Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sec+ > 175-200 > Flashcards

175-200 Flashcards

1
Q

A Chief Information Security Officer has defined resiliency requirements for a new data center architecture. The requirements are as follows:
* Critical fileshares will remain accessible during and after a natural disaster.
* Five percent of hard disks can fail at any given time without impacting the data.
* Systems will be forced to shut down gracefully when battery levels are below 20%.
Which of the following are required to BEST meet these objectives? (Choose three.)

A. Fiber switching
B. IaC
C. NAS
D. RAID
E. UPS
F. Redundant power supplies
G. Geographic dispersal
H. Snapshots
I. Load balancing

A

D. RAID
E. UPS
G. Geographic dispersal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is a security best practice that ensures the integrity of aggregated log files within a SIEM?

A. Set up hashing on the source log file servers that complies with local regulatory requirements.
B. Back up the aggregated log files at least two times a day or as stated by local regulatory requirements.
C. Write protect the aggregated log files and move them to an isolated server with limited access.
D. Back up the source log files and archive them for at least six years or in accordance with local regulatory requirements.

A

A. Set up hashing on the source log file servers that complies with local regulatory requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A security analyst is evaluating the risks of authorizing multiple security solutions to collect data from the company’s cloud environment. Which of the following is an immediate consequence of these integrations?

A. Non-compliance with data sovereignty rules
B. Loss of the vendors interoperability support
C. Mandatory deployment of a SIEM solution
D. Increase in the attack surface

A

D. Increase in the attack surface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following explains why RTO is included in a BIA?

A. It identifies the amount of allowable downtime for an application or system.
B. It prioritizes risks so the organization can allocate resources appropriately.
C. It monetizes the loss of an asset and determines a break-even point for risk mitigation.
D. It informs the backup approach so that the organization can recover data to a known time.

A

A. It identifies the amount of allowable downtime for an application or system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A security analyst is reviewing web-application logs and finds the following log:

https://www.comptia.org/contact-us/%3Ffile%3d..%2F..%2F..%2F..Fetc%2Fpasswd

Which of the following attacks is being observed?

A. Directory traversal
B. XSS
C. CSRF
D. On-path attack

A

A. Directory traversal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A security analyst is reviewing the vulnerability scan report for a web server following an incident. The vulnerability that was used to exploit the server is present in historical vulnerability scan reports, and a patch is available for the vulnerability. Which of the following is the MOST likely cause?

A. Security patches were uninstalled due to user impact.
B. An adversary altered the vulnerability scan reports
C. A zero-day vulnerability was used to exploit the web server
D. The scan reported a false negative for the vulnerability

A

A. Security patches were uninstalled due to user impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is a known security risk associated with data archives that contain financial information?

A. Data can become a liability if archived longer than required by regulatory guidance.
B. Data must be archived off-site to avoid breaches and meet business requirements.
C. Companies are prohibited from providing archived data to e-discovery requests.
D. Unencrypted archives should be preserved as long as possible and encrypted.

A

A. Data can become a liability if archived longer than required by regulatory guidance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following BEST describes the process of documenting who has access to evidence?

A. Order of volatility
B. Chain of custody
C. Non-repudiation
D. Admissibility

A

B. Chain of custody

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A systems engineer wants to leverage a cloud-based architecture with low latency between network-connected devices that also reduces the bandwidth that is required by performing analytics directly on the endpoints. Which of the following would BEST meet the requirements? (Choose two.)

A. Private cloud
B. SaaS
C. Hybrid cloud
D. IaaS
E. DRaaS
F. Fog computing

A

C. Hybrid cloud
F. Fog computing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is a policy that provides a greater depth and breadth of knowledge across an organization?

A. Asset management policy
B. Separation of duties policy
C. Acceptable use policy
D. Job rotation policy

A

D. Job rotation policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A company is moving its retail website to a public cloud provider. The company wants to tokenize credit card data but not allow the cloud provider to see the stored credit card information. Which of the following would BEST meet these objectives?

A. WAF
B. CASB
C. VPN
D. TLS

A

B. CASB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A security analyst is tasked with defining the “something you are” factor of the company’s MFA settings. Which of the following is BEST to use to complete the configuration?

A. Gait analysis
B. Vein
C. Soft token
D. HMAC-based, one-time password

A

B. Vein

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following processes will eliminate data using a method that will allow the storage device to be reused after the process is complete?

A. Pulverizing
B. Overwriting
C. Shredding
D. Degaussing

A

B. Overwriting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A user’s account is constantly being locked out. Upon further review, a security analyst found the following in the SIEM:

9:00:00 AM Login: user Password: aBG23TMV
9:00:01 AM Login: user Password: aBG23TMV
9:00:02 AM Login: user Password: aBG23TMV
9:00:03 AM Login: user Password: aBG23TMV

Which of the following describes what is occurring?
A. An attacker is utilizing a password-spraying attack against the account.
B. An attacker is utilizing a dictionary attack against the account.
C. An attacker is utilizing a brute-force attack against the account.
D. An attacker is utilizing a rainbow table attack against the account.

A

C. An attacker is utilizing a brute-force attack against the account.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A web server has been compromised due to a ransomware attack. Further investigation reveals the ransomware has been in the server for the past 72 hours. The systems administrator needs to get the services back up as soon as possible. Which of the following should the administrator use to restore services to a secure state?

A. The last incremental backup that was conducted 72 hours ago
B. The last known-good configuration
C. The last full backup that was conducted seven days ago
D. The baseline OS configuration

A

C. The last full backup that was conducted seven days ago

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A network engineer created two subnets that will be used for production and development servers. Per security policy production and development servers must each have a dedicated network that cannot communicate with one another directly. Which of the following should be deployed so that server administrators can access these devices?

A. VLANs
B. Internet proxy servers
C. NIDS
D. Jump servers

A

D. Jump servers

17
Q

A social media company based in North America is looking to expand into new global markets and needs to maintain compliance with international standards.
With which of the following is the company’s data protection officer MOST likely concerned?

A. NIST Framework
B. ISO 27001
C. GDPR
D. PCI-DSS

A

B. ISO 27001

18
Q

A security architect is required to deploy to conference rooms some workstations that will allow sensitive data to be displayed on large screens. Due to the nature of the data, it cannot be stored in the conference rooms. The file share is located in a local data center. Which of the following should the security architect recommend to BEST meet the requirement?

A. Fog computing and KVMs
B. VDI and thin clients
C. Private cloud and DLP
D. Full drive encryption and thick clients

A

B. VDI and thin clients

19
Q

A Chief Information Security Officer wants to ensure the organization is validating and checking the integrity of zone transfers. Which of the following solutions should be implemented?

A. DNSSEC
B. LDAPS
C. NGFW
D. DLP

A

A. DNSSEC

20
Q

Which of the following controls is used to make an organization initially aware of a data compromise?

A. Protective
B. Preventative
C. Corrective
D. Detective

A

D. Detective

21
Q

An annual information security assessment has revealed that several OS-level configurations are not in compliance due to outdated hardening standards the company is using. Which of the following would be BEST to use to update and reconfigure the OS-level security configurations?

A. CIS benchmarks
B. GDPR guidance
C. Regional regulations
D. ISO 27001 standards

A

A. CIS benchmarks

22
Q

A company acquired several other small companies. The company that acquired the others is transitioning network services to the cloud. The company wants to make sure that performance and security remain intact. Which of the following BEST meets both requirements?

A. High availability
B. Application security
C. Segmentation
D. Integration and auditing

A

C. Segmentation

23
Q

After a recent external audit, the compliance team provided a list of several non-compliant, in-scope hosts that were not encrypting cardholder data at rest. Which of the following compliance frameworks would address the compliance team’s GREATEST concern?

A. PCI DSS
B. GDPR
C. ISO 27001
D. NIST CSF

A

A. PCI DSS

24
Q

A security analyst is receiving several alerts per user and is trying to determine if various logins are malicious. The security analyst would like to create a baseline of normal operations and reduce noise. Which of the following actions should the security analyst perform?

A. Adjust the data flow from authentication sources to the SIEM.
B. Disable email alerting and review the SIEM directly.
C. Adjust the sensitivity levels of the SIEM correlation engine.
D. Utilize behavioral analysis to enable the SIEM’s learning mode.

A

D. Utilize behavioral analysis to enable the SIEM’s learning mode.

25
Q

Which of the following is the MOST effective way to detect security flaws present on third-party libraries embedded on software before it is released into production?

A. Employ different techniques for server- and client-side validations
B. Use a different version control system for third-party libraries
C. Implement a vulnerability scan to assess dependencies earlier on SDLC
D. Increase the number of penetration tests before software release

A

C. Implement a vulnerability scan to assess dependencies earlier on SDLC

Sec+ (30 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions