Quiz E Flashcards
Several employees return to work the day after attending an industry trade show. That same day, the security manager notices several malware alerts coming from each of the employees’ workstations. The security manager investigates but finds no evidence of attack by reviewing network based sources like the perimeter firewall or the NIDS. Which of the following is most likely causing the malware alerts?
A USB flash drive that is trying to run malicious code but is being blocked by the host firewall
Which of the following would cause a CISO the most concern regarding newly installed Internet-accessible 4k surveillance cameras?
The cameras could be compromised if not patched in a timely manner
The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going to the polls. This is an example of:
Influence campaign
A company wants to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the best backup strategy to implement?
Full backups followed by differential backups
A security engineer needs to create a network segment that can be used for servers that require connections from untrusted networks. Which of the following should the engineer implement?
Screened subnet
Which of the following technical controls is best suited for the detection and prevention of buffer overflows on hosts?
EDR
Which of the following environments utilizes dummy data and is most likely to be installed on a system that allows code to be assessed directly and modified easily with each build?
Test
A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output:
Internet address Physical address Type 192.168.1.1 ff-ec-ab-00-aa-78 dynamic 192.168.1.5 ff-00-5e-48-00-fb dynamic 192.168.1.8 00-0c-29-1a-e7-fa dynamic 192.168.1.10 fc-41-5e-48-00-ff dynamic 224.215.54.47 fc-00-5e-48-00-fb static
Which of the following best describes the attack the company is experiencing?
ARP poisoning
A company has decided to move its operations to the cloud. It wants to utilize technology that will prevent users from downloading company applications for personal use, restrict data that is uploaded, and have visibility into which applications are being used across the company. Which of the following solutions will best meet these requirements?
CASB
A recent security assessment revealed that an actor exploited a vulnerable workstation within an organization and has persisted on the network for several months. The organization realizes the need to reassess its security strategy for mitigating risks within the perimeter. Which of the following solutions would best support the organization’s strategy?
EDR
Which of the following terms should be included in a contract to help a company monitor the ongoing security maturity of a new vendor?
A right to audit clause allowing for annual security audits
Which of the following would be most effective to contain a rapidly spreading attack that is affecting a large number of organizations?
DNS sinkhole
Which of the following is an example of risk avoidance?
Not installing new software to prevent compatibility errors
A website developer who is concerned about theft of the company’s user database wants to protect weak passwords from offline brute force attacks. Which of the following would be the best solution?
Use a key stretching technique
A security analyst needs to find real time data on the latest malware and IoCs. which of the following best describes the solution the analyst should pursue?
Threat feeds
Which of the following would an organization use to assign a value to risks based on probability of occurrence and impact?
Risk matrix
A retail company that is launching a new website to showcase the company’s product line and other information for online shoppers registered the following URLs:
www.companysite.com shop.companysite.com about-us.companysite.com contact-us.companysite.com secure-logon.companysite.com
Which of the following should the company use to secure its website if the company is concerned with convenience and cost?
Wildcard certificate
Which of the following should a tech consider when selecting an encryption method for data that needs to remain confidential for a specific length of time?
The encryption algorithm’s longevity
A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the access point to improve security. Which of the following configurations should an analyst enable to improve security? (select two)
RADIUS
EAP-PEAP
A backdoor was detected in the containerized application environment. The investigation detected that a zero day vulnerability was introduced when the latest container image version was downloaded from a public registry. Which of the following is the best solution to prevent this type of incident from occurring again?
Create a dedicated VPC for the containerized environment
