Set1 Test4
Quiz yourself by thinking what should be in
each of the black spaces below before clicking
on it to display the answer.
Help!
|
|
||||
|---|---|---|---|---|---|
| In the onboarding process of a new employee, which of the following tasks does NOT accurately represent the responsibilities of the IT and HR functions in ensuring secure access for the individual? | show 🗑
|
||||
| customers of E-ShopHub reported being redirected to a different website with different products. the IT team discovered that the DNS entries were not modified, but the domain registration details were changed, pointing to another hosting service. | show 🗑
|
||||
| Sasha received an unexpected call from someone claiming to be from the IT department. The caller asked her to confirm her username and password for a system upgrade. Which of the following terms BEST describes the scenario Sasha encountered? | show 🗑
|
||||
| Which of the following types of penetration tests provides the tester with comprehensive knowledge of the target environment, including the system's architecture, design, and source code, to identify hidden vulnerabilities? | show 🗑
|
||||
| Kelly Innovations LLC frequently develops and tests new software builds. sometimes they need to revert to a previous build several times a day due to unexpected issues. Which backup frequency would be the MOST appropriate for their use case? | show 🗑
|
||||
| Which of the following is a physical security measure typically employed outside buildings or sensitive areas to prevent vehicles from causing damage or gaining unauthorized access? | show 🗑
|
||||
| show | Availability of skilled personel
🗑
|
||||
| A cloud service provider recently underwent an audit to confirm their compliance with international data security standards. The final report provided by the auditors served as an attestation of the provider's security measures. | show 🗑
|
||||
| show | Full disk Encryption
🗑
|
||||
| At VegiCorps, the SOC team makes security policy decisions and directs other areas of the company to implement them so there is consistency across the company. What type of security governance model is being used? | show 🗑
|
||||
| show | DLP systems are essential to the development of business systems that prevent malicious actors from accessing systems
🗑
|
||||
| David, a project manager at Dion Training, ensures that details of his upcoming product release are shared only on a need-to-know basis, even within the company. He's wary of information leaks that could benefit competitors | show 🗑
|
||||
| The company's IT policy allows only senior developers and administrators to make changes in production to minimize risks. Which of the following BEST describes the security principle the company is adhering to? | show 🗑
|
||||
| Which of the following statements about the role of Application Programming Interfaces (APIs) is NOT true? | show 🗑
|
||||
| show | Scalability
🗑
|
||||
| Which term describes the average duration needed to repair a system or component after a failure has occurred? | show 🗑
|
||||
| . Which of these observations should Maria be MOST concerned with? | show 🗑
|
||||
| The organization wants to modify the firewall rules to enhance security and reduce potential attack surfaces. Which firewall rule modification would be the MOST appropriate for the organization to enhance security? | show 🗑
|
||||
| show | Removal of unnecessary software
🗑
|
||||
| show | SOX
🗑
|
||||
| Which term BEST describes a systematic method used to detect weaknesses or potentially publicly identified compromises in a system or network, often utilizing automated tools to evaluate the security posture of the infrastructure? | show 🗑
|
||||
| show | DLPis a set of techniques and tools for preventing unauthorized transmission of data
🗑
|
||||
| show | NGFW
🗑
|
||||
| Which of the following BEST enhances the security by exponentially increasing possible combinations? | show 🗑
|
||||
| Which monitoring technology would be the MOST suitable to gain a comprehensive overview of the health and security status of foundational IT components, including network traffic and interactions between servers? | show 🗑
|
||||
| Cerys is investigating an incident. She found a hidden program that monitors the network traffic and captures sensitive information. Which of the following types of malware is MOST likely involved in this incident? | show 🗑
|
||||
| Some behaviors have raised concerns about a possible insider threat. Which of the following is a sign of potential insider threat? | show 🗑
|
||||
| show | vulnerable software
🗑
|
||||
| show | details of detected suspicious activities for the last two weeks
🗑
|
||||
| show | taking steps to prevent any recurrance of the problem
🗑
|
||||
| Which threat vector utilizes malicious attachments or hyperlinks within communications, requiring the attacker to convince the recipient to engage with the content for successful exploitation? | show 🗑
|
||||
| In a scenario where the company wants to provide network administrators with a read-only copy of network traffic for analysis without disturbing the actual data flow, which device attribute would be MOST applicable? | show 🗑
|
||||
| Reed is getting a new computer from his employer, Kelly Innovations LLC. He wants to remove all his personal data from his old computer ensuring it's irretrievable. Which of the following methods should he use? | show 🗑
|
||||
| show | Amplified
🗑
|
||||
| According to the most recent NIST guidelines on password policies, which of the following is NOT a recommended practice? | show 🗑
|
||||
| Which of the following BEST describes the term web reputation score? | show 🗑
|
||||
| Which of the following refers to standardized guidelines that provide best practices for securing various technologies and platforms? | show 🗑
|
||||
| show | Removable Device
🗑
|
||||
| show | Capacity Planning
🗑
|
||||
| aware of the inherent vulnerabilities tied to SSL 3.0, he recognized the risk of attackers forcing weaker encryption standards.Which potential risk is associated with Jamario's observation at Dion Training? | show 🗑
|
||||
| show | continuous backups
🗑
|
||||
| show | blackmail
🗑
|
||||
| In a large financial institution, like Kelly Financial Solutions, which of the following BEST describes an example of a task that an IT technician might be prohibited from doing without special authorization due to security concerns? | show 🗑
|
||||
| show | network sensors
🗑
|
||||
| show | containerization
🗑
|
||||
| Which of the following terms refers to a method that involves packaging an application and its dependencies into a lightweight and portable unit? | show 🗑
|
||||
| The company does business in Canada and is planning on conducting a survey of Canadian consumers. As she investigates plans for the survey, she discovers there are restrictions on how the data the survey collects is stored and used. | show 🗑
|
||||
| entify potential security threats that the company might face. Together, they outline policies on password management, insider threats, and the dangers of phishing. What phase of security awareness practices is David primarily involved in? | show 🗑
|
||||
| Which of the following statements is NOT true regarding the security implications in the procurement process? | show 🗑
|
||||
| Dion Training is implementing a solution to secure communication between their internal servers and external clients. They require an encryption protocol that provides secure communication over the internet. | show 🗑
|
||||
| Which of the following methodologies divides the creation and maintenance of software into discrete phases, emphasizing the integration of security throughout its stages? | show 🗑
|
||||
| show | to accurately asses and optimize the current network infrastructure
🗑
|
||||
| Schyler is a network administrator. She is setting up a new Wi-Fi network for a branch of a multinational corporation. She is currently in the establish phase of creating secure baselines. What will she do FIRST in this phase? | show 🗑
|
||||
| Each user can set access rights and determine who has access to their resources based on their own judgment. Which type of access control mechanism is being used in this scenario? | show 🗑
|
||||
| show | partially known environment
🗑
|
||||
| In the context of privacy compliance, which of the following describes the role of a data controller? | show 🗑
|
||||
| show | wiretapping
🗑
|
||||
| show | Honeyfile
🗑
|
||||
| An organization deploys numerous specialized devices with software hard-coded into their firmware. These devices cannot be easily updated or patched. Which security concern is MOST directly associated with this type of system? | show 🗑
|
||||
| show | Human Resource Capacity Planning
🗑
|
||||
| show | Bloatware
🗑
|
||||
| As part of this plan, they need to determine the maximum amount of data loss the organization can tolerate in the event of a disruption. What measurement are they determining? | show 🗑
|
||||
| show | Layoffs
🗑
|
||||
| show | SPF
🗑
|
||||
| hesuggests Initech provide a broader range of devices and purchase the software employees need. Initech will buy the devices for the employees. Which of the following deployment models is Gregory most likely suggesting? | show 🗑
|
||||
| Who is responsible for ensuring that the appropriate access controls are in place and being followed? | show 🗑
|
||||
| show | Business emaiil compromise
🗑
|
||||
| show | AES
🗑
|
||||
| David, an IT manager at Dion Training, has been put in charge of labeling data. Which label would David use for sensitive client data to ensure the highest security? | show 🗑
|
||||
| show | Typosquatting
🗑
|
||||
| equiring users or processes to have the appropriate level of access before allowing them to run the programs or scripts? | show 🗑
|
||||
| show | Policy Engine
🗑
|
||||
| show | centrally locating server rooms with limited access points
🗑
|
||||
| Which of the following terms refers to computer systems that are integrated into larger devices? | show 🗑
|
||||
| Further, these scripts were leveraging legitimate system scripting tools for scanning and configuration activities. Which type of malware is Lucas's computer MOST likely compromised with? | show 🗑
|
||||
| You are a security analyst tasked with investigating a suspected security breach incident. You decide to examine the Firewall logs. Which of the following pieces of information would be MOST valuable in this firewall log to investigate the incident? | show 🗑
|
||||
| show | Bloack Cipher
🗑
|
||||
| show | alert tuning helps in reducing false positives
🗑
|
||||
| After implementing the rules, Jason, a manager, reports that he can't access an external FTP site. Which of the following firewall rules could be the cause of the issue? | show 🗑
|
||||
| show | IM
🗑
|
||||
| Sweet as Thyme, a flavoring supplier, uses a peer to peer network which relies on a public ledger to ensure the integrity of transactions and to provide a permanent record of all transactions. What is this technology they are using called? | show 🗑
|
||||
| show | Change management practices
🗑
|
||||
| show | Nation- State Actors
🗑
|
||||
| Dion Training recently concluded a month-long vulnerability assessment on their network infrastructure. To ensure that the management team understands the potential risks and required actions, which document is crucial to prepare and present? | show 🗑
|
||||
| show | Impersonation
🗑
|
||||
| show | Patch Availability
🗑
|
||||
| Which of the following is the BEST example of a system that does not interact with the network traffic and primarily relies on detection? | show 🗑
|
||||
| show | Nation State actors
🗑
|
||||
| show | APIs enable the automation and integration of diverse security tools and systems
🗑
|
||||
| show | Disable TCP/UDP ports like 23 and 135
🗑
|
Review the information in the table. When you are ready to quiz yourself you can hide individual columns or the entire table. Then you can click on the empty cells to reveal the answer. Try to recall what will be displayed before clicking the empty cell.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
To hide a column, click on the column name.
To hide the entire table, click on the "Hide All" button.
You may also shuffle the rows of the table by clicking on the "Shuffle" button.
Or sort by any of the columns using the down arrow next to any column heading.
If you know all the data on any row, you can temporarily remove it by tapping the trash can to the right of the row.
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Created by:
Studyingsux