Security + CIAT QUESTIONS

Question 1

CAPTCHA

Answer 1

used to mitigate high volume of fraudulent login attempts.

Question 2

Implementing input validation techniques

Answer 2

used to ensure that its web application is secure from SQL injection attacks.

Question 3

Virtual Private Network (VPN)

Answer 3

used to ensure the integrity of data transferred between its internal network and remote employees.

Question 4

Data Loss Prevention (DLP) system

Answer 4

focuses on detecting and preventing the loss, leakage, or misuse of data through breaches, exfiltration transmissions, and unauthorized use.

Question 5

Enabling MAC address filtering

Answer 5

It adds an extra layer of security by limiting the number of devices that can connect to a network.

Question 6

prepared statements in database queries

Answer 6

used to ensure that its web server is **secure **from SQL injection attacks.

Question 7

email gateway with anti-phishing features

Answer 7

reduce the risk of email phishing

Question 8

malware infections from USB drives* prevention (company issue)*

Answer 8

Disable USB ports on all company computers

Question 9

issues with BYOD

Answer 9

protection against data leakage

Question 10

Port security

Answer 10

You can specify the maximum number of MAC addresses that can be learned on a port.

Question 11

DHCP snooping

Answer 11

occurs when an attacker attempts to respond to DHCP requests and trying to list themselves (spoofs) as the default gateway or DNS server

Question 12

SSID broadcast disabling

Answer 12

Unable to see SSID wi-fi network

Question 13

website is frequently targeted by SQL injection attacks.

Answer 13

defense is to use parameterized queries in the website code

Question 14

mobile device management (MDM) solution

Answer 14

ensure that mobile devices are secure against data leakage.

Question 15

Data encryption

Answer 15

ensure the confidentiality and integrity of customer data

Question 16

FIRST line of defense against malware

Answer 16

Antivirus software

Question 17

unpatched vulnerability in a critical application.

Answer 17

Apply a temporary workaround

Question 18

Firewall rules

Answer 18

determine which types of traffic your firewall accepts and which are denied

Question 19

File integrity monitoring

Answer 19

examines the integrity of sensitive files, registry keys, and folders within the host operating system and checks whether files have been altered

Question 20

something they have and something they know.

Answer 20

Multifactor authentication

Question 21

Implementing a CDN (Content Delivery Network)

Answer 21

ensures that no single server bears the brunt of an attack, reducing the likelihood of a successful DDoS attack.

Question 22

improve its email security

Answer 22

email encryption

Question 23

Spam filters

Answer 23

designed to identify emails that attackers or marketers use to send unwanted or dangerous content

Question 24

minimize security vulnerabilities of new software App

Answer 24

Conducting a code review

Question 25

A DNS filtering service

Answer 25

the process of using the Domain Name System to block malicious websites and filter out harmful or inappropriate content.

Question 26

HTTPS

Answer 26

is the secure version of HTTP,primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer.

Question 27

Role-based access control (RBAC)

Answer 27

the idea of assigning permissions to users based on their role within an organization

Question 28

Audit logging

Answer 28

the process of documenting activity within the software systems used across your organization

Question 29

User access controls

Answer 29

identifying a user based on their credentials and then authorizing the appropriate level of access once they are authenticated

Question 30

WPA2

Answer 30

secure its Wi-Fi network

Question 31

TKIP

Answer 31

a security protocol used in the IEEE 802.11 wireless networking standard

Question 32

WEP

Answer 32

was the first attempt at wireless protection. The aim was to add security to wireless networks by encrypting data.

Question 33

WPA

Answer 33

is a security standard for computing devices with wireless internet connections.

Question 34

Isolate the infected systems

Answer 34

several workstations on the network have been infected with malware.

Question 35

network perimeter _protect against external threats and attacks

Answer 35

A network-based firewall

Question 36

A host-based firewall

Answer 36

installed directly on individual networked devices to filter network traffic on a single device by inspecting both incoming and outgoing data.

Question 37

NIDS (Network Intrusion Detection System)

Answer 37

provide continuous network monitoring across on-premise and cloud infrastructure to detect malicious activity like policy violations, lateral movement or data exfiltration.

Question 39

web content filtering solution

Answer 39

a technicque that blocks and screens access to inappropriate or unsafe web content.

Question 40

Degaussing

Answer 40

will not work on SSD only HDD

Question 41

securely erase data from SSDs before disposal

Answer 41

Physical destruction

Question 42

Overwriting

Answer 42

cannot be used on a SSD

Question 43

WPA2-PSK encryption

Answer 43

uses a stronger encryption key and has built-in security features to prevent attacks like brute-force and dictionary attacks -prevent unauthorized access-

Question 44

leaking confidential information being leaked

Answer 44

Review access logs for unusual activity

Question 45

investigating a potential data breach.

Answer 45

Identification is the first step that needs to be taken

Question 46

Eradication

Answer 46

to get rid of something completely

Question 47

Data sovereignty

Answer 47

PRIMARY security concern, when transferring data

Question 48

FTP

Answer 48

standard communication protocol used for the transfer of computer files from a server to a client on a computer network

Question 49

SSL/TLS encryption

Answer 49

protocol or communication rule that allows computer systems to talk to each other on the internet safely.

Question 50

Data classification policy

Answer 50

identifies and helps protect sensitive/confidential data with a framework of rules, processes, and procedures for each class

Question 51

Protocol analyzer

Answer 51

is a tool (hardware or software) used to capture and analyze signals and data traffic over a communication channel.

Question 52

network scanner

Answer 52

a software tool used for diagnostic and investigative purposes to find and categorize what devices are running on a network.