Info Assurance Quiz Questions (Vol. 3)

Examine the logs on the system where the vulnerability was reported.

In the process of validating a scan that was completed two days ago, Vashon discovers a particular true positive of interest was logged. He investigates the system from where the vulnerability was reported but does not find any problems. What is Vashon most likely to do next?

Credentialed because the spy has access to the information needed.

A rogue information technology (IT) employee works at a company as a spy for a foreign country. Unfortunately, the spy is responsible for running vulnerability scans. What type of scan is the spy most likely to run?

Threat Intelligence

Delancy is setting up to run a vulnerability scan. Which of the following best describes what Delancy needs to make well-informed security decisions that are data-driven?

Information displayed on threat maps offers limited context.

A group of students submits an initial outline of their security project for approval. The project indicates they will use information garnered from cybersecurity threat maps. What initial feedback is the professor most likely to offer?

The agent-based system scanned is compromised and does not accurately report its status.

Veronica is analyzing data from a recently completed vulnerability scan. Based on experience she suspects one of the systems is not reporting data accurately. What are possible reasons why this could be true?

Address vulnerabilities with the highest numeric CVSS scores and work down the list.

After running a vulnerability scan, a company is sorting out the results and in the process of determining the order in which vulnerabilities will be addressed. How is the company most likely to make this determination?

It would be more beneficial to run a penetration test first followed by a vulnerability scan. They will not achieve their goal because a vulnerability scan may only find surface problems.

A company is growing and starting to get serious about securing their digital assets. They hire a recent IT security college graduate as their security manager. The company wants to see if they have any deep vulnerabilities, so the newly hired security manager suggests running a vulnerability scan. Which of the following statements are most likely to be true? Select two.

Data types include regulated, intellectual property, and trade secrets. Data classifications include confidential, private, and public.

Mathina is responsible for identifying data that needs to be scanned more frequently, so she sets off to assign a value to the various kinds of data. Which of the following statements regarding how data should be classified are true? Select two.

Pen tests can be of the physical and integrated variety and not just of the IT variety.

Which of the following are true statements regarding vulnerability scans and penetration testing?

To generate threat intelligence. 

A security research team is in the business of collecting a great deal of network data. Their plan is to analyze the data and map out different types of attacks, suspicious behaviors, exploits, and vulnerabilities. Which of the following most likely describes their goal?

Search online for publicly accessible information that can reveal valuable insight.

A company hires a security firm to perform a penetration test, but no information is given to the security firm about the network. What type of preliminary research are the penetration testers most likely to perform while maintaining a low profile?

To search for weaknesses in the company's defenses. Because the company has a responsible disclosure program.

A high-tech company collects data gathered from their bug bounty initiative. The company then uses the data as input into a vulnerability scanner. Why would they do this? Select two.

It can take a significant amount of time. They do not have an up-to-date asset inventory. They have not prioritized what should be scanned.

A company is considering running a full vulnerability scan of all devices on the entire network. If they follow through on this decision, what possible conclusions can you arrive at? Select three.

An audit

A company recently completed a vulnerability scan as well as other tasks directly associated with the scan. They would now like an examination of the results to verify the accuracy of their findings. What type of activity will help them realize this plan?

Limitations on network bandwidth prevent them from scanning continuously.

A gaming company is doing very well, and growth projections continue to rise. However, they have made the decision, at least for the time being, to run vulnerability scans on a periodic basis instead of continually. Which of the following most likely represents the reason why?

Invicti

Ginni works for a company that hosts many online stores for a large variety of clients. She has been tasked with researching vulnerability scanning tools to monitor the applications that make their business model possible. Which of the following tools is Ginni most likely to recommend?

If it is impractical to address a difficult vulnerability, remove the offending device from the network. Patch vulnerable systems and procure new hardware and software as needed.

Yogita is the manager of the IT team responsible for addressing the issues found by a vulnerability scan. Which of the following steps will her team most likely implement to address the vulnerabilities discovered? Select two.

They will need to analyze reports. They need to determine the sources of data needed. They need to understand application package monitoring.

A company wants to implement a mechanism that will serve as a security audit on devices as well as on the processes used to protect those devices. Which of the following is most likely to be true? Select three.

The apps are a gateway to networks. The apps used open-source libraries.

Bogy, the chief security officer at a company, is adamant about running vulnerability scans that examine cloud-native apps the company develops and uses. Which of the following can be used to justify Bogy's position? Select two.

Active scanning may increase the risk of endpoint malfunction.

Which of the following statements accurately describes characteristics of active and passive scanning?

Speed

Karlos uses AIS to share cyber threat indicators based on the scans they perform on the network at his company. Which of the following best defines a benefit AIS offers?

To ensure incriminating or exonerating electronic documents are not intentionally suppressed.

A judge sternly warns a prosecutor and a defense attorney, both of whom are suspected of being a bit deviant, to not violate the e-discovery protocols that have been established. What message is the judge most likely trying to convey to the attorneys?

They are in the process of developing a BCP.

A company has been involved in a three-month project to ensure they do not suffer downtime due to threats that could hamper their operations. They are now ready to test some of the elements in the project. Which of the following most likely represents what the company is doing?

It means 10,000 SSDs running for 1000 hours can expect to see about 5 failures.

A storage company sells large data storage systems each containing thousands of SSDs. They calculated the MTBF rating of the SSDs to be about 2 million hours. What does this mean?

Firewall logs

A team of security analysts are reviewing log files. In their investigation, they identify incoming and outgoing connections, as well as traffic that was allowed and traffic that was blocked. What type of log was most likely being analyzed?

Parallel Processing

A company has a central office and two satellite branches. The security team simultaneously renders the DNS servers at the three satellite sites inoperable. The goal is to test how effective the same incident response will be at the branch sites. Which term best describes this exercise?

None of these

Which of the following network hardware components cannot be duplicated to provide redundancy?

Combining logs generated using different formats.

 Zabrina is the team leader for the group responsible for managing logs when a security incident occurs. They have a relatively small budget so a significant portion of their activity lacks automation. Which of the following is most likely to represent the most significant challenge?

12:30 PM

An agency has an RPO of two hours and an RTO of 30 minutes. The agency suffers a disaster and starts restoring data at noon. By what time can the agency expect to be up and running?

He is walking through a testing exercise to see if there are any errors or false assumptions. He is walking through a testing exercise to confirm there are no omissions or gaps.

Givon, a skilled technician with extensive knowledge of a company's network, is reviewing a recovery procedure in detail. What is the most likely reason why Givon is doing this? Select two.

CPU, RAM, temporary files, hard drive, network topology, archival media. Registers, ARP cache, temporary files, hard drive, remote logging data, physical configuration

A digital forensics incident response team seizes a series of computers. Which of the following, albeit not necessarily a complete list, represents the order in which the specified artifact should be preserved? Select two.

The database focuses on how attackers interact with systems and not on attack tools.

A series of security students are analyzing entries in a knowledge base of attacker techniques used against systems. They would like to replicate some of the attacks, but the database makes no reference to the tools used during the attacks. Which of the following statements is most likely to be true?

DRP

A data center suffered damage due to a natural disaster. The IT staff is in the process of restoring service, but they need to follow a specific series of steps due to critical dependencies. The content of which document are they most likely to follow?

The individual stored passwords on a piece of paper.

An individual stores all passwords in cleartext format in the notes area of a free online email system and in a piece of paper in their wallet. They also use a weak password to access their email. The individual loses their wallet at a theme park, and a system at work ends up being compromised as a result. An RCA is likely to yield which of the following at the top of the list?

Restoring data from a backup takes longer than restoring data when using replication. Backups require fewer financial resources than replication.

Which of the following are true statements regarding backups and replication? Select two.

The reservation system for an airline is affected by ransomware.  A cyberattack on a SCADA system shuts down a water treatment plant .

Which of the following events could hamper a mission-essential function? Select two.

This is part of a plan to ensure their operations are not disrupted if a major disaster occurs.

Three members of a larger task force at an enterprise are responsible for ensuring a variety of technologies, diverse vendors, and encryption capabilities are part of the company's networking infrastructure. Which of the following is most likely to be a true statement regarding their activities?

None, computers can be quickly replaced.

A software tester is using a system in a computer lab. The computer lab has internet access but is not connected to the corporate network. The tester clicks on a link in an email that renders the computer inoperable. The tester then sits idle for 30 minutes waiting for the IT staff to replace the computer. What preventive measure should have been put in place?

Spread cloud computing across multiple cloud providers.

A small business has decided to use the services of a small and recently established cloud provider. Unfortunately, the cloud provider suffers a severe breach that corrupts their data. If you had been hired as a consultant beforehand, which of the following recommendations would you have made?