Question
A. Use VDE
B. Implement strong policies
C. Use an image for all workstations
D. Implement strong patch management
click below
click below
Question
A. Use an application container
B. Implement SDN
C. Run the application on a separate VLAN
D. Insist on an updated version of the application
Normal Size Small Size show me how
PT 5
Question | Answer |
---|---|
You currently work for a large company and are concerned about ensuring all workstations have a common configuration, do not contain a rogue software installation, and all patches are kept up to date. Of the following, which would be most effective to accomplish this? A. Use VDE B. Implement strong policies C. Use an image for all workstations D. Implement strong patch management | A. Use VDE |
Josh, as an administrator for a health care company, is required to support an older, legacy application. He’s concerned about the application having some vulnerabilities that would affect the remainder of the network. Of the following, which option is the most efficient way to mitigate this? A. Use an application container B. Implement SDN C. Run the application on a separate VLAN D. Insist on an updated version of the application | A. Use an application container |
Kevin is going over his company’s recertification policy. Which is the best reason to recertify? A. To audit usage B. To enhance onboarding C. To audit permissions D. To manage credentials | C. To audit permissions |
Cassie is worried about credential management on a network where users often have over six passwords to remember. She’s currently interested in finding a solution to this problem. Which would be the best way to address this issue? A. Implement a manager B. Use short passwords C. Implement OAuth D. Implement Kerberos | A. Implement a manager |
As the security administrator, you advise the web development team to include a CAPTCHA on a webpage where users are able to register for an account. Which control is this referring to? A. Deterrent B. Detective C. Compensating D. Degaussing | A. Deterrent |
Lisa manages incident response for a bank. The bank has a website that’s been attacked. The attacker utilized the login screen, and rather than entering proper login credentials, the attacker entered some odd text: ‘ or ‘1’=’1. What is this attack known as? A. Cross-site scripting B. Cross-site request forgery C. SQL injection D. ARP poisoning | C. SQL injection |
You’ve noticed that users on your network use a specific bank for personal banking. Some users have been the victim of a recent attack, where they visited a fake bank website and their logins were compromised. They had all visited the bank from your network and they insist they typed in the correct URL. What is most likely the explanation for this? A. Trojan horse B. IP spoofing C. Clickjacking D. DNS poisoning | D. DNS poisoning |
Steven is looking for a new firewall for his company. He’s concerned about a DoS attack, more specifically, SYN flood. Which of the following is the best option to protect against a SYN flood event? A. Packet filter B. Application gateway C. Bastion D. SPI | D. SPI |
Laura manages DLP for a large company where some employees have COPE and some have BYOD. What DLP issue could these devices present? A. COPE devices can be used as a USB OTG resource B. BYOD devices can be used as a USB OTG resource C. COPE and BYOD devices can be used as a USB OTG resource D. Only jailbroken COPE or BYOD device can be used as a USB OTG resource | C. COPE and BYOD devices can be used as a USB OTG resource |
Which should be required by a company to mitigate the impact of a custom piece of software being installed by a vendor in case the vendor later goes out of business? A. A detailed credit investigation prior to acquisition B. A third-party source code escrow C. Substantial penalties for breach of contract D. Standby contracts with other vendors | B. A third-party source code escrow |
Of the following, choose a common security issue that is hard to control in large environments when a user has more rights, permissions, and privileges than the job requires. What is described by this scenario? A. Excessive rights B. Excessive access C. Excessive permissions D. Excessive privileges | D. Excessive privileges |
Millie is responsible for testing security and uses a tool that identifies vulnerabilities and provides mechanisms to test them by trying to exploit them. What best describes this tool? A. Vulnerability scanner B. Exploit framework C. Metasploit D. Nessus | B. Exploit framework |
Neil has been tasked with finding an authentication service handled by a third party that would allow users to access multiple websites, as long as the authentication service is supported by the website. What is the best choice? A. OpenID B. Kerberos C. NTLM D. Shibboleth | A. OpenID |
Nick works for a small company as a security administrator. He’s attempting to improve security throughout the network. Which step should be taken first? A. Implement antimalware on all computers B. Implement acceptable use policies C. Turn off unneeded services on all computers D. Turn on host-based firewalls on all computers | C. Turn off unneeded services on all computers |
Kevin, the helpdesk manager, calls stating that there has been an increase in calls from users who are stating that their computers are infected with malware. Which of the following steps should be taken first? A. Containment B. Eradication C. Lessons learned D. Identification | D. Identification |
You have been asked to help conduct a white box penetration test. As part of your preparations, you have been given the source code for the organization’s custom web application. Which type of vulnerability might be able to exploit the code shown in this image? This image has an empty alt attribute; its file name is image-103.png A. Buffer overflow B. SQL injection C. Remote code execution D. JavaScript injection | A. Buffer overflow |
Which recovery site is the easiest to test? A. Warm site B. Cold site C. Hot site D. Medium site | C. Hot site |
Jack manages security devices in his network. He’s implemented a robust NIDS in his network, however, on two occasions the NIDS has missed a breach. What condition does this describe? A. False negative B. Port blocking C. SPI D. False positive | A. False negative |
Choose the scenario where using a shared account would pose the least security risk. A. For a group of tech support personnel B. For guest Wi-Fi access C. For students logging in at a university D. For accounts with few privileges | B. For guest Wi-Fi access |
Which is the least secure hashing algorithm? A. MD5 B. RIPEMD C. SHA-1 D. AES | A. MD5 |
John works on database server security for his company. He is concerned about preventing unauthorized access to the databases. Which of the following is the most appropriate for him to implement? A. ABAC B. TOTP C. HIDS D. DAMP | D. DAMP |
Nicholas is looking for an authentication method that supports one-time passwords and works with the Initiative for Open Authentication. For this, the user will need unlimited time to use their password. Which of the following is the most beneficial? A. CHAP B. TOTP C. HOTP D. ABAC | C. HOTP |
You’re currently looking for a network authentication method that uses digital certificates and doesn’t require users to remember passwords. Which method is the most beneficial? A. OAuth B. Tokens C. OpenID D. RBAC | B. Tokens |
Janet manages the security of the database servers at the mortgage company where she works. The servers are Windows Server 2016; she’s concerned about file system security. Which Microsoft feature would be most helpful to implement security to the file systems? A. Password policies B. EFS C. Account lockout D. UAC | B. EFS |
Of the following, which is the most significant disadvantage of federated identities? A. They cannot be used with Kerberos B. They don’t implement least privileges C. Poor password management D. Transitive trust | D. Transitive trust |
Rhonda manages account security for her company. She’s noticed a receptionist who has an account with a six-character password that hasn’t been changed in two years and her password history isn’t maintained. What is the most significant problem with this account? A. Nothing, this is adequate for a low-security position B. The password length is the most significant problem C. The lack of password history is the most significant problem D. The age of the password is the most significant problem | B. The password length is the most significant problem |
You have been asked by the incident response team leader to perform a forensic examination on a workstation that is suspected to be infected with malware. You remember from your training that you must collect digital evidence in the proper order to protect it from being changed during your evidence collection efforts. Which of the following describes the correct sequence to collect the data from the workstation? A. RAM, CPU cache, Swap, Hard drive B. Hard drive, Swap, CPU Cache, RAM C. CPU Cache, RA | C. CPU Cache, RAM, Swap, Hard drive |
Jacob is in charge of network security for an e-commerce company. He wants to ensure that best practices are being used for the website that his company hosts. Which of the following is the best option to consider? A. OWASP B. NERC C. NIST D. ISA/IEC | A. OWASP |
As a network security analyst, you’ve been instructed to bring an affected system back into the company’s environment and verify that it will not lead to another incident. You have tested, monitored, and validated that the system is not currently being compromised. Which process have you completed? A. Lessons learned B. Preparation C. Recovery D. Containment | C. Recovery |