Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

sec+(701) > Wk2-other-151-201 > Flashcards

Wk2-other-151-201 Flashcards

1
Q

QUESTION: 151
Which of the following is the best way to secure an on-site data center against intrusion from an
insider?
A. Bollards
B. Access badge
C. Motion sensor
D. Video surveillance

A

B. Access badge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

QUESTION: 152
An engineer moved to another team and is unable to access the new team’s shared folders
while still being able to access the shared folders from the former team. After opening a ticket,
the engineer discovers that the account was never moved to the new group.
Which of the following access controls is most likely causing the lack of access?
A. Role-based
B. Discretionary
C. Time of day
D. Least privilege

A

A. Role-based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

QUESTION: 153
Which of the following factors are the most important to address when formulating a training
curriculum plan for a security awareness program? (Choose two.)
A. Channels by which the organization communicates with customers
B. The reporting mechanisms for ethics violations
C. Threat vectors based on the industry in which the organization operates
D. Secure software development training for all personnel
E. Cadence and duration of training events
F. Retraining requirements for individuals who fail phishing simulations

A

C. Threat vectors based on the industry in which the organization operates
E. Cadence and duration of training events

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

QUESTION: 154
A network administrator is working on a project to deploy a load balancer in the company’s
cloud environment.
Which of the following fundamental security requirements does this project fulfill?
A. Privacy
B. Integrity
C. Confidentiality
D. Availability

A

D. Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

QUESTION: 155
A systems administrator is changing the password policy within an enterprise environment and
wants this update implemented on all systems as quickly as possible.
Which of the following operating system security measures will the administrator most likely
use?
A. Deploying PowerShell scripts
B. Pushing GPO update
C. Enabling PAP
D. Updating EDR profiles

A

B. Pushing GPO update

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

QUESTION: 156
Which of the following would be most useful in determining whether the long-term cost to
transfer a risk is less than the impact of the risk?
A. ARO
B. RTO
C. RPO
D. ALE
E. SLE

A

D. ALE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

QUESTION: 157
In order to strengthen a password and prevent a hacker from cracking it, a random string of 36
characters was added to the password.
Which of the following best describes this technique?
A. Key stretching
B. Tokenization
C. Data masking
D. Salting

A

D. Salting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

QUESTION: 158
A technician is deploying a new security camera.
Which of the following should the technician do?
A. Configure the correct VLAN.
B. Perform a vulnerability scan.
C. Disable unnecessary ports.
D. Conduct a site survey.

A

D. Conduct a site survey.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

QUESTION: 159
A company is experiencing a web services outage on the public network. The services are up
and available but inaccessible. The network logs show a sudden increase in network traffic that
is causing the outage.
Which of the following attacks is the organization experiencing?
A. ARP poisoning
B. Brute force
C. Buffer overflow
D. DDoS

A

D. DDoS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

QUESTION: 160
Which of the following threat actors is the most likely to be motivated by profit?
A. Hacktivist
B. Insider threat
C. Organized crime
D. Shadow IT

A

C. Organized crime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

QUESTION: 161
An organization experiences a cybersecurity incident involving a command-and-control server.
Which of the following logs should be analyzed to identify the impacted host? (Choose two.)
A. Application
B. Authentication
C. DHCP
D. Network
E. Firewall
F. Database

A

D. Network
E. Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

QUESTION: 162
During a penetration test, a vendor attempts to enter an unauthorized area using an access
badge.
Which of the following types of tests does this represent?
A. Defensive
B. Passive
C. Offensive
D. Physical

A

D. Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

QUESTION: 163
A systems administrator uses a key to encrypt a message being sent to a peer in a different
branch office. The peer then uses the same key to decrypt the message.
Which of the following describes this example?
A. Symmetric
B. Asymmetric
C. Hashing
D. Salting

A

A. Symmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

QUESTION: 164
A visitor plugs a laptop into a network jack in the lobby and is able to connect to the company’s
network.
Which of the following should be configured on the existing network infrastructure to best
prevent this activity?
A. Port security
B. Web application firewall
C. Transport layer security
D. Virtual private network

A

A. Port security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

QUESTION: 165
A security administrator is reissuing a former employee’s laptop.
Which of the following is the best combination of data handling activities for the administrator to
perform? (Choose two.)
A. Data retention
B. Certification
C. Destruction
D. Classification
E. Sanitization
F. Enumeration

A

C. Destruction
E. Sanitization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

QUESTION: 166
A systems administrator would like to deploy a change to a production system.
Which of the following must the administrator submit to demonstrate that the system can be
restored to a working state in the event of a performance issue?
A. Backout plan
B. Impact analysis
C. Test procedure
D. Approval procedure

A

A. Backout plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

QUESTION: 167
A company is redesigning its infrastructure and wants to reduce the number of physical servers
in use.
Which of the following architectures is best suited for this goal?
A. Serverless
B. Segmentation
C. Virtualization
D. Microservices

A

C. Virtualization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

QUESTION: 168
A bank set up a new server that contains customers’ PII.
Which of the following should the bank use to make sure the sensitive data is not modified?
A. Full disk encryption
B. Network access control
C. File integrity monitoring
D. User behavior analytics

A

C. File integrity monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

QUESTION: 169
Users at a company are reporting they are unable to access the URL for a new retail website
because it is flagged as gambling and is being blocked.
Which of the following changes would allow users to access the site?
A. Creating a firewall rule to allow HTTPS traffic
B. Configuring the IPS to allow shopping
C. Tuning the DLP rule that detects credit card data
D. Updating the categorization in the content filter

A

D. Updating the categorization in the content filter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

QUESTION: 170
Which of the following most impacts an administrator’s ability to address CVEs discovered on a
server?
A. Rescanning requirements
B. Patch availability
C. Organizational impact
D. Risk tolerance

A

B. Patch availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

QUESTION: 171
Which of the following describes effective change management procedures?
A. Approving the change after a successful deployment
B. Having a backout plan when a patch fails
C. Using a spreadsheet for tracking changes
D. Using an automatic change control bypass for security updates

A

B. Having a backout plan when a patch fails

22
Q

QUESTION: 172
The CIRT is reviewing an incident that involved a human resources recruiter exfiltrating
sensitive company data. The CIRT found that the recruiter was able to use HTTP over port 53 to
upload documents to a web server.
Which of the following security infrastructure devices could have identified and blocked this
activity?
A. WAF utilizing SSL decryption
B. NGFW utilizing application inspection
C. UTM utilizing a threat feed
D. SD-WAN utilizing IPSec

A

B. NGFW utilizing application inspection

23
Q

An enterprise is working with a third party and needs to allow access between the internal
networks of both parties for a secure file migration. The solution needs to ensure encryption is
applied to all traffic that is traversing the networks.
Which of the following solutions should most likely be implemented?
A. EAP
B. IPSec
C. SD-WAN
D. TLS

A

B. IPSec

24
Q

QUESTION: 174
An administrator has identified and fingerprinted specific files that will generate an alert if an
attempt is made to email these files outside of the organization.
Which of the following best describes the tool the administrator is using?
A. DLP
B. SNMP traps
C. SCAP
D. IPS

A

A. DLP

25
Q

QUESTION: 175
A software developer released a new application and is distributing application files via the
developer’s website.
Which of the following should the developer post on the website to allow users to verify the
integrity of the downloaded files?
A. Hashes
B. Certificates
C. Algorithms
D. Salting

A

A. Hashes

26
Q

QUESTION: 176
An organization wants to limit potential impact to its log-in database in the event of a breach.
Which of the following options is the security team most likely to recommend?
A. Tokenization
B. Hashing
C. Obfuscation
D. Segmentation

A

B. Hashing

27
Q

QUESTION: 177
An administrator finds that all user workstations and servers are displaying a message that is
associated with files containing an extension of .ryk.
Which of the following types of infections is present on the systems?
A. Virus
B. Trojan
C. Spyware
D. Ransomware

A

D. Ransomware

28
Q

QUESTION: 178
A systems administrator is advised that an external web server is not functioning property. The
administrator reviews the following firewall logs containing traffic going to the web server:
Which of the following attacks is likely occurring?
A. DDoS
B. Directory traversal
C. Brute-force
D. HTTPS downgrade

A

A. DDoS

29
Q

An organization would like to calculate the time needed to resolve a hardware issue with a
server.
Which of the following risk management processes describes this example?
A. Recovery point objective
B. Mean time between failures
C. Recovery time objective
D. Mean time to repair

A

D. Mean time to repair

30
Q

QUESTION: 180
A security engineer is installing an IPS to block signature-based attacks in the environment.
Which of the following modes will best accomplish this task?
A. Monitor
B. Sensor
C. Audit
D. Active

A

D. Active

31
Q

QUESTION: 181
An IT manager is increasing the security capabilities of an organization after a data
classification initiative determined that sensitive data could be exfiltrated from the environment.
Which of the following solutions would mitigate the risk?
A. XDR
B. SPF
C. DLP
D. DMARC

A

C. DLP

32
Q

QUESTION: 182
Which of the following is used to protect a computer from viruses, malware, and Trojans being
installed and moving laterally across the network?
A. IDS
B. ACL
C. EDR
D. NAC

A

C. EDR

33
Q

QUESTION: 183
Client files can only be accessed by employees who need to know the information and have
specified roles in the company.
Which of the following best describes this security concept?
A. Availability
B. Confidentiality
C. Integrity
D. Non-repudiation

A

B. Confidentiality

34
Q

QUESTION: 184
Which of the following describes the category of data that is most impacted when it is lost?
A. Confidential
B. Public
C. Private
D. Critical

A

D. Critical

35
Q

QUESTION: 185
A new employee logs in to the email system for the first time and notices a message from
human resources about onboarding. The employee hovers over a few of the links within the
email and discovers that the links do not correspond to links associated with the company.
Which of the following attack vectors is most likely being used?
A. Business email Most Voted
B. Social engineering
C. Unsecured network
D. Default credentials

A

A. Business email Most Voted

36
Q

QUESTION: 186
Which of the following describes the understanding between a company and a client about what
will be provided and the accepted time needed to provide the company with the resources?
A. SLA
B. MOU
C. MOA
D. BPA

A

A. SLA

37
Q

QUESTION: 187
A company that is located in an area prone to hurricanes is developing a disaster recovery plan
and looking at site considerations that allow the company to immediately continue operations.
Which of the following is the best type of site for this company?
A. Cold
B. Tertiary
C. Warm
D. Hot

A

D. Hot

38
Q

QUESTION: 188
Which of the following security controls is most likely being used when a critical legacy server is
segmented into a private network?
A. Deterrent
B. Corrective
C. Compensating
D. Preventive

A

C. Compensating

39
Q

QUESTION: 189
Which of the following best describes the practice of researching laws and regulations related to
information security operations within a specific industry?
A. Compliance reporting
B. GDPR
C. Due diligence
D. Attestation

A

C. Due diligence

40
Q

QUESTION: 190
Which of the following considerations is the most important for an organization to evaluate as it
establishes and maintains a data privacy program?
A. Reporting structure for the data privacy officer
B. Request process for data subject access
C. Role as controller or processor
D. Physical location of the company

A

C. Role as controller or processor

41
Q

QUESTION: 191
A security analyst is investigating a workstation that is suspected of outbound communication to
a command-and-control server. During the investigation, the analyst discovered that logs on the
endpoint were deleted.
Which of the following logs would the analyst most likely look at next?
A. IPS
B. Firewall
C. AСL
D. Windows security

A

B. Firewall

42
Q

QUESTION: 192
An IT manager is putting together a documented plan describing how the organization will keep
operating in the event of a global incident.
Which of the following plans is the IT manager creating?
A. Business continuity
B. Physical security
C. Change management
D. Disaster recovery

A

A. Business continuity

43
Q

QUESTION: 193
A business needs a recovery site but does not require immediate failover. The business also
wants to reduce the workload required to recover from an outage.
Which of the following recovery sites is the best option?
A. Hot
B. Cold
C. Warm
D. Geographically dispersed

A

C. Warm

44
Q

QUESTION: 194
A security team is setting up a new environment for hosting the organization’s on-premises
software application as a cloud-based service.
Which of the following should the team ensure is in place in order for the organization to follow
security best practices?
A. Virtualization and isolation of resources
B. Network segmentation
C. Data encryption
D. Strong authentication policies

A

A. Virtualization and isolation of resources

45
Q

QUESTION: 195
A manager receives an email that contains a link to receive a refund. After hovering over the
link, the manager notices that the domain’s URL points to a suspicious link.
Which of the following security practices helped the manager to identify the attack?
A. End user training
B. Policy review
C. URL scanning
D. Plain text email

A

A. End user training

46
Q

QUESTION: 196
A company wants to verify that the software the company is deploying came from the vendor
the company purchased the software from.
Which of the following is the best way for the company to confirm this information?
A. Validate the code signature.
B. Execute the code in a sandbox.
C. Search the executable for ASCII strings.
D. Generate a hash of the files.

A

A. Validate the code signature.

47
Q

QUESTION: 197
A systems administrator notices that one of the systems critical for processing customer
transactions is running an end-of-life operating system.
Which of the following techniques would increase enterprise security?
A. Installing HIDS on the system
B. Placing the system in an isolated VLAN
C. Decommissioning the system
D. Encrypting the system’s hard drive

A

B. Placing the system in an isolated VLAN

48
Q

QUESTION: 198
The Chief Information Security Officer (CISO) at a large company would like to gain an
understanding of how the company’s security policies compare to the requirements imposed by
external regulators.
Which of the following should the CISO use?
A. Penetration test
B. Internal audit
C. Attestation
D. External examination

A

B. Internal audit

49
Q

QUESTION: 199
A systems administrator notices that the research and development department is not using the
company VPN when accessing various company-related services and systems.
Which of the following scenarios describes this activity?
A. Espionage
B. Data exfiltration
C. Nation-state attack
D. Shadow IT

A

D. Shadow IT

50
Q

QUESTION: 200
The marketing department set up its own project management software without telling the
appropriate departments.
Which of the following describes this scenario?
A. Shadow IT
B. Insider threat
C. Data exfiltration
D. Service disruption

A

A. Shadow IT

sec+(701) (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions