set1test2
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
|---|---|---|---|---|---|
| What is the main danger that comes from Shadow IT? | show 🗑
|
||||
| show | Least priviledge
🗑
|
||||
| show | Volume encryption
🗑
|
||||
| show | Capability
🗑
|
||||
| show | 2022-12345
🗑
|
||||
| show | staff
🗑
|
||||
| A company wants to implement a more flexible access control system that can adjust to changing user behavior. Which of the following technologies can help the company achieve this goal? | show 🗑
|
||||
| Which of the following cryptographic algorithms is primarily used for digital signatures and key exchanges, rather than direct encryption of data? | show 🗑
|
||||
| What kind of data is usually shielded from the public view for the protect the security of the individuals concerned? | show 🗑
|
||||
| show | Identifies purposes and conditions of data processing and ensures compliance with legal standards
🗑
|
||||
| show | Cross site scripting XSS
🗑
|
||||
| show | Infrastructure monitoring
🗑
|
||||
| you are most concerned with protecting the privacy of patients, so you will need to prevent unauthorized people from seeing data. Which of the following mitigation techniques can help you achieve this goal? | show 🗑
|
||||
| show | Self-Signed Certificate
🗑
|
||||
| show | Generators
🗑
|
||||
| show | Provision User accounts with least priv, and promptly de provision upon term
🗑
|
||||
| Upon investigating, Jamario found that these computers had been replaced with a shell program, making it seem as if they couldn't access their files. Which type of malware is MOST likely responsible for the events at Dion Training Solutions? | show 🗑
|
||||
| Bluebird Technologies has hired a penetration tester. In the test she will attempt to enter the building by using a fake ID and by piggybacking at the entrance. What type of penetration testing will she be doing? | show 🗑
|
||||
| show | Employee retntion helps to maintain institutional knowledge and expertise in manging security autommation
🗑
|
||||
| show | External regulatory audits
🗑
|
||||
| show | Impact
🗑
|
||||
| Which of the following statements BEST explains the importance of the Bug Bounty program in the context of vulnerability management? | show 🗑
|
||||
| show | partition Encryption
🗑
|
||||
| Which of the following statements BEST explains the importance of package monitoring in the context of vulnerability management? | show 🗑
|
||||
| Which of the following types of threat actors is likely to be the least sophisticated? | show 🗑
|
||||
| show | Contractor
🗑
|
||||
| show | SASE - secure access service Edge
🗑
|
||||
| show | Fail- Closed
🗑
|
||||
| What is the primary purpose of internal compliance reporting? | show 🗑
|
||||
| show | overseeing an organizations internalcontrols and financiall reporting
🗑
|
||||
| show | Virtualization
🗑
|
||||
| show | MTTR
🗑
|
||||
| An organization is looking to protect sensitive financial data stored in spreadsheets. Which of the following methods would be the MOST effective in ensuring the data's confidentiality and integrity? | show 🗑
|
||||
| show | It ensures timely access to resources and enhances productivity
🗑
|
||||
| show | encryption
🗑
|
||||
| Which of the following BEST explains the difference between False Positive and False Negative in the context of vulnerability management? | show 🗑
|
||||
| show | state sponsered actor
🗑
|
||||
| To stay updated with changing threats and vulnerabilities, which of the following assessment methods BEST emphasizes periodic evaluations? | show 🗑
|
||||
| show | Side loading
🗑
|
||||
| show | alerting provides real time notifications of security incidents and potential threats
🗑
|
||||
| show | TLS handshake details and DNS query responses
🗑
|
||||
| Safeguard Systems is looking to secure voice communication between its branch offices. Which of the following protocols would provide encryption specifically for voice traffic over IP? | show 🗑
|
||||
| show | Encrypting backupss - this ensures even if an attacker gets his back ups the cannot decipher the contents
🗑
|
||||
| A water treatment facility relies on SCADA systems for automation. This environment can introduce which of the following security vulnerabilities? | show 🗑
|
||||
| show | They offer a standardized way to share vulnerability data
🗑
|
||||
| show | Resource Reuse
🗑
|
||||
| show | Access Control Vestibules
🗑
|
||||
| show | What term refers to the expected frequency of occurrence of a specific risk within a given time frame?
🗑
|
||||
| Which term relates to the complexity of a threat actor's methods and operations? | show 🗑
|
||||
| 50. Take the Cake, a bakery, recently bought software to improve security. The software randomly adds data to the input of a hash function before it hashes it. What is the software doing? | show 🗑
|
||||
| show | Which category of data includes information such as trade secrets and patents?
🗑
|
||||
| They are considering the level of risk they are willing to accept to achieve the aggressive set of goals the CEO has created. What is the term for what they are considering? | show 🗑
|
||||
| Which of the following BEST describes the roles that Scherazade and Sahra? | show 🗑
|
||||
| Which of the following terms refers to a document that defines tasks that different parties perform in a cloud service agreement? | show 🗑
|
||||
| He suspects this is due to users relying on easily guessable patterns and words. What is the BEST approach for Reed to ensure that passwords are not easily decipherable? | show 🗑
|
||||
| Dion Training Solutions is looking to implement a security measure where individual entries within their customer database are encrypted separately. Which of the following BEST describes this security approach? | show 🗑
|
||||
| Which of the following BEST describes the primary role of an audit committee in the context of cybersecurity? | show 🗑
|
||||
| Which activity is often considered as a financial safeguard against the potential aftermath of a security breach? | show 🗑
|
||||
| Which of the following BEST describes the significance of key length in encryption standards? | show 🗑
|
||||
| show | Change management procedure
🗑
|
||||
| What is the term for a type of open service port that is commonly used for remote access servers and can be used to perform man-in-the-middle attacks on a Windows computer, but not on computers using other operating systems? | show 🗑
|
||||
| As part of their expansion, Kelly Innovations LLC decided to break their monolithic application into microservices. While this provides scalability, which of the following security implications should the organization be MOST concerned with? | show 🗑
|
||||
| Which of the following BEST describes the data owner's role in an organization's data governance framework? | show 🗑
|
||||
| show | What part of PKI allows the storing of encrypted keys with a third party so keys can be recovered if they are lost?
🗑
|
||||
| show | unskilled hacker
🗑
|
||||
| show | Something you are
🗑
|
||||
| A former technician of Dion Innovations who was recently laid off launches a series of distributed denial of service (DDoS) attacks against the company's main website. What is the likely motivation behind these attacks? | show 🗑
|
||||
| show | Injection
🗑
|
||||
| show | System / process audit
🗑
|
||||
| 70. Which of the following refers to the act where malware running on a guest OS manages to get to another guest or the host within a virtualized environment? | show 🗑
|
||||
| In what type of penetration testing are the testers given usernames, passwords, and other information that would normally be gathered in the first phase? | show 🗑
|
||||
| Which of the following BEST describes a system that allocates permissions and access based on pre-defined organizational guidelines, strategies, codes, roles, or requirements? | show 🗑
|
||||
| show | Data in use
🗑
|
||||
| show | Kerberos uses a unique ticketing system
🗑
|
||||
| show | SIEM systems can aid in the precurment and asset mgmt of secure software systems
🗑
|
||||
| What part of a BPA for mission essential functions provides a detailed, step-by-step description of the procedural tasks performed? | show 🗑
|
||||
| show | Homomorphic Encryption
🗑
|
||||
| In the realm of digital forensics, which activity is a primary focus during the preservation phase? | show 🗑
|
||||
| show | IoT
🗑
|
||||
| 80. At Kelly Innovations LLC, Susan is reviewing credential management practices for cloud services. Which approach is discouraged due to its inherent security risks? | show 🗑
|
||||
| show | Use SAML to facilitate the exchange of identity informationamong organizations.
🗑
|
||||
| Which of the following best explains the importance of Insurance in vulnerability management? | show 🗑
|
||||
| show | Political
🗑
|
||||
| As a security analyst, you are investigating a suspicious file activity incident. While examining metadata associated with different files, which of the following pieces of information is NOT typically presented in metadata? | show 🗑
|
||||
| show | technical Debt
🗑
|
||||
| an effort to protect against future financial consequences, the company decides to explore measures that could help mitigate these risks. Which action is Dion Training Solutions likely to take? | show 🗑
|
||||
| She has decided to substitute the sensitive data with non-sensitive representations. The sensitive data and non-sensitive representation will be stored in a separate database. Which data security technique is likely bein used? | show 🗑
|
||||
| show | Digital certificates
🗑
|
||||
| Dion Training has implemented fixes for buffer overflow vulnerabilities in their application. To validate the effectiveness of their remediation efforts, which approach should be considered? | show 🗑
|
||||
| As a security analyst, you are analyzing network logs to assist in your investigation of a suspected cyberattack. Which of the following pieces of information is NOT typically documented in the network log data? | show 🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
Studyingsux