Quiz #5 Flashcards
A penetration tester calls a staff member for her target organization and introduces herself as a member of the IT support team. She asks if the staff member has encountered a problem with their system, then proceeds to ask for details about the individual, claiming she needs to verify that she is talking to the right person. What type of social engineering attack is this?
a. A watering hole attack
b. Pretexting
c. Prepending
d. Shoulder surfing
b. Pretexting
What type of attack is based on entering fake entries into a target network’s domain name server?
a. XSS poisoning
b. ARP poisoning
c. DNS poisoning
d. CSRF poisoning
c. DNS poisoning
What threat hunting concept involves thinking like a malicious actor to help identify indicators of compromise that might otherwise be hidden?
a. Maneuver
b. Intelligence fusion
c. Threat feed analysis
d. Bulletin analysis
a. Maneuver
Postings from Russian agents during the 2016 U.S. presidential campaign to Facebook and Twitter are an example of what type of effort?
a. Asymmetric warfare
b. Impersonation
c. A watering hole attack
d. A social media influence campaign
d. A social media influence campaign
Rick wants to make offline brute-force attacks against his password file very difficult for attackers. Which of the following is not a common technique to make passwords harder to crack?
a. Use of a salt
b. Use of a pepper
c. Encrypting password plain text using symmetric encryption
d. Use of a purpose-built password hashing algorithm
c. Encrypting password plain text using symmetric encryption
Which of the following type of testing uses an automated process of proactively identifying vulnerabilities of the computing systems present on a network?
a. Vulnerability scanning
b. Security audit
c. A known environment test
d. An unknown environment test
a. Vulnerability scanning
Charles wants to put a fire suppression system in place in an area where highly sensitive electronics are in use. What type of fire suppression system is best suited to this type of environment if Charles is concerned about potential harm to first responders or on-site staff?
a. Pre-charge
b. Inert gas
c. Dry pipe
d. Carbon dioxide
b. Inert gas
Naomi wants to secure a real-time operating system (RTOS). Which of the following techniques is best suited to providing RTOS security?
a. Install a host firewall
b. Install antimalware software
c. Disable the web browser
d. Use secure firmware
d. Use secure firmware
Cheryl is responsible for cybersecurity at a mid-sized insurance company. She has decided to use a different vendor for network antimalware than she uses for host antimalware. Is this a recommended action, and why or why not?
a. This is not recommended; you should use a single vendor for a particular security control
b. This is not recommended; this is described as vendor forking
c. This is recommended; this is described as vendor diversity
d. It is neutral. This does not improve or detract from security
c. This is recommended; this is described as vendor diversity
What security advantage do cloud service providers like Amazon, Google, and Microsoft have over local staff and systems for most small to mid-sized organizations?
a. More security staff and budget
b. Better understanding of the organization’s business practices
c. Faster response times
d. None of the above
a. More security staff and budget
Fares is responsible for managing the many virtual machines on his company’s networks. Over the past two years, the company has increased the number of virtual machines significantly. Fares is no longer able to effectively manage the large number of machines. What is the term for this situation?
a. VM overload
b. VM spread
c. VM sprawl
d. VM zombies
c. VM sprawl
Keith wants to identify a subject from camera footage from a train station. What biometric technology is best suited to this type of identification?
a. Vein analysis
b. Gait analysis
c. Voiceprint analysis
d. Fingerprint analysis
b. Gait analysis
Olivia is responsible for web application security for her company’s e-commerce server. She is particularly concerned about XSS and SQL injection. Which technique would be most effective in mitigating these attacks?
a. Code signing
b. The use of stored procedures
c. Proper error handling
d. Proper input validation
d. Proper input validation
Edward is responsible for web application security at a large insurance company. One of the applications that he is particularly concerned about is used by insurance adjusters in the field. He wants to have strong authentication methods to mitigate misuse of the application. What would be his best choice?
a. Authenticate the client with a digital certificate
b. Implement a very strong password policy
c. Secure application communication with Transport Layer Security (TLS)
d. Implement a web application firewall (WAF)
a. Authenticate the client with a digital certificate
Zarmeena has implemented wireless authentication for her network using a passphrase that she distributes to each member of her organization. What type of authentication method has she implemented?
a. Enterprise
b. Open
c. Captive portal
d. PSK
d. PSK
You are selecting an authentication method for your company’s servers. You are looking for a method that periodically reauthenticates clients to prevent session hijacking. Which of the following would be your best choice?
a. SPAP
b. PAP
c. CHAP
d. OAuth
c. CHAP
Henry wants to deploy a web service to his cloud environment for his customers to use. He wants to be able to see what is happening and stop abuse without shutting down the service if customers cause issues. What two things should he implement to allow this?
a. An API gateway and logging
b. API keys and logging via an API gateway
c. An API-centric IPS and an API proxy
d. All of the above
b. API keys and logging via an API gateway
Chris has provided the BitLocker encryption keys for computers in his department to his organization’s security office so that they can decrypt computers in the event of a breach of investigation. What is this concept called?
a. Key escrow
b. A BitLocker Locker
c. Key submission
d. AES jail
a. Key escrow
Cynthia has been asked to build a playbook for the SOAR system that her organization uses. What will she build?
a. An automated incident response process that will be run to support the incident response (IR) team
b. A set of actions that the team will perform to use the SOAR to respond to an incident
c. A trend analysis-driven script that will provide instructions to the IR team
d. A set of rules with actions that will be performed when an event occurs using data collected or provided to the SOAR system
d. A set of rules with actions that will be performed when an event occurs using data collected or provided to the SOAR system
Randy believes that a misconfigured firewall is blocking traffic sent from some systems in his network to his web server. He knows that the traffic should be coming in as HTTPS to his web server, and he wants to check to make sure the traffic is received. What tool can he use to test his theory?
a. Sn1per
b. tracert
c. Wireshark
d. traceroute
c. Wireshark
Which of the following key elements is not typically included in the design of a communication plan?
a. Customer impact
b. Incident severity
c. Cost to the organization
d. Employee impact
c. Cost to the organization
Frank wants to identify where network latency is occurring between his computer and a remote server. Which of the following tools is best suited to identifying both the route used and which systems are responding in a timely manner?
a. ping
b. pathping
c. netcat
d. tracert
b. pathping
Mila gives her team a scenario, and then asks them questions about how they would respond, what issues they expect they might encounter, and how they would handle those issues. What type of exercise has she conducted?
a. A tabletop exercise
b. A walk-through
c. A simulation
d. A drill
a. A tabletop exercise
Which of the following is not a key consideration when considering on-premises versus cloud forensic investigations?
a. Data breach notification laws
b. Regulatory requirements
c. Right-to-audit clauses
d. Provenance
d. Provenance
