Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SEC + > SEC+ C > Flashcards

SEC+ C Flashcards

1
Q 
Exploitation of a system using widely known credentials and network address that results in DoS is an example of:
improper error handling
default configuration
untrained users
lack of vendor support
A

Default Configurations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q 
Given the following:
(LONG TEXT)
Which of the following concepts of cryptography is shown?
Collision
Salting
Steganography
Stram Cipher
A

Collison

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The website of a bank that an organization does business with is being reported as untrusted by the organization’s web browser. A security analyst has been assigned to investigate. The analyst discovers the bank recently merged with another local bank and combined names. Additionally, the user’s bookmark automatically redirects to the website of the newly named bank. Which of the following is the MOST likely cause of the issue?

  • The company’s web browser is not up to date
  • The website’s certificates still has the old bank’s name
  • The website was created too recently to be trusted
  • The website’s certificated has expired
A

The Website’s certificate still has the old bank’s name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
A system admin wants to enforce the use of HTTPS on a new website. Which of the following should the system admin do NEXT after generating the CSR?
Install the certificates on the server
Provide the public key to the CA
Password protect the public key
Ensure the new key is not on the CRL
A

Install the certificate on the server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q 
A security analyst needs a solution that can execute potential malware in a restricted and isolated environment for analysis. In which of the following technologies is the analyst intersected?
Sandboxing
Staging
DMZ
Honeypot
A

Sandboxing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
A security consultant is analyzing data from a recent compromise. The following data points are documented:-Removal instructions were not available from any major antivirus vendor. Which of the following types of malware is this an example of?
RAT
Ransomware
Backdoor
Keylogger
Worm
A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
A security analysis is investigating a security breach involving the loss of sensitive data. A user passed the information through social media as vacation photos. Which of the following methods was used to encode their data?
Obfuscation
Steganography
Hashing
Elliptic Curve
A

Steganography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A pass-the-hash attack is commonly used to:
Modify DNS records to point to a different domain
Modify the IP address of the targeted computer
Execute java script to capture user credentials
Laterally move across the network

A

Laterally move across the network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
When an initialization vector is added to each encryption cycle, it is using the:
ECB cipher mode
MD5 cipher mode
XOR cipher mode
CBC cipher mode
A

CBC cipher mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is an example of the second A in the AAA model?
The encryption protocol successfully completes the handshake and establishes a connection
The one-time password is keyed in, and the login system grants access
The event log records a successful login with a type code that indicates an interactive login
A domain controller confirms membership in the appropriate group

A

A domain controller confirms membership in the appropriate group

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q 
A company wants to ensure confidential data from storage media is sanitized in such a way that the drive cannot be reused. Which of the following methods should the technician use?
Shredding
Wiping
Low-level formatting
Repartitioning
Overwriting
A

Shredding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q 
A security admin begins assessing a network with software that check for available exploits against a known database, using both credentials and external scripts A report will be compiled and used to confirm patching levels. This is an example of:
Penetration testing
fuzzing
static code analysis
vulnerability scanning
A

Vulnerability scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q 
An attacker has gained control of several systems on the internet and is using them to attack a website, causing it to stop responding to legitimate traffic. Which of the following BEST describes the attack?
MITM
DNS Poisoning
Buffer overflow
DDoS
A

DDoS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q 
When building a hosted datacenter, which of the following is the MOST important consideration for physical security within the datacenter?
Security guards
Cameras
Secure Enclosures
Biometrics
A

Secure Enclosures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A penetration tester was able to connect to a company’s internal network and perform scans and staged attacks for the duration of the testing period without being noticed. The SIEM did not alert the security team to the presence of the penetration tester’s devices on the network. Which of the following would provide the security team with notification in a timely manner?
Implement rogue system detection and sensors
Create a trigger on the IPS and alert the security team when unsuccessful logins occur
Decrease the correlation threshold for alerts on the SEIM
Run a credentialed vulnerability scan

A

Implement rogue system detection and sensors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q 
Which of the following agreement types is a non-contractual agreement between two or more parties and outlines each party's requirements and responsibilities?
BPA
SLA
MOU
ISA
A

MOU

17
Q 
All employees of an organization received an email message from the CEO asking them for an urgent meeting in the main conference room. When the employees assembled, they learned the message received was not actually from the CEO. Which of the following BEST represents what happened?
Spear phishing attack
whaling attack
phishing attack
vishing attack
A

Spear Phishing attack

18
Q 
As a security measure, an org has disabled all external media from accessing the network. Since some use may have data that needs to be transferred to the network, which of the following would BEST assist a sec admin with transferring the data while keeping the internal network secure?
Upload the media in the DMZ
Upload the data in a separate VLAN
Contact the data custodian
Use a standalone scanning system
A

Use a standalone scanning system

19
Q

An organization has written the following policies: Users must request approval for non-standard software installation. Admin will perform all software installations. Software must be installed fro a trusted repository. A recent security audit identified crypto-currency software installed on one user’s machine… Which of the following is the MOST likely cause of this policy violation and the BEST remediation to prevent a reoccurrence?
the user’s machine was infected with malware; implant the orgs incident response
The user installed the software on the machine; implement technical controls to enforce the written policies
The crypto-currency software on the machine; implement technical controls to enforce the written policies
Admin downloaded the software from an untrusted repository; add a policy that requires integrity checking for all software

A

The user installed the software on the machine; implement technical controls to enforce the written policies

20
Q 
A security analyst performs a vulnerability scan on the local network. Several items are flagged on the report as being critical issues. The security analyst researches each of the vulnerabilities and discovers that one of the critical issues on the report was mitigated in a previous scan. Which of the following MOST likely happened?
A patch was removed
A false positive occurred
The tool has a high crossover error rate
A necessary service was not running
A

A false positive occurred

21
Q

After deploying an antivirus solution on some network-isolated industrial computers, the service disk team received a trouble ticket about the following message being displayed on the computers’ screen: Your AV projection has blocked an unknown application while performing suspicious activities. The application was put in quarantine. Which of the following would be the SAFEST next step to address the issue?
Immediately delete the detected file from the quarantine to secure the environment and clear the alert from the antivirus code
Centrally activate a full scan for the entire set of industrial computers, looking for new threats
Check the antivirus vendor’s documentation about the security modules, incompatibilities, and software whitelisting

A

Check the antivirus vendor’s documentation about the security modules, incompatibilities, and software whitelisting

22
Q 
A network engineer needs to allow an orgs users to connect their laptops to wired and wireless networks from multiple locations and facilities, while preventing unauthorized connections to the corporate networks. Which of the following should be implemented to fulfill the engineer's requirements?
Configure VLANs
Install a honeypot
Implement a VPN concentrator
Enable MAC filtering
A

Implement a VPN concentrator

23
Q 
Which of the following helps find current and future gaps in an existing COOP?
Vulnerability assessment
Lessons learned
Tabletop exercise
After-action report
A

Tabletop exercise

24
Q 
The use of a unique attribute inherent to a user as part of an MFA system is BEST described as:
Something you do
Something you have
Something you know
Something you are
A

Something you are

25
Q 
Which of the following involves the use of targeted and highly crafted custom attacks against a population of users who may have access to a particular device or program?
Hoaxing
Spear Phishing 
Vishing
Phishing
A

Spear Phishing

26
Q 
A malicious actor compromises a legitimate website, configuring it to deliver malware to visitors of the website. Which of the following attacks does this describe?
Whaling
Watering hole
Impersonation
Spoofing
A

Watering hole

27
Q 
In the event of a security incident, which of the following should be captured FIRST?
An external hard drive
System Memory
An internal hard drive
Network interface data
A

System Memory

28
Q

Which of the following is MOST likely the security impact of continuing to operate end-of-life systems?
Higher total cost of ownership due to support costs
Denial of service due to patch availability
Lack of vendor support for decommissioning

A

Denial of service due to patch avalability

29
Q

Which of the following is considered passive reconnaissance?
Utilizing WHOIS
Running a port scan
Using OS fingerprinting

A

Utilizing WHOIS

30
Q

Which if the following systems, if compromised, may cause great danger to the integrity of water supplies and their chemical levels?
UAV
SCADA
HVAC

A

SCADA

31
Q

A sec admin recently discovered the AAA server is receiving cleartext credentials from network infrastructure devices. Which of the following should the admin configure encryptions?
PAP
TACACS+ attributes
IPSec

A

IPSec

32
Q

An org prefers to apply account permissions to groups and not individual users, but allows for exceptions that are justified. Some systems require a machine-to-machine data exchange and an associated account to perform this data exchange… Which of the following is the BEST account management practice?
Create a service account and apply the necessary permissions directly to the service account itself
Create a service account group, place the service account in the group, and apply the permission on the group
Create a guest account and restrict the permissions to only the folder with the data

A

Create a service account group, place the service account in the group, and apply the permissions on the group

33
Q

Smart home devices that are always on or connected, such as HVAC system components, introduce SOHO networks to risks because of:
default factory settings and constant communication channels to cloud servers
strong passwords, which are not known by SOHO admin, preventing security patching
Generating factory settings and constant communication channels to cloud servers
loT devices requiring contact Internet access for license landscape

A

Generating factory settings and constant communication channels to cloud servers

34
Q

A system admin just issued the ssh-keygen -t commenced on a Linux terminal. Which of the following BEST describes what the rasa portion of the command represents?
A key generation algorithm
A hashing algorithm
A public key infrastructure type

A

A key generation algorithm

SEC + (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions