Test ?'s 3

Question 1

Which of the following, if implemented, will NOT help mitigate the threat of tailgating?

Answer 1

Installing non-discretionary privilege management

Question 2

An unmanned aerial vehicle is equipped with a component to ensure position and movement sensors are aligned and relays information to a ground control. Which of the following computing devices does this best describe?

Answer 2

Embedded System – An embedded system is a combination of hardware and software that contains a dedicated function and uses a computer component to complete the function.

Question 3

A cloud service provider (CSP) offers an organization the ability to build and run applications and services without having to manage infrastructure such as provisioning, authentication, and server maintenance. This offering reduces overhead and allows the organization to focus on the product being built. What type of design pattern is this?

Answer 3

Serverless Architecture

Question 4

A Local Area Network (LAN) is set up with an Authentication, Authorization, and Account (AAA) server. The AAA server allows remote supplicants to access the LAN through a Network Access Point (NAP). Which of the following best describes the type of remote authentication solution that is set up on the LAN?

Answer 4

Remote Authentication Dial-in User Service (RADIUS) is made up of an Authentication, Authorization, and Account (AAA) server, a Network Access Control (NAC) or RADIUS client, and the supplicant. A supplicant is any device that is trying to access the local network remotely.

Question 5

Determine the type of code execution policy that would ensure that unrecognized software cannot run.

Answer 5

Allow List

Question 6

What are the main features that differentiate the Test Access Point (TAP) from a Switched Port Analyzer (SPAN)?

Answer 6

Test access point (TAP) is a separate hardware device and Test access point (TAP) avoids frame loss.

Question 7

Which of the following will reduce the risk of data exposure between containers on a cloud platform?

Answer 7

Namespaces and control groups

Question 8

The client wants to deploy a wireless network that uses a smart card or a certificate that can be installed on the client’s PC. Which type of authentication mechanism is most suitable for this task?

Answer 8

EAP-TLS – EAP-TLS requires client certificates, but most other types of EAP can be configured to perform mutual authentication (including EAP-TTLS, PEAP with TLS, and EAP-FAST).

Question 9

A hacker can use Microsoft Office applications as an attack vector to automatically run multiple tasks in the background using which of the following?

Answer 9

VBA (Visual Basic for Applications)

Question 10

A systems administrator plans to protect a data center with various security controls and safety mechanisms. Which solution does the administrator plan based on a “triangle” principle?

Answer 10

Fire Suppression – The fire triangle works on the principle that fire requires heat, oxygen, and fuel to ignite and burn. Removing any one of those elements provides fire suppression.

Question 11

Conclude which terms represent a core feature of the Diamond Model of Intrusion Analysis.

Answer 11

Victim, capability, and infrastructure

Question 12

A company with offices in multiple countries deployed a cyber threat intelligence (CTI) appliance in the cloud to detect network attacks. The security team examined last week’s data and spent a significant amount of time trying to better predict future attacks and ways to improve security. How can the team take advantage of cloud resources to better analyze these threats?

Answer 12

Use artificial intelligence

Question 13

A system engineer is researching backup solutions that are inexpensive and can store large amounts of data offline. The backup solution must be portable and maintainable for a certain length of time defined in the company’s backup recovery plan. Which of the following is the best backup solution?

Answer 13

A tape backup solution is the storing of data on a magnetic tape. It is less expensive than most backup solutions. When stored properly, tape can last longer and is small and portable.

Question 14

After a year of vulnerability scans, a security engineer realized that there were zero false positive cases. The application logs showed no issues with the scanning tool and reports. What type of scanning tool or configuration would result in zero false positives being reported?

Answer 14

Credentialed scan and intrusive tool

Question 15

Which team performs the offensive role in a penetration exercise?

Answer 15

Red Team

Question 16

Which aspect of certificate and key management should an administrator consider when trying to mitigate or prevent the loss of private keys?

Answer 16

Storage

Question 17

Which of the following cryptographic algorithm standards is best suited for Internet of Things (IoT) devices?

Answer 17

Lightweight

Question 18

Recommend an immediate response that does not require generating new certificates in a scenario where an attacker has compromised a host on a network by spoofing digital certificates.

Answer 18

Revoke the host’s certificate

Question 19

The IT team manages multiple root accounts on a spreadsheet that provides access to virtual hosts. Although only administrators have access to the share location where the spreadsheet exists, management would like to add auditing measures to these accounts. Which solution will support the requirement?

Answer 19

Privilege access management

Question 20

A Windows firewall rule allows all programs, all protocols, and all ports within a 192.168.0.0/24 subnet to connect to the network. What type of Windows Firewall with Advanced Security is this?

Answer 20

Access Control List

Question 21

A threat actor logs in to a website as a free user and submits a request for a file. The request references the parent directory of the web server. This injection attack is successful by using a canonicalization attack to disguise the nature of the malicious input. How was the threat actor able to retrieve the file?

Answer 21

Using a directory traversal attack – A directory traversal attack is an injection attack that uses specific code to request information from a web server’s root directory by submitting the directory path.

Question 22

Which attack is a brute-force type that mixes common passwords with usernames?

Answer 22

Spraying

Question 23

A datacenter requires an instantaneous failover power solution that is inexpensive. Which of the following is the least likely solution for the datacenter?

Answer 23

Generator

Question 24

Describe scenarios where containment measures, such as isolation and segmentation techniques, should be taken.

Answer 24

An unauthorized user accesses a server, A worm has infected a device on the network, The investigation of a recent incident is ongoing

Question 25

Which of the following are deployed similarly to a credit card skimmer?

Answer 25

Malicious USB plug

Question 26

An organization receives numerous negative reviews on social media platforms in response to a recent public statement. Experts use machine learning to identify any threatening language. Which approach do the experts use to identify security risks?

Answer 26

Sentiment analysis -- Sentiment analysis is used to monitor social media for incidents, such as disgruntled consumers posting negative content. In terms of security, this can be used to gather threat intelligence.

Question 27

A vulnerability database loaded on a scanning tool such as Tenable Nessus will commonly show which of the following properties?

Answer 27

Score and dictionary

Question 28

A file system audit shows a malicious account was able to obtain a password database. The malicious account will be able to use the information without interacting with an authentication system. What type of attack will the malicious account be able to perform on systems?

Answer 28

Offline password attack

Question 29

A retail organization documents a workflow. By doing so, it can supply evidence of why processing and storage of particular fields of customer data are required. What data collection principle does the organization practice?

Answer 29

Data minimization

Question 30

An electrical cooperative startup needs the ability to monitor energy use, collect data taken from the monitoring, and use the data to lower costs and energy waste. Which component of an industrial control system (ICS) would be the best solution for the cooperative?

Answer 30

Supervisory control and data acquisition (SCADA) -- (SCADA) is part of an industrial control system (ICS) and is used for gathering and analyzing real-time data. A SCADA aids industry in making data-driven decisions based on reporting and analytics.

Question 31

Finance representatives at an organization meet professional standards by providing reports that are highly detailed and designed to be restricted. As members of the American Institute of Certified Public Accountants (AICPA), which standards do the finance representatives follow?

Answer 31

SSAE SOC 2 Type II -- A Service Organization Control (SOC2) Type II report assesses the ongoing effectiveness of the security architecture over a period of 6-12 months. SOC2 reports are highly detailed and designed to be restricted.

Question 32

A new company implements a datacenter that will hold proprietary data that is output from a daily workflow. As the company has not received any funding, no risk controls are in place. How does the company approach risk during operations?

Answer 32

Acceptance -- Risk acceptance means that no countermeasures are put in place either because the level of risk does not justify the cost or because there will be an unavoidable delay before the countermeasures are deployed.