39 Questions
What is the primary function of a Database Activity Monitoring (DAM) solution?
To monitor and analyze database activity for signs of compromise or malicious activity
What is a benefit of using a DAM solution?
It has a very low false positive rate
What is OVAL's primary function?
To standardize system state assessment and reporting
What is an advantage of using OVAL?
It enables interoperability and automation among security tools and services
What is IEEE's primary function?
To develop industry standards for technologies
What is a good source for a security architect to consult to address XSS attack concerns?
OWASP
What is a benefit of using a DAM solution in a web application?
It can send alerts on attacks from both privileged and malicious users
What is a key feature of a DAM solution?
It works at the application layer
What is the best approach to evaluate the effectiveness of anti-ransomware training?
Conducting a sanctioned vishing attack
What type of tool is likely being used by a red team to edit a registry key?
PowerShell
What is the primary goal of a compliance engineer performing an unauthenticated network vulnerability scan?
To identify vulnerabilities in the network
What type of deployment is being performed by the DevOps engineer?
IaaS deployment
What is the primary reason for removing unnecessary software during the hardening process?
To reduce the attack surface
What type of interface is being used for management in the IaaS deployment?
RDP
What is the primary purpose of applying security policies through GPOs?
To enforce security settings
What is the benefit of automated FW log collection tasks?
Improved security operations center performance
Which type of authenticator is most suitable for laptop authentication using digital certificates?
Device certificate
Why would a company's board of directors request a 3rd party management program?
To enhance risk management
What is a significant concern for an organization with an operational management vendor located in another region?
Each region has different regulatory frameworks to follow
What action should an organization take in response to a legal record hold?
Preserve all communications matching the requested search terms
What is the primary goal of a 3rd party management program?
To manage risks associated with third-party vendors
What is a potential risk of having an operational management vendor located in another region?
Different regulatory frameworks in each region
What is the primary reason for implementing optimized cloud resource utilization?
To reduce costs associated with cloud resources
What is the primary concern when a software company is no longer in business?
The maintenance of the application's code
Which technique can help mitigate the risk of a company going out of business?
Source code escrows
What is the primary concern when data is being prematurely deleted before the scheduled backup processes?
Data backup and recovery
What is the purpose of implementing soft delete for blobs?
To prevent accidental deletes or overwrites
What is the requirement for remote worker laptops before accessing the corporate network?
They must meet the security baseline
Why is it essential to scan remote worker laptops before granting access to the corporate network?
To ensure compliance with the corporate security team's mandate
What is the purpose of the dedicated internal scanner appliance in each subnet?
To scan only server and desktop computers
What is the benefit of implementing soft delete for blobs in a cloud storage environment?
It prevents accidental deletes or overwrites
What is a key consideration when selecting a cloud deployment model for a company with sensitive and proprietary data in Iceland?
Data residency
Which security principle ensures that no single entity has full access control?
Separation of duties
What type of threat actor is most likely involved in a website defacement with lateral movement and exfiltrated data?
APT/Nation state
What is the primary benefit of implementing autoscaling in a cloud-based application?
Enhanced scalability
Which of the following is a key requirement for ensuring high availability and resiliency of a web-based application?
Running at 70% capacity at all times
What is the primary purpose of implementing a Web Application Firewall (WAF)?
To protect against DoS and DDoS attacks
Which of the following is a key benefit of implementing containerization in a cloud-based application?
Faster deployment times
What is the primary purpose of implementing a Business Continuity Plan (BCP)?
To minimize the impact of disasters on business operations
Study Notes
Cloud Resource Utilization
- Optimized cloud resource utilization is crucial for efficient cloud infrastructure management.
Digital Certificates
- Digital certificates can be used for laptop authentication.
- Device certificates are a type of authenticator that can be used for laptop authentication.
Third-Party Management
- A third-party management program is necessary for risk management and supply chain visibility.
Equipment Failure Risks
- Equipment failure risks include support unavailability during business hours and shipping delays.
Legal Record Hold
- A legal record hold requires preserving all communications matching requested search terms.
OCSP Stapling
- OCSP stapling and TLS 1.3 can be used to improve security.
Ransomware Attacks
- Simulating a spam campaign can help evaluate the effectiveness of ransomware attack training.
Access Management
- Custodians are responsible for receiving input from system owners for access management activities.
Registry Key Editing
- The red team uses PowerShell to edit registry keys, such as HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders.
Compliance
- Supply chain visibility and software audits can help prevent risks associated with using old applications.
Blob Storage
- Implementing soft delete for blobs can help prevent premature deletion of data before scheduled backup processes.
Security Baseline
- Endpoints must meet a security baseline before accessing the corporate network.
XSS Attacks
- The OWASP can be consulted to address XSS attack concerns.
Cloud Deployment Models
- A private cloud or community cloud deployment model can be used to meet data residency requirements in Iceland.
Security Requirements
- Separation of duties and least privilege can be used to meet security requirements such as preventing fraud and assigning permissions based on role.
Threat Actors
- An APT/Nation-state threat actor is likely involved in a website defacement and data exfiltration scenario.
High Availability
- Autoscaling, WAF, and containerization can be used to ensure high availability and resiliency of web-based applications in the cloud.
Quiz about cloud resource utilization, security operations, and authentication methods using digital certificates and other authenticators.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free