28 Questions
What is an organization in a flood zone most likely to document concerns about the restoration of IT operations in?
Disaster recovery plan
When setting up new firewall rules, what should a security administrator adhere to?
Change management procedure
What is a likely recommendation in the engagement report after penetration testers left USB keys with malware in the company's parking lot?
Conduct an awareness campaign on the usage of removable media
What type of plan would address concerns associated with restoration of IT operations in a flood zone?
Disaster recovery plan
Which procedure should be followed when a security administrator is setting up new firewall rules?
Change management procedure
What action would help prevent unauthorized access to company endpoints after a malware incident from USB keys?
Implement more complex password management practices
Which cryptographic concept operates on a fixed length of bits?
Block cipher
What is a common use case for a DNS sinkhole?
Capturing traffic to known-malicious domains
Why is it difficult for attackers to decrypt passwords using a rainbow table attack?
Salting
What does reducing data center area by creating virtual networking through automation describe?
IaC
In cryptography, what technique involves expanding the length of stored passwords with random data?
Key stretching
Which security measure can prevent attackers from accessing company network resources by redirecting them to non-existent destinations?
DNS sinkhole
What would have prevented the unauthorized use of the local administrator account on a company's VPN appliance?
Changing the default password
What method would help in securing web traffic for users experiencing browsing issues at the newly added DR site?
Deny cleartext web traffic
In the context provided, what action could have mitigated the exploitation of an interactive process to gain access to restricted areas?
Privilege escalation
Which approach would be effective in enhancing security measures for the network at the DR site?
Using secure management protocols
How can the risk of unauthorized logins be reduced on a remote management interface?
Using complex and unique passwords
What security measure is crucial for preventing unauthorized access in a network environment?
Utilizing role-based access control
What protective measure should a security administrator implement to protect the environment from the malware described in the text?
Implement a heuristic behavior-detection solution.
What was the outcome of Joe clicking on the email link in the text?
His workstation got infected and spread the virus to network shares.
Why did the protective measures fail to stop the virus in the text?
The virus evaded detection.
What did the security engineer notice about the IP address of a vendor website in the log files?
It changed for eight hours one week earlier.
Which attack was MOST likely used based on the change in the vendor website's IP address in the text?
Man-in-the-middle attack
What does CASB stand for in the context of protecting network shares?
Cloud Application Security Broker
What is the purpose of creating a checksum of an affected subject's email file during a forensic investigation?
Integrity
In the context of a software company using a shared codebase, what is the likely result of having deactivated but unused features present in the code?
Dead code
What is the potential risk highlighted in the security audit of an organization where most IT staff members have domain administrator credentials and do not change passwords regularly?
Reviewing the domain administrator group, removing unnecessary administrators, and rotating passwords
When multiple projects share a common codebase in a software company, what could be a consequence of not removing unused features?
Code bloat
Test your knowledge on cybersecurity concepts such as cryptography and DNS with these questions covering cryptographic concepts, use cases for DNS sinkholes, and more.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
