Quiz C

Question 1

An organization is concerned about intellectual property theft by employees who leave the organization. Which of the following will the organization MOST likely implement?

Answer 1

NDA

Question 2

An organization recently recovered from a data breach. During the root cause analysis, the org determined the source of the breach to be a personal cell phone that had been reported lost. Which of the following solutions should the organiation implement to reduce the likelihood of future data breaches?

Answer 2

MDM

Question 3

A security analyst is reviewing the output of a web server log and notices a particular account is attempting to transfer large amounts of money:

GET http://yourbank.com/transfer.do?acctnum=087646958&amount=50000 HTTP/1.1 GET http://yourbank.com/transfer.do?acctnum=087646958&amount=500000 HTTP/1.1 GET http://yourbank.com/transfer.do?acctnum=087646958&amount=100000 HTTP/1.1 GET http://yourbank.com/transfer.do?acctnum=087646958&amount=5000 HTTP/1.1

What attack is most likely happening?

Answer 3

CSRF

Question 4

Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO)

Answer 4

Included 3rd party libraries
vendors/supply chain

Question 5

An analyst needs to set up a method for securely transferring files between systems. One of the requirements is to authenticate the IP header and the payload. Which of the following services would BEST meet the criteria?

Answer 5

AH

Question 6

An org has hired a red team to simulate attacks on its security posture. Which of the following will the blue team do after detecting the IoC?

Answer 6

Activate runbooks for incident response

Question 7

The security team received a copyright infringement from the IP space of the corporate network. The report provided a precise time stamp for the incident as well as the name of the copyrighted file. The analyst has been tasked with determining the infringing source machine and instructed to implement measures to prevent such incidents from occurring again. Which of the following is MOST capable of accomplishing both tasks?

Answer 7

NGFW

Question 8

An organization relies on 3rd party video conferencing to conduct daily business. Recent security changes now require all remote workers to utilize a VPN to corporate resources. Which of the following would best maintain high-quality video conferencing while minimizing latency when connected to the VPN?

Answer 8

Configuring QoS properly on the VPN accelerators

Question 9

An analyst just discovered an ongoing attack on a host that is on the network. The analyst observes the below taking place:

The computer performance is slow
Ads are appearing from various pop-up windows
OS files are modified
The computer is receiving AV alerts for execution of malicious processes

Which of the following steps should the analyst consider first?

Answer 9

Put the machine in containment

Question 10

A news article states that a popular web browser deployed on all corporate PCs is vulnerable to a zero-day attack. Which of the following MOST concerns the CISO about the info in the news article?

Answer 10

No patches are available for the web browser

Question 11

Admin have allowed employees to have access to their company email from personal computers. However, the admins are concerned that these computers are another attack surface and can result in user accounts being breached. Which of the following actions would provide the MOST secure solution?

Answer 11

Enforce a policy that allows employees to be able to access their emails only while they are connected to the
Internet via VPN

Question 12

A security analyst is evaluating solutions to deploy an additional layer of protection for a web application. The goal is to allow only encrypted communications without relying on network devices. Which of the following can be implemented?

Answer 12

HTTP security header

Question 13

A network analyst is investigating compromised corporate info, the analyst leads to a theory that network traffic was intercepted before being transmitted to the internet. The following output was captured on an internal host:
IPv4 Address - - - - - - - 10.0.0.87 Subnet Mask - - - - - - - - 255.255.255.0 Default Gateway - - - - - - 10.0.0.1
Internet Address 10.10.255.255 10.0.0.1 10.0.0.254 224.0.0.2
Physical Address ff-ff-ff-ff-ff-ff aa-aa-aa-aa-aa-aa aa-aa-aa-aa-aa-aa 01-00-5e-00-00-02
Based on the IoCs, what is the most likely attack being used to compromise the network communication?

Answer 13

ARP poisoning

Question 14

Which of the following describes a maintenance metric that measures the average time required to fix and restore failed equipment?

Answer 14

MTTR

Question 15

An actor tries to persuade someone into providing financial info over the phone in order to gain access to funds. Which of the following types of attacks does this describe?

Answer 15

Vishing

Question 16

A major clothing store recently lost a large amount of proprietary info. The security officer must find a solution to ensure this never happens again> Which of the following is the best technical control to prevent this from reoccurring?

Answer 16

Configure DLP

Question 17

An org wants to implement a biometric system with the highest likelihood that an unauthorized user will be denied access. Which of the following should the org use to compare biometric solutions?

Answer 17

FAR

Question 18

Which of the following provides a calculated value for known vulnerabilities so orgs can prioritize mitigation steps?

Answer 18

CVSS

Question 19

Which of the following would BEST provide a systems admin with the ability to more efficiently identify systems and manage permissions and policies based on location, role, and service level?

Answer 19

Standard naming convention

Question 20

An engineer is setting up a VDI environment directly. Which of the following should the engineer select to meet the requirements?

Answer 20

Thin Clients

Question 21

DDoS attacks are causing an overload on the cluster of cloud servers. A security architect is researching alternatives to make the cloud environment respond to load fluctuation in a cost-effective way. Which of the following options best achieves this?

Answer 21

An orchestration solution that can adjust scalability of cloud assets

Question 22

Which of the following is the most relevant security check to be performed before embedding 3rd party libraries in developed
code?

Answer 22

Read multiple pentesting reports for environments running software that reused the library

Question 23

Which of the following best helps to demonstrate Integrity?

Answer 23

Hashing

Question 24

Which of the following qualifies as 3 factor authentication?

Answer 24

Password, retina scanner, NFC card

Question 25

A website developer who is concerned about the theft of the company’s user database wants to protect weak passwords from offline brute-force attacks. What should the developer implement?

Answer 25

Use a key-stretching technique

Question 26

Which of the following in a forensic investigation should be priorities based on the order of volatility? (Select TWO)

Answer 26

RAM
Cache

Question 27

A recent audit cited a risk involving numerous low criticality vulnerabilities created by a web app using a 3rd party library. The development team say there are still customers using the app even though it is EOL and it would be a substantial burden to update the app for compatibility with more secure libraries. Which of the following would be the most prudent course of action?

Answer 27

Use containerization to segment the app from other apps to eliminate the ris

Question 28

After a WiFi scan of a local office was completed, an unknown wireless signal was identified. Upon investigation, an unknown Raspberry Pi device was found connected to an Ethernet port using a single connection. Which of the following best describes the purpose of this device?

Answer 28

Rogue AP