensure availability and minimize business impacts?
A. Impact analysis
B. Scheduled downtime
C. Backout plan
D. Change management boards
Scheduled downtime
A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?
A. Hashing
B. Tokenization
C. Encryption
D. Segmentation
Encryption
A legacy device is being decommissioned and is no longer receiving updates or patches. Which of the following describes this scenario?
A. End of business
B. End of testing
C. End of support
D. End of life
End of support
A bank insists all of its vendors must prevent data loss on stolen laptops. Which of the following strategies is the bank requiring?
A. Encryption at rest
B. Masking
C. Data classification
D. Permission restrictions
Encryption at rest
A company’s end users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk, and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?
A. Concurrent session usage
B. Secure DNS cryptographic downgrade
C. On-path resource consumption
D. Reflected denial of service
Reflected denial of service
A systems administrator wants to prevent users from being able to access data based on their responsibilities. The administrator also wants to apply the required access structure via a simplified format. Which of the following should the administrator apply to the site recovery resource group?
A. RBAC
B. ACL
C. SAML
D. GPO
RBAC
During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, and two special characters. Once the password is created, the company will grant the employee access to other company-owned websites based on the intranet profile. Which of the following access management concepts is the company most likely using to safeguard intranet accounts and grant access to multiple sites based on a user’s intranet account? (Choose two.)
A. Federation
B. Identity proofing
C. Password complexity
D. Default password changes
E. Password manager
F. Open authentication
Federation
Password complexity
