Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A comprehensive set of multiple-choice questions and answers covering key cybersecurity concepts and practices relevant to the cmit 320 course. It covers topics such as network security, cloud security, digital forensics, threat hunting, and security compliance. The questions are designed to test understanding of various security principles, technologies, and best practices.
Typology: Exams
1 / 25
what connection type is very similar to bluetooth but used by more specialized devices, such as sensors and fitness trackers - Correct Answer ANT (Adaptive Network Technology) What would you recommend to a team member who is interested in additional sources of information to assist with refining their own understanding of the current attack surface of the organization? - Correct Answer Output from the latest configuration review, vulnerability scanning, and penetration tests A user complains that after entering a URL into a browser, what appeared to be the correct page is displayed in the browser. However, after clicking a few links on the page, it became obvious that the site the user arrived at was not the correct site, but instead a malicious copy of the site the user intended to visit. Which of the following attacks did the user most likely fall prey to? - Correct Answer typosquatting An enterprise cloud administrator needs to create a trust boundary between two compute instances in the same default security group and on the same IPv4 subnet within an AWS virtual private cloud (VPC). What would be an effective solution to the administrator's needs? - Correct Answer Place the instances in separate subnets and use a network firewall between the subnets. You've taken up a contract helping to upgrade the existing industrial control network for an oil refinery. What network type should you expect to work with? - Correct Answer DCS Which of the following is a risk to cloud services that is not a risk to on- premises services? - Correct Answer Your data may be threatened by attacks launched on the data of others.
Which of the following factors has no effect on chain of custody, with regard to digital evidence that is presented to the court? - Correct Answer Documentation of the presiding judge and opposing counsel On a subnet with limited physical security, you're worried about ARP poisoning and DHCP spoofing attacks. What switch feature could help prevent both? - Correct Answer 802.1AE/MACsec Your company is developing a custom web app for the sales team. It should be able to access a list of Salesforce contacts, but for security reasons, the app shouldn't be able to access the actual Salesforce account. What standard would allow this? - Correct Answer OAuth Uses an authenticator to block communications between unauthorized users or workstations and the local network Requires the use of EAP and an authentication server - Correct Answer 802.1X Centrally secures access to server resources deployed within or across a non-secure network - Correct Answer Kerberos Restricts access to a LAN via a WAN link - Correct Answer Point to Point Protocol (PPP) with Challenge Handshake Authentication Protocol (CHAP) a framework for enterprise risk management - Correct Answer 31000 focuses on personal data and privacy - Correct Answer 27701 defines the various security controls in greater detail - Correct Answer 27002 details the steps to implement a compliant ISMS - Correct Answer 27001 what area of compliance requirements is part of all of the following regulations HIPAA PCI DSS SOX GLBA FISMA - Correct Answer log retention
describes attacks as the pivoting interactions among adversaries, victims, capabilities, and infrastructure - Correct Answer The Diamond Model of Intrusion Analysis a knowledge base of adversary techniques presented as a matrix for enterprise - Correct Answer mitre att&ck a linear seven step attack model that defenders use to interrupt the steps and stop the attack - Correct Answer cyber kill chain After a security incident, you rush to take a screenshot of a telltale running process before you leisurely take a backup of suspicious files on the hard drive. What forensic principle are you exercising? - Correct Answer Order of Volatility Which of the following are forms of cybersecurity resilience that help to ensure fault tolerance or recoverability of services in the case of an outage? - Correct Answer A diesel generator NIC teaming Geographically dispersed data centers Which organization offers freely accessible top-ten lists and cheat sheets in the field of secure development of web applications? - Correct Answer OWASP What is the difference between a bluejacking and a bluesnarfing attack? - Correct Answer Bluesnarfing involves data compromise. In the area of threat hunting, what is meant by intelligence fusion? - Correct Answer Gathering intelligence from multiple sources to feed advanced analytics Upon browsing the website shop.javatucana.com, which your company uses regularly in the normal course of business, you are greeted by a privacy error that states, "Your connection is not private." After confirming that your own computer's date and time are correct, you positively verify the following details: The valid-date range of the web server's certificate is current.
The certificate's chain of trust is valid, which includes the fact that your computer trusts the root CA's certificate The certificate's Subject Alternative Name field contains javatucana.com. You accurately entered shop.javatucana.com in the web browser. Given your inability to explain the privacy error based on your investigation of these factors, what could be the cause for the error? - Correct Answer The web server's certificate is on the CRL. There are no wildcards in the web server's certificate. What technology uses the TPM to store hashes of signed boot files for comparison the next time the system boots and for export in a quote for remote attestation? - Correct Answer measured boot After having trouble navigating to a webpage on the Internet, resulting in a privacy error, you inspect the site's certificate and notice the chain of certificates contains three nodes, one being the leaf certificate of the site you are attempting to reach. You inspect the root certificate and find that your operating system stores an exact match for it locally and, therefore, it and your browser trust it explicitly. Which of the following actions might solve the problem you are facing? - Correct Answer install the certificate of the intermediate CA Which solution allows separation of resources down to the application level if necessary? - Correct Answer containers What's one of the best ways to reduce the threat associated with dead code? - Correct Answer implementing version control An attacker with a fraudulent certificate for your bank is planning to intercept your transactions in an on-path (MitM) attack. The certificate hasn't been revoked yet, but what technology could still let you know something is wrong? - Correct Answer key pinning What kind of security training is most important for a company executive? - Correct Answer Overall awareness of the organization's assets and threats to them What might be a less-expected intangible consequence to an organization's involvement in the breach of private information, even as a victim? - Correct Answer reputation damage
Which automated application-development process primarily reduces manual requirements during the auditing process? - Correct Answer continuous validation On a security forum, you learned that a competitor suffered a data breach when an industrial spy bypassed cloud-security policies by downloading sensitive data from a company Google Docs account and sharing it on a personal Google Docs account. Your organization commonly shares sensitive information internally using Google Docs on corporate accounts, and you also share less sensitive data with customers and partners using the service. What security control could prevent this same fate from befalling your organization with minimal disruption to business practices? - Correct Answer instance awareness our remote access system currently uses RADIUS, but one administrator is proposing replacing it with TACACS. What benefits might this provide? - Correct Answer more secure better suited to large networks better able to support non-IP protocols Which technology or category of products was developed to allow agents installed on hosts to report a variety of measurable statistics for central processing and analysis? - Correct Answer EDR (Endpoint Detection and Response) A user complains that every time they open their Internet browser, it no longer goes to their preferred home page, and advertisements pop up in dialog boxes that they have to close. What is the likely cause? - Correct Answer spyware You're reviewing a web application. Which of these features are security warning signs? - Correct Answer Input validation is performed more rigorously on the client side than on the server side. Input errors are logged and clearly displayed to users in full detail. Secret cookies are used to prevent XSRF attacks. A manufacturer that relies on purchasing various components for the fabrication of their finished products made the decision to work only with suppliers that use a particular blockchain solution to track individual items
along the supply chain. What is the key feature of a private blockchain that assures the manufacturer that the status transformation of any given component along its journey cannot be forged or corrupted, ensuring all status updates are verified accurately? - Correct Answer the public ledger You require your users to log on using a user name, password, and rolling 6-digit code sent to a keyfob device. They are then allowed computer, network, and email access. What type of authentication have you implemented? - Correct Answer multifactor authentication single sign on Which common utility for creating complete disk images was enhanced by the Defense Computer Forensics Lab to include features valuable to the field of forensics, such as hashing on-the-fly and image verification? - Correct Answer dd What authentication factor or attribute works well as a form of non- repudiation because, although it is sometimes able to be hidden, often the subject doesn't realize it can be detected? - Correct Answer something you exhibit What security controls can protect against tailgating? - Correct Answer security guards mantraps Which of the following statements about RAID 5 is accurate? - Correct Answer To create a RAID 5 array, you not only need enough drives to help cover the desired capacity of the array, but an additional drive to help cover the necessary amount of protective parity. You're classifying data for a private company which uses four classification levels. Under what classification does PHI most likely fall? - Correct Answer Private Which kind of attacker is an APT most commonly associated with? - Correct Answer nation states An administrator has created two EC2 instances in an AWS VPC. Noticing that the default behavior of the instances is to allow full communication between them, the administrator investigates ways to control their
interaction with one another. What option best supports the interests of the administrator? - Correct Answer Using non-standard security groups A company decides to invest in embedded systems to improve security by limiting the number of components used in various critical and sensitive systems. Which of the following would make it more difficult to justify embedded systems in certain cases? This task contains the radio buttons and checkboxes for options. Press the enter key to select the option. option A - Correct Answer the wireless networking range Which features, available to software developers, are used primarily to reduce the risk associated with injection attacks? - Correct Answer stored procedures normalization If a dummy security camera with a lighted red LED is placed in a transition area between public and restricted zones in a building before any breach of security has occurred, what type of security control does the camera represent? - Correct Answer deterrent technical Which of the following statements about SSO are accurate? - Correct Answer make accessing enterprise systems simpler increase enterprise risk When mitigating the effects of a cybersecurity incident, what can be done to achieve isolation through segmentation? - Correct Answer change firewall rules add a router or L3 switch Which of the following attacks are characterized by maliciously looking for wireless signals? - Correct Answer war flying wardriving Why is it most important to record time offsets when collecting evidence? - Correct Answer To compensate for time differences among multiple systems
Complex passwords that are combinations of upper and lower case letters, numbers, and special characters protect your system from which types of attacks? - Correct Answer dictionary brute force What policy document generally describes mutual goals between organizations? - Correct Answer MOU (memorandum of understanding) What could you use to help with building a specific and detailed defense methodology against the recent attacks on your corporate network that rely on various forms of privilege escalation for success? You are looking for information on the nature of the attacks and how to detect them to be sure you are attempting to defend against the correct threat, in addition to actual mitigation techniques and advice. - Correct Answer MITRE ATT&CK Which of the following are implicitly secure protocols that were created by adding SSL/TLS security to protocols that were insecure on their own? - Correct Answer FTPS HTTPS SNMPv While conducting a penetration test, you've just managed to get access to a critical server. You are concerned, however, because you gained access through a session-hijacking attack that took both luck and precise timing and that you might be cut off at any time. Given potentially limited time, what should your next step be? - Correct Answer establish persistence During a massive security-impacting incident that takes a critical system offline, which type of plan should be consulted to determine the correct procedure to minimize lost revenue until the system can be brought back online? - Correct Answer BCP (Business continuity plan) What security feature makes it more difficult for an attacker to trick you into installing a fraudulent Ethernet driver that reports on your network activities? - Correct Answer code signing Which policy is focused on preventing data loss? - Correct Answer clean desk policy
An administrator sets up a new virtualization server with virtual machines intended to run instances of a web-based application while following secure configuration guides from CIS for the operating system, hypervisor, webserver, and application server. What can the administrator use to confirm that all efforts to secure these components were successful or to find out what steps are recommended to bridge any gaps that might exist? - Correct Answer a benchmark Which feature of SIEM utilities brings together log entries from multiple components in order to find broader trends and relationships than those formed by the individual entries? - Correct Answer correlation You were told to set up a "structured walkthrough" of a disaster recovery plan, but that terminology isn't in the procedures manual. What other term should you look for? - Correct Answer tabletop exercise what is an example of IP theft - Correct Answer A competitor's unauthorized use of your organization's original engineering documents The VP of human resources has put you in charge of securing a critical server for the department. You'll be hardening its operating system according to company policies and regularly checking configuration and system logs. In asset management terms, what role have you taken on? - Correct Answer custodian What standard-based protocol collects and analyzes information surrounding sequences of packets from exporting devices, each of which enters the same interface of the exporting device, have the same source and destination TCP/IP sockets, and have the same class of service? - Correct Answer IPFIX (IP Flow Information Export) You need to install a new fire extinguisher next to the server closet. What class would be most useful? - Correct Answer Class C Which of the following commands will display the most recent "failed" entries in logfile? - Correct Answer grep "failed" logfile | tail grep command searches for lines containing "failed", and then the | operator pipes it as input to a tail command that shows the last ten lines of
results, unless the -n NUM option is used, where NUM would be replaced by the number of lines to display. Which of the following controls primarily protect data integrity? - Correct Answer hashing backups When is it acceptable for the subject of a digital certificate to sign their own certificate? - Correct Answer It is necessary when the subject is a root CA. What data management model assists professionals in decision making with regard to the creation of policy based on the convergence of data security and privacy, focusing on such aspects as to how it's attained and classified, how it's used and stored, and how it's archived and destroyed? - Correct Answer the information life cycle How is ALE computed? - Correct Answer SLE x ARO Which member role of the CSIRT/CIRT/CERT is most responsible for advising the team on matters regarding actions to be taken directly against offending or involved employees? - Correct Answer HR What document specifically covers moving operations to a temporary site?
reflected One of your co-workers is organizing four teams for a penetration test against a newly designed distributed service. Which team would you expect to focus on fostering a collaborative environment and ensuring that the attacking and defending teams learn from one another? - Correct Answer purple team Purple teams work to ensure that the red and blue teams detect vulnerabilities more effectively by remembering that they're on the same side, despite their "competition" with one another. What are hot and cold aisles designed to assist? - Correct Answer Air circulation in the server room Wireless encryption methods from most to least secure - Correct Answer WPA3-GCMP WPA3-CCMP WPA-CCMP WPA2-TKIP WPA-TKIP WEP Which of the following is most likely an impact of a vulnerability that resulted in data exfiltration? - Correct Answer identity theft What is the importance of the cleanup process of a penetration test? - Correct Answer To remove any malicious tools used in the engagement Which of the following statements about the incident response is most accurate? - Correct Answer Recommended controls serve to help in preparation for potential incidents. What is the best way to visualize the Wi-Fi channels being used in a facility, their signal strength, and how they overlap with one another? - Correct Answer heatmap You're configuring a router and want it to check the properties of incoming traffic before passing it on. What will this require, at a minimum? - Correct Answer configuring ACLs
Which of the following statements concerning Syslog and SIEM is most accurate? - Correct Answer Syslog offers central log collection; SIEM draws upon those log entries for analysis. A company configures workstations only to run software on an approved list. What is this an example of? - Correct Answer allow listing It has come to your attention that a newly created sensitive document is making the rounds among authorized users in the company. Which enterprise utility can you adjust the configuration of to reduce the likelihood that the document will fall into the wrong hands in a readable format? - Correct Answer DLP (data loss prevention) Bob Smith received an email delivered to his enterprise email account. The email stressed the importance for Bob to verify the balance in his bank account and offered a link to do so. Bob hovered his mouse cursor over the link and observed a popup tag containing a URL ending in a domain that was not related to his bank. All of the logos in the email were legitimate icons for his bank. What kind of attack is Bob likely the victim of? - Correct Answer phishing What kind of tool, often called a sniffer, is used to capture network traffic, allowing the operator to visualize the various processes involved in the communication? - Correct Answer protocol analyzer Which of the following is an example of technology diversity? - Correct Answer Use of Windows, Linux, and Mac systems You're helping a software development team choose a secure cloud-based solution. The team wants to develop custom web applications but prefers the development environment itself to be provided by the hosting service. What kind of service model should you evaluate? - Correct Answer PaaS (platform-as-a-service) what kind of malware can spread through a network without any human interaction - Correct Answer worm what is true of a digital certificate but not true of digital signature - Correct Answer Proves the authenticity of a person or system
has valid starting and ending date Your company has long maintained an email server, but it's insecure and unreliable. As a solution, you're considering outsourcing email to an external company that provides secure cloud-based email services. What risk management strategy are you employing? - Correct Answer risk transference Which of the following risk management practices or concepts is designed to test the variability in testing processes? - Correct Answer measurement systems analysis Which of the following is the port scanner that you can use for network mapping and service enumeration? - Correct Answer nmap What type of cryptography is most commonly used for secure password storage? - Correct Answer hashing Steps of complete risk assessment - Correct Answer 1. Identify assets at risk
What type of vulnerability has the requesting application introduced? - Correct Answer memory leak Memory leaks occur when an application allocates memory but fails to release it when it's done using the space. You want to test an application to make sure it doesn't behave insecurely when it receives non-standard input. What technique should you use? - Correct Answer fuzzing Which of the following is a difference between load balancing and clustering? - Correct Answer Clustering tends to use tighter integration between redundant systems. Which of the following is an accurate characteristic of virtual private networks (VPNs) or their features? - Correct Answer VPNs offer secure communications over wired and wireless networks alike. In terms of time, how does a differential backup plan tend to differ from an incremental backup plan? - Correct Answer It's slower to create backups, but quicker to restore data. Which of the following are examples of password policies which were once against conventional wisdom, but are now recommended by NIST to reduce the likelihood of users forgetting their passwords or needing to write them down to remember them? - Correct Answer Do not require passwords to be changed on a regular basis. Do not require users to create complex passwords. Which of the following enterprise mobile deployment models introduces the greatest amount of risk for the implementing organization? - Correct Answer BYOD (bring your own device) Evil twins are mostly used as part of what kind of attack? - Correct Answer MitM Which Windows encryption tool can protect the entire system volume? - Correct Answer BitLocker
type of full-disk encryption (FDE). BitLocker encrypts all digital information on the disk, including user content, application code, and operating system files. Why might an administrator engage in the arduous task of manually reviewing log files on a regular basis? - Correct Answer To comply with PCI DSS regulations As a compensating control for vulnerability assessments raspberry pi - Correct Answer an embedded computer FPGA - Correct Answer a customizable integrated circuit arduino - Correct Answer an embedded microcontroller RTOS - Correct Answer software for embedded systems Which of the following situations would most likely motivate a hacktivist? - Correct Answer A large food-processing enterprise is dumping byproducts into a nearby stream. What SNMP component is a database of predefined manageable items for a particular device? - Correct Answer MIB (management information base) what is eDiscovery - Correct Answer process for sharing electronic forensic data Which of the following is the reason why attacks over the telephone, claiming that well-known groups of individuals have taken advantage of the assistance being offered, are as effective as they are? - Correct Answer consensus Your employer stores a copy of all private keys used on devices in the enterprise because the regulatory agency that audits and certifies your company's business practices demands centralized access to them in case the court's order decryption of any official communications at the agency's request. What is this an example of? - Correct Answer key escrow
storage of private keys by a third-party, whether for the user's benefit in case a data encryption key is lost, or for the benefit of an organization such as an employer or government agency what type of control is a security assessment procedure - Correct Answer operational Your organization has decided to outsource several IT services to a cloud provider. They're hosted outside your enterprise network, but you want to centrally manage all authentication, encryption, activity logging, and other security policies for connections between local computers and the cloud and would like to keep this management and control internal to your organization. What security solution would address these issues? - Correct Answer security broker Which of the following is an algorithm employed in asymmetric cryptography that uses newer complex mathematical approaches to create relatively short but very secure and high-performance keys? - Correct Answer ECC (elliptic curve cryptography) Which of the following statements about vulnerability scans is accurate? - Correct Answer Vulnerability scans should consist of credentialed scans as well as non-credentialed scans. In a building floor plan, you notice lines that follow a few of the hallways, terminating in various locations, including the data center and conference rooms. The legend at the bottom of the diagram for these lines is labeled "Protected Distribution System (PDS)." What is a PDS used for? - Correct Answer unencrypted data Which of the following is an example of an attribute that strengthens the authentication process but does not act as a primary authentication factor?
A network technician has been asked to troubleshoot recently observed performance issues as well as the root cause of new alerts regarding network traffic anomalies. Which monitoring tool should the technician choose first to troubleshoot both problems? - Correct Answer bandwidth monitor Your WAP is currently secured with WPA-Personal encryption and authentication, using a shared key. Wi-Fi Protected Setup (WPS) is currently disabled. Which of the following is true? - Correct Answer Enabling 802.1X could increase security, but enabling WPS would reduce it. Your organization has a degausser in the basement. What media can it securely destroy? - Correct Answer hard drives backup tapes (removes magnetism of the object) Which statements about service accounts are most accurate? - Correct Answer A web server will have a service account that owns and accesses resources as if it were a user but independent of which user installed or ran the service. It is an account associated with an application or service that needs to interact with the system. Which of the following is a packet crafting utility useful to attackers and penetration testers? - Correct Answer hping a binary file format found mainly in Java environments - Correct Answer DER a very popular Base-64 ASCII-encoded file format - Correct Answer PEM the predecessor to PKCS #12 & compatible when used in naming P12 - Correct Answer PFX used signify a file carrying just a single certificate - Correct Answer .cer a format for sharing and archiving certificates without the private key - Correct Answer P7B
You've been asked to consult on security for an application that's designed to interoperate with Google and Salesforce SSO systems. What protocol should you study first? - Correct Answer SAML (Security Assertion Markup Language) xml-based standard used for single sign-on in many web applications which of the following about captive portals is accurate - Correct Answer captive portals can be used as a landing page prior to authentication This morning, you received a notification about an API vulnerability in your CSP's serverless architecture technologies. Which of your cloud-based services is most likely to be directly affected by the vulnerability or subsequent API changes? - Correct Answer A microservice-based application developed in-house for inventory management What VPN type is very secure, compatible with nearly any application, and supported by most operating systems? - Correct Answer L2TP/IPsec Which wireless networking technology brings additional security to PSK modes without invoking additional ciphers or AAA servers? - Correct Answer SAE (simultaneous authentication of equals) included with WPA3-Personal, shared password never exposed on network not even in hash Which cloud security control to guard keys and credentials can be implemented through on-premises solutions as well as through managed services referred to as SECaaS? - Correct Answer secrets management Steps of incident response - Correct Answer 1. Preparation
were employed in this particular attack? - Correct Answer Prepending: prepending subject line with false codes Whaling Someone put malware on your computer that records all of your keystrokes. What aspect of security was primarily attacked? Choose the best response. - Correct Answer confidentiality You're researching a recent XSS attack against a web application. The developer showed you the JavaScript code used to sanitize and validate input in the browser; even if you're not a coder, it seems like it would have prevented the attack. What is the most likely reason the web application was vulnerable? - Correct Answer client-side validation can be easily bypassed Which tenet of security can be affected most by an enterprise HVAC (heating, ventilation, and air-conditioning) system? - Correct Answer availability If your organization is in need of a pre-written benchmark for validating that your network infrastructure devices are secured properly, what offering from an industry standards organization can best help with this requirement? - Correct Answer secure configuration guide Which of the following statements about third-party risks is accurate? - Correct Answer A third-party application begins to produce risk just by losing vendor support. What kind of penetration test involves a tester with full knowledge of your network configuration? - Correct Answer white box What security appliance is similar to a MitM attack, but designed to enhance network security rather than disrupt it? - Correct Answer SSL decryptor SL decryptor is an appliance placed on-path that traffic from inside clients passes through on its way to intended outside servers. If the client attempts to establish a secure session using SSL or TLS, the decryptor acts as the server and establishes the session with the client
Which of the following statements about STIX and TAXII is most accurate?
Which authentication method allows a trusted system to vouch for the secure hardware and software configuration of another? - Correct Answer remote attestation Your organization has a critical database full of customer PII, and a new employee was just authorized to use it. How would you best describe the role of the system administrator who configures user permissions in the database software? - Correct Answer data custodian What are the benefits of a job rotation policy? - Correct Answer trains employees more broadly helps detect fraudulent activity over time What cryptographic tool is commonly built into a motherboard? - Correct Answer TPM (trusted platform module) Which privacy-enhancing technology cannot be reversed and, yet, has the distinguishing capability of either replacing private data in the database or retaining it and replacing it only when each record is read from the database, usually while keeping the format and structure of the fields it impacts? - Correct Answer data masking What is a valid comparison or difference between a reissued (revoked and replaced) and a renewed SSL certificate? - Correct Answer In either case, a new certificate is issued and must be installed on the server. Which weak configuration concern is responsible for allowing an attacker's port scan traffic that targets HTTP to reach an intranet server from the Internet? - Correct Answer open ports and services Which of the following tools is used to sandbox suspected malware and report on what occurred during its execution? - Correct Answer Cuckoo What certificate formats commonly use the web-of-trust model? - Correct Answer OpenPGP (Pretty Good Privacy) What is the industry term for a user-training method that pits teams against one another to see which one can most quickly and accurately accomplish the objectives of the competition? - Correct Answer CTF (capture the flag)
One server closet has particularly sensitive equipment that's suffering network-data loss from EMI caused by a nearby electrical motor. You can't move either the equipment or the motor, so what option might help? - Correct Answer faraday cage What could most easily be compromised by the mishandling of forensic material? - Correct Answer admissibility Which of the following is a data analytics solution that strikes a compromise between requiring more powerful end devices to perform analysis on their own data and requiring more overall network bandwidth as the same raw data instead of regularly submitting to the cloud for analysis? - Correct Answer fog computing encryption ciphers from weakest to strongest - Correct Answer 1. DES
Why might an administrator decide to employ an enterprise MDM solution to deny support for USB OTG on mobile devices? - Correct Answer The connector on the mobile devices is used simultaneously for charging and for data transfer. In order to get a better mental picture of the operating environment of a critical enterprise server, you perform a manual review of three separate lists labeled System, Application, and Security. What is the purpose of these lists that you have decided to review in this way? - Correct Answer They are log files that you can use to inspect the various severity levels of the entries as well as their attributable sources. Among the options listed, which mitigation technique is known most for increasing security at the expense of flexibility? - Correct Answer whitelisting During the investigation of the breach of a server, a security admin, working off the assumption that the attacker cracked the strongest encryption the organization has ever deployed, was surprised to discover that the attack succeeded through the compromise of a much weaker algorithm. Which of the following cryptographic attacks is characterized by these symptoms? - Correct Answer downgrade Which solution is most likely to work in situations where VPN clients are unable to be installed on web-enabled systems and in environments where there are constraints against the deployment of robust VPN technologies? - Correct Answer HTML5 Which of the following statements about types of security controls is most accurate? - Correct Answer a single security control can be characterized as multiple control types Which privacy-enhancing technology performs a reversible substitution of PII, storing the private data elsewhere, reducing the likelihood that a breach of the records containing the non-private substituted information will lead to legal jeopardy for the organization entrusted with the PII? - Correct Answer pseudo-anonymization What solution is a good fit for small-to-medium-sized non-regulated businesses that find themselves in an unexpected growth spurt that leads
to their confident, professional broad-scale security management in the extremely short term? - Correct Answer MSSP (managed security services provider) Also known as after-action meetings and reports, what alternate name for these bears evidence to the importance of discussing and documenting the outcome of an incident response-team activation? - Correct Answer lessons learned secure application-development environments into the order in which they are utilized during the creation and deployment process - Correct Answer
password from the alice@WS01 account to the alice@SERVER01 account, which already exists and allows remote password access? - Correct Answer ssh-copy-id alice@SERVER01 Which of the following techniques allows a threat actor to engage more in the act of eliciting information than in interview and interrogation of the victim? - Correct Answer Pretexting - developing a back story as to why the attacker is contacting the victim