Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Kindle 601 Review > Test > Flashcards

Test Flashcards

1
Q

A security engineer is reviewing log files after a third discovered usernames and passwords for the organization’s accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?

A

DNS Poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A security analyst receives the configuration of a current VPN profile and notices the authentication is only applied to the IP datagram portion of the packet. Which of the following should the analyst implement to authenticate the entire packet?

A

ESP Encapsulating Security Payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security analyst is performing a packet capture on a series of SOAP HTTP requests for a security assessment. The analyst redirects the output to a file After the capture is complete, the analyst needs to review the first transactions quickly and then search the entire series of requests for a particular string Which of the following would be BEST to use to accomplish the task?

A

Head and TCPdump

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following control sets should a well-written BCP include?

A

Preventative, Corrective,Recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include:
Check-in/checkout of credentials
The ability to use but not know the password
Automated password changes
Logging of access to credentials
Which of the following solutions would meet the requirements?

A

Open Id connect authentication system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A cybersecurity department purchased o new PAM solution. The team is planning to randomize the service account credentials of the Windows server first. Which of the following would be the BEST method to increase the security on the Linux server

A

Use SSH keys and remove generic passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:

A

Disaster Recovery Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?

A

The document is a honeyfile and is meant to attract the attention of a cyberintruder.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A security analyst reviews the datacenter access logs for a fingerprint scanner and notices an abundance of errors that correlate with users’ reports of issues accessing the facility. Which of the following MOST likely the cause of the cause of the access issues?

A

Crossover-Error Rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization’s executives determine the next course of action?

A

Business Continuity Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A security engineer needs to enhance MFA access to sensitive areas in a building. A key card and fingerprint scan are already in use. Which of the following would add another factor of authentication?

A

Retina Scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following:
• The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP
• The forged website’s IP address appears to be 10.2.12.99. based on NetFtow records
• AH three at the organization’s DNS servers show the website correctly resolves to the legitimate IP
• DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise. Which of the following MOST likely occurred?

A

Attacker temporarily pawned a name server- dns poisoning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A user contacts the help desk to report the following:
Two days ago, a pop-up browser window prompted the user for a name and password after connecting to the corporate wireless SSID. This had never happened before, but the user entered the information as requested.
The user was able to access the Internet but had trouble accessing the department share until the next day.
The user is now getting notifications from the bank about unauthorized transactions. Which of the following attack vectors was MOST likely used in this scenario?

A

Evil Twin is a form or Rogue Access Point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has only been given the documentation available to the customers of the applications. Which of the following BEST represents the type of testing that will occur?

A

Bug bounty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases?

A

Unsecured protocols and included third party libraries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A financial organization has adopted a new secure, encrypted document-sharing application to help with its customer loan process. Some important PII needs to be shared across this new platform, but it is getting blocked by the DLP systems. Which of the following actions will BEST allow the PII to be shared with the secure application without compromising the organization’s security posture?

A

Configure the DLP policies to whitelist this application with the specific PII

17
Q

A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?

A

Usb data blocker

18
Q

A large industrial system’s smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs the company’s security manager notices the generator’s IP is sending packets to an internal file server’s IP. Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?

A

Segmentation

19
Q

Which of the following relets to applications and systems that are used within an organization without consent or approval?

A

Shaddow IT

20
Q

A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?

A

Captive Portal

21
Q

After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?

A

Public ledger

Kindle 601 Review (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions