Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sec+ > 426-450 > Flashcards

426-450 Flashcards

1
Q

A police department is using the cloud to share information with city officials. Which of the following cloud models describes this scenario?

A. Hybrid
B. Private
C. Public
D. Community

A

D. Community

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A user reports that a bank’s website no longer displays a padlock symbol. A security analyst views the user’s screen and notices the connection is using HTTP instead of HTTPS. Which of the following attacks is most likely occurring?

A. Memory leak
B. SSL stripping
C. API
D. Pass the hash

A

B. SSL stripping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A data center has experienced an increase in under-voltage events following electrical grid maintenance outside the facility. These events are leading to occasional losses of system availability. Which of the following would be the most cost-effective solution for the data center to implement?

A. Uninterruptible power supplies with battery backup
B. Managed power distribution units to track these events
C. A generator to ensure consistent, normalized power delivery
D. Dual power supplies to distribute the load more evenly

A

A. Uninterruptible power supplies with battery backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A security architect is designing a remote access solution for a business partner. The business partner needs to access one Linux server at the company. The business partner wants to avoid managing a password for authentication and additional software installation. Which of the following should the architect recommend?

A. Soft token
B. Smart card
C. CSR
D. SSH key

A

D. SSH key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A security analyst is assisting a team of developers with best practices for coding. The security analyst would like to defend against the use of SQL injection attacks. Which of the following should the security analyst recommend first?

A. Tokenization
B. Input validation
C. Code signing
D. Secure cookies

A

B. Input validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Cloud security engineers are planning to allow and deny access to specific features in order to increase data security. Which of the following cloud features is the most appropriate to ensure access is granted properly?

A. API integrations
B. Auditing
C. Resource policies
D. Virtual networks

A

C. Resource policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A security operations technician is searching the log named /var/messages for any events that were associated with a workstation with the IP address 10.1.1.1. Which of the following would provide this information?

A. cat /var/messages | grep 10.1.1.1
B. grep 10.1.1.1 | cat /var/messages
C. grep /var/messages | cat 10.1.1.1
D. cat 10.1.1.1 | grep /var/messages

A

A. cat /var/messages | grep 10.1.1.1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A security analyst is investigating a report from a penetration test. During the penetration test, consultants were able to download sensitive data from a back-end server. The back-end server was exposing an API that should have only been available from the company’s mobile application. After reviewing the back-end server logs, the security analyst finds the following entries:

10.35.45.53 - - [22/May/2020:06:57:31 +0100] “GET /spi/cliend_id=1 HTTP/1.1” 403 1705 “http://www.example.com/api/” “PostmanRuntime/7.26.5”
10.35.45.53 - - [22/May/2020:07:00:58 +0100] “GET /spi/cliend_id=1 HTTP/1.1” 403 1705 “http://www.example.com/api/” “PostmanRuntime/7.22.0”
10.32.40.13 - - [22/May/2020:08:08:52 +0100] “GET /spi/cliend_id=1 HTTP/1.1” 403 1705 “http://www.example.com/api/” “PostmanRuntime/1.1.1”
10.32.40.25 - - [22/May/2020:08:13:52 +0100] “GET /spi/cliend_id=1 HTTP/1.1” 403 1705 “http://www.example.com/api/” “PostmanRuntime/2.3.1”
10.35.45.53 - - [22/May/2020:08:20:18 +0100] “GET /spi/cliend_id=1 HTTP/1.1” 403 1705 “http://www.example.com/api/” “PostmanRuntime/2.3.0”

Which of the following is the most likely cause of the security control bypass?

A. IP address allow list
B. User-agent spoofing
C. WAF bypass
D. Referrer manipulation

A

B. User-agent spoofing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following processes would most likely help an organization that has conducted an incident response exercise to improve performance and identify challenges?

A. Lessons learned
B. Identification
C. Simulation
D. Containment

A

A. Lessons learned

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following control types is patch management classified under?

A. Deterrent
B. Physical
C. Corrective
D. Detective

A

C. Corrective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A security analyst is investigating what appears to be unauthorized access to a corporate web application. The security analyst reviews the web server logs and finds the flowing entries:

106.35.45.53 - - [22/May/2020:07:00:58 +0100] “GET /login?username=admin&pin=0000 HTTP/1.1” 200 11705 “http://www.example.com/login.php”
106.35.45.53 - - [22/May/2020:07:01:21 +0100] “GET /login?username=admin&pin=0001 HTTP/1.1” 200 11705 “http://www.example.com/login.php”
106.35.45.53 - - [22/May/2020:07:01:52 +0100] “GET /login?username=admin&pin=0002 HTTP/1.1” 200 11705 “http://www.example.com/login.php”
106.35.45.53 - - [22/May/2020:07:02:18 +0100] “GET /login?username=admin&pin=0003 HTTP/1.1” 200 11705 “http://www.example.com/login.php”
106.35.45.53 - - [22/May/2020:07:02:18 +0100] “GET /login?username=admin&pin=0004 HTTP/1.1” 200 11705 “http://www.example.com/login.php”

Which of the following password attacks is taking place?

A. Dictionary
B. Brute-force
C. Rainbow table
D. Spraying

A

B. Brute-force

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A company that provides an online streaming service made its customers’ personal data, including names and email addresses, publicly available in a cloud storage service. As a result, the company experienced an increase in the number of requests to delete user accounts. Which of the following BEST describes the consequence of this data disclosure?

A. Regulatory fines
B. Reputation damage
C. Increased insurance costs
D. Financial loss

A

B. Reputation damage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An organization has been experiencing outages during holiday sales and needs to ensure availability of its point-of-sale systems. The IT administrator has been asked to improve both server-data fault tolerance and site availability under high consumer load. Which of the following are the best options to accomplish this objective? (Choose two.)

A. Load balancing
B. Incremental backups
C. UPS
D. RAID
E. Dual power supply
F. VLAN

A

A. Load balancing
D. RAID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following can be used to detect a hacker who is stealing company data over port 80?

A. Web application scan
B. Threat intelligence
C. Log aggregation
D. Packet capture

A

D. Packet capture

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A company recently enhanced mobile device configuration by implementing a set of security controls biometrics context-aware authentication and full device encryption. Even with these settings in place, an unattended phone was used by a malicious actor to access corporate data. Which of the following additional controls should be put in place first?

A. GPS tagging
B. Remote wipe
C. Screen lock timer
D. SEAndroid

A

C. Screen lock timer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

An organization wants to quickly assess how effectively the IT team hardened new laptops. Which of the following would be the best solution to perform this assessment?

A. Install a SIEM tool and properly configure it to read the OS configuration files
B. Load current baselines into the existing vulnerability scanner
C. Maintain a risk register with each security control marked as compliant or non-compliant
D. Manually review the secure configuration guide checklists

A

B. Load current baselines into the existing vulnerability scanner

17
Q

A user is trying to upload a tax document which the corporate finance department requested but a security program is prohibiting the upload. A security analyst determines the file contains PII. Which of the following steps can the analyst take to correct this issue?

A. Create a URL filter with an exception for the destination website
B. Add a firewall rule to the outbound proxy to allow file uploads
C. Issue a new device certificate to the user’s workstation
D. Modify the exception list on the DLP to allow the upload

A

D. Modify the exception list on the DLP to allow the upload

18
Q

A cybersecurity analyst at Company A is working to establish a secure communication channel with a counterpart at Company B, which is 3,000 miles (4,828 kilometers) away. Which of the following concepts would help the analyst meet this goal in a secure manner?

A. Digital signatures
B. Key exchange
C. Salting
D. PPTP

A

B. Key exchange

19
Q

A security analyst is reviewing computer logs because a host was compromised by malware. After the computer was infected it displayed an error screen and shut down. Which of the following should the analyst review first to determine more information?

A. Dump file
B. System log
C. Web application log
D. Security log

A

A. Dump file

20
Q

A security architect is working on an email solution that will send sensitive data. However, funds are not currently available in the budget for building additional infrastructure. Which of the following should the architect choose?

A. POP
B. IPSec
C. IMAP
D. PGP

A

D. PGP

21
Q

A user reset the password for a laptop but has been unable to log in to it since then. In addition, several unauthorized emails were sent on the user’s behalf recently. The security team investigates the issue and identifies the following findings:

  • Firewall logs show excessive traffic from the laptop to an external site.
  • Unknown processes were running on the laptop.
  • RDP connections that appeared to be authorized were made to other network devices from the laptop.
  • High bandwidth utilization alerts from that user’s username.

Which of the following is most likely installed on the laptop?

A. Worm
B. Keylogger
C. Trojan
D. Logic bomb

A

C. Trojan

22
Q

A systems administrator is required to enforce MFA for corporate email account access, relying on the possession factor. Which of the following authentication methods should the systems administrator choose? (Choose two.)

A. Passphrase
B. Time-based one-time password
C. Facial recognition
D. Retina scan
E. Hardware token
F. Fingerprints

A

B. Time-based one-time password
E. Hardware token

23
Q

Which of the following best describes a technique that compensates researchers for finding vulnerabilities?

A. Penetration testing
B. Code review
C. Wardriving
D. Bug bounty

A

D. Bug bounty

24
Q

Which of the following biometric authentication methods is the most accurate?

A. Gait
B. Retina
C. Signature
D. Voice

A

B. Retina

25
Q

A security team will be outsourcing several key functions to a third party and will require that:

  • Several of the functions will carry an audit burden
  • Attestations will be performed several times a year
  • Reports will be generated on a monthly basis

Which of the following best describes the document that is used to define these requirements and stipulate how and when they are performed by the third party?

A. MOU
B. AUP
C. SLA
D. MSA

A

C. SLA

Sec+ (30 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions