Jason Dion Main Practice Exam

Which of the following BEST describes an approach where the foundational systems are set up and overseen using scripts and automated instruments instead of hands-on methods?

IaC.

Air-gapped Network.

Microservices architecture.

Sereverless architecture.

IaC.

Kelly Innovations decides to manage its IT infrastructure within its physical location, retaining full control over its hardware, software, and data. Which of the following security implications is MOST directly associated with this approach?

• Increased responsibility for physical security.

• Dependence on external patch availability.

• Multi-tenancy risks.

• Risk transference to third-party vendors.

Increased responsibility for physical security.

When considering the RSA algorithm, which description BEST captures its underlying mathematical property used for public key cryptography?

• Trapdoor function

• Hash function

• Symmetric encryption

• Digital signature.

Trapdoor function.

What is the purpose of a security analyst doing due diligence in the vendor selection process?

• To assess the vendor's ability to provide the goods or services when they have promised

• To compare multiple vendors' suppliers to ensure they are all diligent in analyzing their own supply chains.

• To ensure that the vendor's practices align with the organization's requirements

• To ensure that the chosen vendor is the best choice among the list of possible vendors

To ensure that the vendor's practices align with the organization's requirements.

A drone manufacturer employs a real-time operating system (RTOS) to ensure timely task executions. While optimizing for real-time performance, which of the following security concerns might arise?

• Inadequate buffer overflow protections.

• Overhead from virtualization.

• Uncontrolled cloud access.

• Lack of legacy protocol support.

Inadequate buffer overflow protections.

Enrique, the head of IT at Dion Training, is tasked with ensuring all deployed company systems adhere to a set of standardized configurations. He wants to reduce the attack surface as much as possible. Which of the following techniques would BEST reduce the organization's attack surface?

• Requiring frequent password resets for all employees.

• Implementing a VPN for any remote access to company devices.

• Deploying antivirus software on all company workstations and other devices.

• Turning off all unused services and closing unnecessary ports.

Turning off all unused services and closing unnecessary ports.

To improve security at their law firm, Norah, a security analyst wants to implement a system that will selectively block or allow traffic based on the nature of the communication. Which firewall type would be MOST effective for this purpose?

• VPN

• Layer 7 Firewall

• Layer 4 Firewall

• 802.1x

Layer 7 Firewall.

Susan, a security analyst at Kelly Innovations LLC, is reviewing alerts from the IPS. She recognizes a pattern of false positives from signature-based detections. Which of the following is the MOST likely cause for false positives in signature-based detection systems?

• The signatures require tuning.

• The IPS is scanning encrypted traffic only.

• Signature databases are stored in volatile memory.

• The system is only updated with old signatures.

The signatures require tuning.

Florence is the CEO of a company. She has the final say over all decisions made regarding the business, IT, accounting, and other departments. What type of governance does Florence's company have?

• Centralized governance

• Decentralized governance

• Board governance

• Committee governance

Centralized governances,pecifically a highly centralized autocratic or top-down management structure. I

Which of the following BEST describes the primary purpose of archiving as a method to bolster security monitoring?

• To analyze real-time threats and mitigate them instantly.

• To maintain compliance with regulations without needing long-term data storage.

• To provide historical insights into security incidents for future investigations.

• To provide an external backup in case of system crashes.

To provide historical insights into security incidents for future investigations.

Which mitigation technique involves the use of tools like Nagios or Splunk to continuously observe and check the operation of a system or network?

• Hardening techniques

• Segmentation

• Patching

• Monitoring

Monitoring.

Which of the following BEST describes how automation and orchestration in cybersecurity operations influence employee satisfaction and retention?

• Facilitates frequent role rotation among teams.

• Decreases the demand for cybersecurity professionals.

• Reduces repetitive and mundane tasks.

• Directly increases salary packages.

Reduces repetitive and mundane tasks.

Which of the following BEST describes an organizational structure that allows for autonomous decision-making in separate departments or sectors within the company?

• Hierarchical management

• Flat organization

• Matrix structure

• Decentralized governance.

Decentralized governance.

Reed, a cybersecurity specialist at Dion Training Solutions, is optimizing the company's IPS. He notes that while signature-based detection is highly effective against known threats, it has some limitations. Which of the following BEST describes a limitation of signature-based detection in an IPS?

• It encrypts network traffic to hide malicious signatures.

• It requires substantial network bandwidth to operate.

• It might not detect zero-day exploits.

• It automatically updates with behavioral patterns of users.

It might not detect zero-day exploits.

At Kelly Innovations Corp., Sarah noticed that their core business application, which tracks customer orders, was not updating inventory levels accurately. A recent update seemed to have introduced a bug. Which of the following would offer the BEST solution?

• Patch management

• Application restart

• Dependency check

• Application rollback.

Application rollback.

What is the primary difference between sanitization and destruction in the disposal process?

• Sanitization and destruction are synonyms and refer to the same process.

• Sanitization involves erasing data so it cannot be recovered; destruction is total physical demolition of the asset.

• Sanitization concerns the reuse of assets in an organization, and destruction involves transferring those assets to a different department.

• Sanitization refers to physically damaging the asset to render it unusable, while destruction involves completely eliminating all residual data.

Sanitization involves erasing data so it cannot be recovered; destruction is total physical demolition of the asset.

When a legal organization routinely communicates with clients via email containing sensitive case details, which strategy would be the MOST effective to secure the communications?

• Utilization of VPNs for email transmission

• Implementation of end-to-end encrypted email

• Conducting regular user cybersecurity training

• Deployment of regular data backups to secure cloud storage.

Implementation of end-to-end encrypted email.

The executive team at a software development firm decides that any project with a potential financial impact greater than $500,000 due to a security incident will require an immediate review and intervention. This financial impact figure represents which of the following in risk management?

• Risk tolerance

• Risk level

• Risk limit

• Risk threshold

Risk threshold.

Kelly Innovations Corp, an IT company, is implementing a process of encryption where two parties establish a shared secret for communication purposes. Which of the following MOST accurately describes this process?

• Hashing

• Symmetric encryption

• Asymmetric encryption

• Key exchange

Key exchange.

Dion Training has recently implemented a new web portal for their customers. During a routine security review, the IT team notices that some suspicious activities have been logged. An unknown user attempted to access the system with a strange pattern: when requesting a particular user file, instead of the usual URL structure ( /users/[username]/profile ) the system registered requests like ( /users/../admin/config ). Within a short span of time, several such patterns were identified, each trying to reach different sensitive files and directories. Given this information, which of the following types of attack is the user MOST likely attempting?

• Attempting to access files outside of intended directories.

• Attempting to escalate their privileges on the system.

• Attempting to inject malicious scripts into the system.

• Attempting to exploit a buffer overflow vulnerability.

Attempting to access files outside of intended directories..

Which of the following terms BEST describe the affirmation of the validation of the accuracy and thoroughness of compliance-related reports?

• Regulatory examination

• Internal assessment

• Independent third-party audit

• Attestation

Attestation

Which of the following motivations refers to any act of stealing information from a system or network?

• Ethical motivations

• Service disruption

• Disruption/chaos

• Data exfiltration

Data exfiltration.