Pg 8 Flashcards
Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centralized system?
A. SIEM
B. DLP
C. IDS
D. SNMP
SIEM
A network manager wants to protect the company’s VPN by implementing multifactor authentication that uses:
Something you know -
Something you have -
Something you are -
Which of the following would accomplish the manager’s goal?
A. Domain name, PKI, GeoIP lookup
B. VPN IP address, company ID, facial structure
C. Password, authentication token, thumbprint
D. Company URL, TLS certificate, home address
Password, authentication token, thumbprint
Which of the following would be the best way to handle a critical business application that is running on a legacy server?
A. Segmentation
B. Isolation
C. Hardening
D. Decommissioning
Segmentation
Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?
A. VM escape
B. SQL injection
C. Buffer overflow
D. Race condition
Buffer overflow
After a company was compromised, customers initiated a lawsuit. The company’s attorneys have requested that the security team initiate a legal hold in response to the lawsuit. Which of the following describes the action the security team will most likely be required to take?
A. Retain the emails between the security team and affected customers for 30 days.
B. Retain any communications related to the security breach until further notice.
C. Retain any communications between security members during the breach response.
D. Retain all emails from the company to affected customers for an indefinite period of time.
Retain any communications related to the security breach until further notice.
Which of the following describes the process of concealing code or text inside a graphical image?
A. Symmetric encryption
B. Hashing
C. Data masking
D. Steganography
Steganography
An employee receives a text message from an unknown number claiming to be the company’s Chief Executive Officer and asking the employee to purchase several gift cards. Which of the following types of attacks does this describe?
A. Vishing
B. Smishing
C. Pretexting
D. Phishing
Smishing
Which of the following risk management strategies should an enterprise adopt first if a legacy application is critical to business operations and there are preventative controls that are not yet implemented?
A. Mitigate
B. Accept
C. Transfer
D. Avoid
Mitigate
Visitors to a secured facility are required to check in with a photo ID and enter the facility through an access control vestibule. Which of the following best describes this form of security control?
A. Physical
B. Managerial
C. Technical
D. Operational
Physical
The local administrator account for a company’s VPN appliance was unexpectedly used to log in to the remote management interface. Which of the following would have most likely prevented this from happening?
A. Using least privilege
B. Changing the default password
C. Assigning individual user IDs
D. Reviewing logs more frequently
Changing the default password
Which of the following is the best way to secure an on-site data center against intrusion from an insider?
A. Bollards
B. Access badge
C. Motion sensor
D. Video surveillance
Access badge
An engineer moved to another team and is unable to access the new team’s shared folders while still being able to access the shared folders from the former team. After opening a ticket, the engineer discovers that the account was never moved to the new group. Which of the following access controls is most likely causing the lack of access?
A. Role-based
B. Discretionary
C. Time of day
D. Least privilege
Role-based
Which of the following factors are the most important to address when formulating a training curriculum plan for a security awareness program? (Choose two.)
A. Channels by which the organization communicates with customers
B. The reporting mechanisms for ethics violations
C. Threat vectors based on the industry in which the organization operates
D. Secure software development training for all personnel
E. Cadence and duration of training events
F. Retraining requirements for individuals who fail phishing simulations
Cadence and duration of training events
Threat vectors based on the industry in which the organization operates
A network administrator is working on a project to deploy a load balancer in the company’s cloud environment. Which of the following fundamental security requirements does this project fulfil?
A. Privacy
B. Integrity
C. Confidentiality
D. Availability
Availability
A systems administrator is changing the password policy within an enterprise environment and wants this update implemented on all systems as quickly as possible. Which of the following operating system security measures will the administrator most likely use?
A. Deploying PowerShell scripts
B. Pushing GPO update
C. Enabling PAP
D. Updating EDR profiles
Pushing GPO update
Which of the following would be most useful in determining whether the long-term cost to transfer a risk is less than the impact of the risk?
A. ARO
B. RTO
C. RPO
D. ALE
E. SLE
ALE
In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password. Which of the following best describes this technique?
A. Key stretching
B. Tokenization
C. Data masking
D. Salting
Salting
A technician is deploying a new security camera. Which of the following should the technician do?
A. Configure the correct VLAN.
B. Perform a vulnerability scan.
C. Disable unnecessary ports.
D. Conduct a site survey.
Conduct a site survey.
A company is experiencing a web services outage on the public network. The services are up and available but inaccessible. The network logs show a sudden increase in network traffic that is causing the outage. Which of the following attacks is the organization experiencing?
A. ARP poisoning
B. Brute force
C. Buffer overflow
D. DDoS
DDoS
Which of the following threat actors is the most likely to be motivated by profit?
A. Hacktivist
B. Insider threat
C. Organized crime
D. Shadow IT
Organized crime
