Security+ SY0-701 Terms & Definitions: General Security Concepts
Studied by 0 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/149
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
150 Terms
1. Felicia wants to deploy an encryption solution that will protect files in motion as they are copied between file shares as well as at rest, and also needs it to support granular, per- user security. What type of solution should she select?
A. Partition encryption
B. File encryption
C. Full-disk encryption
D. Record-level encryption
B. File encryption
2. Valerie wants to use a certificate to handle multiple subdomains for her website, including the sales.example.com and support.example.com subdomains. What type of certificate should she use?
A. A self- signed certificate
B. A root of trust certificate
C. A CRL certificate
D. A wildcard certificate
D. A wildcard certificate
3. What information is analyzed during a gap analysis?
A. Control objectives and controls intended to meet the objectives
B. Physically separate networks and their potential connection points
C. Compensating controls and the controls they are replacing
D. Security procedures and the policies they are designed to support
A. Control objectives and controls intended to meet the objectives
4. Susan's team has recommended an application restart for a production, customer- facing application as part of an urgent patch due to a security update. What technical implication is the most common concern when conducting an application restart?
A. Application configuration changes caused by the restart
B. Whether the patch will properly apply
C. Lack of security controls during the restart
D. The downtime during the restart
D. The downtime during the restart
5. Using a tool like git is most frequently associated with what critical change
management process?
A. Having a backout plan
B. Stakeholder analysis
C. Version control
D. Standard operating procedures (SOPs)
C. Version control
6. Jacob is concerned that the password used for one of his organization's services is weak, and he wants to make it harder to crack by making it harder to test possible keys during a brute- force attack. What is this technique called?
A. Master keying
B. Key stretching
C. Key rotation
D. Passphrase armoring
B. Key stretching
7. Log monitoring is an example of what control category?
A. Technical
B. Managerial
C. Operational
D. Physical
C. Operational
8. Rick wants to make offline brute- force attacks against his password file very difficult for attackers. Which of the following is not a common technique to make passwords harder to crack?
A. Use of a salt
B. Use of a pepper
C. Use of a purpose- built password hashing algorithm
D. Encrypting password plain text using symmetric encryption
D. Encrypting password plain text using symmetric encryption
9. Diffie-Hellman and RSA are both examples of what important encryption- related solution?
A. Rekeying
B. Certificate revocation protocols
C. Key exchange algorithms
D. Key generation algorithms
C. Key exchange algorithms
10. Sally wants to ensure that her change management process includes a procedure for what to do if the change fails. What should she create to handle this possibility?
A. An impact analysis
B. A backout plan
C. A regression test
D. A maintenance window
B. A backout plan
11. Theresa is concerned that her scheduled maintenance window may extend beyond the allocated time due to an unexpected issue. What element from the CIA triad is she concerned about?
A. Criticality
B. Accessibility
C. Integrity
D. Availability
D. Availability
12. Alaina is concerned about vehicles that might impact her organization's backup generator. What should she install to prevent both inadvertent and purposeful vehicle impacts on a generator installed outside her building near a parking lot?
A. A speed bump
B. An access control vestibule
C. Bollards
D. A chain- link fence
C. Bollards
13. Ben has deployed a data loss prevention (DLP) tool that inspects data and flags specific data types for review before emails containing it are sent outside the organization. What control type best describes this type of solution?
A. Managerial
B. Detective
C. Corrective
D. Preventive
D. Preventive
14. What type of control is a policy or procedure?
A. Directive
B. Corrective
C. Detective
D. Preventive
A. Directive
15. Murali has deployed a file integrity monitoring tool and has configured alerts to notify him if files are modified. What control type best describes this solution?
A. Preventive
B. Deterrent
C. Directive
D. Detective
D. Detective
16. Charles wants to reduce the threat scope of compromised credentials. What type of the following security controls is best suited to meeting this need?
A. Single sign-on
B. Federation
C. Zero trust
D. Multifactor authentication (MFA)
C. Zero trust
17. Carol wants to obfuscate data that is contained in her database. She wants to be able to refer to the data elements without having the actual data exposed. What type of obfuscation option should she select?
A. Tokenization
B. Encryption
C. Data masking
D. Data randomization
A. Tokenization
18. What key is used to decrypt information sent by another individual between two people using public key encryption?
A. The recipient's private key
B. The recipient's public key
C. The sender's private key
D. The sender's public key
A. The recipient's private key
19. Selah's organization has recently experienced a breach and the private keys for her organization's certificates were exposed. What should she immediately do?
A. Reissue the certificates with changed hostnames and other details.
B. Replace the certificates with self- signed certificates until they can be replaced by the vendor.
C. Revoke the certificates and place them on a certificate revocation list.
D. Replace the certificates with wildcard certificates.
C. Revoke the certificates and place them on a certificate revocation list.
20. Which of the following is not a major concern related to downtime caused by patching and system updates?
A. Attackers compromising the system or service while it is offline
B. Security systems or functions being offline during restart or shutdown processes
C. Unexpected extended downtime
D. Dependencies between systems or services related to downtime
A. Attackers compromising the system or service while it is offline
21. Joanna wants to ensure that the most current version of each component in her application is deployed. What change management process will help the most with this requirement?
A. Dependency mapping
B. Version control
C. Impact analysis
D. Allow and deny lists
B. Version control
22. Greg wants to implement a version control system to ensure that changes are made in ways that will not cause problems for his organization's critical software. Which of the following is not a common feature of version control systems designed for software source code?
A. Atomic operations
B. File locking
C. Regression testing
D. Tagging and labeling
C. Regression testing
23. Christina wants to implement a physical security control that has the greatest flexibility in how it is applied because she knows that exceptions to security practices may be required at times. Which of the following solutions has the greatest flexibility?
A. Video surveillance
B. Security guards
C. Access badges
D. Access control vestibules
B. Security guards
24. Lisa wants to ensure that theft of a device will not lead to exposure of the data contained on the device if the device is locked or turned off. What type of encryption should she select to best ensure this?
A. Volume-level encryption
B. Full- disk encryption
C. File-level encryption
D. Partition-level encryption
B. Full- disk encryption
25. Mahmoud has been asked to implement an allow list for websites that users at his company can visit. What concern should he bring up to management due to this request?
A. Allow lists cannot be used for websites.
B. Allow lists are overly permissive and are likely to allow unwanted sites to be visited.
C. Using an allow list for websites will take a lot of time to maintain.
D. Using an allow list for websites is easily bypassed.
C. Using an allow list for websites will take a lot of time to maintain.
26. Which of the following change management processes does not commonly directly involve stakeholders outside of the IT organization?
A. Impact analysis
B. Building the backout plan
C. The change approval process
D. Determining the maintenance window
B. Building the backout plan
27. What hardware component is used to generate, store, and manage cryptographic keys?
A. A CPU
B. A NSA
C. A TPM
D. A CCA
C. A TPM - Trusted Platform Module
28. Chris wants to check to see if a certificate has been revoked. What protocol can he use to validate the current status of a certificate?
A. TLS
B. OCRS
C. SSL
D. OCSP
D. OCSP - Online Certificate Status Protocol
29. Brian's organization uses a process where a secure module boots systems, then monitors them as each boot stage proceeds. It validates each signed boot stage and reports on whether the boot process was correct or not when complete. What is the secure module used to verify these stages called?
A. A secure initiation manager
B. A root of trust
C. A boot hash
D. A cryptographic boot manager
B. A root of trust
30. A vulnerability scan shows that an embedded device that Alice is responsible for has a vulnerability. She knows the vendor is no longer in business and that there is no updated firmware or software update for the device. To resolve the issue, Alice places a firewall between the device and the rest of the network and creates rules that prevent the vulnerable service from being available to other devices. What type of control has Alice deployed?
A. A directive control
B. A compensating control
C. A detective control
D. A procedural control
B. A compensating control
31. Jason knows that his Apple system uses a separate portion of its SoC (system on chip) to store keys and biometric information. What is this specialized component called?
A. A TPM
B. A HSM
C. A secure enclave
D. A screened subnet
C. A secure enclave
32. What change management term is used to describe the processes that an organization uses for each change that is made to ensure that a consistent process is used?
A. Standard operating procedures
B. A change plan
C. Fixed operating procedures
D. A backout plan
A. Standard operating procedures
33. Jack knows that there are three common types of database encryption. Which of the following is not a common type of database encryption?
A. Sensitivity-based encryption
B. Transparent data encryption
C. Field-level encryption
D. Column-level encryption
A. Sensitivity-based encryption
34. Ujamaa wants to conduct a gap analysis as part of his security efforts. Which of the following best describes what he will analyze?
A. Which services are not configured properly
B. Whether current patches are installed on all systems
C. The security program as implemented versus best practices
D. Legal requirements versus the security program
C. The security program as implemented versus best practices
35. Brandon wants to deploy a detective control that will help him with physical security threats. Which of the following fits his needs?
A. Fencing
B. Lighting
C. Video surveillance
D. Bollards
C. Video surveillance
36. Jack has deployed a system that appears to attackers to be a vulnerable system. The system is specifically designed to capture information and data from attacks to allow for later analysis. What type of tool has Jack deployed?
A. A tarpit
B. A honeypot
C. A beehive
D. An intrusion detection system
B. A honeypot
37. Renee wants to ensure that her logs support nonrepudiation. What should she do to ensure this?
A. Encrypt, then hash the logs.
B. Hash the logs and then digitally sign them.
C. Digitally sign the log file, then encrypt it.
D. Hash, then encrypt the logs.
B. Hash the logs and then digitally sign them.
38. Isaac wants to deploy sensors to detect intruders in a facility, but he is concerned about the sensors being overly sensitive. What type of sensor is best suited to detecting intruders in an open office environment without significant expense or issues with sensitivity?
A. Infrared
B. Pressure
C. Microwave
D. Ultrasonic
A. Infrared
39. Wayne wants to allow systems to claim identities as part of his AAA process. Which of the following is most commonly used to identify both individuals and systems?
A. Tokens
B. Smartcards
C. Certificates
D. Usernames
C. Certificates
40. What are considerations like database and network connectivity, authentication system access, and network time availability considered in the context of change management processes?
A. Allowed services
B. Standard operating procedures
C. Denied services
D. Dependencies
D. Dependencies
41. What role does the policy engine play in a zero- trust environment?
A. It creates new administrative policies based on user behavior.
B. It grants access based on policies created by administrators and based on security systems data.
C. It enforces policies by monitoring connections between clients and servers.
D. It suggests new administrative policies based on usage patterns for adoption by the organization.
B. It grants access based on policies created by administrators and based on security systems data.
42. Which of the following is not a common post- change activity found in change management practices?
A. Updating diagrams
B. Updating procedures
C. Updating policies
D. Updating contracts
D. Updating contracts
43. Which of the following activities should Alaina not restrict as part of her preparation for a change window?
A. Patching
B. Scaling clustered systems up or down
C. Changing hostnames
D. Modifying database configurations
B. Scaling clustered systems up or down
44. What two key features define blockchain ledgers?
A. They are immutable and nontransferable.
B. They are shared and can be modified by a vote among all participants.
C. They are unique to each participant and are atomic.
D. They are shared and immutable.
D. They are shared and immutable.
45. Damian issues the following command on his Linux server: openssl req - new - newkey rsa:2048 - nodes - keyout exampleserver. key - out exampleserver.csr What has he done?
A. Created a certificate signing request
B. Created a certificate revocation request
C. Signed a certificate signing request
D. Updated the OCSP record for a certificate
A. Created a certificate signing request
46. Nick's organization sets aside Saturday nights from 2 a.m. to 4 a.m. for scheduled maintenance. What is this type of reserved time typically called?
A. Allocated downtime
B. A maintenance window
C. An unscheduled outage
D. An allowed outage
B. A maintenance window
47. Megan wants to assess the impact of a change as part of her change management process. Which of the following is most likely to help her assess impact?
A. A backout plan
B. An estimate of the downtime expected
C. A list of stakeholders
D. A list of dependencies for impacted systems
B. An estimate of the downtime expected
48. Jared wants to estimate the downtime that will result as part of a planned change. Which of the following methods will most effectively help him estimate downtime?
A. Average the downtime from other recent changes.
B. Contact the vendor for time estimates for the change.
C. Perform the change in a test environment.
D. Use a fixed maintenance window.
C. Perform the change in a test environment.
49. An encryption method in which all participants have the same key is known as which of the following types of encryption?
A. Shared hashing
B. Asymmetric encryption
C. Symmetric encryption
D. Universal encryption
C. Symmetric encryption
50. What important encryption challenge does asymmetric encryption help with by using public keys?
A. Evil twins
B. Collision resistance
C. Key length
D. Key exchange
D. Key exchange
51. Rick's cloud provider offers a dedicated hardware security module. Which of the following capabilities is it unlikely to offer?
A. Validating secure boot processes
B. Key generation
C. Encrypting and decrypting data
D. Creating digital signatures
A. Validating secure boot processes
52. Michelle believes that an image she has discovered in an attacker's directory of files contains additional information that has been hidden in it. What is this type of obfuscation called?
A. Steganography
B. Image hashing
C. PNG warping
D. Image blocking
A. Steganography
Which of the following is not a common transport encryption protocol?
A. TLS
B. IPSec
C. SAML
D. SSH
C. SAML
54. What technology is record-level encryption most commonly associated with?
A. Stored audio files
B. Databases
C. Physical disks
D. Removable storage
B. Databases
55. Yasmine submits the Windows BitLocker key to a central repository after she encryptions the machine. The central repository allows files to be uploaded, but not read, and is protected with access requiring special permissions. What type of solution is Yasmine's company using?
A. A hardware security module
B. Perfect forward secrecy
C. Key escrow
D. Private keys
C. Key escrow
56. Valerie wants to authenticate her systems using her AAA system. Which of the following options is best suited to system authentication?
A. Asymmetric authentication
B. Certificate-based authentication
C. Symmetric authentication
D. PIN-based authentication
B. Certificate-based authentication
57. Valentine wants to detect if an intruder has accessed a secured file server. Which of the following techniques will work best with a data loss prevention tool to identify data exfiltration?
A. A honeypot
B. A honeynet
C. A honeyfile
D. A honeytoken
C. A honeyfile
58. Jason has recommended that additional lighting be put in place on the exterior of his building as part of a security upgrade. What type of control is lighting?
A. Operational
B. Deterrent
C. Corrective
D. Technical
B. Deterrent
59. Which of the following controls is typically the most expensive to implement?
A. Bollards
B. Access control vestibules
C. Security guards
D. Access badges
C. Security guards
60. Frankie wants to validate the integrity of a file by comparing it against an original copy. Which of the following solutions both fulfills this requirement and avoids known security issues?
A. Hash the original file and the current file using MD5 and compare the hashes.
B. Hash the original file and the current file using SHA-1 and compare the hashes.
C. Hash the original file and the current file using SHA-256 and compare the hashes.
D. Hash the original file and the current file using AES and compare the hashes.
C. Hash the original file and the current file using SHA-256 and compare the hashes.
61. Joanna's organization has a policy that requires a user's password to be immediately reset to lock accounts if the account is determined to have been successfully phished. What type of control is this?
A. A detective control
B. A directive control
C. A compensating control
D. A preventive control
B. A directive control
62. Jackie wants to implement an AAA system for her network. What AAA protocol is commonly used for network devices?
A. OpenID
B. SAML
C. RADIUS
D. TANGENT
C. RADIUS
63. Scott wants to automate policy creation in his zero- trust environment's policy engine. Which of the following is not a typical component for automated data and event- driven policy management?
A. A SIEM
B. Threat feeds
C. Infrared sensor data
D. EDR tools
C. Infrared sensor data
64. Valerie's organization has deployed a zero- trust solution, and Valerie receives an authentication prompt when she is attempting to access a file server. What component of the zero- trust architecture is she interacting with?
A. A policy enforcement point
B. A policy administrator
C. The policy engine
D. The trust manager
A. A policy enforcement point
65. Matt is assessing his organization's zero- trust model against the NIST Zero Trust Maturity Model. Which of the following is not a common element of zero- trust systems that would be assessed as part of the model?
A. Identity
B. Business model
C. Networks
D. Devices
B. Business model
66. Quentin wants to deploy a single sign-on system to allow his users to log in to cloud services. Which of the following technologies is he most likely to deploy?
A. OpenID
B. Kerberos
C. LDAP
D. TACACS+
A. OpenID
67. Marty wants to deploy a corrective control to deal with a recently compromised system. Which of the following would be considered a corrective control?
A. Patching the vulnerability that allowed the compromise to occur
B. Deploying full-disk encryption
C. Deploying an endpoint detection and response (EDR) tool
D. Enabling logging and sending logs to a SIEM
A. Patching the vulnerability that allowed the compromise to occur
68. What important encryption feature is not supported by symmetric encryption?
A. Confidentiality
B. Integrity
C. Nonrepudiation
D. Authentication
C. Nonrepudiation
69. Theresa wants to use a cloud- hosted security solution that will allow her to safely store and manage secrets. What type of solution should she select?
A. A TPM
B. A CA
C. A KMS
D. A CSR
C. A KMS
70. Joanna is reviewing her account information on an e- commerce website and sees her credit card number displayed as XXXX- XXXX- XXXX- 1234. What type of data obfuscation is in use?
A. Hashing
B. Data masking
C. Field encryption
D. Tokenization
B. Data masking
71. Amanda's organization wants to use a decentralized blockchain to store data. Which of the following is true about a decentralized blockchain?
A. No individual or group controls the blockchain.
B. Only cryptocurrency- related data can be stored in a blockchain.
C. Blockchain data can be changed after being stored by the original submitter.
D. Blockchain ledgers are stored on central servers chosen by regular elections among blockchain participants.
A. No individual or group controls the blockchain.
72. What role does a subordinate CA have in a CA hierarchy?
A. Subordinate CAs issue certificates based on subdomains.
B. Subordinate CAs provide control over certificate issuance while avoiding the cost of being a root CA.
C. Subordinate CAs validate root CA activities to ensure auditability.
D. Subordinate CAs review certificate signing requests before forwarding them to the root CA.
B. Subordinate CAs provide control over certificate issuance while avoiding the cost of being a root CA
73. Which of the following sensor types is commonly used to detect footsteps?
A. Infrared
B. Pressure
C. Microwave
D. Ultrasonic
B. Pressure
74. Which of the following is not a managerial control?
A. Risk assessments
B. Including security in change management processes
C. Security planning exercises
D. Implementing firewalls
D. Implementing firewalls
75. What purpose do third- party certificates serve for customers of cloud services?
A. They reduce costs by using bring- your- own certificates.
B. They allow certificates for domains other than the service provider's domain.
C. They provide control over cryptographic security for the customer.
D. They allow more flexibility in TLS version selection.
C. They provide control over cryptographic security for the customer.
76. Which of the following is not a common control focused on availability?
A. Uninterruptible power systems
B. Redundant Internet connectivity
C. Disk encryption
D. Load balancers
C. Disk encryption
77. What term describes a collection of honeypots on a network intended to capture information about cybersecurity threats?
A. A honeyfarm
B. A honeynet
C. A honeycluster
D. A darknet
B. A honeynet
78. Skip wants to implement a deterrent control to prevent physical security issues for his organization. Which of the following controls should he select?
A. A fence
B. A generator
C. Access badges
D. A camera system
A. A fence
79. What holds the position of the root of trust in a certificate chain?
A. A hardened hardware device
B. A TPM
C. A root certificate
D. A wildcard certificate
C. A root certificate
80. Jill needs to explain the concept of open public ledgers to her organization as management wants to adopt a blockchain- based system. What should she tell them about access to the ledger?
A. Members must be added by a vote of all current members.
B. Anyone can join at any time.
C. Members must be added by a vote of more than 51 percent of current members.
D. Ledgers are public but membership is private and controlled by the creator of the ledger.
B. Anyone can join at any time.
81. Olivia wants to use a self- signed certificate in her test environment for her organization's services to save money on commercial certificates. What warning should her team give her about the use of self- signed certificates in a test environment?
A. Certificate root of trust validation attempts will fail if implemented.
B. Self- signed certificates cannot be used for external users to support SSL.
C. Self- signed certificates cannot be used for internal users to support SSL.
D. Browsers will not allow self- signed certificates to be used when browsing sites.
A. Certificate root of trust validation attempts will fail if implemented.
82. Amanda is concerned about issues with dependencies that may be found during her pending change. What practice should she implement to help ensure unexpected dependency issues are not encountered?
A. Update organizational policies and procedures before the change.
B. Update functional diagrams before the change.
C. Validate the change in a test environment.
D. Document legacy applications that may create dependencies.
C. Validate the change in a test environment.
83. Lucca has implemented an authentication scheme that relies on ticket- granting tickets as part of the authentication process. What common authentication service has he implemented?
A. TACACS+
B. Kerberos
C. MS-CHAP
D. EAP
B. Kerberos
84. Jocelyn wants to select a modern encryption algorithm for use in her organization. Which of the following is a currently recommended encryption algorithm?
A. AES-256
B. SHA1
C. DES
D. Blowfish
A. AES-256
85. Elizabeth wants to classify the following controls by their category. What category best describes lighting, fences, bollards, and access control vestibules?
A. Technical
B. Managerial
C. Operational
D. Physical
D. Physical
86. Jack wants to ensure the integrity of a file that he is sending to a third party via email. How can he provide the integrity of a file to an organization that he has not done business with before?
A. Encrypt the file and send it to them.
B. Digitally sign the file.
C. Send a hash of the file in a separate email.
D. Email the file size and original name in a separate email.
B. Digitally sign the file.
87. Annie notices that her browser shows that the certificate for the site she is visiting is not valid. After performing some checks, she sees that the certificate is on the CA's certificate revocation list. Which of the following is not a reason for a certificate to be on a CRL?
A. The CA is compromised.
B. The certificate's private key was compromised.
C. The certificate was signed with a stolen key.
D. The certificate expired.
D. The certificate expired.
88. Mohinder wants to use modern, secure hashing algorithms to validate files against known good originals. Which of the following hashing algorithms should he select?
A. MD5
B. SHA-1
C. AES-256
D. SHA-256
D. SHA-256
89. Derrick wants to validate an encrypted and digitally signed message sent using asymmetric encryption. What does he need from the sender to validate the message?
A. The sender's private key
B. Derrick's private key
C. The sender's public key
D. Derrick's public key
C. The sender's public key
90. The major patch release that Susan's team installed has failed, resulting in a nonworking service. What should her team do according to change management best practices?
A. Declare an outage.
B. Follow the documented backout plan.
C. Restore from backups to the previous version.
D. Uninstall the patch and validate service function.
B. Follow the documented backout plan.
91. The web server that Angela's organization manages was recently compromised and the SSL certificate's private key was accessed by attackers. Angela's team has completed remediation and has created a new CSR, including a new private key that they have secured. What type of control type best describes the creation of a new key and certificate in this circumstance?
A. Corrective
B. Compensating
C. Deterrent
D. Detective
A. Corrective
92. Mikayla's zero- trust system has received a request for access with an identity, and the basic criteria for access have been met. What should the system do next before providing access to the resource requested?
A. Check the remote system's security status.
B. Require reauthentication using MFA.
C. Check the user's rights to ensure they can access the resource.
D. Determine its level of confidence in the request.
D. Determine its level of confidence in the request.
93. Charles sets up an RDP server on an isolated network segment and places a file on it called passwords.xlsx. He then configures his IPS and DLP systems to monitor for that file exiting the network segment. What type of tool has Charles deployed?
A. A honeyfile
B. A SQL trap
C. A red flag
D. A trigger file
A. A honeyfile
94. Lucca is using precomputed rainbow tables to attempt to crack hashed passwords from a data breach. He knows that two users have the same password, but the hashes do not match. What password hash security technique has Lucca most likely encountered?
A. Password encryption
B. Salting
C. Hash rotation
D. Password mismatching
B. Salting
95. What operating system is commonly associated with secure enclaves?
A. Windows
B. iOS
C. Linux
D. Android
B. iOS
96. Isaac is concerned that the passwords that his users are creating are too short and can be easily brute- forced if their hashes were compromised. Rather than make his users remember longer passwords, he would like to implement a technical solution to help make the hashes more resistant to cracking. What solution can he use to help with this?
A. Implement pass-the-hash algorithms.
B. Use a collision- resistant hashing algorithm.
C. Implement key stretching techniques.
D. Encrypt passwords rather than hashing them.
C. Implement key stretching techniques.
97. Christina wants to implement access badges printed with picture IDs for her organization, but she wants to use a wireless reader. What access badge technology is commonly implemented in scenarios like this?
A. Wi-Fi-enabled access badges
B. RFID access badges
C. Bluetooth- enabled access badges
D. NFC access badges
B. RFID access badges
98. Kendra's vulnerability management team has discovered that Internet of Things (IoT) devices deployed a few years ago to monitor temperatures for critical refrigerated equipment are vulnerable to a new attack. After reviewing the issue, her team has discovered that the devices are no longer supported and that the manufacturer has gone out of business. They suggest moving the devices to an isolated network to help protect them. What type of control has Kendra's team suggested?
A. A corrective control
B. A compensating control
C. A confidentiality control
D. A coordinated control
B. A compensating control
99. Which of the following is not a common factor in adaptive authentication for zero trust?
A. Where the user is logging in from
B. Whether the user has logged in recently from another device
C. What device the user is logging in from
D. If the device is configured correctly
B. Whether the user has logged in recently from another device
100. Juan's organization is designing their zero- trust model. Which of the following statements is true for network security zones?
A. All communication is secured, regardless of the network security zone it occurs in.
B. Communication receives additional security in low- trust zones.
C. Communication receives less security in high- trust zones.
D. All zero- trust networks are considered secured zones.
A. All communication is secured, regardless of the network security zone it occurs in.
Note 
Flashcards (122)