1 Flashcards
Scott notices that one of the systems on his network contacted a number of systems via encrypted web traffic, downloaded a handful of files, and then uploaded a large amount of data to a remote system. What type of infection should he look for?
A keylogger
A backdoor
A logic bomb
A bot
A bot
Angela has chosen to federate with other organizations to allow use of services that each organization provides. What role does Angela’s organization play when they authenticate their users and assert that those users are valid to other members of the federation?
Authentication provider
Relying party
Identity provider
Service provider
Identity provider
Samantha wants to set an account policy that ensures that devices can be used only while the user is in the organization’s main facility. What type of account policy should she set?
Geofencing
Impossible travel time
Time of day
Time-based logins
Geofencing
Brian has deployed a system that monitors sensors and uses that data to manage the power distribution for the power company that he works for. Which of the following terms is commonly used to describe this type of control and monitoring solution?
HVAC
SCADA
SIM
AVAD
SCADA
Every time Susan checks code into her organization’s code repository, it is tested and validated, and then if accepted, it is immediately put into production. What is the term for this?
Continuous delivery
Continuous integration
Agile development
A security nightmare
Continuous delivery
Connor believes that there is an issue between his organization’s network and a remote web server, and he wants to verify this by checking each hop along the route. Which tool should he use if he is testing from a Windows 10 system?
pathping
route
tracert
traceroute
pathping
Howard is assessing the legal risks to his organization based upon its handling of PII. The organization is based in the United States, handles the data of customers located in Europe, and stores information in Japanese datacenters. What law would be most important to Howard during his assessment?
Japanese law
U.S. law
All should have equal weight
European Union law
All should have equal weight
Naomi has discovered the following TCP ports open on a system she wants to harden. Which ports are used for unsecure services and thus should be disabled to allow their secure equivalents to continue to be used?
21
22
23
80
443
22 and 443
21 and 80
21, 23, and 80
21, 22, and 80
21, 23, and 80
Mike wants to stop vehicles from traveling toward the entrance of his building. What physical security control should he implement?
A hot aisle
An air gap
A robotic sentry
A bollard
A bollard
Joe checks his web server logs and sees that someone sent the following query string to an application running on the server:
http://www.mycompany.com/servicestatus.php?serviceID=892&serviceID=892’ ;
DROP TABLE Services;–
What type of attack was most likely attempted?
Cross-site scripting
Session hijacking
Man-in-the-middle
Parameter pollution
Parameter pollution
Charles has implemented LDAP for his organization. What type of service has he enabled?
A federation
An attestation service
A directory service
A biometric identity provider
A directory service
Rick believes that a system he is responsible for has been compromised with malware that uses a rootkit to obtain and retain access to the system. When he runs a virus scan, the system doesn’t show any malware. If he has other data that indicates the system is infected, what should his next step be if he wants to determine what malware may be on the system?
The system is not infected and he should move on.
Mount the drive on another system and scan it that way.
Disable the systems antivirus because it may be causing a false negative.
Rerun the antimalware scan.
Mount the drive on another system and scan it that way.
Michael wants to log directly to a database while also using TCP and TLS to protect his log information and to ensure it is received. What tool should he use?
journalctl
syslog
rsyslog
syslog-ng
syslog-ng
Nina’s organization uses SSH keys to provide secure access between systems. Which of the following is not a common security concern when using SSH keys?
Weak encryption
Inadvertent exposure of the private key
SSH key sprawl
Weak passwords/passphrases
Weak encryption
Greg believes that an attacker may have installed malicious firmware in a network device before it was provided to his organization by the supplier. What type of threat vector best describes this attack?
Cloud
Removable media
Supply chain
Direct access
Supply chain
As part of their yearly incident response preparations, Ben’s organization goes through a sample incident step by step to validate what each person will do in the incident. What type of exercise is this?
A simulation
A checklist exercise
A tabletop exercise
A walk-through
A walk-through
Sharif receives a bill for services that he does not believe his company requested or had performed. What type of social engineering technique is this?
Reconnaissance
An invoice scam
Credential harvesting
A hoax
An invoice scam
Bart knows that there are two common connection methods between Wi-Fi devices. Which of the following best describes ad hoc mode?
RFID
Point-to-point
NFC
Point-to-multipoint
Point-to-point
Helen designed a new payroll system that she offers to her customers. She hosts the payroll system in AWS and her customers access it through the web. What tier of cloud computing best describes Helen’s service?
PaaS
FaaS
SaaS
IaaS
SaaS
Crypto malware is a type of what sort of malware?
Rootkit
Worms
PUP
Ransomware
Ransomware
Kathleen wants to discourage potential attackers from entering the facility she is responsible for. Which of the following is not a common control used for this type of preventive defense?
Robotic sentries
Signs
Lighting
Fences
Robotic sentries
Grace recently completed a risk assessment of her organization’s exposure to data breaches and determined that there is a high level of risk related to the loss of sensitive personal information. She is considering a variety of approaches to managing this risk.
In the end, Grace found that the insurance policy was too expensive and opted not to purchase it. She is taking no additional action. What risk management strategy is being used in this situation?
Risk avoidance
Risk mitigation
Risk transference
Risk acceptance
Risk acceptance
Fred wants to ensure that the administrative interfaces for the switches and routers are protected so that they cannot be accessed by attackers. Which of the following solutions should he recommend as part of his organization’s network design?
NAC
Out-of-band management
Port security
Trunking
Out-of-band management
Jerome wants to allow guests to use his organization’s wireless network, but he does not want to provide a preshared key. What solution can he deploy to gather information such as email addresses or other contact information before allowing users to access his open network?
A captive portal
WPA2
WPS capture mode
Kerberos
A captive portal
