Agile Quiz: USB Removable Media Restriction Policy

Play an AI-generated podcast conversation about this lesson

Which of the following will increase cryptographic security?

Hashing

Algorithms that require less computing power

High data entropy (correct)

Longer key longevity

What BEST describes zero-day exploits?

When a zero-day exploit is discovered, the system cannot be protected by any means.

Zero-day exploits have their own scoring category in CVSS.

A zero-day exploit is initially undetectable, and no patch for it exists. (correct)

Discovering zero-day exploits is always performed via bug bounty programs.

In order to restrict PHI documents, what should be performed FIRST?

Retention

Governance

Change management

Classification (correct)

Which attack has taken place based on the provided server output?

DNS poisoning (D) Signup and view all the answers

What type of attack is described when a user inside a company network receives a certificate mismatch warning when trying to access a website?

On-path (C) Signup and view all the answers

Which tool is effective in preventing a user from accessing unauthorized removable media?

USB data blocker (A) Signup and view all the answers

What solution would BEST meet the requirements of increased scalability and flexibility for back-end infrastructure mentioned by the Chief Security Officer?

Reverse proxy (B) Signup and view all the answers

Which social engineering technique seeks to exploit a person's sense of urgency?

A phishing email stating a cash settlement has been awarded but will expire soon (A) Signup and view all the answers

In the scenario described, which attack involves redirecting network traffic to an attacker-controlled system?

On-path (C) Signup and view all the answers

What is a cost-effective physical control to enforce a USB removable media restriction policy?

Implementing a GPO to restrict access to authorized USB removable media (B) Signup and view all the answers

What security measure can be used to physically block data exchange via USB ports?

USB data blocker (A) Signup and view all the answers

What security control can be implemented when a company suspects compromised accounts due to suspicious logins from unknown locations?

Enforce MFA when an account request reaches a risk threshold (D) Signup and view all the answers

Which action is NOT a suitable method for protecting accounts of traveling employees while avoiding blocking legitimate login requests?

Enforce VPN usage for all remote login attempts (D) Signup and view all the answers

Which method is most effective for an organization looking to share threat intelligence with peer groups?

Subscribing to threat intelligence feeds (A) Signup and view all the answers

What is the BEST way to enforce a restriction policy on USB removable media?

Employing physical locks on USB ports and restricting access (A) Signup and view all the answers

What is a common security measure taken to prevent unauthorized access through compromised accounts?

Employing anomaly detection to flag suspicious login attempts (C) Signup and view all the answers

What provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?

CVSS (B) Signup and view all the answers

In a collaborative research project where universities need to share compute and storage resources, which cloud deployment strategy would BEST meet this need?

Community (D) Signup and view all the answers

To prove that data has not been tampered with since it was collected, a forensic analyst will MOST likely use which method?

Calculate the checksum using a hashing algorithm (A) Signup and view all the answers

After a public website's credentials database was leaked, leading to compromised business accounts, what would BEST mitigate the issue?

Password history (A) Signup and view all the answers

To fingerprint a web server, what tool would a security analyst MOST likely use?

dig 192.168.0.10 (C) Signup and view all the answers

What could be used to prioritize mitigation steps for known vulnerabilities in an organization?

SOAR (A) Signup and view all the answers

What type of account is MOST appropriate for a security analyst to share a file for further incident analysis?

Service (B) Signup and view all the answers

When a security analyst shares a file named host1.pcap for further incident analysis, what tool is the team member MOST likely to use to open this file?

Wireshark (B) Signup and view all the answers

If an application developer accidentally uploads a company's code-signing certificate private key to a public web server, what should the company do FIRST?

Revoke the code-signing certificate (A) Signup and view all the answers

An organization compares system settings against secure configuration guidelines. What type of control has the organization implemented?

Detective (C) Signup and view all the answers

To reduce the risk of unsanctioned high-risk SaaS applications, what is the BEST security solution recommended by the Chief Information Security Officer?

CASB (A) Signup and view all the answers

If an organization wants to block unsanctioned high-risk SaaS applications from user access, what could be an effective security measure?

VPN concentrator (A) Signup and view all the answers

Agile Quiz: USB Removable Media Restriction Policy

Choose a study mode

Podcast

Questions and Answers

Which of the following will increase cryptographic security?

What BEST describes zero-day exploits?

In order to restrict PHI documents, what should be performed FIRST?

Which attack has taken place based on the provided server output?

What type of attack is described when a user inside a company network receives a certificate mismatch warning when trying to access a website?

Which tool is effective in preventing a user from accessing unauthorized removable media?

What solution would BEST meet the requirements of increased scalability and flexibility for back-end infrastructure mentioned by the Chief Security Officer?

Which social engineering technique seeks to exploit a person's sense of urgency?

In the scenario described, which attack involves redirecting network traffic to an attacker-controlled system?

What is a cost-effective physical control to enforce a USB removable media restriction policy?

What security measure can be used to physically block data exchange via USB ports?

What security control can be implemented when a company suspects compromised accounts due to suspicious logins from unknown locations?

Which action is NOT a suitable method for protecting accounts of traveling employees while avoiding blocking legitimate login requests?

Which method is most effective for an organization looking to share threat intelligence with peer groups?

What is the BEST way to enforce a restriction policy on USB removable media?

What is a common security measure taken to prevent unauthorized access through compromised accounts?

What provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?

In a collaborative research project where universities need to share compute and storage resources, which cloud deployment strategy would BEST meet this need?

To prove that data has not been tampered with since it was collected, a forensic analyst will MOST likely use which method?

After a public website's credentials database was leaked, leading to compromised business accounts, what would BEST mitigate the issue?

To fingerprint a web server, what tool would a security analyst MOST likely use?

What could be used to prioritize mitigation steps for known vulnerabilities in an organization?

What type of account is MOST appropriate for a security analyst to share a file for further incident analysis?

When a security analyst shares a file named host1.pcap for further incident analysis, what tool is the team member MOST likely to use to open this file?

If an application developer accidentally uploads a company's code-signing certificate private key to a public web server, what should the company do FIRST?

An organization compares system settings against secure configuration guidelines. What type of control has the organization implemented?

To reduce the risk of unsanctioned high-risk SaaS applications, what is the BEST security solution recommended by the Chief Information Security Officer?

If an organization wants to block unsanctioned high-risk SaaS applications from user access, what could be an effective security measure?

More Like This

Are You Agile?

Agile Manifesto Quiz: Test Your Knowledge of Agile Methodology

Agile Team Selection & Operations Management Analysis Quiz

Ian Sommerville Software Engineering Quizzes: Agile and Extreme Progra...

Agile Quiz: USB Removable Media Restriction Policy

Choose a study mode

Podcast

Questions and Answers

Which of the following will increase cryptographic security?

What BEST describes zero-day exploits?

In order to restrict PHI documents, what should be performed FIRST?

Which attack has taken place based on the provided server output?

What type of attack is described when a user inside a company network receives a certificate mismatch warning when trying to access a website?

Which tool is effective in preventing a user from accessing unauthorized removable media?

What solution would BEST meet the requirements of increased scalability and flexibility for back-end infrastructure mentioned by the Chief Security Officer?

Which social engineering technique seeks to exploit a person's sense of urgency?

In the scenario described, which attack involves redirecting network traffic to an attacker-controlled system?

What is a cost-effective physical control to enforce a USB removable media restriction policy?

What security measure can be used to physically block data exchange via USB ports?

What security control can be implemented when a company suspects compromised accounts due to suspicious logins from unknown locations?

Which action is NOT a suitable method for protecting accounts of traveling employees while avoiding blocking legitimate login requests?

Which method is most effective for an organization looking to share threat intelligence with peer groups?

What is the BEST way to enforce a restriction policy on USB removable media?

What is a common security measure taken to prevent unauthorized access through compromised accounts?

What provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?

In a collaborative research project where universities need to share compute and storage resources, which cloud deployment strategy would BEST meet this need?

To prove that data has not been tampered with since it was collected, a forensic analyst will MOST likely use which method?

After a public website's credentials database was leaked, leading to compromised business accounts, what would BEST mitigate the issue?

To fingerprint a web server, what tool would a security analyst MOST likely use?

What could be used to prioritize mitigation steps for known vulnerabilities in an organization?

What type of account is MOST appropriate for a security analyst to share a file for further incident analysis?

When a security analyst shares a file named host1.pcap for further incident analysis, what tool is the team member MOST likely to use to open this file?

If an application developer accidentally uploads a company's code-signing certificate private key to a public web server, what should the company do FIRST?

An organization compares system settings against secure configuration guidelines. What type of control has the organization implemented?

To reduce the risk of unsanctioned high-risk SaaS applications, what is the BEST security solution recommended by the Chief Information Security Officer?

If an organization wants to block unsanctioned high-risk SaaS applications from user access, what could be an effective security measure?

More Like This

Are You Agile?

Agile Manifesto Quiz: Test Your Knowledge of Agile Methodology

Agile Team Selection &amp; Operations Management Analysis Quiz

Ian Sommerville Software Engineering Quizzes: Agile and Extreme Progra...

Agile Team Selection & Operations Management Analysis Quiz