30 Questions
What type of authentication factor relies on the user's biometric characteristics, such as a fingerprint, a face, or an iris?
Something you are
What is a common example of something you have that can be used to generate a one-time password (OTP) or a code to access a VPN?
Authentication token
Which of the following is the best way to consistently determine on a daily basis whether security settings on servers have been modified?
Automation
What is a common example of something you are that can be used to scan and verify the user's identity to access a VPN?
Thumbprint
What is the process of using software, hardware, or other tools to perform tasks that would otherwise require human intervention or manual effort?
Automation
Which of the following can automation be used for in relation to security settings on servers?
All of the above
What type of security technique involves checking user input for malicious or unexpected data before processing by an application?
Input validation
Which of the following is not a special character that the organization's security policy aims to remove from user input?
What technique is used to hide information within another medium, such as an image or audio file?
Steganography
If an organization wants to prevent embedded keys from being included in their source code, which security technique should they adopt?
Static code analysis
What is the process of converting data into a fixed-size string of characters, which cannot be reversed?
Hashing
Which of the following security techniques involves replacing sensitive data with fictitious data?
Data masking
What is the primary purpose of audits in a banking environment?
To ensure compliance with laws, standards, and policies
In a penetration testing engagement, what type of reconnaissance involves sending packets or requests to a target and analyzing the responses?
Active
What is the most common data loss path for an air-gapped network?
Removable devices
Which of the following is NOT a purpose of audits in a banking environment?
Conducting penetration testing
What type of reconnaissance involves observing network activity without directly interacting with the target?
Passive
How can an air-gapped network be compromised despite being physically isolated?
Via the use of removable devices
What is the primary technique used by attackers in a Business Email Compromise (BEC) attack?
Social engineering
In the given scenario, what is the attacker's goal in requesting gift cards?
To steal money from the victim
How does the attacker make the email appear to be from an executive in the given scenario?
By spoofing or compromising the executive's email address
What is the purpose of capacity planning in the context of business continuity strategy?
To determine the resources needed to meet current and future demands
Which of the following is NOT a common tactic used by BEC attackers?
Using malware to gain access to email accounts
In the context of business continuity planning, what does the term 'geographic dispersion' refer to?
Distributing operations across multiple locations
What is the primary goal of social engineering?
To gain unauthorized access to confidential information
In the given scenario, what technique was the suspicious caller employing?
Pretexting
Which of the following is the most appropriate mitigation strategy for suspicious connections between internal endpoints?
Configuring host-based firewalls on endpoints
Which practice is most effective in preventing insider threats related to malicious code introduction?
Implementing peer review and approval processes
What is the primary purpose of a host-based firewall?
To filter and monitor network traffic at the endpoint level
Which of the following is not a common social engineering technique?
Vulnerability scanning
Test your knowledge on authentication factors, including something you have and something you are. Explore examples like authentication tokens and biometric characteristics such as fingerprints and facial recognition.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free