Podcast
Questions and Answers
Which of the following will increase cryptographic security?
Which of the following will increase cryptographic security?
What BEST describes zero-day exploits?
What BEST describes zero-day exploits?
In order to restrict PHI documents, what should be performed FIRST?
In order to restrict PHI documents, what should be performed FIRST?
Which attack has taken place based on the provided server output?
Which attack has taken place based on the provided server output?
Signup and view all the answers
What type of attack is described when a user inside a company network receives a certificate mismatch warning when trying to access a website?
What type of attack is described when a user inside a company network receives a certificate mismatch warning when trying to access a website?
Signup and view all the answers
Which tool is effective in preventing a user from accessing unauthorized removable media?
Which tool is effective in preventing a user from accessing unauthorized removable media?
Signup and view all the answers
What solution would BEST meet the requirements of increased scalability and flexibility for back-end infrastructure mentioned by the Chief Security Officer?
What solution would BEST meet the requirements of increased scalability and flexibility for back-end infrastructure mentioned by the Chief Security Officer?
Signup and view all the answers
Which social engineering technique seeks to exploit a person's sense of urgency?
Which social engineering technique seeks to exploit a person's sense of urgency?
Signup and view all the answers
In the scenario described, which attack involves redirecting network traffic to an attacker-controlled system?
In the scenario described, which attack involves redirecting network traffic to an attacker-controlled system?
Signup and view all the answers
What is a cost-effective physical control to enforce a USB removable media restriction policy?
What is a cost-effective physical control to enforce a USB removable media restriction policy?
Signup and view all the answers
What security measure can be used to physically block data exchange via USB ports?
What security measure can be used to physically block data exchange via USB ports?
Signup and view all the answers
What security control can be implemented when a company suspects compromised accounts due to suspicious logins from unknown locations?
What security control can be implemented when a company suspects compromised accounts due to suspicious logins from unknown locations?
Signup and view all the answers
Which action is NOT a suitable method for protecting accounts of traveling employees while avoiding blocking legitimate login requests?
Which action is NOT a suitable method for protecting accounts of traveling employees while avoiding blocking legitimate login requests?
Signup and view all the answers
Which method is most effective for an organization looking to share threat intelligence with peer groups?
Which method is most effective for an organization looking to share threat intelligence with peer groups?
Signup and view all the answers
What is the BEST way to enforce a restriction policy on USB removable media?
What is the BEST way to enforce a restriction policy on USB removable media?
Signup and view all the answers
What is a common security measure taken to prevent unauthorized access through compromised accounts?
What is a common security measure taken to prevent unauthorized access through compromised accounts?
Signup and view all the answers
What provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?
What provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?
Signup and view all the answers
In a collaborative research project where universities need to share compute and storage resources, which cloud deployment strategy would BEST meet this need?
In a collaborative research project where universities need to share compute and storage resources, which cloud deployment strategy would BEST meet this need?
Signup and view all the answers
To prove that data has not been tampered with since it was collected, a forensic analyst will MOST likely use which method?
To prove that data has not been tampered with since it was collected, a forensic analyst will MOST likely use which method?
Signup and view all the answers
After a public website's credentials database was leaked, leading to compromised business accounts, what would BEST mitigate the issue?
After a public website's credentials database was leaked, leading to compromised business accounts, what would BEST mitigate the issue?
Signup and view all the answers
To fingerprint a web server, what tool would a security analyst MOST likely use?
To fingerprint a web server, what tool would a security analyst MOST likely use?
Signup and view all the answers
What could be used to prioritize mitigation steps for known vulnerabilities in an organization?
What could be used to prioritize mitigation steps for known vulnerabilities in an organization?
Signup and view all the answers
What type of account is MOST appropriate for a security analyst to share a file for further incident analysis?
What type of account is MOST appropriate for a security analyst to share a file for further incident analysis?
Signup and view all the answers
When a security analyst shares a file named host1.pcap for further incident analysis, what tool is the team member MOST likely to use to open this file?
When a security analyst shares a file named host1.pcap for further incident analysis, what tool is the team member MOST likely to use to open this file?
Signup and view all the answers
If an application developer accidentally uploads a company's code-signing certificate private key to a public web server, what should the company do FIRST?
If an application developer accidentally uploads a company's code-signing certificate private key to a public web server, what should the company do FIRST?
Signup and view all the answers
An organization compares system settings against secure configuration guidelines. What type of control has the organization implemented?
An organization compares system settings against secure configuration guidelines. What type of control has the organization implemented?
Signup and view all the answers
To reduce the risk of unsanctioned high-risk SaaS applications, what is the BEST security solution recommended by the Chief Information Security Officer?
To reduce the risk of unsanctioned high-risk SaaS applications, what is the BEST security solution recommended by the Chief Information Security Officer?
Signup and view all the answers
If an organization wants to block unsanctioned high-risk SaaS applications from user access, what could be an effective security measure?
If an organization wants to block unsanctioned high-risk SaaS applications from user access, what could be an effective security measure?
Signup and view all the answers