Test ?'s 2 Flashcards
Which type of data has high trade values in black markets, is often anonymized or deidentified for use in scientific research, and when compromised, can lead to its use in blackmail or insurance fraud?
Personal Health Information (PHI)
What is the main difference between a disk image and a snapshot?
Disk images include bootloader and OS.
What is Inline Appliance?
Intrusion prevention system (IPS) appliances that must have all traffic pass through them are “inline” with the network. This also makes them a single point of failure if there is a no fault tolerance mechanism in place.
Differential, full, and incremental refer to which of the following when discussing backup types that will not collect open files?
A copy-based backup is a replica of an internet technology (IT) system. A copy of a system can be performed at any time to provide a system a means of backup. Copy-based backups will not copy open files.
Devices deployed in a network and that send data to the local area network (LAN) level and process it with an Internet of things (IoT) sensor are which of the following?
Fog Computing
Why can’t an Extended Validation certificate not be issued for a website domain?
The domain uses a wildcard
In a full chain of trust, which entity would be able to handle processing certificate requests and verifying requester identity?
A Registration Authority (RA)
What is TRUE about a certificate authority (CA) in a hierarchical model?
Offline CA is a best practice and Intermediate CA issue certificates.
What option has the best ability to hide the identity of the certificate requestor?
OCSP Stapling (Online Status Certificate Protocol)
What does the process of carving refer to?
Data Recovery
Which attack vector makes it possible for a threat actor to compromise a whole platform with just one account?
The Cloud
Which of the following is a computer that uses remote desktop protocol to run resources stored on a central server instead of a localized hard drive and provides minimal operating system services?
Thin Client
In a cloud environment, which of the following would be most detrimental in relation to access management of storage resources?
Any wildcard
Which type of network attack involves asserting the use of an arbitrary hardware address onto a network interface card (NIC)?
MAC Cloning
The ARP cache stores what kind of information about recent connections?
MAC addresses
Which attack vector would an insider threat use to effectively install malicious tools on specific sets of servers for backdoor access?
Direct Access and Removable Media
Which penetration technique allows a tester to bypass a network boundary and compromise servers on an internal network?
Pivot
Failed logins or instances of denial of access to restricted files may be indicators of compromise. Suggest where records of such incidents might be found.
Authentication logs and Security logs
A Cloud Service Provider (CSP) outsources the entire cyber security elements to a third party for the infrastructure in which an application resides due to lack of resources. The CSP maintains responsibility of the environment and attributes. What is this an example of?
Managed security service provider (MSSP) offers fully outsourced responsibility for information assurance to a third party.
A security expert uses a technical approach to configure a detective control to monitor a server. Review the descriptions and determine which controls the expert implements.
The control is implemented as a system and Records attempts at intrusion
A consumer uses a Samsung SmartThings coordinator to turn on lights in the home and start the dishwasher. Which communications protocol is the hub using?
Zigbee - a two-way wireless radio frequency communication between a sensor and a control system
An attacker exploited a vulnerability on a website frequently visited by a group of bank employees. Once the employees visit the site, the attacker’s malware infects their computers. What type of attack did the employees fall for?
A watering hole attack
After reading an article online, a business stakeholder is concerned about a risk associated with Denial of Service (DoS) attacks. The stakeholder requests information about what countermeasures would be taken during an attack. Where would the security analyst look to find this information?
The risk register shows the results of risk assessments in a comprehensible document format.
What does a Lightweight Directory Access Protocol (LDAP) attack typically exploit?
Unauthorized access or vulnerabilities in a client app to submit arbitrary LDAP queries.
