Test ?'s 2

Question 1

Which type of data has high trade values in black markets, is often anonymized or deidentified for use in scientific research, and when compromised, can lead to its use in blackmail or insurance fraud?

Answer 1

Personal Health Information (PHI)

Question 2

What is the main difference between a disk image and a snapshot?

Answer 2

Disk images include bootloader and OS.

Question 3

What is Inline Appliance?

Answer 3

Intrusion prevention system (IPS) appliances that must have all traffic pass through them are “inline” with the network. This also makes them a single point of failure if there is a no fault tolerance mechanism in place.

Question 4

Differential, full, and incremental refer to which of the following when discussing backup types that will not collect open files?

Answer 4

A copy-based backup is a replica of an internet technology (IT) system. A copy of a system can be performed at any time to provide a system a means of backup. Copy-based backups will not copy open files.

Question 5

Devices deployed in a network and that send data to the local area network (LAN) level and process it with an Internet of things (IoT) sensor are which of the following?

Answer 5

Fog Computing

Question 6

Why can’t an Extended Validation certificate not be issued for a website domain?

Answer 6

The domain uses a wildcard

Question 7

In a full chain of trust, which entity would be able to handle processing certificate requests and verifying requester identity?

Answer 7

A Registration Authority (RA)

Question 8

What is TRUE about a certificate authority (CA) in a hierarchical model?

Answer 8

Offline CA is a best practice and Intermediate CA issue certificates.

Question 9

What option has the best ability to hide the identity of the certificate requestor?

Answer 9

OCSP Stapling (Online Status Certificate Protocol)

Question 10

What does the process of carving refer to?

Answer 10

Data Recovery

Question 11

Which attack vector makes it possible for a threat actor to compromise a whole platform with just one account?

Answer 11

The Cloud

Question 12

Which of the following is a computer that uses remote desktop protocol to run resources stored on a central server instead of a localized hard drive and provides minimal operating system services?

Answer 12

Thin Client

Question 13

In a cloud environment, which of the following would be most detrimental in relation to access management of storage resources?

Answer 13

Any wildcard

Question 14

Which type of network attack involves asserting the use of an arbitrary hardware address onto a network interface card (NIC)?

Answer 14

MAC Cloning

Question 15

The ARP cache stores what kind of information about recent connections?

Answer 15

MAC addresses

Question 16

Which attack vector would an insider threat use to effectively install malicious tools on specific sets of servers for backdoor access?

Answer 16

Direct Access and Removable Media

Question 17

Which penetration technique allows a tester to bypass a network boundary and compromise servers on an internal network?

Answer 17

Pivot

Question 18

Failed logins or instances of denial of access to restricted files may be indicators of compromise. Suggest where records of such incidents might be found.

Answer 18

Authentication logs and Security logs

Question 19

A Cloud Service Provider (CSP) outsources the entire cyber security elements to a third party for the infrastructure in which an application resides due to lack of resources. The CSP maintains responsibility of the environment and attributes. What is this an example of?

Answer 19

Managed security service provider (MSSP) offers fully outsourced responsibility for information assurance to a third party.

Question 20

A security expert uses a technical approach to configure a detective control to monitor a server. Review the descriptions and determine which controls the expert implements.

Answer 20

The control is implemented as a system and Records attempts at intrusion

Question 21

A consumer uses a Samsung SmartThings coordinator to turn on lights in the home and start the dishwasher. Which communications protocol is the hub using?

Answer 21

Zigbee - a two-way wireless radio frequency communication between a sensor and a control system

Question 22

An attacker exploited a vulnerability on a website frequently visited by a group of bank employees. Once the employees visit the site, the attacker’s malware infects their computers. What type of attack did the employees fall for?

Answer 22

A watering hole attack

Question 23

After reading an article online, a business stakeholder is concerned about a risk associated with Denial of Service (DoS) attacks. The stakeholder requests information about what countermeasures would be taken during an attack. Where would the security analyst look to find this information?

Answer 23

The risk register shows the results of risk assessments in a comprehensible document format.

Question 24

What does a Lightweight Directory Access Protocol (LDAP) attack typically exploit?

Answer 24

Unauthorized access or vulnerabilities in a client app to submit arbitrary LDAP queries.

Question 25

Which of the following security mechanisms provides protection against Secure Socket Layer (SSL) stripping attacks?

Answer 25

HTTP Strict Transport Security (HSTS) forces browsers to connect using HTTPS only, mitigating downgrade attacks, such as Secure Socket Layer (SSL) stripping.

Question 26

During a risk assessment, a company indicates the value of employee used laptops to be $1,500.00 a piece. What should the company define to come up with the annual loss expectancy in a quantitative risk assessment

Answer 26

The annual rate of occurrence (ARO) indicates how many times a loss will occur within a year. An ARO is used in conjunction with the single loss expectancy (SLE) to figure the annual loss expectancy (ALE).

Question 27

Security content automation protocol (SCAP) allows compatible scanners to compare computers with which of the following?

Answer 27

Configuration baseline