Security Plus missed questions

Kelly Innovations Corp, an IT company, is implementing a process in encryption where two parties establish a shared secret for communication purposes. Which of the following MOST describes this process?

Key Exchange

Which of the following terms BEST describes the validation of the accuracy thoroughness of compliance-related reports?

Attestation

Which of the following terms refers to the specific laws and regulations set by a country's government that dictate how the personal data of its citizens should be collected, stored, and processed?

National Legal Implications

Reed & Jamario Security Services has recommended your company use a port based system to prevent unauthorized users and devices. Which of the following are they recommending?

802.1x

At Kelly Innovations LLC, Susan has been entrusted with determining the purposes and means of processing personal data for the organization's new marketing campaign. She decides what data to collect, how long it will be retained, and with whom it will be shared. Which of the following BEST describes the role Susan is playing?

Data Controller

You are a security analyst at Dion Training and you discover that an unauthorized device has been connected to the company's network. As you investigate, you discover that the device was added so the employee could play video games during her breaks. What type of threat actor are you dealing with?

Shadow IT

Clumsy Contraptions Engineering is seeking to change its security footing. In the past, they have found that too many pieces of malicious software have gotten past the system. Their Chief Security Officer believes they need a device which will actively evaluate traffic and reject or modify packets according to policies the company sets. What type of device is the CSO suggesting?

Inline

In regards to automation and orchestration, which of the following terms accurately captures the challenges faced when dealing with a system characterized by its intricate web of interconnected components and varied functionalities, potentially hindering seamless integration, effortless management, and straightforward comprehension?

Complexity

(Correct)

Cost

Ongoing supportability

(Incorrect)

Technical debt

Complexity

Kelly Innovations LLC wants to implement a network appliance that focuses on filtering traffic based on source and destination IP addresses, and port numbers. Which layer of the OSI model is this appliance primarily operating at?

Layer 4

If a company's server has an estimated Single Loss Expectancy (SLE) of $15,000 due to an operational failure, and the Annual Rate of Occurrence (ARO) of these failures is expected to be 0.1 times per year, what is the Annual Loss Expectancy (ALE)?

1500

When sending an encrypted message to Dion Training, a client would use which of the following to ensure only Dion Training can decrypt and read the message?

Public key

Which of the following BEST describes the initial step to ensure a secure procurement process at Dion Training?

Verify the legitimacy of the software vendor.

Reed, a cybersecurity specialist at Dion Training Solutions, is optimizing the company's IPS. He notes that while signature-based detection is highly effective against known threats, it has some limitations. Which of the following BEST describes a limitation of signature-based detection in an IPS?

it might not detect zero day exploits

When considering the RSA algorithm, which description BEST captures its underlying mathematical property used for public key cryptography?

Trapdoor Function

Dion Training has recently implemented a new web portal for their customers. During a routine security review, the IT team notices that some suspicious activities have been logged. An unknown user attempted to access the system with a strange pattern: when requesting a particular user file, instead of the usual URL structure ( /users/[username]/profile ) the system registered requests like ( /users/../admin/config ). Within a short span of time, several such patterns were identified, each trying to reach different sensitive files and directories. Given this information, which of the following types of attack is the user MOST likely attempting?

attempting to access files outside of a directory

Which of the following hardware issues that results from products that are no longer being made, but are still usable?

End of Life Vulnerability

Dion Training Solutions is aiming to optimize their wide-area network (WAN) while ensuring advanced network management and performance optimization. They are considering a solution that can be deployed both on-premises and in the cloud. Which of the following technologies would BEST match their requirements?

SD-WAN

Dion Training is considering a collaboration with a new IT service vendor. To ensure compliance and adherence to industry standards, Dion Training wishes to see verifiable evaluations of the vendor's security controls and practices. Which of the following would provide Dion Training with insights into the vendor's own internal evaluations of their security measures?

Evidence of Internal audits

What term refers to an organization's predetermined level of acceptable risk exposure?

Risk Tolerance

Lexicon, an AI company, wants to implement a security measure to identify and evaluate potential threats to their systems and networks. Which of the following is an example of a managerial security control that the company could implement?

Risk assessments

Which mitigation technique involves shutting off specific entry and exit points in a system to prevent potential vulnerabilities or unauthorized access?

Disabling ports

To improve security at their law firm, Norah, a security analyst wants to implement a system that will selectively block or allow traffic based on the nature of the communication. Which firewall type would be MOST effective for this purpose?

Layer 7 firewall

honeytoken

a piece of data or a system entity that exists solely to alert the organization when someone accesses it?

Bollards

wants to prevent unauthorized vehicles from getting too close to the building and ramming into it.

A cipher lock

wants to protect a sensitive server room against unauthorized physical access without relying on electronic locking mechanisms.

access control vestibule

is a secured entryway between two sets of doors that prevents unauthorized or tailgated entry.

Access badge cloning

involves the creation of a copy of a legitimate badge and using it to grant access.

Whaling

is a targeted phishing attack that specifically focuses on high-level executives or important officials within an organization.

what primary action should a company take after simulating a successful phishing attack on its employees?

Provide immediate feedback

Pretexting

is a form of social engineering where attackers create a scenario or pretext to manipulate or deceive someone into divulging confidential information.

Urgency

is frequently employed in social engineering attacks to induce a sense of immediate action, compelling the target to respond quickly, often without giving the situation proper thought or scrutiny.

A zombie

is a compromised computer or device that has been hijacked by a hacker or malware to perform tasks, usually as part of a larger network of compromised devices known as a botnet.

A rootkit

is used to hide malware activities while maintain privileged access to the system.

A Storage DLP

They want a system that will protect data while it's at rest on their on-premises server, using encryption or a watermark?

AES (Advanced Encryption Standard)

a widely used symmetric encryption algorithm that encrypts and decrypts data using a single secret key.

Diffie-Hellman

is an asymmetric cryptographic technique specifically designed for securely exchanging cryptographic keys over public channels, allowing two parties to generate a shared secret without having previously met. (VPN)

SHA-256

is widely regarded as one of the most secure hashing algorithms due to its strong resistance to collision attacks and its large output size.

Steganography

is the practice of concealing a file, message, image, or video within another file, message, image, or video.

Recovery Time Objective (RTO)

which is the maximum acceptable length of time that can elapse before the lack of a business function severely impacts the organization

Risk transference

is a strategy that involves shifting the risk of a loss to a third party. In this case, the risk of potential damages (and the associated costs) is being transferred from John's construction company to the insurance company.

Risk Appetite

describes an organization's willingness to take on certain risks to achieve its objectives

Regulatory considerations

s in governance refer to the need for organizations to comply with all relevant laws and regulations that apply to their operations.

Sanctions

are punitive measures taken by regulatory bodies to enforce compliance.

CYOD (Choose Your Own Device)

operates as a middle ground between BYOD and COPE, allowing employees to select their device from a list of company-approved options.

service restarts

can be disruptive, especially when applied to servers actively used by users. The restart process might also result in potential data loss in transit or the buildup of a backlog during the downtime

Third-party audits

are evaluations conducted by external organizations to ensure compliance or adherence to specific standards or regulations.

A warm site

is a partially equipped backup facility with essential infrastructure and hardware, requiring some setup time before it can become operational.

Tabletop exercises

involve simulated scenario discussions among stakeholders to assess and improve crisis preparedness and response, without the need for actual resource deployment.

A propane generator

can offer extended backup power for hours or even days, making it suitable for sustaining critical systems during prolonged outages.

RAID 10

is a RAID configuration that combines disk striping (RAID 0) for enhanced performance with disk mirroring (RAID 1) for redundancy, offering both improved data protection and speed by mirroring data across multiple drives and then striping them for performance.

What is a significant challenge in securing embedded systems?

the inability to patch

Which of the following best describes the role of the control plane in Software-Defined Networking (SDN)?

It makes decisions about where traffic is sent

Which of the following best describes a non-idempotent operation in the context of Infrastructure as Code (IaC)?

Not receiving the same output

UTM (Unified Threat Management)

is an all-in-one security solution that combines multiple security features into one appliance, including antivirus, anti-spam, firewall, and intrusion detection capabilities.

A Proxy server

acts as an intermediary between clients seeking resources and other servers, helping to simplify requests, improve performance, and filter content.

Which of the following is a challenge in microservices architecture?

network latency

A Risk-based approach

underscores the need for the prioritization of controls based on potential risks and vulnerabilities specific to the infrastructure. With limited resources, organizations need to prioritize threats and vulnerabilities to best protect their infrastructure.

Deprovisioning

is the process of removing or deactivating users' access rights in an IT system when they no longer need them.

The "something you are" in multi-factor authentication

refers to biometric data, which are unique physical or behavioral characteristics of the user.

Password Spraying

Password spraying involves trying a small number of commonly used passwords against a large number of usernames or accounts.

Federation

refers to a system where a company or organization trusts accounts created and managed by a different network. This allows users to authenticate across different services using a single set of credentials.

Mandatory Access Control (MAC)

is typically used in environments that require a high level of data security. In a MAC model, access permissions are regulated by a central authority, and users cannot modify their own permissions.

A race condition occurs when

the behavior of a system depends on the relative timing of events, such as the order in which threads are scheduled to run, and this potentially can lead to unintended outcomes.

SQL Injection

is a code injection technique that exploits vulnerabilities in an application's software by manipulating SQL queries to allow for the unauthorized viewing of data, corrupting or deleting data, and in some cases executing administrative operations on the database.

Bluejacking

is the practice of sending unsolicited messages over Bluetooth to Bluetooth-enabled devices without taking control of the device.

Cross-site Scripting (XSS)

is a type of injection attack where malicious scripts are inserted into websites and executed in the browser of any user viewing that data, potentially leading to stolen information or malicious redirection.

DNS Zone Transfer Attack,

the attacker attempts to get a copy of the entire DNS zone data, which includes all the DNS records for a domain, by pretending to be an authorized system. This can expose sensitive information about the network infrastructure of a domain.

a replay attack

the attacker intercepts valid data transmissions (like a login session) and fraudulently or maliciously re-broadcasts, repeats, or delays them

On-Path Attack

is a form of eavesdropping where the attacker intercepts the communication between two parties, modifies it, and then relays it to the original recipient.

A Command Injection attack

occurs when a threat actor is able to execute arbitrary shell commands on a host via a vulnerable web application.

Which of the following cryptographic protocols is used in WPA3 for encryption?

(AES)

Extended Detection and Response (XDR)

is a security strategy that integrates multiple protection technologies into a single platform. It collects and automatically correlates data across multiple security layers, including email, endpoint, server, cloud workloads, and network, so that threats can be detected faster, and security analysts can improve response times.

Which of the following would provide the analyst with a unique identifier for each publicly disclosed vulnerability?

The Common Vulnerabilities and Exposures (CVE) system provides unique identifiers for publicly disclosed cybersecurity vulnerabilities

Compensating controls

refer to alternative security measures implemented to mitigate the risk when traditional controls, such as patching, are not feasible.

Static analysis (SAST)

CVE's

common identifiers enable data exchange between security products and provide a baseline index point for evaluating coverage of tools and services to make it easier for organizations to share data across separate vulnerability-related tools, speeding up vulnerability management, establishing the base for risk measurement, and enabling automation

A runbook

runbook is essentially an automated version of a playbook that includes clearly defined interaction points for human intervention and analysis, making it the ideal choice for Jessica's needs to automate certain steps in incident response while still requiring human judgment at specific stages.