SecPlusP4

Question 1

How does a DNS amplification attack exploit the DNS resolution process?

Answer 1

By sending spoofed DNS queries to open DNS servers

Question 2

What is one way to mitigate the impact of DNS responses?

Answer 2

Limit the size of DNS responses

Question 3

How can DNS tunneling be used to bypass firewall rules?

Answer 3

Encapsulates non-DNS traffic over port 53

Question 4

What is one way to mitigate domain hijacking?

Answer 4

Monitor and analyze DNS logs for unusual patterns

Question 5

What is a DNS Zone Transfer Attack?

Answer 5

Attempts to obtain an entire DNS zone data copy

Question 6

What can a DNS Zone Transfer Attack expose?

Answer 6

Sensitive information about a domain’s network infrastructure

Question 7

What can a Directory Traversal Attack allow access to?

Answer 7

Commands, files, and directories that may or may not be connected to the web document root directory

Question 8

What character do Windows systems use as the default directory separator?

Answer 8

\

Question 9

What character do Unix-like systems use as the directory separator?

Answer 9

/

Question 10

What can directory traversals be used to do?

Answer 10

Access any file on a system with the right permissions

Question 11

How can attackers hide directory traversal attempts?

Answer 11

Using encoding (%2e%2e%2f represents ../)

Question 12

What is file inclusion vulnerability?

Answer 12

A web application vulnerability that allows an attacker to download or upload files

Question 13

What is remote file inclusion?

Answer 13

Injecting a remote file into a web app or website

Question 14

What is an example of remote file inclusion?

Answer 14

Attacker executing a script with a remote file URL

Question 15

What is local file inclusion?

Answer 15

Adding a file to a web app or website that already exists on the server

Question 16

What is an example of local file inclusion?

Answer 16

Attacker adding a file to the web app with server file URL

Question 17

What do ../ in logs pertain to?

Answer 17

Directory traversals

Question 18

What is a directory traversal attack?

Answer 18

Attacker tries to access files outside the target directory

Question 19

How can input validation help prevent directory traversals and file inclusion attacks?

Answer 19

Verify and sanitize user input to ensure it conforms to expected formats

Question 20

What is arbitrary code execution?

Answer 20

Running an attacker’s code without restrictions

Question 21

What is remote code execution?

Answer 21

Executing code remotely, often over the internet

Question 22

What is privilege escalation?

Answer 22

Gaining higher-level permissions than originally assigned

Question 23

Why is privilege escalation dangerous?

Answer 23

Allows attackers to operate with elevated privileges, such as administrator or root access

Question 24

What is vertical privilege escalation?

Answer 24

Going from normal user to higher privilege (e.g., admin or root)

Question 25

What is horizontal privilege escalation?

Answer 25

Accessing or modifying resources at the same level as the attacker

Question 26

Why is understanding privileges crucial for system security?

Answer 26

Applications inherit the permissions of the user running them

Question 27

What is a rootkit?

Answer 27

Malware that conceals its presence by modifying system files

Question 28

What is Ring Zero?

Answer 28

Highest privilege level for the kernel

Question 29

What are Kernel mode rootkits?

Answer 29

More dangerous due to extensive control

Question 30

What are Rings 1 to 3?

Answer 30

User-level components with decreasing privileges

Question 31

Why are Ring Zero rootkits more dangerous?

Answer 31

Extensive control over the kernel

Question 32

What is a kernel mode rootkit?

Answer 32

Rootkit embedded in the kernel with maximum control

Question 33

What is a user mode rootkit?

Answer 33

Rootkit attached to user-level components with administrator-level privileges

Question 34

What is a replay attack?

Answer 34

Malicious re-broadcasting or delaying of valid data transmissions

Question 35

How is a replay attack different from a session hijack?

Answer 35

In a session hijack, the attacker alters real-time data transmission while in a replay attack, the attacker can decide later whether to retransmit the data

Question 36

Where can replay attacks occur?

Answer 36

Banking, email, online shopping, social media, wireless authentication

Question 37

What is a credential replay attack?

Answer 37

Capturing user’s login credentials and reusing them for unauthorized access

Question 38

How can replay attacks be prevented?

Answer 38

Use session tokens, implement multi-factor authentication, use security protocols like WPA3

Question 39

What is the purpose of a cookie?

Answer 39

To store information about a user when they visit a website

Question 40

Why must cookies be protected?

Answer 40

They contain client information transmitted across the Internet

Question 41

What are session cookies?

Answer 41

Non-persistent, reside in memory, deleted when browser is closed

Question 42

What are persistent cookies?

Answer 42

Stored in browser cache, deleted by user or expiration date

Question 43

What should be done to cookies that store confidential information?

Answer 43

Encrypt them

Question 44

How can session hijacking attacks occur?

Answer 44

Theft or modification of cookies

Question 45

What is a session prediction attack?

Answer 45

Attacker predicts session token to hijack a session

Question 46

What is the requirement for generating a session token?

Answer 46

Non-predictable algorithm and no session information

Question 47

What is cookie poisoning?

Answer 47

Modifying a cookie to exploit web app vulnerabilities

Question 48

What is an on-path attack?

Answer 48

Attacker positions between hosts to intercept communication

Question 49

What are some methods for On-Path Attacks?

Answer 49

ARP Poisoning, DNS Poisoning, Rogue Wireless Access Point, Rogue Hub or Switch

Question 50

What is ARP Poisoning?

Answer 50

Manipulating ARP tables to redirect network traffic

Question 51

What is DNS Poisoning?

Answer 51

Altering DNS responses to reroute traffic

Question 52

What is a Rogue Wireless Access Point?

Answer 52

Creating a fake wireless access point to intercept traffic

Question 53

What is a Rogue Hub or Switch?

Answer 53

Introducing a malicious hub or switch to capture data on a wired network

Question 54

What is a Replay Attack?

Answer 54

Capturing valid data and replaying it immediately or with a delay

Question 55

What is a relay attack?

Answer 55

Attacker becomes part of conversation

Question 56

What is the role of the attacker in a relay attack?

Answer 56

Serves as a proxy to read or modify communication

Question 57

What is one challenge faced by attackers in relay attacks?

Answer 57

Difficulty in intercepting and crafting communication due to encryption

Question 58

What encryption scheme can pose significant challenges for attackers in relay attacks?

Answer 58

TLS 1.3

Question 59

What is SSL stripping?

Answer 59

An attack that tricks the encryption application into presenting an HTTP connection instead of HTTPS

Question 60

What does SSL stripping enable attackers to do?

Answer 60

Capture unencrypted data when the user believes they are using a secure connection

Question 61

What is a downgrade attack?

Answer 61

An attacker forces a client or server to abandon a higher security mode in favor of a lower security mode

Question 62

What is the scope of downgrade attacks?

Answer 62

Downgrade attacks can be used with various encryption and protection methods, including Wi-Fi and VPNs

Question 63

What situations are vulnerable to a downgrade attack?

Answer 63

Any situation where a client agrees to a lower level of security that is still backward compatible

Question 64

What are injection attacks?

Answer 64

Unspecified

Question 65

What is LDAP?

Answer 65

An open application protocol for accessing and maintaining distributed directory information services

Question 66

What is LDAP Injection?

Answer 66

An application attack that targets web-based applications by fabricating LDAP statements

Question 67

How to protect against LDAP injection?

Answer 67

Use input validation and input sanitization

Question 68

What is command injection?

Answer 68

Executing shell commands via a vulnerable web application

Question 69

What is process injection?

Answer 69

Executing arbitrary code in a separate live process

Question 70

What are some methods of process injection?

Answer 70

Injection through DLLs, Thread Execution Hijacking, Process Hollowing, Process Doppel Ganging, Asynchronous Procedure Calls, Portable Executable Injections

Question 71

How can process injection be mitigated?

Answer 71

Endpoint security solutions, Security Kernel Modules, Least Privilege, Indicators of Compromise

Question 72

What are indicators of compromise?

Answer 72

Forensic data that identify potentially malicious activity

Question 73

What does IoC stand for?

Answer 73

Indicators of Compromise

Question 74

What is account lockouts?

Answer 74

Locking an account due to multiple failed login attempts

Question 75

Why is balancing security with usability crucial when implementing account lockout?

Answer 75

To avoid locking legitimate users out

Question 76

What does concurrent session usage refer to?

Answer 76

Multiple active sessions from a single user account

Question 77

What does blocked content involve?

Answer 77

Attempts to access or download content blocked by security protocols

Question 78

What does blocked content suggest?

Answer 78

User trying to access malicious content or an attacker attempting to steal data

Question 79

What are indicators of impossible travel in account logins?

Answer 79

Geographically distant locations and unreasonably short timeframe

Question 80

What can unusual spikes in resource utilization indicate?

Answer 80

Malware infections or DDoS attacks

Question 81

What is resource inaccessibility in relation to security attacks?

Answer 81

Inability to access files, databases, or network services

Question 82

What does out-of-cycle logging indicate?

Answer 82

Attacker trying to hide activities during off-peak hours

Question 83

What does missing logs suggest?

Answer 83

Logs have been deleted to hide attacker activities

Question 84

What are some examples of published articles or documents that attackers can use to publicly disclose their actions?

Answer 84

Social media, hacker forums, newspaper articles, victim’s own website

Question 85

What is the purpose of hardening in security?

Answer 85

Strengthen overall security posture and resilience against cyberattacks

Question 86

What are some measures of hardening?

Answer 86

Apply security patches, configure access controls, disable unnecessary services

Question 87

What are default configurations in security?

Answer 87

System or application settings that are pre-set by the vendor

Question 88

What is the purpose of restricting applications in security?

Answer 88

Prevent unauthorized or malicious software from running

Question 89

What is a method to identify unnecessary services?

Answer 89

System audit or vulnerability scanning

Question 90

What are the risks and consequences of running unnecessary services?

Answer 90

Increased attack surface

Question 91

How can disabling unnecessary services reduce the attack surface?

Answer 91

By reducing potential entry points for attackers

Question 92

What are trusted operating systems?

Answer 92

Operating systems with rigorous security evaluations and certifications

Question 93

What is the role of Group Policies in Windows environments?

Answer 93

Central management and control of user and computer settings

Question 94

What is SELinux?

Answer 94

Security-Enhanced Linux, implementing mandatory access controls for enhanced security

Question 95

What are the different levels of data encryption?

Answer 95

Full-disk, Partition, File, Volume, Database, Record Level Encryption

Question 96

What is the purpose of secure baselines?

Answer 96

Establishing a secure starting point for minimizing security risks

Question 97

Why should default passwords be changed?

Answer 97

To ensure security

Question 98

How often should passwords be rotated?

Answer 98

Every 90 days

Question 99

What should be used to manage passwords?

Answer 99

Password manager

Question 100

What should be done with unneeded ports?

Answer 100

Close them

Question 101

What should be done with enabled ports and protocols?

Answer 101

Audit them

Question 102

What should be used instead of insecure protocols?

Answer 102

Secure versions

Question 103

What should be done with extra open ports?

Answer 103

Close the insecure ones

Question 104

What can be done to restrict applications?

Answer 104

Implement application restrictions

Question 105

What is the goal of least functionality?

Answer 105

To provide only the necessary applications and services

Question 106

Why should unneeded applications be restricted or uninstalled?

Answer 106

To reduce vulnerabilities

Question 107

Why is keeping software up-to-date important for security?

Answer 107

To ensure the latest security patches and fixes are applied

Question 108

What is the challenge with managing software in large networks?

Answer 108

Controlling excessive installations

Question 109

What are secure baseline images used for?

Answer 109

To install new computers

Question 110

What does a secure baseline image include?

Answer 110

OS, minimum required applications, and strict configurations

Question 111

How should secure baseline images be updated?

Answer 111

Based on evolving business needs

Question 112

Why is preventing unauthorized software installation important?

Answer 112

It poses security risks

Question 113

What are application allowlisting and blocklisting used for?

Answer 113

To control which applications can run on a workstation

Question 114

How does application allowlisting work?

Answer 114

Only approved applications are allowed to run

Question 115

What happens to applications not on the approved list in application allowlisting?

Answer 115

They are blocked from running

Question 116

What is a Trusted Operating System (TOS)?

Answer 116

Operating system that enforces stringent security policies

Question 117

What is Evaluation Assurance Level (EAL)?

Answer 117

Security standard for assessing security controls in an OS

Question 118

What is the highest level of assurance?

Answer 118

EAL 7

Question 119

What is mandatory access control?

Answer 119

Access permissions determined by system administrators and enforced by operating system

Question 120

What is security auditing?

Answer 120

Process of monitoring and analyzing computer systems to ensure they are operating securely

Question 121

What is role-based access control?

Answer 121

Access permissions determined by roles assigned to users

Question 122

What is an example of a trusted operating system?

Answer 122

SELinux

Question 123

What does Trusted Solaris offer?

Answer 123

Secure multi-level operations with MAC and detailed system audits

Question 124

How does Trusted OS enhance security?

Answer 124

By using microkernels and minimizing the trusted base

Question 125

What should be considered when choosing an operating system?

Answer 125

Balancing security with usability, performance, and functional requirements

Question 126

What are the two methods of patch management?

Answer 126

Manual and Automated

Question 127

What is a hotfix?

Answer 127

A software patch that solves a security issue and should be applied immediately

Question 128

What is an update?

Answer 128

Provides additional functionality but doesn’t usually patch security issues

Question 129

What is a service pack?

Answer 129

Includes all hotfixes and updates since the release of the operating system

Question 130

What are the risks of updates?

Answer 130

They can introduce new vulnerabilities

Question 131

What does effective patch management involve?

Answer 131

Assigning a dedicated team to track vendor security patches

Question 132

What is the importance of establishing automated system-wide patching for OS and applications?

Answer 132

1

Question 133

How can cloud resources be included in patch management?

Answer 133

2

Question 134

What are the categories for prioritizing patches?

Answer 134

2

Question 135

Why is it important to create a test environment for critical patches before production deployment?

Answer 135

1

Question 136

What is the purpose of maintaining comprehensive patching logs?

Answer 136

3

Question 137

How can firmware updates be evaluated, tested, and deployed?

Answer 137

2

Question 138

How can urgent patches be deployed to production?

Answer 138

2

Question 139

What should be done periodically with non-critical patches?

Answer 139

2

Question 140

What is patch management?

Answer 140

Planning, testing, implementing, and auditing of software patches

Question 141

Why is patch management important?

Answer 141

Important for compliance

Question 142

What are the four steps in the patch management process?

Answer 142

Planning, Testing, Implementing, Auditing

Question 143

What is the purpose of planning in patch management?

Answer 143

Creating policies, procedures, and systems to track and verify patch compatibility

Question 144

What is the purpose of testing in patch management?

Answer 144

To prevent the patch from causing additional problems

Question 145

How can patch implementation be done?

Answer 145

Manually or automated

Question 146

Why should large organizations use a central update server?

Answer 146

Centralized control

Question 147

How can mobile devices be patched?

Answer 147

Using an MDM

Question 148

What are patch rings?

Answer 148

Implementing patches group by group

Question 149

What is auditing in patch management?

Answer 149

Scanning network and checking for issues

Question 150

Why should firmware versions be monitored and patched?

Answer 150

To maintain security and stability

Question 151

What are group policies?

Answer 151

Rules and policies for users or computers

Question 152

How can you access the Group Policy Editor?

Answer 152

Enter ‘gpedit’ in the run prompt.

Question 153

What is the purpose of the local Group Policy Editor?

Answer 153

To create and manage policies within a Windows environment.

Question 154

What are some examples of rules that can be applied using Group Policies?

Answer 154

Password complexity requirements, account lockout policies, software restrictions, application restrictions.

Question 155

What is a security template?

Answer 155

A group of policies that can be loaded through the Group Policy Editor

Question 156

What is the purpose of a security template in corporate environments?

Answer 156

To create security templates with predefined rules based on administrative policies

Question 157

What is a Group Policy Objective (GPO) used for?

Answer 157

To harden the operating system and establish secure baselines

Question 158

What is baselining?

Answer 158

A process of measuring changes in the network, hardware, or software environment

Question 159

How does the Group Policy Editor in Windows be accessed?

Answer 159

By entering ‘gpedit’ in the run prompt

Question 160

What can be done using the Group Policy Editor?

Answer 160

Create allow or block list rules for application control policies

Question 161

How do you navigate to the App Locker section in the Group Policy Editor?

Answer 161

Navigate to ‘Computer Configuration’ > ‘Windows Settings’ > ‘Security Settings’ > ‘Application Control Policies’ > ‘App Locker’

Question 162

What is the first step in creating an executable rule in App Locker?

Answer 162

Create an executable rule

Question 163

What are the two options to choose from when creating an executable rule?

Answer 163

Choose to allow or deny

Question 164

Who can you select for the rule to apply to?

Answer 164

Select who the rule applies to (e.g., everyone)

Question 165

What are the conditions you can define for the rule in App Locker?

Answer 165

Define the rule based on conditions like publisher, path, or file hash

Question 166

What are the steps to create a rule in Group Policy Editor?

Answer 166

Specify path, Name rule, Create default rules, Deploy policy

Question 167

What are the default allow rules in Group Policy Editor?

Answer 167

Program Files, Windows folder, Administrators

Question 168

What is an example of a deny rule in Group Policy Editor?

Answer 168

Block files in temp directory

Question 169

What does SELinux enforce?

Answer 169

Mandatory Access Control (MAC)

Question 170

What are context-based permissions?

Answer 170

Permission schemes based on properties

Question 171

What are the two main context-based permission schemes in Linux that use MAC?

Answer 171

SELinux and AppArmor

Question 172

What is DAC?

Answer 172

Discretionary Access Control

Question 173

What does DAC allow object owners to do?

Answer 173

Directly control access using tools like ‘chown’ and ‘chmod’

Question 174

What does SELinux rely on for permissions and access control?

Answer 174

MAC

Question 175

What does SELinux enhance?

Answer 175

File system and network security

Question 176

What are the three main contexts in SELinux?

Answer 176

User Context, Role Context, Type Context

Question 177

What is remote work?

Answer 177

Employees work outside the traditional office

Question 178

What is hybrid work?

Answer 178

Combines traditional office work with remote work opportunities

Question 179

What are the security challenges of remote and hybrid work environments?

Answer 179

Increased risk due to lack of physical security controls outside the office, data exposure, weaker network security, cyberattacks, increased risk of device loss or theft

Question 180

What are some measures to address security challenges in remote work?

Answer 180

Establish comprehensive policies, use secure connections like VPN, implement multi-factor authentication, provide cybersecurity training and awareness, encourage reporting of incidents, use company-issued devices, define security measures for BYOD, set up automated backups, choose secure collaboration tools, maintain clear communication

Question 181

What is the recommended method for data access in remote work?

Answer 181

VPN

Question 182

What should be done to enhance security for data access in remote work?

Answer 182

Implement multi-factor authentication

Question 183

What should employees receive to improve their cybersecurity awareness?

Answer 183

Cybersecurity training

Question 184

What should be encouraged in the event of security incidents?

Answer 184

Reporting

Question 185

What is a secure option for device usage in remote work?

Answer 185

Company-issued devices

Question 186

How should personally owned devices be secured?

Answer 186

Define security measures for BYOD

Question 187

What should be done for data protection?

Answer 187

Set up automated backups

Question 188

What should be considered when choosing collaboration tools?

Answer 188

End-to-end encryption and administrative controls

Question 189

What is important for maintaining effective security measures in remote work?

Answer 189

Clear communication with the cybersecurity team

Question 190

How many IP addresses can computers understand?

Answer 190

270

Question 191

How can computers understand 270 https://www.DionTraining.com?

Answer 191

IP addresses

Question 192

How many domains can group policies be used to deploy and manage allowlists and blocklists?

Answer 192

286

Question 193

What allow centralized management of lists?

Answer 193

tory domain controllers

Question 194

What does the Optional Context Level Context describe?

Answer 194

sensitivity level of a file, directory, or process

Question 195

What is the Optional Context Level Context Describes the sensitivity level of a file, directory, or process?

Answer 195

a multi-level security context

Question 196

How many security techniques must you be able to apply to computing resources?

Answer 196

4.5

Question 197

What is the Security Techniques Objectives?

Answer 197

4.1

Question 198

What is the name of the study topic?

Answer 198

Wireless Infrastructure Security

Question 199

What is a Transport method selection?

Answer 199

Wireless Infrastructure Security

Question 200

What impacts network performance and security?

Answer 200

Placement of Wireless Access Points

Question 201

What is crucial for securing wireless networks in organizations?

Answer 201

Wireless Infrastructure Security

Question 202

What standards do WAPs use to connect wireless devices to a wired network?

Answer 202

Wi-Fi standards 300

Question 203

What does WAPs allow wireless devices to connect to a wired network using Wi-Fi standards 300?

Answer 203

Wireless Access Point Placement

Question 204

What is used on higher locations for better coverage?

Answer 204

Mount WAPs

Question 205

What is a site visit to test for radio frequency interference?

Answer 205

301

Question 206

What type of coverage does CompTIA Security+ provide?

Answer 206

Wireless coverage

Question 207

What is SY0-701?

Answer 207

CompTIA Security+

Question 208

What is a useful tool for visualizing the effectiveness of WAP placement and configuration?

Answer 208

Signal leakage

Question 209

What is the name of the device that helps in visualizing the effectiveness of WAP placement and configuration?

Answer 209

Wireless Security Settings

Question 210

What is essential for data confidentiality in wireless networks?

Answer 210

Wireless Encryption

Question 211

What types of services are offered?

Answer 211

Authentication, Authorization, and Accounting

Question 212

What is the terminal Access Controller Access-Control System Plus?

Answer 212

TACACS+

Question 213

What is the purpose of TCP encryption?

Answer 213

enhanced security

Question 214

What is used for enhanced security?

Answer 214

TCP

Question 215

What is used to verify user identity and control network access?

Answer 215

Authentication Protocols

Question 216

How many websites are there for DionTraining?

Answer 216

308

Question 217

What is the name of the web filtering technique?

Answer 217

Agent-Based Web Filtering

Question 218

What type of security is often used by schools, universities, and organizations to ensure safe and educational internet usage?

Answer 218

Email Security

Question 219

What protects email content, accounts, and infrastructure from unauthorized access, loss, or compromise?

Answer 219

Encompasses techniques and protocols

Question 220

What is a protection against email spoofing?

Answer 220

Improved email deliverability

Question 221

Where does a receiving server check if the sender’s IP is authorized?

Answer 221

SPF record 310

Question 222

What does SY0-701 mean?

Answer 222

CompTIA Security+

Question 223

What is CompTIA Security+?

Answer 223

SY0-701

Question 224

What is the goal of preventing email spoofing?

Answer 224

Improving email deliverability

Question 225

How many UBA tools can identify potential threats before significant damage occurs?

Answer 225

315

Question 226

What is another example of HTTP vs. SFTP?

Answer 226

HTTPS

Question 227

What often indicate whether a protocol is secure?

Answer 227

Default port numbers

Question 228

What can add a layer of obscurity but not replace robust security measures?

Answer 228

Changing port numbers

Question 229

What layer of security can change port numbers add?

Answer 229

obscurity

Question 230

How many times does the program’s scope define?

Answer 230

324

Question 231

What is the definition of security weaknesses?

Answer 231

True

Question 232

What are valuable maps for attackers 330?

Answer 232

Vulnerability reports

Question 233

What can be used to share reports on a need-to-know basis?

Answer 233

Encrypt reports

Question 234

Importance Crucial for maintaining integrity, confidentiality, and availability of information systems Components Alerting (not

Answer 234

Monitoring

Question 235

What type of alerts are there?

Answer 235

True Positive

Question 236

What is a legitimate issue?

Answer 236

False Positive

Question 237

What is the name of the issue that indicates an issue when there isn’t one?

Answer 237

True Negative

Question 238

What is the name of the issue that does not exist in the absence of an issue?

Answer 238

False Negative

Question 239

What does False Negative mean?

Answer 239

Correctly recognizes the absence of an issue

Question 240

How many false positives do you want to avoid?

Answer 240

alert fatigue

Question 241

What software tool is used for scanning and analyzing?

Answer 241

Manual Monitoring

Question 242

What type of tools are used for scanning and analyzing?

Answer 242

Software tools

Question 243

What is the overview of monitoring systems, applications, and infrastructure?

Answer 243

Monitoring Resources

Question 244

What is a log Aggregation?

Answer 244

Monitoring Activities

Question 245

What is the name of the report that generates reports on system and network status?

Answer 245

Archiving

Question 246

What does Alert Response and Remediation/Validation do?

Answer 246

historical data

Question 247

What are historical data?

Answer 247

Alert Response and Remediation/Validation

Question 248

What is SIEM?

Answer 248

Security Information and Event Management

Question 249

What tools collects and aggregates log data?

Answer 249

Security Tools

Question 250

What are some sources of data collected from?

Answer 250

Antivirus, DLP systems, NIDS, NIPS, firewalls, Vulnerability scanner

Question 251

How many networks does DionTraining have?

Answer 251

Network performance 334

Question 252

What can indicate potential issues?

Answer 252

Deviations from the baseline

Question 253

What may indicate code problems or resource deficiencies?

Answer 253

Slower response times

Question 254

What does Observe physical and virtual infrastructure, including servers, networks, virtual machines, containers, and cloud services?

Answer 254

Infrastructure Monitoring

Question 255

What can be triggered based on thresholds or anomalies?

Answer 255

alerts

Question 256

What does CompTIA Security+ include?

Answer 256

Vulnerability scanning

Question 257

What is the name of the data that is stored at DionTraining.com?

Answer 257

Incident data 337

Question 258

What is one of the steps that should be taken to manage and resolve issues based on alerts or scans?

Answer 258

Investigating

Question 259

What changes alert parameters to reduce errors, false positives, and improve alert relevance?

Answer 259

Alert Tuning

Question 260

What is SNMP?

Answer 260

Simple Network Management Protocol

Question 261

What types of tools are included in the collection?

Answer 261

free and open-source SIEM tools

Question 262

What is the name of the software that protects systems against malware?

Answer 262

Data from Security Tools

Question 263

What is the name of the CompTIA that Generates malware detection logs, system scans, and updates?

Answer 263

Security+

Question 264

How many logs does DionTraining.com have?

Answer 264

344

Question 265

What are Network Intrusion Detection Systems and NIDS?

Answer 265

Network Intrusion Prevention Systems

Question 266

What is the name of the Simple Network Management Protocol?

Answer 266

SNMP

Question 267

What is the Multi Router Traffic Grapher?

Answer 267

MRTG

Question 268

How many people are detected by SPOG?

Answer 268

350

Question 269

What can security teams monitor the environment for suspicious signs?

Answer 269

Security teams can monitor the environment for suspicious signs like unusual traffic or failed logins

Question 270

What steps can be implemented as software or hardware?

Answer 270

Defining Requirements

Question 271

What are the steps for implementing SPOG Defining Requirements Defining Requirements

Answer 271

Software or hardware

Question 272

How many phases is Containment, Eradication, and Recovery divided into?

Answer 272

three

Question 273

How many phases is Detection and Analysis divided into?

Answer 273

two

Question 274

How many Phases of Incident Response focuses on making systems resilient to attacks by hardening systems?

Answer 274

355

Question 275

How many Phases of Incident Response are Preparation Get an organization ready for future incidents?

Answer 275

Seven Phases of Incident Response

Question 276

What is the name of the computer network that creates policies, procedures, and a communication plan?

Answer 276

CompTIA Security+ (SY0-701)

Question 277

What is the purpose of identifying an effective solution?

Answer 277

Implement and track the solutions

Question 278

What are the lessons learned?

Answer 278

Documents experiences during incidents

Question 279

What is the name of the team that collects formalized information about what happened?

Answer 279

incident response

Question 280

What is the name of the organization that has full-time incident response teams?

Answer 280

IT Support 357

Question 281

What is used to detect threats that haven’t been discovered by normal security monitoring?

Answer 281

Proactive cybersecurity technique

Question 282

What do Threat Actors and Activities do?

Answer 282

Create scenarios to understand how attackers might attempt an intrusion

Question 283

What is the purpose of CompTIA Security+?

Answer 283

Threat Hunting Process

Question 284

How many times is the root cause analysis?

Answer 284

359

Question 285

What is the name of the source device?

Answer 285

CompTIA Security+ (SY0-701)

Question 286

What are the data sources for an Incident Investigation?

Answer 286

Dashboards and Automated Reports

Question 287

What do you need to be able to use to support an investigation?

Answer 287

Data Sources

Question 288

What is a Role Foundation for understanding potential entry points?

Answer 288

Identify system vulnerabilities

Question 289

What type of traffic does Firewall Logs detect?

Answer 289

Monitor network traffic

Question 290

How many logs do DionTraining logs detect?

Answer 290

368

Question 291

What is the name of Study Notes?

Answer 291

CompTIA Security+ (SY0-701)

Question 292

Automated responses can include suspending user accounts, blocking IP addresses, and what?

Answer 292

resetting passwords

Question 293

The analysis of the report is essential to confirm what ity of identified vulnerabilities?

Answer 293

Valid

Question 294

What reduces the risk of burnout?

Answer 294

Reduces repetitive and mundane tasks

Question 295

How much does DionTraining reduce staffing needs and optimizes resource allocation?

Answer 295

Cost savings

Question 296

How many times does DionTraining.com have?

Answer 296

381

Question 297

What improves IT and customer support team efficiency?

Answer 297

Automating Support Ticket Management

Question 298

Automating SupportTicket Management Enhances what?

Answer 298

IT and customer support team efficiency

Question 299

What improves customer satisfaction?

Answer 299

Streamlines issue resolution

Question 300

How many steps does Automating Support Ticket Creation take?

Answer 300

Six steps

Question 301

What is the name of the six steps in the ticket creation process?

Answer 301

Automating Support Ticket Creation

Question 302

What reduces the risk of lost or overlooked tickets?

Answer 302

Accelerates response time to user needs

Question 303

What addresses complex or high-priority issues?

Answer 303

Ticket escalation

Question 304

What is Automation Involves using technology to execute repetitive tasks without continuous human intervention?

Answer 304

Automating Onboarding

Question 305

How many support ticket management processes does DionTraining have?

Answer 305

383

Question 306

How many platforms does Automation keep user information synchronized across?

Answer 306

384

Question 307

What are the resources included in Resource Provisioning Software licenses Communication tools Process involves Requirements analysis

Answer 307

Workstations

Question 308

How does Automating Security help prevent?

Answer 308

security vulnerabilities

Question 309

What is the name of the website that automates service access management to prevent unnecessary risks?

Answer 309

386

Question 310

What is the name of the system that manages permissions using Role-based Access Controls?

Answer 310

Automating Permissions Management

Question 311

What is the purpose of managing access rights using Role-based Access Controls?

Answer 311

Automate provisioning and de-provisioning

Question 312

What verifies each check-in and detects problems 387?

Answer 312

Automated build process

Question 313

What ensures software quality after integration?

Answer 313

Automated tests

Question 314

What is CI/CD?

Answer 314

Continuous Delivery

Question 315

What does CD stop short of automatic production deployment?

Answer 315

Automated testing and build processes

Question 316

What is automated only to a certain stage?

Answer 316

Full deployment process

Question 317

What is the purpose of deployment to production environment?

Answer 317

manual business decision

Question 318

How many times does DionTraining.com allow flexibility in timing, market conditions, and stakeholder readiness?

Answer 318

388

Question 319

What takes CI/CD further by automatically deploying code changes to testing and production environments?

Answer 319

Continuous Deployment

Question 320

How many years ago did DionTraining enable software developers to access functions or features of another application programmatically?

Answer 320

389

Question 321

What are APIs used to facilitate communication between different parts of a microservice or service-oriented architecture?

Answer 321

Common communication methods

Question 322

What is the name of the common communication method used by APIs?

Answer 322

REST

Question 323

What types of methods does REST use for interactions?

Answer 323

HTTP methods, status codes, URIs, and MIME types

Question 324

What is used for data transfer?

Answer 324

JSON

Question 325

What protocol is suitable for integration with existing websites?

Answer 325

Lightweight protocol

Question 326

What is a simple Object Access Protocol?

Answer 326

SOAP

Question 327

In what format does SOAP have a structured message format?

Answer 327

XML

Question 328

What is SOAP’s structured message format known for?

Answer 328

robustness, additional security features, and transaction compliance

Question 329

What has a structured message format in XML?

Answer 329

SOAP

Question 330

Suitable for what type of web services?

Answer 330

enterprise-level web services

Question 331

What type of requirements do web services have?

Answer 331

regulatory compliance requirements

Question 332

What type of transactions are required for enterprise-level web services?

Answer 332

complex transactions

Question 333

What are the commonly used protocols for API testing?

Answer 333

HTTP and HTTPS 390

Question 334

CURL allows sending data to an API and receiving what type of response?

Answer 334

JSON

Question 335

What is the goal of 5.6?

Answer 335

Security Awareness

Question 336

What is Knowledge and understanding of security threats and mitigation measures Goal Equip individuals to recognize and respond to threats for data protection?

Answer 336

Security Awareness

Question 337

How many passwords does DionTraining.com have?

Answer 337

392

Question 338

What is insider threat from individuals within an organization?

Answer 338

Security risk

Question 339

What are techniques Maintaining situational awareness, avoiding shoulder surfing, eavesdropping?

Answer 339

Social Engineering Attacks

Question 340

What does Organizational mindset prioritize security in daily tasks and decision-making?

Answer 340

Creating a Culture of Security

Question 341

What is essential in addressing insider threats?

Answer 341

Training employees

Question 342

How many items do Discreet investigations to rule out illicit activities, theft, or information selling?

Answer 342

394

Question 343

What do employees under financial stress express financial woes to coworkers?

Answer 343

Financial Struggles

Question 344

What is the name of the person who is responsible for detecting anomalous behavior while respecting employee privacy?

Answer 344

Password Managers

Question 345

What is a specialized tool, plugin, or extension used with web browsers?

Answer 345

Password Manager

Question 346

What are most usernames?

Answer 346

Email addresses