Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Sec+ > 576-600 > Flashcards

576-600 Flashcards

1
Q

A security analyst is scanning a company’s public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?

A. Changing the remote desktop port to a non-standard number
B. Setting up a VPN and placing the jump server inside the firewall
C. Using a proxy for web connections from the remote desktop server
D. Connecting the remote server to the domain and increasing the password length

A

B. Setting up a VPN and placing the jump server inside the firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A company recently experienced a major breach. An investigation concludes that customer credit card data was stolen and exfiltrated through a dedicated business partner connection to a vendor, who is not held to the same security control standards. Which of the following is the most likely source of the breach?

A. Side channel
B. Supply chain
C. Cryptographic downgrade
D. Malware

A

B. Supply chain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the greatest amount of control and security over company data and infrastructure?

A. BYOD
B. VDI
C. COPE
D. CYOD

A

D. CYOD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following threat actors is most likely to be motivated by ideology?

A. Business competitor
B. Hacktivist
C. Criminal syndicate
D. Script kiddie
E. Disgruntled employee

A

B. Hacktivist

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

A user would like to install software and features that are not available with a mobile device’s default software. Which of the following would all the user to install unauthorized software and enable new features?

A. SQLi
B. Cross-site scripting
C. Jailbreaking
D. Side loading

A

C. Jailbreaking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A user downloaded an extension for a browser and the user’s device later became infected. The analyst who is investigating the incident saw various logs where the attacker was hiding activity by deleting data. The following was observed running:

New-Partition -DiskNumber 2 -UseMaximumSize -AssignDriveLetter C| Format-Volume -DriveLetter C - FileSystemLabel “New”-FileSystem NTFS - Full -Force -Confirm:$false |

Which of the following is the malware using to execute the attack?

A. PowerShell
B. Python
C. Bash
D. Macros

A

A. PowerShell

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

An organization recently acquired an ISO 27001 certification. Which of the following would most likely be considered a benefit of this certification?

A. It allows for the sharing of digital forensics data across organizations.
B. It provides insurance in case of a data breach
C. It provides complimentary training and certification resources to IT security staff
D. It certifies the organization can work with foreign entities that require a security clearance
E. It assures customers that the organization meets security standards

A

E. It assures customers that the organization meets security standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A junior security analyst is reviewing web server logs and identifies the following pattern in the log file:

http://comptia.org/../../../etc/passwd

Which of the following types of attacks is being attempted and how can it be mitigated?

A. XSS; implement a SIEM
B. CSRF; implement an IPS
C. Directory traversal; implement a WAF
D. SQL injection; implement an IDS

A

C. Directory traversal; implement a WAF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A security professional wants to enhance the protection of a critical environment that is used to store and manage a company’s encryption keys. The selected technology should be tamper resistant. Which of the following should the security professional implement to achieve the goal?

A. DLP
B. HSM
C. CA
D. FIM

A

B. HSM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is the correct order of volatility from most to least volatile?

A. Memory, temporary filesystems, routing tables, disk, network storage
B. Cache memory, temporary filesystems, disk, archival media
C. Memory, disk temporary filesystems, cache, archival media
D. Cache, disk, temporary filesystems, network storage, archival media

A

B. Cache memory, temporary filesystems, disk, archival media

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the CISO’s report?

A. Insider threat
B. Hacktivist
C. Nation-state
D. Organized crime

A

D. Organized crime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following agreements defines response time, escalation points, and performance metrics?

A. BPA
B. MOA
C. NDA
D. SLA

A

D. SLA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A bakery has a secret recipe that it wants to protect. Which of the following objectives should be added to the company’s security awareness training?

A. Insider threat detection
B. Risk analysis
C. Phishing awareness
D. Business continuity planning

A

A. Insider threat detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following must be considered when designing a high-availability network? (Choose two.)

A. Ease of recovery
B. Ability to patch
C. Physical isolation
D. Responsiveness
E. Attack surface
F. Extensible authentication

A

A. Ease of recovery
D. Responsiveness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following strategies shifts risks that are not covered in an organization’s risk strategy?

A. Risk transference
B. Risk avoidance
C. Risk mitigation
D. Risk acceptance

A

A. Risk transference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A dynamic application vulnerability scan identified that code injection could be performed using a web form. Which of the following will be the best remediation to prevent this vulnerability?

A. Implement input validations
B. Deploy MFA
C. Utilize a WAF
D. Configure HIPS

A

A. Implement input validations

17
Q

A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

A. SPF
B. GPO
C. NAC
D. FIM

A

D. FIM

18
Q

An analyst is working on an email security incident in which the target opened an attachment containing a worm. The analyst wants to implement mitigation techniques to prevent further spread. Which of the following is the best course of action for the analyst to take?

A. Apply a DLP solution
B. Implement network segmentation
C. Utilize email content filtering.
D. Isolate the infected attachment

A

D. Isolate the infected attachment

19
Q

Sales team members have been receiving threatening voicemail messages and have reported these incidents to the IT security team. Which of the following would be MOST appropriate for the IT security team to analyze?

A. Access control
B. Syslog
C. Session Initiation Protocol traffic logs
D. Application logs

A

D. Application logs

20
Q

Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?

A. EF x asset value
B. ALE / SLE
C. MTBF x impact
D. SLE x ARO

A

D. SLE x ARO

21
Q

A security engineer is hardening existing solutions to reduce application vulnerabilities. Which of the following solutions should the engineer implement FIRST? (Choose two.)

A. Auto-update
B. HTTP headers
C. Secure cookies
D. Third-party updates
E. Full disk encryption
F. Sandboxing
G. Hardware encryption

A

B. HTTP headers
C. Secure cookies

22
Q

Which of the following authentication methods is considered to be the LEAST secure?

A. TOTP
B. SMS
C. HOTP
D. Token key

A

B. SMS

23
Q

Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day to-day work activities?

A. Encrypted
B. Intellectual property
C. Critical
D. Data in transit

A

B. Intellectual property

24
Q

An audit report indicates multiple suspicious attempts to access company resources were made. These attempts were not detected by the company. Which of the following would be the best solution to implement on the company’s network?

A. Intrusion prevention system
B. Proxy server
C. Jump server
D. Security zones

A

A. Intrusion prevention system

25
Q

An administrator identifies some locations on the third floor of the building that have a poor wireless signal Multiple users confirm the incident and report it is not an isolated event. Which of the following should the administrator use to find the areas with a poor or non-existent wireless signal?

A. Heat map
B. Input validation
C. Site survey
D. Embedded systems

A

C. Site survey

Sec+ (30 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions