Professor Messer - Security+ SY0-701: Exam A Flashcards
Revision of wrong questions
DMARC?
DMARC (Domain-based Message Authentication Reporting and
Conformance) specifies the disposition of spam emails. The legitimate
owner of the originating email domain can choose to have these messages
accepted, sent to a spam folder, or rejected.
SPF?
SPF (Sender Policy Framework) is a list of all authorized mail servers for
a specific domain. All legitimate emails would be sent from one of the
servers listed in the SPF configuration.
DKIM
DKIM (Domain Keys Identified Mail) provides a way to validate all digitally signed messages from a specific email server. DKIM does not determine how the receiving server categorizes these digitally signed
messages.
A system administrator receives a text alert when access rights are
changed on a database containing private customer information. Which
of the following would describe this alert?
❍ A. Maintenance window
❍ B. Attestation and acknowledgment
❍ C. Automation
❍ D. External audit
Automation ensures that compliance checks can be performed on a regular basis without the need for human intervention. This can be especially useful to provide alerts when a configuration change causes an organization to be out of compliance.
Attestation and acknowledgment
With compliance, the process of attestation and acknowledgment is the
final verification of the formal compliance documentation.
A user connects to a third-party website and receives this message:
Your connection is not private.
NET::ERR_CERT_INVALID
Which of the following attacks would be the MOST likely reason
for this message?
❍ A. Brute force
❍ B. DoS
❍ C. On-path
❍ D. Deauthentication
An on-path attack is often associated with a third-party who is actively intercepting network traffic. This entity in the middle would not be able to provide a valid SSL certificate for a third-party website, and this error
would appear in the browser as a warning.
A company stores some employee information in encrypted form, but
other public details are stored as plaintext. Which of the following would
BEST describe this encryption strategy?
❍ A. Full-disk
❍ B. Record
❍ C. Asymmetric
❍ D. Key escrow
Record-level encryption is commonly used with databases to encrypt
individual columns within the database. This would store some information in the database as plaintext and other information as encrypted data.
Key Escrow
Key escrow describes the storage and management of decryption keys by
a third-party
A company would like to minimize database corruption if power is lost to
a server. Which of the following would be the BEST strategy to follow?
❍ A. Encryption
❍ B. Off-site backups
❍ C. Journaling
❍ D. Replication
Journaling writes data to a temporary journal before writing the information to the database. If power is lost, the system can recover the last transaction from the journal when power is restored.
A security engineer runs a monthly vulnerability scan. The scan doesn’t
list any vulnerabilities for Windows servers, but a significant vulnerability
was announced last week and none of the servers are patched yet. Which
of the following best describes this result?
❍ A. Exploit
❍ B. Compensating controls
❍ C. Zero-day attack
❍ D. False negative
False negative
A false negative is a result that fails to detect an issue when one actually exists.
An IT help desk is using automation to improve the response time for
security events. Which of the following use cases would apply to this
process?
❍ A. Escalation
❍ B. Guard rails
❍ C. Continuous integration
❍ D. Resource provisioning
Automation can recognize security events and escalate a security-related ticket to the incident response team without any additional human
interaction.
What is guard rails?
Guard rails are used by application developers to provide a set of
automated validations to user input and behavior.
Resource provisioning
Resource provisioning can be automated during the on-boarding and
off-boarding process to quickly create or remove rights and permissions.
Resource provisioning is not commonly part of the automation associated
with security event notification.
. Which of the following describes two-factor authentication?
❍ A. A printer uses a password and a PIN
❍ B. The door to a building requires a fingerprint scan
❍ C. An application requires a pseudo-random code
❍ D. A Windows Domain requires a password and smart card
A Windows Domain requires a password and smart card
The multiple factors of authentication for this Windows Domain are a
password (something you know), and a smart card (something you have).
A company is deploying a new application to all employees in the field.
Some of the problems associated with this roll out include:
* The company does not have a way to manage the devices in theA Linux administrator is downloading an updated version of her Linux
distribution. The download site shows a link to the ISO and a SHA256
hash value. Which of these would describe the use of this hash value?
❍ A. Verifies that the file was not corrupted during the file transfer
❍ B. Provides a key for decrypting the ISO after download
❍ C. Authenticates the site as an official ISO distribution site
❍ D. Confirms that the file does not contain any malwarefield
* Team members have many different kinds of mobile devices
* The same device needs to be used for both corporate and private use
Which of the following deployment models would address these
concerns?
❍ A. CYOD
❍ B. SSO
❍ C. COPE
❍ D. BYOD
A COPE (Corporate-owned, Personally Enabled) device would solve the issue of device standardization and would allow the device to be used for both corporate access and personal use.
