Pocket Prep Flashcards by Guadalupe Banuelos

A SaaS company has a product that they are periodically patching, making modifications to, and offering customer support. What phase of the SDLC is their product in?
A Planning
B Training and transition
C Operations and maintenance
D Coding

C Operations and maintenance =Correct Answer

How well did you know this?

Not at all

Perfectly

A company is considering decentralizing its IT infrastructure by moving to a hybrid cloud environment. Which of the following are some unique considerations they need to address when adopting this type of model over other types of cloud models?
A Cloud governance and management
B Resiliency and disaster recovery
C Latency and synchronization
D Data privacy and security

C Latency and synchronization=Correct Answer

How well did you know this?

Not at all

Perfectly

C Latency and synchronization=Correct Answe

How well did you know this?

Not at all

Perfectly

Which vulnerability emerges when a cloud service provider does not properly sanitize disks before provisioning them to new clients?
VM escape
Legacy
Resource reuse
VM sprawl

Resource reuse=Correct Answer

How well did you know this?

Not at all

Perfectly

A mobile device manufacturer is creating new prototypes and wants to ensure that the devices are not taken off-premises. Which method to secure the devices would alert administrators if a device leaves the building?
A Geofencing
B Tokenization
C Obfuscation
D Encryption

A Geofencing=Correct Answer

How well did you know this?

Not at all

Perfectly

Which of the following techniques is difficult to perform effectively since it involves stripping all PII from a user’s record?
A Tokenization
B Anonymization
C Data masking
D Data minimization

B Anonymization=Correct Answer

How well did you know this?

Not at all

Perfectly

You are working remotely at a local coffee shop and go to log in to the wireless network. You are presented with a new web browser window that has just popped open, prompting you to accept an agreement before signing on to the free Wi-Fi.
What technology have you just encountered?
A Captive porta
B Jammer
C Sandbox
D Deauther

A Captive porta=Correct Answer

How well did you know this?

Not at all

Perfectly

Sloan Financial is moving toward a work-from-home model, as these have been shown to increase employee satisfaction. They want to permit their employees access to the network from over the internet in their homes.
Of the following, which is a connection between two or more computers NOT on the same private network?
A Proxy server
B Switch
C VPN
D Firewall

C VPN=Correct Answer

How well did you know this?

Not at all

Perfectly

An organization has recently deployed their comprehensive security plan to provide protection or mitigation for the majority of discovered and documented risks. At this point, the risks that were too difficult to protect and not likely enough to happen were left without much in the way of mitigation.
What is the term given to this risk that still remains?
A Inherent risk
B Transferred risk
C Avoided risk
D Residual risk

D Residual risk=Correct Answer

How well did you know this?

Not at all

Perfectly

Diffie-Hellman (DH) provides a solution for someone who wants to securely exchange encryption keys for primary communications but needs to do it in a way that prevents eavesdroppers from obtaining the key. The process DH uses to prevent the key from being obtained involves creating temporary public and private keys that expire after a set time.
What type of keys are these?
A Ephemeral
B Dynamic
C Static
D Self-destructive

A Ephemeral=Correct Answer

How well did you know this?

Not at all

Perfectly

Which of the following test techniques requires the tester to do the MOST research?
A Partially known environment
B Unknown environment
C Known environment
D Mostly known environment

B Unknown environment=Correct Answer

How well did you know this?

Not at all

Perfectly

An organization is looking to select a preventative control to defend the perimeter of their network. Which type of solution would be MOST effective for this?
A IDS
B Log analyzer
C SIEM
D Firewall

D Firewall=Correct Answer

How well did you know this?

Not at all

Perfectly

An advertising firm wants to use the services of a 3D animation firm to help make commercials. To make arrangements, they need to draft a contract. What department should check the contract to ensure that it is ethical and lawful?

A Legal
B Marketing
C IT
D HR

A Legal

How well did you know this?

Not at all

Perfectly

A company’s web server and mail server are connected to the same switch which is behind a firewall. What type of network are they in?

A Screened subnet

B WAN

C Trusted network

D Air-gapped network

A Screened subnet

How well did you know this?

Not at all

Perfectly

While investigating a security incident, researchers discover that foreign attackers have been using custom attack methods and have been lurking on the infected systems for several months.

What type of category would the incident fall into?

A Script kiddie

B Hacktivist

C nsider threat

D APT

How well did you know this?

Not at all

Perfectly

What is the role of stakeholders in the change management process?

A Holding a vested interest in the outcome of the organization’s processes

B Testing a potential change before it is implemented in production systems

C Analyzing the impact of a change to other systems in the organization

D Taking ownership of a change to ensure its successful completion

A Holding a vested interest in the outcome of the organization’s processes

How well did you know this?

Not at all

Perfectly

Developers pushing out test functions into the production environment have created some unexpected issues. Executives want to isolate the developers so that they have their own custom environment, which does not interfere with the production environment at all.

Which of the following would assist in this situation?

A Compliance audit

B Sandboxing

C Package monitoring

D Patch management

B Sandboxing

How well did you know this?

Not at all

Perfectly

What list is provided by the MITRE Corporation to give security administrators up-to-date information on vulnerabilities?

A TSIG
B TAXII
C CVE
D CVSS

C CVE

How well did you know this?

Not at all

Perfectly

A company has its cybersecurity staff perform a proactive penetration test that actively identifies and exploits vulnerabilities. The testers will be given network diagrams as well as user credentials when performing their test.

What type of penetration testing are they doing?
A Defensive, unknown environment
B Offensive, known environment
C Physical, known environment
D Integrated, unknown environment

B Offensive, known environment

How well did you know this?

Not at all

Perfectly

Items such as wearable technology, home automation, smart TVs, etc. would be considered which of the following?

A SCADA
B ICS
C SoC
D IoT

D IoT

How well did you know this?

Not at all

Perfectly

A company creates healthcare products used in hospitals all over the world. What type of risk appetite would be suitable for them?

A Conservative
B Neutral
C Expansionary
D Aggressive

A Conservative

How well did you know this?

Not at all

Perfectly

The various control types and goals cover different areas of an organization’s security posture, and it is important to be familiar with the control types and the goals they seek to accomplish.

Which of the following control goals is intended to reverse the impact of an incident or problem after it has occurred?

A Detective
B Corrective
C Compensating
D Deterrent

B Corrective

How well did you know this?

Not at all

Perfectly

Which of the following domains will be covered under the certificate for *.example.com?

A test1.example.com
B test1.www.example.com

C test1.example.org
D www.test1.example.com

A test1.example.com

How well did you know this?

Not at all

Perfectly

A company is considering methods to secure data. They want users to only be able to access resources based on their role in the company. What method to secure data addresses this requirement?

A Tokenization

B Obfuscation

C Permission restrictions

D Segmentation

C Permission restrictions

How well did you know this?

Not at all

Perfectly

A junior network administrator is being trained on the configuration of the network components, such as routers and firewalls. He asks how the firewall knows to block or permit traffic and where that information is stored. What does a firewall use to store these rules? A ARP table B ASLR C CAM table D ACL

D ACL

What do cloud service providers offer customers that fulfill the same role as a firewall? A Transit gateways B VPC endpoints C Security groups D Tickets

C Security groups

Which of the following is a responsible disclosure system that incentivizes the community to discover vulnerabilities? A External audit B Passive reconnaissance C Internal audit D Bug bounty system

D Bug bounty system

A security firm wants to ensure that their messages are secure and authentic. They want to provide encryption to these messages through various digital signatures and certificates. Which of the following is a large system of software, policies, and procedures used for digital signatures and certificates? A FDE B TPM C PKI D HSM

C PKI

Which of the following database security solutions conceals sensitive information but makes it available for later use if needed? A Normalization B Tokenization C Hashing D Salting

B Tokenization

A company will be using a third-party contractor to work on its website. They anticipate creating several SOWs over the course of their relationship. Which document should they refer to in each SOW that outlines details such as payment terms and dispute resolution mechanisms? A BPA B MOA C MOU D MSA

D MSA

Which type of authentication factor is being used when a smartphone uses a fingerprint scan for authenticating? A Something you are B Something you have C Something you know D Something you can do

A Something you are

A healthcare company works with vendors to supply IT services. They need to ensure that the vendors adhere to the same strict internal controls that their own company does. What should they obtain from vendors so they can verify that they meet requirements? A Right-to-audit clause B SOW C MOA D Due care

A Right-to-audit clause

There are reports of unusual behavior in some workstations at Acme Inc., and the administrator has begun to investigate. They discover that a type of self-replicating malware has made its way through network shares and the SMB protocol. Which of the following should the administrator report has been discovered? A RAT B Worm C Trojan D Logic bomb

B Worm

An administrator is responding to reports that multiple systems are seemingly targeting their web server and it is currently unavailable. The administrator checks the system and notices that it does not have enough resources to respond to the significant number of requests. Which of the following is this an example of? A Injection B DDoS C Pharming attack D Credential replay

B DDoS

A user has reported that their system suddenly flashed a warning that their files have been locked, and they must send a Bitcoin payment to an address displayed on the screen. What type of malware attack have they suffered? A Trojan B Ransomware C Virus D Spyware

B Ransomware

A user receives a call from an individual claiming to be a manager. They state that they urgently need information in order to close a business deal. The user trusts the caller and provides them with the information, only to learn it was used in an attack just a few days later. What do we call the act of manipulating users into revealing confidential information? A Malware B Social engineering C SQL injection D Brute force attack

B Social engineering

An email appears in a user's inbox indicating that they have won a free tablet; however, it has limited availability, so the user must act soon, or it may be too late. Which of the following phishing principles is this an example of? A Familiarity B Authority C Scarcity D Trust

C Scarcity

What type of attack waits until a specific date or system event and then executes? A Boot sector virus B Spyware C Fileless virus D Logic bomb

D Logic bomb

Which of the following is a common attack used to fraudulently obtain private information through methods such as email? A Brute force B Phishing C Pretexting D DDoS

B Phishing

A user receives a funny cat photo through an email attachment and opens it with their photo editing application. After that, their computer locks up and displays a ransomware message. What threat vector was exploited in this situation? A Removable device B Watering hole C Image-based D SMS-based

C Image-based

Users at Smith Industries are reporting an unusual wireless access point that is showing up on their laptops. A few users have reportedly connected to it and have been receiving warnings while accessing local intranet sites. What is the name for an unauthorized wireless access point that is able to access the network? A Watering hole B Wi-Fi analyzer C Cross-site scripting D Rogue access point

D Rogue access point

A company has suffered a data breach and wants to know if its information is being sold online. Where can they find marketplaces that sell stolen data? A STIX B Dark web C Captive portal D CVE

B Dark web

Some control goals deal with an event after it occurs, but there are a few that work before the event has happened. Controls such as cable locks, hardware locks, and warning signs act to discourage the threat. Which of the following control types would these be examples of? A Deterrent B Corrective C Detective D Compensating

A Deterrent

Customer support receives a call regarding a user's computer that is encountering issues after installing a new application. During intake, the first-level technician notes that various pop-up windows are opening at times, especially when visiting online shopping sites. The pop-ups appear to be showing items similar to the ones being displayed by the user. Which of the following is MOST likely infecting the system? A Keylogger B Bloatware C Rootkit D RAT

B Bloatware

Which of the following types of exercises involves talking through responses to a simulated security incident? A Tabletop B Simulation C Journaling D Failover

A Tabletop

Which of the following is a type of document between a client and service provider that contains specific tasks that need to be completed, along with their deadlines? A SSO B NDA C WO D BPA

C WO

Which of the following is a security concern when using cellular networks? A Disassociation B Bluejacking C SIM card cloning D Evil twin attack

C SIM card cloning

The use of firewalls and endpoint security solutions is an example of which of the following risk management techniques? A Mitigation B Transference C Avoidance D Acceptance

A Mitigation

Which of the following threat vectors is MOST commonly exploited? A Voice call B Email C Supply chain D Removable devices

B Email

Which of the following is used to place the location of a device on a map? A Geography B Geotagging C Geofencing D Geolocation

D Geolocation

Pocket Industries is currently using a preconfigured computing platform for their web application that is providing educational assistance to their customers. The vendor they are working with provides the operating system, updates and patching, and system access, but Pocket Industries has to keep software on the server updated themselves. Which of the following solutions are they likely using? A CaaS B IaaS C PaaS D SaaS

C PaaS

Which of the following consequences of non-compliance is non-tangible? A Reputational damage B Sanctions C Fines D Loss of license

A Reputational damage

An administrator has already installed a host-based DLP suite but is concerned with the possibility that an attacker can insert a live OS drive and boot to an alternative OS to exfiltrate information. Of the following options, what BIOS setting is useful when securing data from theft in this manner? A Disable removable media such as USB B Enable USB devices to wake the system from low-power states C Remove support for legacy USB D Allow USB to charge devices when the system is powered off or in a low-power state

A Disable removable media such as USB

A SysOps manager is looking to determine the measure of a system's reliability to present to the executives. The aim is to probe critical systems for this measure and predict potential outages before they occur. Which of the following figures would the manager use? A RPO B RTO C MTBF D MTTR

C MTBF

An administrator is looking for a security solution for their cloud implementation. They want a device that all traffic is funneled through and prevents users from visiting websites on the internet or in the cloud that could have malware. What type of solution should they use? A API B SWG C CASB D DLP

B SWG

An attacker infiltrates a company's network in order to access sensitive information. Upon finding this sensitive information, they demand a payment from the company, or they will release the data publicly. What motivation does the threat actor have? A Blackmail B Disruption C Political belief D Espionage

A Blackmail

An organization is testing production systems for vulnerabilities that could be exploited by a malicious insider. How should they configure their vulnerability scanner? A Nonintrusive, credentialed B Intrusive, non-credentialed C Nonintrusive, non-credentialed D Intrusive, credentialed

A Nonintrusive, credentialed

What technique adds a hash value to each DNS record so that the data can be verified? A LDAPS B DNSSEC C IPSec D DHCP

B DNSSEC

An organization is suffering from a rash of social engineering attacks that lead to malware infection. The users are being tricked into thinking emails are from other employees telling them there is a new company application and to install it using the attached program. What can an administrator do to help reduce malware incidents resulting from users not recognizing phishing attempts? A Provide reprimands and write-ups with increasing severity B Provide security awareness training C Provide documentation on the latest malware D Have users sign an acceptable use policy

B Provide security awareness training

After making changes to an organization's network topology, what should an administrator do to ensure that there are no future misunderstandings about how the network is laid out? A Updating diagrams B Updating policies C Updating procedures D Version control

A Updating diagrams

Smith Industries' physical security manager is concerned that the open layout of the building enables individuals to bypass the security desk and slip into the building. They want an automated method to ensure that tailgating is no longer possible. What can they use to stop tailgating? A Guards B Fences C Mantrap D Security cameras

C Mantrap

A company wants to give their users the freedom to install any extra applications they feel that they need to be more productive. However, there are a few applications they do not want users to install because they may impact productivity. What type of solution should they implement for this? A Block list B Isolation C Quarantine D Allow list

A Block list

Which factor in modern cryptographic systems is critical for ensuring that encryption will not be compromised through cryptographic attacks? A Obfuscation B Nonrepudiation C Key length D Integrity

C Key length

Which of the following is a widely accepted international public key infrastructure (PKI) standard to verify that a public key is matched to the user, host, or application that is contained within the certificate? A X.700 B X.500 C X.509 D X.25

C X.509

Which of the following is a chip built into a computer that provides secure storage for cryptographic keys? A Password vault B HSM C Password key D TPM

D TPM

An administrator is configuring an access control list and wants connections to be denied by default. In this type of ACL, what part contains the specific traffic that should be permitted? A Explicit allow B Implicit deny C Implicit allow D Explicit deny

A Explicit allow

An executive comes up with a business idea while on their personal, unprotected computer. They type their plan into a document and want to ensure that the document is secure. Which type of encryption will be MOST convenient to use in this situation? A Volume encryption B TDE C FDE D File-level encryption

D File-level encryption

Smith Industries has several sister companies under its umbrella and wants to get a domain name that reflects that. They are reviewing several different forms. They require one that has different URLs for each company but shows that they are owned by Smith Industries. Which of the following would they use? A Subject alternative name B Common name C Wildcard certificate D Self-signed certificate

A Subject alternative name

In a PKI system, what holds a copy of a user's private key in case it is lost or needs to be accessed by authorized third parties, such as with government court orders? A Key escrow B Password manager C Honeytoken D Secure enclave

A Key escrow

A company has many keys and certificates required to secure their systems. They want a centralized solution so they can control and enforce policies on their secrets. What type of solution should they implement? A SASE B TPM C KMS D DLP

C KMS

Which technical implication of a failed change management process can result in a large revenue loss due to a system remaining offline? A Dependencies B Downtime C Application restart D Service restart

B Downtime

Considering that a device or network will inevitably be penetrated, it is best to preemptively secure the sensitive information through encryption. This ensures that even if the passwords are stolen, they are not easily readable. Taken a step further, it is possible to make password hashes resistant to cracking. What is the term given to adding randomization to the hashing process in encrypted passwords? A Data masking B Steganography C Hashing D Salting

D Salting

An administrator is working on resolving a recent case of DNS poisoning that an attacker carried out within the local network. They want to ensure that future DNS updates are coupled with a digital signature in order to provide data integrity and validity. Which of the following could they implement to achieve this? A DNSSEC B Reverse lookups C DHCP D DNS filtering

A DNSSEC

A user is visiting a website using the HTTPS protocol. Which type of certificate are they MOST likely using to verify the authenticity of the website? A DV B Wildcard C EV D SAN

A DV

An online retailer wants their customers to be assured that they are securely communicating with the company's trusted web servers. What type of organization can they contact to help them with this? A ISO B IANA C Directory service D Certificate authority

D Certificate authority

An administrator wants to create a fake network designed to lure in potential hackers. This will allow them to get alerted to an intruder and study the behavior of how they move between systems. What term describes what the administrator is creating? A Honeynet B Honeytoken C Honeypot D Honeyfile

A Honeynet

Which process in change management helps discover unintended consequences before a change is introduced into production? A Backout plan B Test results C Maintenance window D Standard operating procedure

B Test results

Which concept ensures that CAs can be the basis for authenticity and integrity? A Root of trust B Federation C Secure enclave D Public ledger

A Root of trust

Why is ownership important in the change management process? A To ensure that someone is responsible for the project being carried out effectively B To carry out operations to restore a system to its previous state in case there is an issue with the change C To verify that the planned project will meet the business goals of the organization D To analyze all the impacts that a change will have on other systems

A To ensure that someone is responsible for the project being carried out effectively

Smith Industries is using multiple VPN servers and wants to centralize the authentication by switching over to a new Cisco VPN that is TCP-based and interfaces with their Active Directory servers. Which of the following protocols should they use? A Kerberos B RADIUS C OAuth D TACACS+

D TACACS+

A new web application is being developed for Acme Inc.'s customers. The executives are concerned that there might be vulnerabilities in the entry fields and other areas, so they want to perform testing. Which type of testing sends random data to an application to test for vulnerabilities? A Static analysis B Stress testing C Load testing D Fuzz testing

D Fuzz testing

Symmetrical keys rely on the key remaining unknown, which presents difficulty when attempting to communicate securely with another party. If an attacker obtains the key, they can compromise all messages sent with that key. What term is used for the situation in which security ensures that the compromising of one message will not lead to the compromising of another? A PKCS B NTP C PFS D PGP

C PFS

Which of the following deceptive technologies would a passwords.txt file be an example of? A Honeypot B Honeynet C Honeytoken D Honeyfiles

D Honeyfiles

Which type of security control includes policies and procedures that employees should follow? A Compensating B Corrective C Deterrent D Directive

D Directive

A website developer is creating a new site for the Acme organization so that they can process customer invoices with greater ease. The system will have usernames and passwords for the employees. The developer wants to ensure that the passwords would not be vulnerable to cracking if they were stolen from the server by an attacker. Which of the following should they use to increase the difficulty of cracking a password hash? A Token B Rootkit C Salt D Rainbow table

C Salt

Which of the following situations can be addressed by using honeyfiles? A A company wants to have their administrative interface to a system located on a separate network B A company wants to monitor if any system files have changed C A company wants to know when a system is breached D A company wants to block malicious sites based on their domain names

C A company wants to know when a system is breached

A user wants to install a new application on their system to increase their productivity. However, their workstation has a policy that blocks all programs except for a few that it permits. What type of solution is the company using to protect their workstations? A Block list B Isolation C Allow list D Quarantine

C Allow list

Which of the following categories of controls is made up of policies, guidelines, and procedures? A Managerial B Physical C Technical D Operational

A Managerial

Transport encryption is important during transmission of data to retain confidentiality and prevent unauthorized individuals from having access to the information, especially over the internet. What is used for secure web browsing? A PPTP B SNMP C SSL D S/MIME

C SSL

Before authenticating a user, an organization checks the user's location and device to understand the context of the authentication request. What aspect of a zero trust cybersecurity approach is the organization following? A Implicit trust zones B Policy-driven access control C Adaptive identity D Threat scope reduction

C Adaptive identity

An application at Smith Industries is built on older encryption algorithms, and it is taking more time than expected to come up with a replacement. The security engineers want to enhance the security of the encryption without changing the programming much. What technique can they use to turn their weak keys into enhanced, more powerful keys? A Key stretching B Tokenization C Steganography D Data masking

A Key stretching

When a secure hashing algorithm is included with a system that offers non-repudiation, what can be implemented? A Digital signatures B Open public ledgers C Tokenization D Steganography

A Digital signatures

Which type of sensor detects movement by sensing frequency alterations? A Ultrasonic B Microwave C Pressure D Infrared

B Microwave

HR employees need to send personal and sensitive information to an employee for review. The information is regulated for privacy, and the HR resources need to ensure that only the recipient is able to open and view the information after authentication. What can they use to encrypt the message into an unreadable form? A A token B A cipher C An index D A counter

B A cipher

An administrator is analyzing an X.509 certificate. They want to know the authority that assigned the certificate. Which attribute will give them this information? A Issuer B Common name C Serial number D Subject alternative names

A Issuer

What is the role of a policy enforcement point in a zero trust cybersecurity model? A To execute decisions made by the policy engine B To mediate requests by consulting with the policy administrator C To determine if subjects can access a resource based on policies D To limit the attack surface in case there is a security breach

B To mediate requests by consulting with the policy administrator

A security administrator is evaluating the configuration of controls in the organization. They are currently looking at controls that run on the server hardware to ensure encryption is present, controls that periodically scan for viruses, and controls that prevent intrusions. These are all examples of which of the following categories of controls? A Technical controls B Physical controls C Deterministic goals D Administrative controls

A Technical controls

A financial firm has a policy of using only the most current version of operating systems on their servers. However, they have an application that can only be run on a previous version. To address this, they place that system in its own isolated network. What type of security control are they implementing? A Compensating B Detective C Preventative D Corrective

A Compensating

Which of the following categories of security controls includes log monitoring and reviewing user access? A Managerial B Physical C Operational D Technical

C Operational

Which phrase BEST describes a zero trust cybersecurity model? A Never trust, always verify B Moat and castle C Defense-in-depth D Good fences make good neighbors

A Never trust, always verify

Which of the following forms of data protection is MOST commonly used to protect credit card data on receipts, websites, etc.? A Rights management B Masking C Encryption D Tokenization

B Masking

A security testing group is interested in analyzing current threats and trends in the digital landscape. They want to attract and trap potential attackers in order to learn about and counteract hacking attempts. What type of technology should they use for this? A Honeypot B Proxy C Rootkit D Firewall

A Honeypot

Verifying that a sender or object is what they claim to be is the point of authentication. There have been methods specifically designed to verify, or authenticate, individuals in a communication stream so that they can generally trust who they are communicating with or trust that the document is real and not tampered with. What is used to authenticate a document through mathematical computations? A Digital signature B Private keys C Symmetric cryptography D Data masking

A Digital signature

Two users are communicating with each other through email. User 1 encrypts the message with a key made available by the recipient, user 2. The recipient is then able to read the message with their secret key so that only they can see the information. In response, user 2 sends a message back encrypted with the public key of user 1. What type of key algorithm are they using? A Symmetric B Private C Public D Asymmetric

D Asymmetric

A company wants to implement a single security device that will handle deep packet inspection and intrusion prevention. What type of device should they use? A Proxy server B NGFW C WAF D Layer 4 firewall

B NGFW

Which type of sensor detects movement by sensing touches or steps? A Ultrasonic B Microwave C Infrared D Pressure

D Pressure

Which of the following categories of controls is exemplified by using firewalls and encryption? A Managerial B Technical C Physical D Operational

B Technical

Key stretching is a technique used to enhance the security of stored passwords. There are various common key stretching techniques that incorporate different methods to make a password more secure. Which of the following is based on the Blowfish block cipher and salts the password before doing multiple rounds of hashing? A Bcrypt B PBKDF2 C Argon2 D HKDF

A Bcrypt

An auditor is comparing a financial company's security processes to established industry standards. What activity are they involved in? A Impact analysis B Dynamic analysis C Gap analysis D Risk analysis

C Gap analysis

A group of salespeople within an organization routinely travel, and there have been times when laptops were lost during these trips. Management is concerned that data could be stolen from these devices despite being password-protected. They are Windows-based laptops and are ultraportable. What Windows application lets an administrator control whole disk encryption on a system? A Bitdefender B Tripwire C Splunk D BitLocker

D BitLocker

The administrator of an employee database only wants to encrypt the information of senior-level employees. What type of encryption should they use to target this? A Record-level B Database-level C Column-level D Partition-level

A Record-level

Which type of sensor is commonly used for security and relies on heat radiation? A Ultrasonic B Pressure C Infrared D Microwave

C Infrared

An attacker has infiltrated a government agency and intends to exfiltrate information to sell at a profit. In order to hide their tracks, they embed the sensitive information within the bits of normal documents that would be sent to their personal email address. Upon receipt at home, the attacker decrypts the information and provides it to the recipient. Which of the following techniques did they likely use in this scenario? A Steganography B IV attack C Replay D Collision

A Steganography

Which component of the control plane in a zero trust cybersecurity model provides context to user authentication? A Policy-driven access control B Threat scope reduction C Policy administrator D Adaptive identity

D Adaptive identity

An administrator is concerned that users' hashed passwords could be cracked. What technique can they use that adds a random value to plaintext passwords and stores that random value to later authenticate users? A Tokenization B Initializing C Hashing D Salting

D Salting

What is one advantage of asymmetric encryption over symmetric encryption? A Confidentiality B Bulk encryption C Speed D Non-repudiation

D Non-repudiation

An administrator wants to ensure that a file is not tampered with. To do so, they use a function that takes the file as input and creates a unique, repeatable output from it. If the file is subsequently changed, then the function's output would also change from the original. What is this an example of? A Salting B Tokenization C Data masking D Hashing

D Hashing

What is a digitally signed electronic document that binds a public key with a user identity? A Zero-day B Certificate C Keylogger D Blockchain

B Certificate

The owner of Smith Roofing has voiced concern that their workstation users might be able to install any application and potentially introduce malware. There are only a few applications that each user needs in order to fulfill their job duties. What type of solution would meet their requirements and be the easiest to implement? A Content filters B Host-based firewall C Block list D Allow list

D Allow list

Executives are working on new methods to maintain growth in the organization and handle operations in the event of any disasters or disruptions. They want to ensure that vulnerable business processes are identified and mission-essential functions are prioritized. Which of the following would help them accomplish this? A RPO B Penetration test C Vulnerability assessment D BIA

D BIA

What physical control can be added to a building's parking lot and other dark areas to make them feel more secure? A Access badges B Lighting C Bollards D Sensors: ultrasonic

B Lighting

Which encryption algorithm was proposed by the U.S. government in 1977 but is no longer considered secure? A AES B DES C MD5 D SHA

B DES

The chief executive officer at Smith Bank, a new financial startup, has hired you as a security consultant. Looking through surveillance video, you notice that sometimes, people pass through security points by closely following the person in front of them. What type of security control should be put in place to address this? A Sensors: pressure B Sensors: infrared C Access control vestibule D Bollards

C Access control vestibule

An e-commerce site wants to allow users to store their credit card numbers without keeping the actual account numbers in their database. What security solution can they use that allows them to substitute the numbers for the real ones when needed? A Attestation B Tokenization C Hashing D Salting

B Tokenization

Which type of certificate includes all subdomains of a domain? A Self-signed B DV C EV D Wildcard

D Wildcard

Acme Inc. is redeveloping their software structures and wants to harden the security for the cryptographic keys on their credit card processing servers. Of the following, which are physical devices that act as secure cryptoprocessors that can be added to a system? A Hardware security modules B Routers C Host-based intrusion detection systems D Trusted platform modules

A Hardware security modules

The algorithms PBKDF2 and Bcrypt are related to which of the following? A Salting B Key stretching C Ephemeral keys D Perfect forward secrecy

B Key stretching

In a zero trust cybersecurity environment, which term can be used to refer to any entity that initiates data communications? A Vestibules B Subjects C Endpoints D Threat actors

B Subjects

Backups are an example of which of the following types of security controls? A Detective B Corrective C Preventive D Compensating

B Corrective

Which type of encryption targets an entire database? A TDE B Volume encryption C Partition-level encryption D CLE

A TDE

A company has received a request from law enforcement to recover some encrypted data. What should IT staff refer to before retrieving a key from escrow and using it to decrypt a user's data without their knowledge? A Acceptable use policy B Sender Policy Framework C Policy Enforcement Point D Key recovery policy

D Key recovery policy

Which of the following privacy-enhancing technologies involves a lookup table? A Masking B Encryption C Hashing D Tokenization

D Tokenization

An administrator has a dual-boot system with Windows and Linux installed on a single disk. They want to encrypt the entire Linux portion of the disk but do not need Windows to be encrypted. Which encryption level for data at rest should they use in this situation? A Volume B File C Full-disk D Partition

D Partition

Which technology is built into a system to create a secure, isolated environment for executing processes? A TPM B Key management system C Secure Enclave D HSM

C Secure Enclave

Which of the following is recommended for password storage to protect against rainbow table attacks? A Hashing B Salting C Normalization D Tokenization

B Salting

A security administrator is reviewing various controls at Smith Industries to ensure that the organization is adequately protected. They have finished reviewing the hardening of the business systems, the usage of security training and awareness, and the presence of security guards in the appropriate locations. Which of the following control types is being reviewed? A Preventive B Detective C Corrective D Compensating

A Preventive

An administrator wants to be certain that if a company's laptop is lost or stolen, the contents of the hard drive will be encrypted. Which feature can make sure that the entire drive is encrypted? A FDE B UEFI C RAID D DLP

A FDE

An administrator is planning the certificate requirements for a few new websites that will be made available to the public. They want to have the same root domain for several subdomains that divide up the applications. Which of the following would work BEST for their situation? A Self-signed certificate B Wildcard C Root CA certificate D Multiple certificates

B Wildcard

You are working with the security team to implement proper security controls. One of the systems has an operating system that is no longer supported. However, it can't be upgraded to a new operating system due to the antiquated software in use. In order to address this issue, the security team has chosen to simply isolate the system by removing it from the network. Which type of security control is being implemented? A Deterrent B Detective C Corrective D Compensating

D Compensating

Which category of security control is a firewall? A Operational B Administrative C Technical D Managerial

C Technical

A systems administrator is generating a certificate for a developer in the organization. This certificate is not signed by a trusted CA, but it will not be used outside the organization, so that does not present a problem. Which of the following is being used in this situation? A Wildcard certificate B EV certificate C DV certificate D Self-signed certificate

D Self-signed certificate

A company wants to prevent employees from making changes to systems that can have unintended consequences. What is one example of an activity that should be restricted for desktop users? A System restarts B Multi-factor authentication C Application restarts D Unauthorized software installations

D Unauthorized software installations

There are instances in which satisfying security requirements is impractical or too difficult to implement. These instances require special mechanisms that provide some level of security, but they do not give the same level of security as a full-control solution. Which of the following BEST fits this description? A Compensating controls B Preventive controls C Detective controls D Directive controls

A Compensating controls

Which protocol can be used to determine if a certificate has been revoked? A OCSP B LDAP C SNMP D SCAP

A OCSP

A security analyst is performing an audit on the security posture of the organization. They are evaluating various elements such as security awareness training, contingency planning, disaster recovery plans, and risk assessments. Which control type are they auditing? A Technical B Operational C Physical D Managerial

D Managerial

After installing a new security update, a system continually shuts down. When following a change management procedure, what should be implemented to restore the system to its previous state? A Standard operating procedures B Test results C Backout plan D Impact analysis

C Backout planis

A security administrator at Acme Inc. is auditing and, if necessary, implementing various controls around the organization. They have reviewed the encryption, antivirus software, intrusion detection and prevention systems and firewalls, and have audited user permissions. Which of the following control categories is this administrator auditing? A Managerial B Physical C Operational D Technical

D Technical

A trainer is explaining the various cryptographic topics that might be covered in the CompTIA exam. They’re talking about a cipher that always uses a key of 13. For example, to encrypt a message, you count 13 characters past each plaintext letter. To decrypt the message, you trace back 13 characters in the alphabet from the ciphertext. This is an example of which of the following? A Transposition cipher B Enigma machine C Substitution cipher D Polyalphabetic substitution

C Substitution cipher

Which of the following is focused on database efficiency, not security? A Salting B Hashing C Normalization D Tokenization

C Normalization

Smith Consulting is moving to a new headquarters and is concerned about physical security. They want to ensure that guards can have real-time visual access to all entry points into the building, and that this information can be accessed later. What type of security control should they implement for this? A Honeynet B Video surveillance C Lighting D Sensors: infrared

B Video surveillance

Which of the following types of security controls is a security guard monitoring CCTV? A Deterrent B Corrective C Detective D Compensating

C Detective

When a company implements volume-level encryption, what type of data are they encrypting? A Data in transit B Data in use C Data in communication D Data at rest

D Data at rest

A company is performing a periodic risk assessment. Which of the following categories of security controls are they engaged in? A Logical B Operational C Technical D Manageria

D Managerial

Which attribute of a digital certificate allows for specifying additional domains that are protected by the certificate? A SAN B Validity period C Public key D CN

A SAN

A user has just received an email message that has been encrypted with the appropriate portion of their key pair. The user now needs to decrypt the information for consumption. Of the following, which key is used in asymmetrical encryption and is meant to be known only to those who need to decrypt the message? A Derived B Private C Public D One-time

B Private

An older business is deploying credit card processing and a new web store front end. They are investigating the security requirements for the potential web application development. Which of the following algorithms is asymmetrical and often used in e-commerce because it works well with credit card security and TLS/ SSL? A RSA B DES C 3DES D AES

A RSA

A security research company wants to analyze what attackers do when they have compromised a system. To that end, they set up a DNS server with a known vulnerability that can be easily exploited. What type of deception technology are they using? A Fake telemetry B Honeyfile C Honeynet D Honeypot

D Honeypot

A company suspects that sensitive information has been exfiltrated by an insider. To detect suspicious behavior, they set up a database entry disguised as sensitive information, then configure their DLP to alert when that data has been infiltrated. What type of deception technology is the company using? A Honeypot B Honeytoken C ACL D TTP

B Honeytoken

An administrator is working at a growing organization. The owner approaches the administrator with the concern that new employees may not want to follow the rules and could potentially install prohibited applications such as music streaming or file-sharing software. What can the administrator use to specify specific programs that should NOT be installed on workstations? A Block list B Quarantines C URL filtering D Allow list

A Block list

After an incident, an investigator generates a hash from the contents of a hard drive. What purpose does this hash value serve in an investigation? A E-discovery B Data recovery C Secure wipe D Nonrepudiation

D Nonrepudiation

Which of the following statements is ACCURATE about block ciphers? A They encrypt data one byte at a time B They operate on fixed-sized chunks of data C They require synchronization between the sender and receiver D They are ideal for situations that use real-time communication

B They operate on fixed-sized chunks of data

Which of the following is an authentication protocol that uses an encrypted challenge and three-way handshake to send credentials? A MD5 B 802.1x C CHAP D EAP

C CHAP

Which of the following is a symmetric encryption standard that is commonly used with TLS? A RSA B SHA C AES D Elliptic curve

C AES

A root CA uses which type of certificate? A EV B DV C Wildcard D Self-signed

D Self-signed

A company changes to a new software application for processing invoices. However, the company fails to install necessary libraries that the new application needs, which causes systems to crash. Which technical implication of making changes did the company fail to account for? A Legacy applications B Service restarts C Dependencies D Allow lists

C Dependencies

Where does a blockchain store a history of its transactions? A Relational database B Hardware security module C Open public ledger D Digital certificate

C Open public ledger

An administrator wants to encrypt all communications from systems on one network with systems on another network. Which mode of IPSec should be used in this situation? A Transport B Counter C Tunnel D Incognito

C Tunnel

Which of the following is a key stretching algorithm? A Blowfish B PBKDF2 C DES D AES

B PBKDF2

An administrator only wants to encrypt the salary information of each employee in an employee database. What type of encryption should they use to target this? A Database-level encryption B Volume-level encryption C Record-level encryption D Column-level encryption

D Column-level encryption

What technical implication can occur when system changes involve service restarts? A End of support for outdated applications after restart B Lack of backup data if the system does not restart correctly C Additional software automatically added to deny lists after restart D Lapses in security during the restart process

D Lapses in security during the restart process

Data backups are an example of which of the following types of security controls? A Operational B Physical C Managerial D Technical

A Operational

Which of the following use cases is ideal for using a honeytoken? A A company wants to prevent unauthorized users from using their email servers B A company wants to add extra protection to their web application servers C A company wants to actively block attack attempts on their systems D A company wants to be alerted if a malicious attacker is trying to exfiltrate data

D A company wants to be alerted if a malicious attacker is trying to exfiltrate data

Which type of certificate is created and used by a root CA? A EV B Third-party C Self-signed D Wildcard

C Self-signed

Certificates require a neutral third party to act as a trusted entity to establish trust and issue certificates. This element is critical to public key infrastructure (PKI) because they issue the SSL certificates that web browsers use to authenticate content sent from web servers. What is the entity that issues these certificates to users? A RA B SOC C KDC D CA

D CA

Which of the following steps can an organization take to protect management consoles for switches? A Disabling logging and real-time monitoring B Turning off TOTP for authentication C Implementing FDE D Placing management ports on an isolated VLAN

D Placing management ports on an isolated VLAN

Which of the following types of certificates is used as proof that a certificate owner is a legitimate business? A DV B EV C Wildcard D SAN

B EV

Which of the following security solutions is recommended for confirming that a file has not been modified by an attacker? A Tokenization B Hashing C Normalization D Salting

B Hashing

What type of control is a locked door to a server room? A Compensating B Corrective C Directive D Preventive

D Preventive

Which component in a zero trust cybersecurity model notifies policy enforcement points about decisions regarding access to network resources? A Policy administrator B Subject C Policy engine D Data plane

A Policy administrator

A zero trust security model divides logical components into what two types of planes? A Symmetric and asymmetric B In-band and out-of-band C Block and stream D Data and control

D Data and control

Which aspect of zero trust cybersecurity architecture refers to minimizing the impact in case there is a security breach? A Adaptive identity B Policy enforcement point C Policy-driven access control D Threat scope reduction

D Threat scope reduction

Which of the following techniques helps to protect against rainbow table attacks? A Tokenization B Steganography C Hashing D Salting

D Salting

B Compensating

Which of the following is focused on database efficiency, not security? A Tokenization B Normalization C Hashing D Salting

B Normalization

Which type of security control is used to prevent vehicles from entering a certain area? A Bollards B Access control vestibules C Access badges D Video surveillance

A Bollards

Which of the following security solutions is recommended for confirming that a file has not been modified by an attacker? A Tokenization B Normalization C Hashing D Salting

C Hashing

A junior administrator is being briefed on the various components of security within the organization. The technical lead mentions the "three As" of security. What comprises the AAA of computer security? A Authentication, Access, Availability B Authentication, Authorization, Accounting C Availability, Authorization, Accounting D Authentication, Access, Accounting

B Authentication, Authorization, Accounting

Which of the following should they use to increase the difficulty of cracking a password hash? A Rainbow table B Token C Rootkit D Salt

D Salt

Which of the following is sensitive to time differences and is likely the cause of the administrator's recent steps to synchronize them all? A IPv4 B Kerberos C RDP D DNS

B Kerberos

The algorithms PBKDF2 and Bcrypt are related to which of the following? A Salting B Ephemeral keys C Key stretching D Perfect forward secrecy

C Key stretching

D Nonrepudiation

Which of the following categories of security controls includes log monitoring and reviewing user access? A Technical B Managerial C Physical D Operational

D Operational

Which of the following forms of data protection is MOST commonly used to protect credit card data on receipts, websites, etc.? A Masking B Encryption C Rights management D Tokenization

A Masking

Which vulnerability emerges when a cloud service provider does not properly sanitize disks before provisioning them to new clients? VM escape Legacy Resource reuse VM sprawl

Resource reuse

Question 2 / 10 An attacker is carrying out a birthday attack on a weak hash algorithm they discovered on a victim's network in order to decrypt the password. Which of the following does the birthday attack exploit? Hash collision Known plain text Related key Chosen plain text

Hash collision

Which governance structure is responsible for creating and enforcing laws? Government entities Committees Task forces Boards

Government entities

During their orientation, an administrator is introduced to the various departments and instructed as to their roles. One section of the company is divided into two divisions, where one is responsible for accepting and validating bills, and the other is responsible for paying those bills. Which security method uses more than one person to complete a particular task? Separation of duties Job rotation Mandatory vacations Onboarding

Separation of duties

Worm