Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber Security > Quiz A > Flashcards

Quiz A Flashcards

1
Q

During a trial, a judge determined evidence gathered from a hard drive was not admissible. Which of the following BEST explains this reasoning?

A

The forensic investigator forgot to run a checksum on the disk image after creation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following would most likely be identified by a credentialed scan but would be missed by an uncredentialed scan?

A

Missing patches for 3rd party software on Windows workstations and servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An organization is concerned about intellectual property theft by employees who leave the organization. Which of the following should the organization most likely implement?

A

NDA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

After generating a security report for management, it was recommended to disable all listening unencrypted services.
Given this output from Nmap

PORT STATE
21/tcp filtered
22/tcp open
23/tcp open
443/tcp open

Which of the following should the analyst recommend disabling?

A

23/tcp

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A network manager is concerned that business may be negatively impacted if the firewall in its datacenter goes offline. The manager would like to implement a high availability pair to:

A

remove the single-point of failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

After multiple on premises security solutions were migrated to the cloud, the incident response time increased. The analysts are spending a long time trying to trace information on different cloud consoles and correlating data in different formats. Which of the following can be used to optimize the incident response time?

A

CASB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A security monitoring company offers a service that alerts its customers if their credit cards have been stolen. Which of the following is the MOST likely source of this info?

A

The dark web

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An organization wants seamless authentication to its applications. Which of the following should the organization employ to meet this requirement?

A

SSO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A tech enables FDE on a laptop that will be taken on a business trip. WHich of the following does this process BEST protect?

A

Data at rest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A security admin needs to create a RAID configuration that is focused on high read/write speeds and fault tolerance. Its unlikely that multiple drives will fail simultaneously. Which of the following RAID configurations should the admin use?

A

RAID 5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

An organization’s CISO is creating a position that will be responsible for implementing technical controls to protect data, including ensuring backups are properly maintained. Which of the following roles would MOST likely include these responsibilities?

A

Data custodian

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A security analyst generated a file named host1.pcap and shared it with a team member who is going to use it for further incident analysis. Which of the following tools will the other team member MOST likely use to open this file?

A

Wireshark

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Given the following command outputs: EXHIBIT A:
c:\Users\User1>ipconfig /all
Ethernet Adapter Ether
IPv4 Address 10.0.10.125 Subnet Mask 255.255.255.0 Default Gateway 10.0.10.1 DNS Servers 10.0.10.1
EXHIBIT B:
c:\Users\User1> ping wikipedia.org
Pinging wikipedia.org [10.0.10.150] with 32 bytes of data: Reply from 10.0.10.150: bytes=32 time<1ms TTL=64
EXHIBIT C:
c\Users\User1> nslookup wikipedia.org
Server: JohnsLaptop Address: 10.0.10.150
Non-Authoritative answer: Name: wikipedia.org Address: 10.0.10.150
c:\Users\User1> nslookup wikipedia.org 8.8.8.8 Server: dns.google
Address: 8.8.8.8
Non-Authoritative answer: Name: wikipedia.org Address: 208.80.154.224

Which of the following attacks does this output show?

A

/etc/hosts poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following holds staff accountable for visitors while escorting them?

A

Cameras

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Security analysts are conducting an investigation of an attack that occurred inside the orgs network. An attacker was able to collect network traffic between workstations throughout the network. The analysts review the following logs:

VLAN ADDRESS —————- 1 0007.1e5d.3213
1 002a.7d.44.8801
1 0011.aab4.344d

The layer 2 address table has hundreds of entries similar to the ones shown above. Which of the following attacks has occurred?

A

MAC flooding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The CISO wants to prevent exfiltration of sensitive information from employee cell phones when using public USB power charging stations. Which of the following would be the BEST solution to implement?

A

USB data blocker

17
Q

An information security officer at a Credit Card transaction company is conducting a framework-mapping exercise with the internal controls. The company recently established a new office in Europe. Which of the following should the security officer use to map existing controls? (Select TWO)

A

PCI DSS
GDPR

18
Q

Which of the following policies establishes rules to measure 3rd party work tasks and ensure deliverables are provided within a specific time line?

A

SLA

19
Q

A systems admin is looking for a solution that will help prevent OAuth applications from being leveraged by hackers to trick users into authorizing the use of their corporate credentials. Which of the following BEST describes this solution?

A

CASB

20
Q

Which of the following environments minimizes end user disruption and is MOST likely to be used to assess the impacts of any database migrations or major system changes by using the final version of the code in an operationally representative environment?

A

Staging

21
Q

A security analyst has been tasked by the CISO to:
Develop a secure method of providing centralized management of infrastructure Reduce the need to constantly replace aging end user machines
Provide a consistent user desktop experience

Which of the following BEST meets these requirements?

A

VDI

22
Q

Remote workers in an org use company owned laptops with locally installed applications and stored data. Users can store data on a remote server using an encrypted connection. The org discovered data stored on a laptop had been made available to the public. Which of the following security controls would mitigate the risk of future data disclosures?

A

FDE

23
Q

Which of the following control types would be BEST to use to identify violations and incidents?

A

Detective

24
Q

A company needs to validate its updated incident response plan using a real-world scenario that will test decision points and relevant incident response actions without interrupting daily operations. Which of the following would BEST meet the company’s requirements?

A

Tabletop exercise

25
Q

A user’s PC was recently infected by malware. The user has a legacy printer without vendor support, and the user’s OS is fully patched. The user downloaded a driver package from the internet. No threats were found on the download file, but during file installation, a malicious runtime threat was detected. Which of the following is the MOST likely cause of the infection?

A

The driver had malware installed and was refactored upon download to avoid detection

Cyber Security (5 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions