Security+ Practice Tests 6-10

Question 1

Which of the following does NOT refer to an email communication threat vector?

Skimming
Malicious attachment
Social engineering
Malicious URL
Phishing

Answer 1

Skimming

Skimming is collecting PII from a payment card.

Question 2

Which of the following mitigates the risk of supply chain attacks?

DRP (Disaster Recovery Plan)
Vendor/intermediary checks
BCP (Business Continuity Plan)
IRP (Incident Response Plan)

Answer 2

Vendor/intermediary checks

Question 3

A comprehensive security screening of a potential third-party vendor before forming a partnership.

Answer 3

VDD (Vendor Due Diligence)

Question 4

DRP stands for

Answer 4

Disaster Recovery Plan

Question 5

BCP stands for

Answer 5

Business Continuity Plan

Question 6

IRP stands for

Answer 6

Incident Response Plan

Question 7

A detailed strategy and set of systems for ensuring an organization’s ability to prevent or rapidly recover from a significant disruption to its operations.

Answer 7

BCP (Business Continuity Plan)

Question 8

A written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.

Answer 8

IRP (Incident Response Plan)

Question 9

A formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents such as natural disasters, power outages, cyber attacks and any other disruptive events.

Answer 9

DRP (Disaster Recovery Plan)

Question 10

Examples of social media threat vectors include:

PII harvesting
social engineering
identity/account theft
malicious URLs
all of the above

Answer 10

All of the above

Question 11

Threat intelligence gathered from publicly available sources

Answer 11

OSINT

Question 12

OSINT stands for

Answer 12

Open Source Intelligence

Question 13

Insight gained from processing and analyzing public data sources such as broadcast TV and radio, social media, and websites. These sources provide data in text, video, image, and audio formats.

Answer 13

OSINT (Open-Source Intelligence)

Question 14

RFC stands for

Answer 14

Request for Comments

Question 15

A formal standards-track document developed in working groups within the Internet Engineering Task Force (IETF). Contains specifications and organizational notes about topics related to the internet and computer networking, such as routing, addressing and transport technologies.

Answer 15

RFC (Request for Comments)

Question 16

The U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. Provides advanced searching features.

Answer 16

NVD (National Vulnerability Database)

Question 17

NVD stands for

Answer 17

National Vulnerability Database

Question 18

CVE stands for

Answer 18

Common Vulnerabilities and Exposures

Question 19

A publicly available catalog of cybersecurity vulnerabilities. Contains a list of records each containing an identification number, a description, and at least one public reference. Feeds NVD.

Answer 19

CVE (Common Vulnerabilities and Exposures)

Question 20

What is CVE/NVD?

Answer 20

Two different programs that publicly disclose known cybersecurity vulnerabilities. They are both set up for a user to search by OS, platform, etc.

The CVE was launched by the MITRE Corporation as a community effort.

The NVD was launched by the NIST (National Institute of Standards and Technology).

Question 21

NIST stands for

Answer 21

National Institute of Standards and Technology

Question 22

Which of the following refer to vulnerability databases? (Select 2)

DBA
CVE
DBaaS
NVD
AIS

Answer 22

CVE (Common Vulnerabilities and Exposures)

NVD (National Vulnerability Database)

Question 23

DBA stands for

Answer 23

Database Administrator

Question 24

DBaaS stands for

Answer 24

Database as a Service
AKA managed database service

Question 25

AIS stands for

Answer 25

Automated Indicator Sharing

Question 26

A service the CISA provides to enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public, federal, and private-sector organizations.

Answer 26

AIS (Automated Indicator Sharing)

Question 27

CVSS stands for

Answer 27

Common Vulnerability Scoring System

Question 28

A public framework for rating the severity of security vulnerabilities in software.

Answer 28

CVSS (Common Vulnerability Scoring System)

Question 29

TTP stands for

Answer 29

Tactics, Techniques, and Procedures

Question 30

This acronym describes the behavior of a threat actor in three levels – the “why,” the “what,” and the “how.”

Answer 30

TTP (Tactics, Techniques, and Procedures)

Question 31

A common language for describing cyber threat information

Answer 31

STIX

Question 32

STIX stands for

Answer 32

Structured Threat Information eXpression

Question 33

A standardized XML programming language for conveying data about cybersecurity threats in a common language that can be easily understood by humans and security technologies.

Answer 33

STIX (Structured Threat Information eXpression)

Question 34

TAXII stands for

Answer 34

Trusted Automated eXchange of Indicator Information

Question 35

A dedicated transport mechanism for cyber threat information

Answer 35

TAXII (Trusted Automated eXchange of Indicator Information)

Question 36

A suite of communication protocols used to interconnect network devices on the internet or private networks (intranet or extranet).

Answer 36

TCP/IP

Question 37

S/MIME stands for

Answer 37

Secure/Multipurpose Internet Mail Extensions

Question 38

A widely accepted protocol for sending digitally signed and encrypted messages (including email).

Answer 38

S/MIME

Question 39

A specification extending the format of email to support sending images, audio/video files, archives, etc. Expands upon SMTP.

Answer 39

MIME

Question 40

GitHub is an example of:

Digital media store
Virtualization software
File/code repository
Social media site

Answer 40

File/code repository

Question 41

A type of formal document that describes the specifications for a particular technology

Answer 41

RFC (Request for Comments)

Question 42

PII stands for

Answer 42

Personally Identifiable Information

Question 43

RFQ stands for

Answer 43

Request for Quote

Question 44

RFI stands for

Answer 44

Request for Information

Question 45

RFP stands for

Answer 45

Request for Proposal

Question 46

A formal process for gathering information from potential suppliers of a good or service.

Answer 46

RFI (Request for information)

Question 47

A business document that announces a project, describes it, and solicits bids from qualified contractors to complete it. Goals and objectives are defined to give vendors a good idea of the requirements.

Answer 47

RFP (Request for Proposal)

Question 48

A solicitation for goods or services in which a company invites vendors to submit price quotes and bid on the job.

Answer 48

RFQ (Request for Quote)

Question 49

IPS stands for

Answer 49

Intrusion Prevention System

Question 50

SIEM stands for

Answer 50

Security Information and Event Management

Question 51

A solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.

Answer 51

SIEM (Security Information and Event Management)

Question 52

IDPS stands for

Answer 52

Intrusion Detection Prevention System

Question 53

A network security tool that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur.

Answer 53

IPS (Intrusion Prevention System)

Question 54

A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:

Answer 54

Zero-day attack

Question 55

A type of attack in which an attacker crafts a TCP packet with the Urgent, Push, and Fin header flags set, and injects it into the network. This can cause receiving devices to slow down (DoS), reboot, or behave in inconvenient ways.

Answer 55

Xmas tree attack
AKA Christmas tree attack

Question 56

A word used to describe encryption protocols that contain weak implementations and cannot be considered secure anymore.

Answer 56

Deprecated

Question 57

Which of the following is a deprecated encryption protocol?

SSH
TLS
S/MIME
SSL
IPsec
PGP

Answer 57

SSL

Question 58

What do FTP, HTTP, IMAP, POP, and SMTP have in common?

Answer 58

They are all cleartext network protocols.

Question 59

Vulnerability scanning: (select all that apply)

Identifies lack of security controls
Actively tests security controls
Identifies common misconfigurations
Exploits vulnerabilities
Passively tests security controls

Answer 59

Identifies lack of security controls
Identifies common misconfigurations
Passively tests security controls

Question 60

A special isolated folder on a machine’s hard disk where the suspicious files detected by Antivirus and Antimalware protection are placed to prevent further spread of threats.

Answer 60

Quarantine

Question 61

SOAR stands for

Answer 61

Security, Orchestration, Automation, and Response

Question 62

A stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.

Answer 62

SOAR

Question 63

Difference between SOAR and SIEM?

Answer 63

SIEM aggregates data from multiple security systems to generate alerts.
SIEM uses pattern matching to generate alerts that the IT team can investigate. It does NOT take action itself when it identifies a threat.

SOAR acts as the response engine to those alerts generated by the SIEM.
SOAR can also collect data from external applications.

Question 64

A server used for collecting diagnostic and monitoring data from networked devices.

Answer 64

Syslog server

Question 65

A server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

Answer 65

Proxy server

Question 66

UC stands for

Answer 66

Unified Communications

Question 67

An umbrella term for the integration of multiple enterprise communication tools – such as voice calling, video conferencing, instant messaging, presence, content sharing, etc. – into a single, streamlined interface, with the goal of improving user experience and productivity.

Answer 67

UC (Unified Communications)

Question 68

AV stands for

Answer 68

Audio Visual

Question 69

ICS stands for

Answer 69

Internet Connection Sharing

Question 70

A feature that allows a device with internet access to act as a host or access point for other devices to connect to the web.

Answer 70

ICS (Internet Connection Sharing)

Question 71

A security solution designed to detect anomalies in the log and event data collected from multiple network devices is called:

Answer 71

SIEM (Security Information and Event Management)

Question 72

Which tool enables automated response to security incidents?

Answer 72

SOAR (Security, Orchestration, Automation, Response)

Question 73

Penetration testing: (Select all that apply)

Bypass security controls
Only identifies lack of security controls
Actively tests security controls
Exploits vulnerabilities
Passively tests security controls

Answer 73

Bypasses security controls
Actively tests security controls
Exploits vulnerabilities

Question 74

NIDS stands for

Answer 74

Network Intrusion Detection System

Question 75

HIDS stands for

Answer 75

Host-based Intrusion Detection System

Question 76

Cybersecurity solution that monitors IT systems for signs of suspicious activity to detect unusual behaviors or patterns associated either with human users or applications that could be a sign of a security breach or attempted attack.

This solution operates on an individual host system.

Answer 76

HIDS (Host-based Intrusion Detection System)

Question 77

HIPS stands for

Answer 77

Host Intrusion Prevention System

Question 78

An installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host.

In case of attempted major changes by a hacker or malware, this software blocks the action and alerts the user so an appropriate decision about what to do can be made.

Answer 78

HIPS (Host Intrusion Prevention System)

Question 79

An internet standard protocol used to monitor and manage network devices via agents. This protocol collects, organizes, and sends data from various devices for network monitoring assisting with fault identification and isolation.

Answer 79

SNMP (Simple Network Management Protocol)

Question 80

A penetration test performed by an authorized professional with the full prior knowledge on how the system that is to be tested works is called:

Answer 80

White-box testing

Question 81

A penetration test of a computer system performed without the prior knowledge on how the system that is to be tested works is called:

Answer 81

Black-box testing

Question 82

A penetration test in which the person conducting the test has a limited access to information on the internal workings of the targeted system is called:

Answer 82

Gray-box testing

Question 83

In penetration testing, this type of reconnaissance relies on gathering information on the targeted system with the use of various non-invasive software tools and techniques, such as pinging, port scanning, or OS fingerprinting.

Answer 83

Active reconnaissance

Question 84

In penetration testing, this type of reconnaissance involves gathering any type of publicly available information that can be used later for exploiting vulnerabilities found in the targeted system.

Answer 84

Passive reconnaissance

Question 85

An optimal Wireless Access Point (WAP) antenna placement provides a countermeasure against:

War chalking
Spoofing
War driving
Insider threat

Answer 85

War driving

Question 86

When people draw symbols in areas to indicate the presence of an open Wi-Fi network. The symbols used typically say something about the access point.

Answer 86

War chalking

Question 87

Attackers searching for wireless networks with vulnerabilities while moving around an area in a moving vehicle.

Answer 87

War driving

Question 88

Which statement applies to the concept of OSINT?

Gaining advantage over competitors
Passive reconnaissance
Preparation before launching a cyberattack
Active reconnaissance

Answer 88

Passive reconnaissance

Question 89

In cybersecurity exercises, the attacking team

Answer 89

Red team

Question 90

In cybersecurity exercises, the defending team

Answer 90

Blue team

Question 91

In cybersecurity exercises, the event overseer (referee)

Answer 91

White team

Question 92

In cybersecurity exercises, a collaborative approach that involves the blue and red teams working together to improve an organization’s security

Answer 92

Purple team

Question 93

T/F: A physical network diagram contains information on hardware devices and physical links between them.

Answer 93

True

Question 94

T/F: A logical network diagram describes the actual traffic flow on a network and provides information related to IP addressing schemes, subnets, device roles, or protocols that are in use on the network.

Answer 94

True

Question 95

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information?

DRP
DHE
DLP
DEP

Answer 95

DLP (Data Loss Prevention)

Question 96

DLP stands for

Answer 96

Data Loss Prevention

Question 97

EDR stands for

Answer 97

Endpoint Detection and Response

Question 98

EDTR stands for

Answer 98

Endpoint Detection and Threat Response

Question 99

An endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware.

Answer 99

EDR (Endpoint Detection and Response)

AKA EDTR (Endpoint Detection and Threat Response)

Question 100

Difference between EDR and HIPS

Answer 100

EDR offers more capabilities than HIPS.

Unlike HIPS products which typically use an old-school standalone engine for detection/response, EDR products simultaneously run on the endpoint device (host), and are managed by either an on-premises server engine, or a cloud computing management back-end.

EDR harnesses the threat detection/response capabilities of the vendor’s global threat intelligence database, which is further enhanced with machine learning capabilities.

Although HIPS products are good for detection/prevention of breaches, they generally don’t have the variety of features of EDR, nor the server-side/cloud-based intelligence engines managing them from afar.

Question 101

The 3 states of digital data

Answer 101

At rest

In transit/motion

In processing

Question 102

Which of the 3 states of digital data requires data to be processed in an unencrypted form?

Answer 102

In processing

Question 103

The process of replacing sensitive data with nonsensitive information which holds a reference to the original data and enables its processing but has no value when breached.

Answer 103

Tokenization

Question 104

DRP stands for

Answer 104

Disaster Recovery Plan

Question 105

DHE stands for

Answer 105

Diffie-Hellman key exchange

Question 106

This method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric-key cipher.

Answer 106

DHE (Diffie-Hellman key exchange)

Question 107

DEP stands for

Answer 107

Data Execution Prevention

Question 108

A technology built into Windows that helps protect you from executable code launching from places it’s not supposed to. It does that by marking some areas of your PC’s memory as being for data only, no executable code or apps will be allowed to run from those areas of memory.

Answer 108

DEP (Data Execution Prevention)

Question 109

Any function that can be used to map data of arbitrary size to fixed-size values

Answer 109

Hash function

Question 110

T/F: A hash function allows for mapping large amount of data content to a small string of characters.

The result of hash function provides the exact “content in a nutshell” (in the form of a string of characters) derived from the original data content. In case there is any change to the data after the original hash was taken, the next time when hash function is applied, the resulting hash value calculated after content modification will be different from the original hash.

Answer 110

True

Question 111

A duplicate of the original site, with fully operational computer systems as well as near-complete backups of user data. Used in disaster recovery.

Answer 111

Hot site

Question 112

A disaster recovery facility that provides only the physical space for recovery operations is called

Answer 112

Cold site

Question 113

Which alternate site allows for fastest disaster recovery?

Cold site
Hot site
Warm site

Answer 113

Hot site

Question 114

A disaster recovery site that features an equipped data center but no customer data. In other words, it is “ready to go,” but still needs some data moved over. It might need some cables plugged in or some systems updated or configured.

Answer 114

Warm site

Question 115

A website or set of files on a computer server that has been copied to another computer server so that the site or files are available from more than one place. It has its own URL, but is otherwise identical to the principal site.

Used to make site access faster when the original site may be geographically distant from those accessing it.

Answer 115

Mirror site

Question 116

A monitored host holding no valuable data specifically designed to detect unauthorized access attempts and divert attacker’s attention from the actual network is known as:

Answer 116

Honeypot

Question 117

A customized login page that users must address before connecting to a public (or free) Wi-Fi network. It presents the user with terms of service, which they must agree to before accessing the WiFi hotspot.

Answer 117

Captive portal

Question 118

Hardware or software that tie together network security features into one simple-to-use, easy-to-manage appliance.

Answer 118

UTM appliance

Question 119

UTM stands for

Answer 119

Unified Threat Management

Question 120

Which of the following is an example of fake telemetry?

OSINT
Bluejacking
DNS sinkhole
Replay attack

Answer 120

DNS sinkhole

Question 121

Data collected from a network environment that can be analyzed to monitor the health and performance, availability, and security of the network and its components, allowing network administrators to respond quickly and resolve network issues in real-time.

Examples include:

CPU power Utilization - peaks, averages, over-utilization, and under-utilization.

Server memory utilization.

Disk space utilization.

User requests and user activity.

Answer 121

Telemetry

Question 122

Files in a honeypot host. If accessed, they will send an alert.

Answer 122

Honeyfiles

Question 123

Information that cybercriminals send to a machine engaging in Machine Learning to trick the antimalware software from recognizing actual malware code.

Answer 123

Fake telemetry

Question 124

A DNS that hands out an incorrect/invalid IP address when given a FQDN

Answer 124

DNS sinkhole
AKA DNS blackhole
AKA IP blackhole

Question 125

How to use a DNS sinkhole for good

Answer 125

Compromised hosts often access certain known malicious websites. So a DNS sinkhole can be configured to instead route to a site inside of the organization to send an alert instead of the malicious website. This way, network admins are alerted that the particular host is compromised.

Question 126

Deliberately incorrect/invalid data is also known as

Answer 126

Fake telemetry

Question 127

A cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software?

Answer 127

IaaS

Question 128

Which cloud service model would provide the best solution for a web developer intending to create a web app?

XaaS
SaaS
PaaS
IaaS

Answer 128

PaaS

Question 129

A cloud computing service model offering remote access to applications based on monthly or annual subscription fee is called:

Answer 129

SaaS

Question 130

A cloud computing deployment model in which the cloud infrastructure is provisioned for open use by the general public

Answer 130

Public cloud

Question 131

A cloud computing environment dedicated to a single organization.

Answer 131

Private cloud

Question 132

A cloud infrastructure in which multiple organizations share resources and services based on common operational and regulatory requirements.

Answer 132

Community cloud

Question 133

A mixed cloud computing environment where applications are run using a combination of computing, storage, and services in different environments

Answer 133

Hybrid cloud

Question 134

A cloud service model in which the third party manages the networking, storage, servers, and virtualization.

The client manages the OS, middleware, runtime, data, and applications.

Enables end users to scale and shrink resources on an as-needed basis. Offers essential compute, storage, and networking resources.

Answer 134

IaaS

Question 135

A cloud service model in which the third party manages the networking, storage, servers, virtualization, OS, middleware, and runtime.

The client manages the data and applications.

Used for developing, running, and managing applications.

Answer 135

PaaS

Question 136

A cloud service model in which the third party manages everything, and the client manages nothing.

The consumer typically pays a subscription fee to use this.

Answer 136

SaaS

Question 137

A transport protocol that supports transferring STIX insights over HTTPS

Answer 137

TAXII (Trusted Automated eXchange of Intelligence Information)

Question 138

Difference between a race condition and TOCTOU?

Answer 138

The race condition is the malfunction itself

TOCTOU is the vulnerability that arises from the malfunction

Question 139

An attack in which the attacker sends many packets with fake MAC addresses to a switch to overflow the switch’s address table, causing it to become full and unable to process traffic

Answer 139

MAC flooding

Question 140

T/F: A cloud deployment model consisting of two or more interlinked cloud infrastructures (private, community, or public) is referred to as a hybrid cloud.

Answer 140

True

Question 141

Which of the following would be the best solution for a company that needs IT services but lacks any IT personnel?

MSA
MaaS
MSP
MSSP

Answer 141

MSP (Managed Service Provider)

Question 142

MSP stands for

Answer 142

Managed Service Provider

Question 143

IT professionals that deliver IT services such as server management, network support cybersecurity, application implementation, and infrastructure management via regularly scheduled IT support.

Answer 143

MSP (Managed Service Provider)

Question 144

MSSP stands for

Answer 144

Managed Security Service Provider

Question 145

A third-party service provider that focuses exclusively on security services

Answer 145

MSSP (Managed Security Service Provier)

Question 146

MSA stands for

Answer 146

Master Service Agreement

Question 147

A contractual agreement between the service provider and the customer that outlines responsibilities and expectations between the MSSP and the client.

Answer 147

MSA (Master Service Agreement)

Question 148

Difference between MSP and MSSP

Answer 148

MSP provides IT and security services.

MSSP provides ONLY security services.

Question 149

A service that integrates various forms of transport and transport-related services into a single, comprehensive, and on-demand mobility service.

Answer 149

MaaS (Mobility as a Service)

Question 150

MaaS stands for

Answer 150

Mobility as a Service

Question 151

Which of the following terms refers to a third-party vendor offering IT security management services? (Select best answer)

MSP
MaaS
MSA
MSSP

Answer 151

MSSP (Managed Security Service Provider)

Question 152

T/F: The term “Fog computing” refers to a local network infrastructure between IoT devices and the cloud designed to speed up data transmission and processing.

Answer 152

True

Question 153

A decentralized computing infrastructure in which data, compute, storage and applications are located somewhere between the data source and the cloud. It brings the advantages and power of the cloud closer to where data is created and acted upon.

Answer 153

Fog computing

Question 154

A compute layer between the cloud and the edge. Where edge computing might send huge streams of data directly to the cloud, this type of computing can receive the data from the edge layer before it reaches the cloud and then decide what is relevant and what isn’t. The relevant data gets stored in the cloud, while the irrelevant data can be deleted or analyzed at this layer for remote access or to inform localized learning models.

Answer 154

Fog computing

Question 155

What is the difference between edge computing and fog computing?

Answer 155

They are basically the same, except edge computing means that the storage and processing devices are either at the same place or extremely near to the devices that are connecting to them.

Fog computing sits between the edge and the cloud. Some data may get saved into the cloud, while other data is either erased or processed in the fog network.

Edge computing helps devices get FASTER results.

Fog computing helps in FILTERING information before it gets saved into the cloud.

Question 156

Which of the following solutions would be best suited for situations where response time in data processing is of critical importance?

Answer 156

Edge computing

Question 157

Which is faster: fog computing or edge computing?

Answer 157

Edge computing

Edge computing helps get FASTER results.

Fog computing helps FILTER data before it gets saved into the cloud.

Question 158

Which of the following devices best illustrates the concept of edge computing?

Router
Smartwatch
Thin client
Server

Answer 158

Smartwatch

Remember that edge computing receives information from devices and quickly gives processing results back.

Question 159

T/F: In client-server model, the term “Thin client” refers to a networked computer equipped with the minimum amount of hardware and software components. As opposed to thick client, which runs applications locally from its own hard drive, thin client relies on network resources provided by a remote server performing most of the data processing and storage functions.

Answer 159

True

Question 160

Which of the following terms refers to the concept of virtualization on an application level?

Serverless architecture
Containerization
SoC (System on a Chip)
Infrastructure as code

Answer 160

Containerization

Question 161

A way to build and run applications and services without having to manage infrastructure or configuration. It is very similar to PaaS, but it involves granular control, automatic scaling, and usage-based payment, rather than a flat-fee like PaaS.

Answer 161

Serverless architecture

Question 162

The packaging of software code with just the OS libraries and dependencies required to run the code to create a single lightweight executable that runs consistently on any infrastructure. It is an OS-level virtualization method used to deploy and run distributed applications without launching an entire virtual machine.

Answer 162

Containerization

Question 163

An IC that integrates most or all components of a computer or other electronic system on a single chip.

Answer 163

SoC (System on a Chip)

Question 164

SoC stands for

Answer 164

System on a Chip

Question 165

IC stands for

Answer 165

Integrated Circuit

Question 166

An assembly of electronic components in which hundreds to millions of transistors, resistors, and capacitors are interconnected and built up on a thin substrate to form a small chip or wafer.

Answer 166

IC (Integrated Circuit)

Question 167

T/F: In software engineering, the term “Microservice” describes independent and self-contained code components that can be put together to form an application.

Answer 167

True

Question 168

Independent and self-contained code components (services) that can be put together to form an application.

Answer 168

Microservice

Question 169

Which of the following answers refer to software technologies designed to simplify network infrastructure management? (Select 2 answers)

SDP
SSP
SDV
SEH
SDN

Answer 169

SDV (Software-Defined Visibility)
SDN (Software-Defined Networking)

Question 170

Used to describe a hardware or service component that is improved or completely managed by software

Answer 170

Software-defined

Question 171

The capability to clearly see all aspects of an organization’s digital footprint as well as the risks and vulnerabilities within it. Also includes the ability to view security controls and the gaps created by inadequate controls.

Answer 171

Security visibility

Question 172

A security solution that automates security visibility through a software framework.

Answer 172

SDV (Software-Defined Visibility)

Question 173

SDP stands for

Answer 173

Software-Defined Perimeter

Question 174

A security technique that controls access to resources based on identity and forms a virtual boundary around networked resources.

It hides Internet-connected infrastructure so that external parties cannot see it, but internal authorized users can.

Answer 174

SDP (Software-Defined Perimeter)

Question 175

SSP stands for

Answer 175

System Security Plan

Question 176

A formal document that provides an overview of the security requirements for an information system and describes the security controls in place or planned for meeting those requirements.

Answer 176

SSP (System Security Plan)

Question 177

SEH stands for

Answer 177

Structured Exception Handling

Question 178

Code in a program that takes over when programs throw an exception due to a hardware or software issue.

Answer 178

SEH (Structured Exception Handling)

Question 179

In cloud computing, users on an on-premises network take advantage of a transit gateway to connect to:

WAN
VPC
SAN
VLAN

Answer 179

VPC (Virtual Private Cloud)

Question 180

VPC stands for

Answer 180

Virtual Private Cloud

Question 181

A secure, isolated private cloud hosted within a public cloud.

Answer 181

VPC (Virtual Private Cloud)

Question 182

SAN stands for

Answer 182

Storage Area Network

Question 183

A network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space.

Answer 183

SAN (Storage Area Network)

Question 184

WAN stands for

Answer 184

Wide Area Network

Question 185

A large network of LANs that is not tied to a single location.

Answer 185

WAN (Wide Area Network)

Question 186

VLAN stands for

Answer 186

Virtual Local Area Network

Question 187

A type of network used to share the physical network while creating virtual/logical segmentations to divide specific groups

Answer 187

VLAN

Question 188

A term used to describe a situation in which large number of deployed virtual machines lack proper administrative controls.

Answer 188

VM sprawl

Question 189

The process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.

Answer 189

VM escape

Question 190

The audit of use and consumption of network resources

Answer 190

Usage audit

Question 191

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers)

Patch management
Usage audit
Physical security controls
Sandboxing
Asset documentation

Answer 191

Usage audit
Asset documentation

Question 192

A cybersecurity practice where you run, analyze, and observe code in a safe, isolated environment that mimics end-user operating environments.

Answer 192

Sandboxing

Question 193

What are the countermeasures against VM escape? (Select 2 answers)

Group policy
Sandboxing
User training
Patch management
Asset documentation

Answer 193

Sandboxing
Patch management

Question 194

Which programming aspects are critical for secure application development process? (Select 2 answers)

Patch management
Input validation
Password protection
Error and exception handling
Application whitelisting

Answer 194

Input validation
Error and exception handling

Question 195

The approach of restricting the usage of any tools or applications only to those that are already vetted and approved

Answer 195

Application whitelisting
AKA application allowlisting

Question 196

The approach used to prevent certain applications or executables from running in a network

Answer 196

Application blacklisting
AKA application blocklisting

Question 197

The process of removing redundant entries from a database is known as:

Answer 197

Normalization

Question 198

What are the countermeasures against SQL injection attacks? (Select 2 answers)

Code obfuscation
Database normalization
Stored procedures
Code signing
Input validation

Answer 198

Stored procedures
Input validation

Question 199

A prepared SQL code that you can save so the code can be reused over and over again.

Answer 199

Stored procedure

Question 200

How do stored procedures prevent SQL injection?

Answer 200

They allow the users to only access your database by using the procedures that you have already defined. Users cannot write their own code.

Question 201

T/F: Code obfuscation techniques rely on encryption to protect the source code against unauthorized access.

Answer 201

False

While encryption is part of obfuscating source code, it is not a reliable way to protect the entire source code.

Programmers use multiple ways simultaneously throughout the code to obfuscate it. These techniques include using alternate code forms (binary, replacing a function with a table lookup, etc), changing up data storage methods to hide the data, randomizing aggregation patterns, and encrypting small strings in order to make the code hard to read.

Question 202

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:

Answer 202

Dead code

Question 203

Code that can never be executed in a running program because the code surrounding it makes it impossible.

Answer 203

Dead code

Question 204

Any lines of code that are added in the body of a program.

Also refers to lines of code within the program in contrast to a routine that is external to the program, and called for as needed.

Answer 204

Inline code

Question 205

Program code that is unnecessarily long, slow, or otherwise wasteful of resources

Answer 205

Code bloat

Question 206

A repetition of a line or a block of code in the same file or sometimes in the same local environment.

Answer 206

Duplicate code

Question 207

T/F: In web application programming, the term “Backend” typically refers to the part of a computer system or application that is not directly accessed by the user (for example a web server). On the opposite side, “Frontend” means software that can be accessed by the user locally (an example of this would be user’s web browser). Code execution and input validation that take place in the backend are referred to as server-side operations, the frontend equivalent of this is known as client-side operations.

Answer 207

True

Question 208

A collection of commonly used programming functions designed to speed up software development process is known as:

Answer 208

Library

Question 209

A component that can be loaded into the MMC (Microsoft Management Console) to provide a specific management capability for a device.

Answer 209

Snap-in

Question 210

A place where all of an organization’s data is stored and can be analyzed.

Answer 210

Data repository

Question 211

A lightweight software package containing an application’s code, its libraries, and other dependencies.

Answer 211

Container

Question 212

A heavy software package that provides complete emulation of low-level hardware devices like CPU, disk, and networking devices.

Answer 212

Virutal machine

Question 213

Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform?

GUI
SDLC
API
SDK

Answer 213

SDK (Software Development Kit)

Question 214

SDK stands for

Answer 214

Software Development Kit

Question 215

GUI stands for

Answer 215

Graphical User Interface

Question 216

SDLC stands for

Answer 216

Software Development Life Cycle

Question 217

API stands for

Answer 217

Application Programming Interface

Question 218

A set of definitions and protocols for building and integrating application software. It simplifies how developers integrate new application components into existing architecture and enables services/applications to communicate with each other.

Answer 218

API (Application Programming Interface)

Question 219

Difference between SDK and API

Answer 219

SDK is a suite of software development tools and pieces of code to create applications.

API is a set of definitions and protocols to allow programmers to integrate new applications with existing architecture.

Question 220

A nonprofit organization focused on software security

Answer 220

OWASP (Open Worldwide Application Security Project)

Question 221

OWASP stands for

Answer 221

Open Worldwide Application Security Project

Question 222

CSIRT stands for

Answer 222

Computer Security Incident Response Team

Question 223

A team charged with incident response, handling all security incidents affecting an organization within a timely manner.

Answer 223

CSIRT (Computer Security Incident Response Team)

AKA CERT (Computer Emergency Response Team)

AKA CIRT (Computer Incident Response Team)

Question 224

IETF stands for

Answer 224

Internet Engineering Task Force

Question 225

An SDO for the internet and is responsible for the technical standards that make up the TCP/IP suite.

Answer 225

IETF (Internet Engineering Task Force)

Question 226

SDO stands for

Answer 226

Standards Development Organization

Question 227

CERT stands for

Answer 227

Computer Emergency Response Team

Question 228

CIRT stands for

Answer 228

Computer Incident Response Team

Question 229

T/F: CSIRT, CERT, and CIRT are used interchangeably

Answer 229

True

Question 230

A type of code that has already been translated from a high-level programming language into a low-level programming language and converted into a binary executable file is referred to as:

Answer 230

Compiled code

Question 231

The process of transforming a computer program written in a given language (usually high-level programming language) into a set of instructions in another format or language (usually low-level programming language).

Answer 231

Compiling

Question 232

An example of a low-level programming language

Answer 232

Binary code

Question 233

Examples of high-level programming languages

Answer 233

Python, Ruby, C#, Java, etc.

Question 234

What does it mean when code “doesn’t compile”?

Answer 234

When the compiler was checking for correct syntax, it found errors and the translation into machine code wasn’t successful.

Question 235

The final phase of the program lifecycle in which the machine executes the program’s code

Answer 235

Runtime

Question 236

Code used to automated processes that would otherwise need to be executed step-by-step by a web developer.

Answer 236

Script

Question 237

A network transit hub that you can use to interconnect your virtual private clouds (VPCs) and on-premises networks.

Answer 237

Transit gateway