Failed on Practice exam

Question 1

Context-aware authentication

Answer 1

Context-aware authentication can, for example, disable screen locks when the mobile device is in a trusted location, such as a home. It can also check whether the network connection is trusted before allowing apps to communicate externally.

Question 2

What is the mechanism for restoring to a baseline system config?

Answer 2

Rollback to known configuration

Question 3

What entity is responsible for validating and submitting certificate requests on behalf of end users?

Answer 3

Registration authority(RA)
A Registration Authority (RA) is a function of certificate enrollment, and its services would be combined with a Certificate Authority (CA) in a single CA hierarchy. An RA is responsible for validating and submitting a request on behalf of end users.

Question 4

What relates to quality management processes to determine the effectiveness of a system

Answer 4

Measurement systems analysis (MSA)

Question 5

application attack that targets vulnerabilities in the headers and payloads of specific application protocols.

Answer 5

Domain name system (DNS) amplification attack

Question 6

attacks against the controllers in an operational technology (OT) network can use the same techniques as against computer networks to overwhelm the network. This network attack uses SYN or SYN/ACK flooding.

Answer 6

DDoS

Question 7

What separates different containers from others?

Answer 7

Namespaces: Namespaces prevent one container from reading or writing processes in another.

Question 8

What ensures one container cannot overwhelm others in a DoS-type attack

Answer 8

Control groups

Question 9

What is secrets management?

Answer 9

Secrets management is the management of credentials specific for running or accessing services on a cloud service provider. This includes implementing multi-factor authentication (MFA) for interactive logons.

Question 10

Which of these is the most volatile form of memory?

Random Access Memory (RAM)
Cache
Hard disk
Pagefile

Answer 10

System cache is one of the most volatile data, similar to the CPU. This data should be captured before powering a device off.

Question 11

which environment allows for vulnerability scanning and penetration before being deployed to the staging environment.

Answer 11

Test

Question 12

Which classification of data is likely to be immediately escalated in the case of a breach?

Public Data
Critical Data
PII
Non-PII customer data

Answer 12

Critical data, sometimes top-secret, is too valuable to permit any risk of a breach. Therefore, any detected abnormality should immediately be escalated to senior decision-makers.

Question 13

An attack where the attacker has managed to obtain a database of password hashes from an Active Directory credential store

Answer 13

offline password attack

Question 14

used to monitor social media for incidents, such as disgruntled consumers posting negative content.

Answer 14

Sentient analysis. In terms of security, this can be used to gather threat intelligence.

Question 15

What allows a user to monitor and manage voltage and electrical current in an environment

Answer 15

Managed PDUs

Question 16

How can an attacker sniff all traffic on a switched network?

Answer 16

ARP poisoning.

Question 17

An appliance designed to perform centralized public key infrastructure (PKI) management, key generation, or key escrow for device

Answer 17

hardware security module (HSM)

Question 18

Homomorphic encryption

Answer 18

Homomorphic encryption is an encryption method that allows computation to be performed directly on encrypted data without requiring access to a secret key. Analysis can apply functions on encrypted data without needing to reveal the values of the data.

Question 19

A system administrator implements a process that provides two separate paths from each server node to every disk in a redundant array of inexpensive disks set up to remove a single point of failure. What concept has the administrator implemented?

Answer 19

Multipathing allows users to configure multiple input/output (I/O) paths between server nodes and storage arrays into a single device to remove a single point of failure and increase redundancy.

Question 20

an adverse event impacts multiple organizations

Answer 20

Multiparty risk occurs when an adverse event impacts multiple organizations. If a breach occurs for one party, all parties share the risk.

Question 21

ARO

Answer 21

The annual rate of occurrence (ARO) indicates how many times a loss will occur within a year. An ARO is used in conjunction with the single loss expectancy (SLE) to figure the annual loss expectancy (ALE).
ARO=Incidents/year

Question 22

SLE

Answer 22

SLE is the estimate of the amount of damage that an asset will suffer due to a single incident.
SLE= Asset Value*Exposure factor
Exposure Factor (EF) is expressed as a percentage of the asset value.

Question 23

ALE

Answer 23

ALE provides an estimate of the yearly financial impact to the organization from a particular risk.
Annualized Loss Expectancy = Single Loss Expectancy * Annual Rate of Occurrence
ALE = SLE * ARO