Mobile Deployment Authentication Types Quiz

Questions and Answers

Which of the following must be configured to provide authentication between the switch and the TACACS+ server?

• 802.1x
• Shared secret (correct)
• SNMPv3
• SSH

Which of the following is BEST suited to perform an audit of the login page of a newly developed web application to determine if default accounts have been disabled?

• Protocol analyzer
• Rainbow table
• Banner grabbing
• Password cracker (correct)

Which of the following is the color-coded table in the exhibit an example of?

• Internal threat assessment
• Privacy impact assessment
• Qualitative risk assessment (correct)
• Supply chain assessment

Which of the following should be implemented to prevent DoS attacks in the future for the bank experiencing a DoS attack against an application designed to handle 500 IP-based sessions, where the perimeter router can only handle 1Gbps of traffic?

Deploy a content delivery network (CDN) to distribute the application traffic (A)

Which of the following actions should a systems administrator take when configuring a new network switch for TACACS+ management and authentication?

Configure a shared secret (D)

Which of the following actions should a security administrator take to audit the login page of a newly developed web application to determine if default accounts have been disabled?

Use a password cracker (B)

Which of the following is the color-coded table in the exhibit used to represent?

Qualitative risk assessment (D)

What should be implemented to prevent future DoS attacks on the bank's application that can handle 500 IP-based sessions, when the perimeter router can only handle 1Gbps of traffic?

Deploy a content delivery network (CDN) to distribute the application traffic (C)

Which of the following steps should the forensic analyst perform NEXT in the forensics process, given the scenario of following incident response best practices and compiling artifacts for the legal team?

Containment procedures (A)

Which of the following would BEST resolve the vulnerability identified in the audit report that could allow unauthorized personnel access to the facility and network?

Mantrap (C)

Based on the observed network traffic behavior described, where the computers in the IP Dst field start exhibiting the same behavior and making multiple outbound connection attempts, what is the MOST likely cause?

Malware infection (D)

Which of the following steps should the forensic analyst perform NEXT in the forensics process, given the scenario of following incident response best practices and compiling artifacts for the legal team?

Eradication procedures (B)

Which of the following would BEST resolve the vulnerability identified in the audit report that could allow unauthorized personnel access to the facility and network?

Mantrap (D)

Based on the observed network traffic behavior described, where the computers in the IP Dst field start exhibiting the same behavior and making multiple outbound connection attempts, what is the MOST likely cause?

Malware infection (D)

Which of the following is the BEST way to check if the digital certificate is valid?

CRL (B)

Which of the following is used to validate the integrity of data?

RSA (A)

Which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?

Backdoor (A)

Which of the following access management concepts is associated with file permissions?

Authorization (C)

Which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?

DLP (D)

Which access management concept is associated with file permissions?

Authorization (B)

Which technique was used by the third-party penetration testing company to gain root access on the server?

ARP cache poison (B)

What did the tester do after gaining root access on the initial server?

Moved to another server that was not in the original network (D)

Based on the given information, which authentication type is being utilized?

Context-aware authentication (A)

Which account type should the policy specify for service technicians from corporate partners?

Privileged user account (C)

Which of the following are needed to ensure credentials are encrypted in transit when implementing a RADIUS server for Single Sign-On (SSO)?

Public key, Shared key (B)

In which environment is the employee currently working, based on the given information?

Development (C)

What is the term used to describe the situation when a vulnerability scan fails to identify an existing vulnerability?

False negative (B)

Which of the following is the primary goal of the account management policy mentioned in the text?

All of the above (D)

Which of the following security attributes is NOT mentioned as a parameter defined by the account management policy?

Multi-factor authentication (C)

What is the purpose of the secure shell around software being developed by the employee?

To secure executable files (B)

What is the immediate next step the technician should take after discovering a crypto-virus infection on a workstation with access to sensitive remote resources?

Disable the network connections on the workstation (B)

Which backup method would be the best for Joe, the backup administrator, to implement in order to reduce the restoration time of physical servers?

Snapshots (C)

To comply with the new requirements mandating the use of AES encryption for the company's wireless configuration, which setting should the network technician configure?

Configure CCMP (C)

Which statement accurately differentiates ARP poisoning from a MAC spoofing attack?

ARP poisoning uses unsolicited ARP replies (A)

When downloading software for the organization's core switch, the network administrator is presented with checksum values. What is the primary purpose of checksums in this context?

To verify the integrity of the downloaded files (B)

Which of the following best describes the difference between SaaS (Software as a Service) and IaaS (Infrastructure as a Service)?

SaaS provides software applications, while IaaS provides virtualized computing resources (B)

In the context of cloud computing models, what is the primary characteristic that differentiates a private cloud from a hybrid cloud?

A private cloud is owned and operated by a single organization, while a hybrid cloud combines private and public cloud resources (A)

Which of the following is an accurate statement about MaaS (Mobility as a Service)?

MaaS is a cloud computing model that provides transportation services on-demand (A)

Which of the following is the MOST likely reason the company website is unavailable after the network administrator disables HTTP and implements SSL?

The company firewall is blocking port 443 traffic (B)

Which of the following access management concepts is associated with file permissions?

Authorization (B)

According to the follow-up action item from the lessons learned meeting, which of the following conditions would NOT allow authentication?

The user is accessing from within the United States anytime (C)

Which of the following is used to validate the integrity of data?

The MD5 and SHA-1 checksums match, so the files have not been compromised (B)

Which of the following statements is TRUE regarding the company website's login page?

Users are able to reach the login page from home using HTTP (B)

Which of the following is the MOST likely cause of the observed network traffic behavior where computers in the IP Dst field start exhibiting the same behavior and making multiple outbound connection attempts?

The computers have been infected with malware (A)

Which of the following was MOST likely utilized to exfiltrate the proprietary data?

Insider threat (B)

Which of the following access management concepts is associated with file permissions?

Authorization (D)

Which of the following is the BEST way to check if the digital certificate is valid?

CRL (B)

Which of the following is used to validate the integrity of data?

MD5 (A)

Which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?

Crypto-malware (C)

Which of the following access management concepts is associated with file permissions?

Authorization (D)

Which technique was used by the third-party penetration testing company to gain root access on the server?

ARP cache poisoning (B)

Which of the following was MOST likely to have been utilized to exfiltrate the proprietary data?

Backdoor (C)

What did the tester do after gaining root access on the initial server?

Moved to another server in the network (C)

Which of the following access management concepts is associated with file permissions?

Authorization (D)

Which of the following is being described when a security professional develops and publishes a password policy specifically tailored to a company, and enforces the policy through technical means?

Creating security benchmarks (C)

University A wants to partner with University B to allow its students who are taking classes at University B to sign into both university's wireless network and VPN services with their home university credentials. Which of the following should be implemented to achieve the desired results?

RADIUS federation (D)

The security analyst needs to assure the head of the auditing department that the response came from the security analyst, and the contents of the response must be kept confidential. Which of the following are the LAST steps the security analyst should perform prior to electronically sending the message?

Digitally sign the message to ensure authenticity and encrypt the message to ensure confidentiality (A)

University A offers an AAA-based SSO service that allows students to access all wireless and VPN services with the standard university credentials. University A wants to partner with University B to allow its students who are taking classes at University B to sign into both university's wireless network and VPN services with their home university credentials. Which of the following should be implemented to achieve the desired results?

RADIUS federation (C)

A security analyst finished drafting an official response to a security assessment report, which must be sent to the head of the auditing department. The security analyst needs to assure the head of the auditing department that the response came from the security analyst, and the contents of the response must be kept confidential. Which of the following are the LAST steps the security analyst should perform prior to electronically sending the message?

Digitally sign the message to ensure authenticity and encrypt the message to ensure confidentiality (C)

Which of the following is being described when a security professional develops and publishes a password policy specifically tailored to a company, and enforces the policy through technical means?

Creating security benchmarks (B)

University A offers an AAA-based SSO service that allows students to access all wireless and VPN services with the standard university credentials. University A wants to partner with University B to allow its students who are taking classes at University B to sign into both university's wireless network and VPN services with their home university credentials. Which of the following should be implemented to achieve the desired results?

RADIUS federation (B)

The security analyst finished drafting an official response to a security assessment report, which must be sent to the head of the auditing department. The security analyst needs to assure the head of the auditing department that the response came from the security analyst, and the contents of the response must be kept confidential. Which of the following are the LAST steps the security analyst should perform prior to electronically sending the message?

Digitally sign the message to ensure authenticity and encrypt the message to ensure confidentiality (A)

What is the primary purpose of ARP poisoning?

To redirect network traffic by spoofing ARP replies (C)

Which of the following is a characteristic of a hybrid cloud model?

It combines both private and public cloud resources (C)

What is the primary purpose of using checksums when downloading software for network devices?

To verify the integrity of the downloaded data (B)

Which of the following is the MOST effective countermeasure against a distributed denial-of-service (DDoS) attack?

Implementing an anti-DDoS service or mitigation solution (C)

What is the primary purpose of implementing RADIUS for Single Sign-On (SSO)?

To provide centralized authentication and authorization (C)

Which of the following is the MOST effective way to determine if a web application has default accounts enabled?

Attempt to authenticate with common default account credentials (C)

What is the primary purpose of the secure shell (SSH) in the context of software development?

To provide secure remote access to the development environment (B)

Which of the following is the MOST effective way to mitigate the risk of a false negative during a vulnerability scan?

Perform manual code reviews in addition to automated scanning (B)

Which two protocols should the security technician configure to meet the requirements of sending status reports and logging details to a central management console?

SNMPv3 and Syslog (D)

Based on the observation that each malware binary has a different hash, which type of malware is most likely present in the enterprise network environment?

Polymorphic worm (A)

Which combination of factors represents multifactor authentication?

Voice recognition and retina scan (C)

Based on the HTTP POST request containing the string userid=bob' and 1='1&request=Submit, which type of attack was attempted?

SQL injection (A)

Which type of control allows a security guard to perform a post-incident review?

Detective (A)

Which security concern arises from the testing team's decision to use production data in the test system for stress testing?

Potential data leakage (D)

Which of the following is a common technique used by polymorphic malware to evade detection?

Mutating its code with each infection (C)

In the context of network security, what is the primary purpose of using the Syslog protocol?

Centralized log management (A)