Pocket Prep 4

Question 1

An organization needs an open source encryption system to enable the signing and encryption of email messages using keys the organization themselves manages. Which of the following meets their requirements?

A. GPG
B. SSH
C. SSL
D. DRM

Answer 1

A. GPG

Explanation:
GNU Privacy Guard is an open source encryption system closely related to Pretty Good Privacy
Both programs were developed to protect electronic communications and enable digital signing and encryption. It is considered more secure than PGP

Question 2

A company wants to implement a solution to credentials management that has a low up front development cost. They decide they will use a system that is portable and can be used across systems controlled by different identities. What type of solution should they implement?

A. IAM
B. Federation
C. SSO
D. MFA

Answer 2

B. Federation

Explanation:
A federation identity system is used for users to access resources across multiple domains. Each member of the federation agrees to a common set of policies and standards

Question 3

Of the following wireless security protocols, which uses the Advanced Encryption Standard to provide superior encryption?

A. WPA
B. WPA2
C. WEP
D. Personal WPA

Answer 3

B. WPA2

Explanation:
WPA2 is an improvement on WPA. WPA2 uses AES rather than TKIP

Question 4

A company needs to determine the annualized loss expectancy of its web servers. What formula should they use to determine this?

A. ALE = EF x ARO
B. ALE = SLE x ARO
C. ALE = AV x EF
D. ALE = SLE x AV

Answer 4

B. ALE = SLE x ARO

Explanation:
The annualized loss expectancy is the risk factor of a threat to happen in one year. This is calculated by determining the Single Loss Expectancy (SLE) times the Annualized Rate of Occurrence

Question 5

IPSec is a suite of protocols. Which of the following protocols provides data integrity and authentication but does not provide data confidentiality?

A. AH
B. ESP
C. ISAKMP
D. IKE

Answer 5

A. AH

Explanation:
Authentication Header (AH) provides data integrity and authentication

Encapsulating security payload (ESP) provides data confidentiality. Internet Security Association and Key Management Protocol (ISAKMP) handles the creation of security association for the session and exchange keys

Question 6

Which protocol supports authentication and encryption and is often used for automation at water companies?

A. Zigbee
B. DNP3
C. Modbus
D. CIP

Answer 6

B. DNP3

Explanation:
The Distributed Network Protocol 3 is used by utilizies, such as electric and water companies. It is wrapped within TCP/IP packets to integrate with modern networking infrastructure

Question 7

What denial of service attack involvers sending a packet with matching source and destination addresses and ports?

A. Land
B. Ping of death
C. SYN Flood
D. Smurf

Answer 7

A. Land

Explanation:
Land attacks send a packet with a source port and address that are the same as the destination

Smurf attacks are a type of DoS attack that involves the attacker sending an ICMP packet that uses the targets address as the source od a broad cast message

Question 8

In a Cisco IOS environment, what are the two actions that can be taken for each subject in an ACL entry?

A. List and execute
B. Read and write
C. Permit and deny
D. Protocol and port

Answer 8

C. Permit and deny

Explanation:
The permit action will allow traffic to pass through the interface while the deny action will block traffic from it

Question 9

When the algorithm breaks down the message into a fixed length units and then processes them with the algorithm formula resulting in ciphertext, this cipher is called what?

A. Elliptical cipher
B. Stream cipher
C. Hybrid cipher
D. Block cipher

Answer 9

D. Block cipher

Explanation:
Block ciphers break down messages into individual blocks and then perform the necessary computation on these blocks to provide the resulting ciphertext. Block ciphers have multiple advantages, such as easier implementation than stream ciphers

Question 10

All of the following are events in the life cycle for certificates except:

A. Certificates are allowed to be renewed before expiration
B. Certificates are issued from a CA
C. Certificates are signed by the requesting entity
D. Certificates are revoked if necessary

Answer 10

C. Certificates are signed by the requesting entity

Explanation:
In Public Key Infrastructure, the certificates are signed by the CA not the requesting entity
The lifecycle includes the certs being issued by the CA, certificates being revoked if needed, and certificates being renewed or expired

Question 11

A software development company wants to take a development approach that is incremental and iterative. They want to produce a prototype and do a risk analysis at each stage. What developmental approach should they take?

A. Agile
B. Waterfall
C. SecDevOps
D. Spiral

Answer 11

D. Spiral

Explanation:
The spiral model has each phase start with a design goal and end with a client review. It can be good for large projects but it is slower than other models

Question 12

In data science and cyber, what is it called when a conclusion is extrapolated from a data set?

A. SOAR
B. Bootstrapping
C. CDN
D. Hypervision

Answer 12

B. Bootstrapping

Explanation:
In data science, bootstrapping refers to the process of extrapolating a conclusion based on a data set. This can be helpful in machine learning algorithms in tools like SOAR to better detect threats and patterns

Question 13

Which of the following statements about asymmetric encryption is false?

A. It is slower than symmetric encryption
B. It provides authentication
C. It provides integrity
D. It requires smaller keys than symmetric encryption

Answer 13

D. It requires smaller keys than symmetric encryption

Explanation:
Asymmetric requires larger keys than symmetric encryption

While symmetric encryption provides confidentiality only, asymmetric encryption provides nonrepudiation, authentication, integrity and confidentiality

Question 14

Which of the following is a standard that is satisfied when a company has taken the level of precaution required to demonstrate they have done what a reasonable and prudent organization would do?

A. Due process
B. Due diligence
C. Due care
D. CIA

Answer 14

C. Due care

Explanation:
The standard of due care referred to the tenet of ensuring an organization has taken at least the minimum steps required to maintain a reasonable level of security for a particular set of circumstances

Question 15

Which of the following situations represents an attacker hacing supply chain access?

A. An attacker uses a prepackaged tool to exploit a vulnerable protocol the company runs
B. An attacker introduces malware into a third party software library a company uses
C. An attacker is a former disgruntled employee that leaves a malicious script on a server
D. An attacker steals proprietary company secrets to sell to a competing company

Answer 15

B. An attacker introduces malware into a third party software library a company uses

Explanation:
A supply chain attack is targeted at a companys input. This can include software libraries from a third party a company uses

Question 16

What IEEE standard defines WiFi 6?

A. 802.11ac
B. 802.11ax
C. 27001
D. 802.1x

Answer 16

B. 802.11ax

Explanation:
IEEE 802.11ax defines the wireless standard commonly known as WiFi 6

802.11ac defines WiFi 5

Question 17

What is an example of a chain issue when troubleshooting certificates?

A. A certificate getting revoked
B. A cryptography key having a weak length
C. A system using a different cipher suite than the other system it is connecting to
D. A subordinate CA being unable to access a root CA

Answer 17

D. A subordinate CA being unable to access a root CA

Explanation:
If a subordinate CA is unable to access a root CA, then it is experiencing a chain issue. It can sometimes occur if a browser uses an embedded cert

Question 18

Which of the following is an approach to data zone creation that focuses on controls on the type of data being protected?

A. Vector oriented
B. Vector enclaves
C. Information centric
D. Protected enclaves

Answer 18

C. Information centric

Explanation:
An information centric approach to data zone creation focuses on placing controls on the data being protected. Examples of controls related to an informaiton centric approach include applications and network controls

Question 19

Which of the following is a symmetric encryption mode of operation?

A. ChaCha
B. 3DES
C. Salsa20
D. GCM

Answer 19

D. GCM

Explanation:
Galois counter mode is a mode of operation for symmetric encryption. The other 3 options are stream and block options for symmetric encryption

Question 20

You are discussing biometric tech with a coworker, and they question how often valid users get rejected from the system when they attempt to identify themselves. Of the following which type of error is the coworker referring to?

A. CER
B. FAR
C. FRR
D. Accuracy

Answer 20

C. FRR

Explanation:
False rejection rate also known as a Type 1 error are false negatives. THey occur when a legit user is rejected by a biometric reader

FAR (False Acceptance Rate) also known as type 2, are false positives

Question 21

You have been tasked with reducing the companys exposure to 0 day attacks. Which of the following will help you achoeve this?

A. Remove unused applications
B. Apply patches to all endpoints today
C. Use an AV that detects malware with file signatures
D. Download and test the zero day patches from your endpoint vendors

Answer 21

A. Remove unused applications
‘
Explanation:
Removing unused applications reduces your overall attack surface and reduces the probability a zero day vulnerability will affect your infrastructure

Question 22

Which of the following is a method that enables implementation of granular application level security policies?

A. Microsegmentation
B. VLAN
C. Jump box
D. Subnet screening

Answer 22

A. Microsegmentation

Explanation:

Question 23

Which of the following is not a form of obfuscation?

A. Tokenization
B. Encryption
C. Anonymization
D. Masking

Answer 23

C. Anonymization

Explanation:
Obfuscation referes to a set of techniques that make data difficult to understand or use. Encryption, tokenization and masking are all examples of obfuscation

Question 24

What advantage does DNSSEC provide?

A. Domain Hijacking Protection
B. DDoS Protection
C. Authentication
D. Confidentiality

Answer 24

C. Authentication

Explanation:
DNSSEC is a form of DNS that makes sure a DNS server is authenticated before transmitting DNS information. The DNS server provides a signature and digitally signs every response

Question 25

Which of the following solutions is used in a SCADA environment to bring processes to a safe state when certain conditions are violated?

A. Safety instrumented system
B. CAN Bus
C. HVAC
D. Common Industrial Protocol

Answer 25

A. Safety instrumented system

Explanation:

Question 26

A system administrator is logged into a system and wants to check which TCP/IP ports are being used on it. Which command should they try for this?

A. netcat
B. ps
C. tcpdump
D. netstat

Answer 26

D. netstat

Explanation:
The netstat command displays details such as incoming and outgoing network connections and routing details. It has numerous options that an admin should become familiar with