Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Mike's Sec+ > section 1-2 > Flashcards

section 1-2 Flashcards

1
Q

Which of the following is the best way to secure an on-site data center against intrusion from an insider?

a.
Bollards.
b.
Access badge.
c.
Motion sensor.
d.
Video surveillance.

A

b.
Access badge.Correct Answer
An access badge is a security token that allows authorized individuals to enter restricted areas, ensuring that only those with the proper credentials can access sensitive areas like a data center.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Visitors to a secure facility are required to check in with a photo ID and enter the facility through an access control vestibule. Which of the following best describes this form of security control?

a.
Physical.
b.
Managerial.
c.
Technical.
d.
Operational.

A

a.
Physical.Correct Answer
Physical security controls include measures such as photo ID check-ins and access control vestibules that physically prevent unauthorized access to facilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A systems administrator wants to prevent users from being able to access data based on their responsibilities. The administrator also wants to apply the required access structure via a simplified format. Which of the following should the administrator apply to the site recovery resource group?

a.
RBAC.
b.
ACL.
c.
SAML.
d.
GPO.

A

a.
RBAC.Correct
Role-Based Access Control (RBAC) allows administrators to restrict system access to authorized users based on their roles within an organization, which simplifies the access control process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A technician is deploying a new security camera. Which of the following should the technician do?

a.
Configure the correct VLAN.
b.
Perform a vulnerability scan.
c.
Disable unnecessary ports.
d.
Conduct a site survey.

A

d.
Conduct a site survey.Correct Answer
Conducting a site survey helps determine the optimal placement for the security camera to ensure maximum coverage and effectiveness.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A systems administrator is changing the password policy within an enterprise environment and wants this update implemented on all systems as quickly as possible. Which of the following operating system security measures will the administrator most likely use?

a.
Deploying PowerShell scripts.
b.
Pushing GPO update.
c.
Enabling PAP.
d.
Updating EDR profiles.

A

b.
Pushing GPO update.Correct Answer
Pushing a Group Policy Object (GPO) update allows the administrator to quickly and uniformly enforce new password policies across all systems in the enterprise environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A network administrator is working on a project to deploy a load balancer in the company’s cloud environment. Which of the following fundamental security requirements does this project fulfill?

a.
Privacy.
b.
Integrity.
c.
Confidentiality.
d.
Availability.

A

d.
Availability.Correct Answer
A load balancer distributes network or application traffic across multiple servers, increasing the availability and reliability of applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A systems administrator works for a local hospital and needs to ensure patient data is protected and secure. Which of the following data classifications should be used to secure patient data?

a.
Private.
b.
Critical.
c.
Sensitive.
d.
Public.

A

c.
Sensitive.Correct Answer
Patient data, often referred to as Protected Health Information (PHI), is highly confidential and requires stringent security measures to protect it from unauthorized access and breaches. Classifying it as ‘Sensitive’ ensures that appropriate security controls and policies are applied to safeguard this critical information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

While troubleshooting a firewall configuration, a technician determined that a ‘deny any’ policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable. Which of the following actions would prevent this issue?

a.
Documenting the new policy in a change request and submitting the request to change management.
b.
Testing the policy in a non-production environment before enabling the policy in the production network.
c.
Disabling any intrusion prevention signatures on the ‘deny any’ policy prior to enabling the new policy.
d.
Including an ‘allow any’ policy above the ‘deny any’ policy.

A

b.
Testing the policy in a non-production environment before enabling the policy in the production network.Correct Answer
Testing the policy in a non-production environment allows the technician to observe the impact of the ‘deny any’ policy without affecting the production network. This step ensures that any unforeseen issues can be identified and addressed before the policy is applied to the live environment, preventing disruptions to company servers and services.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption. Which of the following best describes this step?

a.
Redundancy.
b.
Geographic dispersion.
c.
Tabletop exercise.
d.
Capacity planning.

A

d.
Capacity planning.Correct
Capacity planning involves determining the resources, including staff, required to sustain business operations during a disruption. This step is essential in developing a business continuity strategy to ensure that the company can maintain critical functions and services even in the face of adverse events. By understanding the necessary capacity, the company can better prepare and allocate resources to mitigate the impact of disruptions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?

a.
Air gap the system.
b.
Move the system to a different network segment.
c.
Create a change control request.
d.
Apply the patch to the system.

A

c.
Create a change control request.Correct Answer
Before applying a high-priority patch to a production system, it is crucial to follow proper change management procedures. Creating a change control request ensures that the proposed change is documented, reviewed, and approved by the necessary stakeholders. This step helps in assessing the potential impact of the patch, planning for any necessary downtime, and ensuring that there are appropriate rollback procedures in case something goes wrong. Skipping this step could lead to unanticipated issues and disrupt production environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?

a.
Hardening.
b.
Employee monitoring.
c.
Configuration enforcement.
d.
Least privilege.

A

d.
Least privilege.Correct Answer
The principle of least privilege ensures that individuals only have the minimum levels of access—or permissions—needed to perform their job functions. By restricting access to the administrator console to only the IT manager and the help desk lead, the IT manager is implementing least privilege.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following security control types does an acceptable use policy best represent?

a.
Detective.
b.
Compensating.
c.
Corrective.
d.
Preventive.

A

d.
Preventive.Correct
A preventive control is designed to deter or stop unwanted actions. An acceptable use policy sets the rules and guidelines for appropriate use of company resources, helping to prevent misuse and ensuring compliance with organizational standards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the CISO’s report?

a.
Insider threat.
b.
Hacktivist.
c.
Nation-state.
d.
Organized crime.

A

d.
Organized crime.Correct Answer
Organized crime groups use ransomware to extort money from victims.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An organization experiences a cybersecurity incident involving a command-and-control server. Which of the following logs should be analyzed to identify the impacted host? (Choose two.)

a. Application.
b. Authentication.
c. DHCP.
d. Network.
e. Firewall.
f. Database.

A

c. DHCP.
e. Firewall.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following threat actors is the most likely to be motivated by profit?

a.
Hacktivist.
b.
Insider threat.
c.
Organized crime.
d.
Shadow IT.

A

c.
Organized crime.Correct Answer
Organized crime groups are typically motivated by financial gain, often engaging in activities like extortion, theft, and fraud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

An administrator was notified that a user logged in remotely after hours and copied large amounts of data to a personal device. Which of the following best describes the user’s activity?

a.
Penetration testing.
b.
Phishing campaign.
c.
External audit.
d.
Insider threat.

A

d.
Insider threat.Correct Answer
The activity involves unauthorized actions by someone with legitimate access.

16
Q

A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?

a.
Secure cookies.
b.
Version control.
c.
Input validation.
d.
Code signing.

A

c.
Input validation.Correct Answer
Input validation ensures that data entered into the web application form fields is properly checked and sanitized before processing, which helps prevent cross-site scripting (XSS) vulnerabilities. This technique can filter out malicious scripts and ensure that only expected, safe inputs are accepted by the application.

17
Q

Which of the following enables the use of an input field to run commands that can view or manipulate data?

a.
Cross-site scripting.
b.
Side loading.
c.
Buffer overflow.
d.
SQL injection.

A

d.
SQL injection.Correct
SQL injection is a type of attack where an attacker can execute malicious SQL statements that control a web application’s database server. By manipulating the input field and injecting SQL commands, an attacker can view or manipulate data stored in the database, potentially leading to data breaches or unauthorized access.

18
Q

Which of the following threat actors is the most likely to use large financial resources to attack critical systems located in other countries?

a.
Insider.
b.
Unskilled attacker.
c.
Nation-state.
d.
Hacktivist.

A

c.
Nation-state.Correct Answer
Nation-states often have significant financial resources at their disposal, along with sophisticated cyber capabilities, which they may employ for various purposes including espionage, sabotage, or geopolitical influence. These attacks can range from sophisticated cyber-espionage campaigns to disruptive or destructive attacks on critical infrastructure.

19
Q

A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks. SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?

a.
Digital forensics.
b.
E-discovery.
c.
Incident response.
d.
Threat hunting.

A

d.
Threat hunting.Correct
Threat hunting involves proactively searching for signs of malicious activity or potential threats within a network, based on the latest intelligence and techniques, even before automated systems like SIEM are configured to detect them.

20
Q

A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit hardware?

a.
A thorough analysis of the supply chain. This involves evaluating all suppliers and processes to ensure authenticity and compliance, reducing the risk of counterfeit components entering the network.
b.
A legally enforceable corporate acquisition policy.
c.
A right to audit clause in vendor contracts and SOWs.
d.
An in-depth penetration test of all suppliers and vendors.

A

A. A thorough analysis of the supply chain.Correct
This involves evaluating all suppliers and processes to ensure authenticity and compliance, reducing the risk of counterfeit components entering the network.

21
Q

Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?

a.
Hacktivist.
b.
Whistleblower.
c.
Organized crime.
d.
Unskilled attacker.

A

c.
Organized crime.Correct Answer
Organized crime groups are typically motivated by financial gain, often engaging in activities like extortion, theft, and fraud.

Mike's Sec+ (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions