1) An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device. Which of the following MDM configurations must be considered when the engineer travels for business? a) Screen locks  b) Application management  c) Geofencing  d) Containerization 2) An organization's Chief Security Officer (CSO) wants to validate the business's involvement in the incident response plan to ensure its validity and thoroughness. Which of the following will the CSO MOST likely use? a) An external security assessment  b) A bug bounty program  c) A tabletop exercise.  d) A red-team engagement 3) A company recently experienced a data breach, and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach? a) A firewall  b) A device pin.  c) A USB data blocker  d) Biometrics 4) A worldwide manufacturing company has been experiencing a compromised email account. In one incident, a user logged in from the corporate office in France, but then seconds later, the same user account attempted a login from Brazil. Which of the following account policies would BEST prevent this type of attack? a) Network location  b) Impossible travel time  c) Geolocation  d) Geofencing 5) A network administrator has been asked to design a solution to improve a company's security posture. The administrator is given the following requirements: The solution must be in-line in the network, the solution must be able to block known malicious traffic, and the solution must be able to stop network-based attacks. Which of the following should the network administrator implement to BEST meet these requirements?  a) HIDS  b) NIDS  c) HIPS d) NIPS 6) An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following: Which of the following BEST describes the attack that was attempted against the forum readers? a) A. SOU attack  b) B. DLL attack c) C. XSS attack d) D. API attack 7) Which of the following organizational policies are MOST likely to detect fraud that is being conducted by existing employees? (Select TWO). a) Offboarding  b) Mandatory vacation  c) Job rotation  d) Background checks  e) Separation of duties  f) Acceptable use 8) When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of? a) Acceptance  b) Mitigation  c) Avoidance  d) Transference 9) A security analyst is looking for a solution to help communicate to the leadership team the seventy levels of the organization's vulnerabilities. Which of the following would BEST meet this need? a) CVE  b) SIEM  c) SOAR  d) CVSS 10) A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks. Which of the following methods would BEST prevent data? (Select TWO) a) VPN  b) Drive encryption  c) Network firewall  d) File-level encryption  e) USB blocker  f) MFA 11) Which of the following types of controls is a turnstile? a) Physical  b) Detective  c) Corrective  d) Technical 12) After entering a username and password, the administrator must gesture on a touch screen. Which of the following demonstrates what the administrator is providing? a) Multifactor authentication  b) Something you can do  c) Biometric  d) Two-factor authentication 13) Which of the following algorithms has the SMALLEST key size? a) DES  b) Twofish  c) RSA  d) AES 14) A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal? a) Salting the magnetic strip information.  b) Encrypting the credit card information in transit.  c) Hashing the credit card numbers upon entry.  d) Tokenizing the credit cards in the database 15) A financial analyst is expecting an email containing sensitive information from a client. When the email arrives, the analyst receives an error and is unable to open the encrypted message. Which of the following is the MOST likely cause of the issue? a) The S/MME plug-in is not enabled.  b) The SLL certificate has expired.  c) Secure IMAP was not implemented.  d) POP3S is not supported. 16) A system administrator needs to implement an access control scheme that will allow an object's access policy to be determined by its owner. Which of the following access control schemes BEST fits the requirements? a) Role-based access control  b) Discretionary access control  c) Mandatory access control  d) Attribute-based access control 17) Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company's final software releases? (Select TWO.) a) Unsecure Protocols  b) Use of penetration-testing utilities  c) Weak passwords  d) Included third-party libraries.  e) Vendors/supply chain  f) Outdated anti-malware software 18) A malicious actor recently penetrated a company's network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know what was in the memory on the compromised server. Which of the following files should be given to the forensics firm? a) Security  b) Application  c) Dump  d) Syslog 19) An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has only been given the documentation available to the customers of the applications. Which of the following BEST represents the type of testing that will occur? a) Bug bounty  b) Black-box  c) Gray-box  d) White-box 20) A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery? a) Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis.  b) Restrict administrative privileges and patch ail systems and applications.  c) Rebuild all workstations and install new antivirus software.  d) Implement application whitelisting and perform user application hardening. 21) A well-known organization has been experiencing attacks from APIs. The organization is concerned that custom malware is being created and emailed into the company or installed on USB sticks that are dropped in parking lots. Which of the following is the BEST defense against this scenario? a) Configuring signature-based antivirus to update every 30 minutes.  b) Enforcing S/MIME for email and automatically encrypting USB drives upon insertion.  c) Implementing application execution in a sandbox for unknown software. d) Fuzzing new files for vulnerabilities if they are not digitally signed.

Security + (Part 10)

autors:

Līderu saraksts

Vizuālais stils

Iespējas

Pārslēgt veidni

Atjaunot automātiski saglabāto: ?