Security+ Practice Exam 1 Flashcards
85 Questions
100 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of these best describes two-factor authentication?

  • The door to a building requires a fingerprint scan
  • An application requires a TOTP code (correct)
  • A Windows Domain requires a username, password, and smart card
  • A printer uses a password and a PIN
  • Which of the following deployment models would address concerns regarding managing mobile devices?

  • BYOD
  • Corporate-owned
  • COPE
  • VDI (correct)
  • Which of the following would BEST describe a UPS installation in a data center?

  • Administrative
  • Detective
  • Compensating
  • Preventive (correct)
  • Which of the following technologies would be the BEST choice to track parts on an assembly line?

    <p>Blockchain</p> Signup and view all the answers

    In which order should volatile data be collected in a security breach?

    <p>Memory, CPU registers, temporary files, remote monitoring data</p> Signup and view all the answers

    What does the SHA256 hash value ensure when downloading an ISO?

    <p>Verifies that the file was not corrupted during the file transfer</p> Signup and view all the answers

    Which of the following would be the BEST way to provide a requirement for login access only within the same building as the server?

    <p>Biometric scanner</p> Signup and view all the answers

    Which of these vulnerabilities is MOST associated with a database being open for anyone to query?

    <p>Open permissions</p> Signup and view all the answers

    Which of the following would BEST describe an email asking for Windows Domain credentials?

    <p>Phishing</p> Signup and view all the answers

    Which risk management strategy includes the purchase and installation of an NGFW?

    <p>Mitigation</p> Signup and view all the answers

    How can one confirm the secure baseline of a deployed application instance?

    <p>Perform an integrity measurement</p> Signup and view all the answers

    What would have prevented a financial transfer delay if a team member was out of the office?

    <p>Job rotation</p> Signup and view all the answers

    What does the log information suggest when multiple sessions are from a single IP address with a TTL equal to zero?

    <p>Someone is performing a traceroute to the DMZ server</p> Signup and view all the answers

    Which type of attack allows the execution of arbitrary code through unexpected input in an API call?

    <p>Buffer overflow</p> Signup and view all the answers

    Which keys should an organization place into escrow for encrypted materials?

    <p>Private</p> Signup and view all the answers

    What authentication process should a security administrator design to only need credentials in the morning?

    <p>Kerberos</p> Signup and view all the answers

    What is the BEST choice for network segmentation without additional hardware?

    <p>Create separate VLANs for the corporate network and the manufacturing floor</p> Signup and view all the answers

    Why can't a home user print to their local printer while connected to corporate VPN?

    <p>The VPN tunnel is configured for full tunnel</p> Signup and view all the answers

    Why would a data center manager build a Faraday cage?

    <p>Protect the servers against any unwanted electromagnetic fields</p> Signup and view all the answers

    What action should be taken to prevent the reoccurrence of a vulnerability that was reintroduced after a patch?

    <p>Continuous monitoring</p> Signup and view all the answers

    What method should be used to ensure unique hashes in a password login process?

    <p>Salting</p> Signup and view all the answers

    What cryptographic method adds trust to a digital certificate?

    <p>Digital signature</p> Signup and view all the answers

    Which items should be included in server room design for redundancy? (Select TWO)

    <p>Dual power supplies</p> Signup and view all the answers

    Who is responsible for managing access rights to a customer information database?

    <p>Data owner</p> Signup and view all the answers

    Why was a new classification type of 'PII' added to a CMS?

    <p>Expanded privacy compliance</p> Signup and view all the answers

    What is the BEST way to securely store private keys across web servers?

    <p>Use an HSM</p> Signup and view all the answers

    What can be deduced from the IPS security log regarding Cross-Site Scripting?

    <p>The alert was generated from an embedded script</p> Signup and view all the answers

    Which option describes a monetary loss if one event occurs?

    <p>SLE</p> Signup and view all the answers

    What best describes a SQL injection when a user inputs a search query that reveals all database records?

    <p>SQL injection</p> Signup and view all the answers

    What is the MOST likely cause of poor system performance after opening a spreadsheet from a vendor?

    <p>RAT</p> Signup and view all the answers

    Which standard is required for maintaining payment information?

    <p>PCI DSS</p> Signup and view all the answers

    What is the MOST likely reason for intermittent external IP traffic to workstations?

    <p>Backdoor</p> Signup and view all the answers

    Which of the following was the MOST likely source of an alert message about credit card numbers transmitted via email?

    <p>DLP</p> Signup and view all the answers

    What is the MOST likely reason for a virtual machine having a guest login with no password?

    <p>The server is a honeypot for attracting potential attackers</p> Signup and view all the answers

    What is the BEST way to implement email encryption without changing existing server settings?

    <p>Require the use of S/MIME</p> Signup and view all the answers

    What is the BEST way to deploy applications securely without installing a virtual machine?

    <p>Containerization</p> Signup and view all the answers

    What is the BEST way to determine if a new application server is secure before production rollout?

    <p>Penetration test</p> Signup and view all the answers

    Which of the following would BEST describe the approach of gathering information about your company's servers without direct access to the internal network?

    <p>Passive footprinting</p> Signup and view all the answers

    Which of these protocols use TLS to provide secure communication? (Select TWO)

    <p>HTTPS</p> Signup and view all the answers

    Which of these threat actors would be MOST likely to attack systems for direct financial gain?

    <p>Organized crime</p> Signup and view all the answers

    Which of the following data sources should be gathered to address file storage volatility? (Select TWO)

    <p>Temporary file systems</p> Signup and view all the answers

    Which category would BEST describe all-in-one printers that have a vulnerability allowing remote control?

    <p>MFD</p> Signup and view all the answers

    Which of the following standards provides information on privacy and managing PII?

    <p>ISO 27701</p> Signup and view all the answers

    What would be the BEST way to prevent data exfiltration using external storage drives?

    <p>Create an operating system security policy to prevent the use of removable media</p> Signup and view all the answers

    Which of the following would assist a CISO in decreasing response time when addressing security incidents with a limited budget?

    <p>SOAR</p> Signup and view all the answers

    Which of the following should be implemented to handle data breaches based on the given policies? (Select THREE)

    <p>Enable time-of-day restrictions on the authentication server</p> Signup and view all the answers

    What can be observed from this firewall log indicating a Trojan was blocked?

    <p>A download was blocked from a web server</p> Signup and view all the answers

    Which attack would be the MOST likely reason for receiving an invalid connection message?

    <p>On-path</p> Signup and view all the answers

    Which method would be the BEST way to provide a website login using existing credentials from a third-party site?

    <p>Federation</p> Signup and view all the answers

    Which term BEST describes the expected frequency of firewall hardware failures between repairs?

    <p>MTBF</p> Signup and view all the answers

    Which kind of attack is best described by a phone call to reset a password while pretending to be a company director?

    <p>Social engineering</p> Signup and view all the answers

    Which of the following authentication protocols would meet the network team's requirements for an encrypted tunnel?

    <p>EAP-TTLS</p> Signup and view all the answers

    Which of the following would be commonly provided by a CASB? (Select TWO)

    <p>List of applications in use</p> Signup and view all the answers

    What issue is described by a time clock appliance resetting its file system following an error?

    <p>Race condition</p> Signup and view all the answers

    What would correct the lack of restrictions in password policies? (Select TWO)

    <p>Password expiration</p> Signup and view all the answers

    What kind of security control is associated with a login banner?

    <p>Deterrent</p> Signup and view all the answers

    What should be expected on a non-credentialed vulnerability scan report?

    <p>The version of web server software in use</p> Signup and view all the answers

    Which of these describes a set of steps for processing orders during an Internet connection failure?

    <p>Continuity of operations</p> Signup and view all the answers

    What is the BEST way to protect against data exfiltration via malicious phone charging stations?

    <p>USB data blocker</p> Signup and view all the answers

    What would be the BEST choice for protecting data stored on laptops used in the field?

    <p>SED</p> Signup and view all the answers

    How many backup sets are required for a full recovery of the file server on Thursday afternoon?

    <p>4</p> Signup and view all the answers

    Which of the following would be the BEST way to establish mobile device security policies?

    <p>MDM</p> Signup and view all the answers

    What best describes the situation where expected vulnerabilities are not found during a scan?

    <p>False negative</p> Signup and view all the answers

    Which additional authentication controls should be added by the security administrator? (Select TWO)

    <p>Smart Card</p> Signup and view all the answers

    What should be configured on wireless access points to require usernames and passwords from users?

    <p>802.1X</p> Signup and view all the answers

    Which tools should be used to identify all references to a Javascript file in a web page? (Select TWO)

    <p>curl</p> Signup and view all the answers

    Which access control model describes assigning rights and permissions to a file?

    <p>DAC</p> Signup and view all the answers

    What best describes the message requesting VPN login details via text?

    <p>Smishing</p> Signup and view all the answers

    Which store policy provides separation of duties for gift certificate transactions?

    <p>Require an approval PIN for the cashier and a separate approval PIN for the manager</p> Signup and view all the answers

    Which statements about rainbow tables are true? (Select TWO)

    <p>A rainbow table won't be useful if the passwords are salted</p> Signup and view all the answers

    What attack is best described by redirecting users to a different IP address for a bank's website?

    <p>DNS poisoning</p> Signup and view all the answers

    Which cloud deployment model shares resources between a private data center and cloud services?

    <p>Hybrid</p> Signup and view all the answers

    What is the BEST way for an administrator to verify that systems cannot be accessed by former employees?

    <p>Validate the processes and procedures for all outgoing employees</p> Signup and view all the answers

    What security feature was MOST likely enabled if devices cannot connect to an access point?

    <p>MAC filtering</p> Signup and view all the answers

    What tool is used for creating detailed network connection information?

    <p>netstat</p> Signup and view all the answers

    What kind of attack is described by sending crafted packets from remote devices to crash a server?

    <p>DDoS</p> Signup and view all the answers

    In the context of incident response, which part best describes rebuilding and restoring services?

    <p>Reconstitution</p> Signup and view all the answers

    What is the BEST way to manage security policies for a PaaS service?

    <p>CASB</p> Signup and view all the answers

    What issue is presented if a firewall vulnerability is identified with no plans for a patch?

    <p>Lack of vendor support</p> Signup and view all the answers

    What type of exercise simulates a disaster scenario and discusses resolutions?

    <p>Tabletop exercise</p> Signup and view all the answers

    What is the BEST way to identify systems infected with malware?

    <p>DNS sinkhole</p> Signup and view all the answers

    What incident response step involves isolating a suspected malware infection?

    <p>Containment</p> Signup and view all the answers

    What approach ensures all data on a mobile device is unrecoverable if lost?

    <p>Remote wipe</p> Signup and view all the answers

    Which log file provides information regarding server memory contents during a ransomware infection?

    <p>Dump</p> Signup and view all the answers

    Which part of the PC startup process verifies the digital signature of the OS kernel?

    <p>Measured Boot</p> Signup and view all the answers

    Study Notes

    Third-Party Information Gathering

    • Passive footprinting describes the approach where a third-party gathers information without direct access to the internal network.

    Secure Communication Protocols

    • TLS is utilized by protocols like HTTPS and FTPS for secure communication.

    Threat Actors

    • Organized crime is the primary threat actor motivated by direct financial gain.

    Security Incident Data Sources

    • Key data sources for addressing file storage volatility include partition data and temporary file systems.

    Vulnerability in IoT Devices

    • Multi-Function Devices (MFD) are identified as vulnerable IoT devices that can be remotely controlled.

    Privacy Standards

    • ISO 27701 focuses on privacy management and handling Personally Identifiable Information (PII).

    Preventing Data Exfiltration

    • An effective strategy to mitigate data exfiltration through external storage drives is to create an operating system security policy prohibiting removable media usage.

    Incident Response Efficiency

    • Implementation of SOAR (Security Orchestration, Automation and Response) can enhance incident response without additional hiring.

    Data Breach Policy Implementation

    • To meet data breach policies, implement IP/GPS access restrictions, consolidate logs on a SIEM, and enable time-of-day restrictions.

    Firewall Log Analysis

    • A firewall log indicates that a download was blocked from a web server due to potential malware.

    Connection Security Issues

    • A message stating "Your connection is not private" suggests an on-path attack could be the cause.

    Third-Party Site Access

    • Utilizing Federation provides the best method for website logins using existing credentials from another site.

    Firewall Hardware Reliability

    • Mean Time Between Failures (MTBF) is the concept that describes expected hardware failure rates.

    Social Engineering Attacks

    • Impersonating an internal employee over the phone signifies a social engineering attack.

    Wireless Authentication Protocols

    • EAP-TTLS is suitable for supporting additional authentication protocols in an encrypted tunnel.

    Cloud Access Security Broker (CASB) Services

    • CASBs typically offer a list of applications in use and verification of encrypted data transfers.

    Time Clock Appliance Issues

    • A race condition occurs if a device constantly reboots due to file system errors.

    Password Policy Corrections

    • Password expiration and implementing a password lockout policy are essential corrections to existing password policies.

    Nature of Login Banners

    • A login banner serves as a deterrent security control.

    Vulnerability Scan Expectations

    • Non-credentialed vulnerability scans usually reveal the version of web server software in use, rather than detailed file lists.

    Disaster Recovery Planning

    • A continuity of operations plan details steps for processing orders if the primary Internet connection fails.

    Protection Against Malicious Charging Stations

    • A USB data blocker best protects against threats from malicious phone charging stations.

    Data Protection on Laptops

    • Self-Encrypting Drives (SED) are the best option for protecting data on field laptops.

    Recovery Backup Process

    • A full recovery on Thursday afternoon after scheduled backups requires referencing three backup sets (one full and two incremental).

    Mobile Device Security Policies

    • Implement Mobile Device Management (MDM) to establish security policies for mobile devices used by remote sales teams.

    Vulnerability Scan Discrepancies

    • The lack of vulnerabilities reported despite an announced flaw indicates a false negative.

    Additional Authentication Controls

    • Implementing TOTP and smart card authentication adds extra security layers.

    Wireless Network Setup

    • Configuring 802.1X on access points mandates personal authentication for wireless connections.

    Source Code Visibility

    • To identify specific JavaScript files in web pages, tools like grep and curl should be used.

    Access Control Model

    • The user-defined access control mechanism is categorized as Discretionary Access Control (DAC).

    SMS Phishing (Smishing)

    • A text message soliciting VPN login details is classified as smishing, a form of social engineering.

    Separation of Duties for Transaction Approval

    • Requiring distinct approval PINs for cashiers and managers enforces separation of duties in processing transactions.

    Rainbow Table Characteristics

    • Rainbow tables are susceptible to ineffectiveness if passwords are salted and require specific tables for different hashing methods.

    DNS Poisoning Attacks

    • Attackers redirect users from a legitimate website to a fraudulent one through DNS poisoning.

    Hybrid Cloud Model

    • Hybrid cloud combines private data centers with external cloud services for shared resources.

    Validation of Access Control for Departed Employees

    • Validating exit processes for employees ensures unauthorized access can be prevented.

    Wireless Connection Issues

    • MAC filtering could explain connectivity issues if devices can detect the access point but cannot connect.

    Network Connection Statistics Tool

    • Netstat is used to display current TCP/IP network connections and their statuses.

    Denial of Service Threats

    • Sending crafted packets to overload a server constitutes a DDoS (Distributed Denial of Service) attack.

    Incident Recovery Phases

    • Building new systems post-data breach aligns with the reconstitution phase in incident response.

    Cloud Service Security Management

    • Utilizing a Cloud Access Security Broker (CASB) is optimal for managing security policies in a PaaS environment.

    Vendor Support Issues

    • The absence of a planned patch from a firewall company indicates lack of vendor support for vulnerabilities.

    Disaster Recovery Discussion Framework

    • Conducting a tabletop exercise during an annual meeting simulates disaster responses among company leaders.

    Identifying Infected Systems

    • Implementing a DNS sinkhole to identify all computers on the network infected with malware is effective.

    Incident Containment Steps

    • The process of removing a potentially infected device from a network is part of containment in incident response.

    Ensuring Mobile Data Security

    • A remote wipe feature guarantees unrecoverable data on a mobile device if lost or stolen.

    Memory Dump Investigation

    • Accessing dump files provides insights into the memory contents during a ransomware investigation.

    OS Kernel Signature Verification

    • Trusted Boot verifies the digital signature of the operating system kernel during startup.

    Characteristics of Two-Factor Authentication

    • Two-factor authentication is confirmed by requiring both a password and a smart card for access.

    Addressing Diverse Mobile Device Risks

    • A Virtual Desktop Infrastructure (VDI) model effectively manages a variety of devices used in the field.### Cybersecurity Concepts
    • SHA256 hash value verifies file integrity to ensure the downloaded ISO is not corrupted.
    • A security policy requiring physical presence for login access is best achieved with biometric scanners.
    • Open permissions vulnerability allows authentication-less access to a database.
    • Phishing describe attacks where an email prompts users to enter credentials on an external link.
    • Risk mitigation strategies include the purchase and installation of Next-Generation Firewalls (NGFW).
    • Performing an integrity measurement confirms the secure baseline of a deployed application instance.
    • Job rotation minimizes delays caused by an employee's absence, ensuring continuity.

    Logging and Attacks

    • TTL equal to zero with sessions from the same IP indicates a potential traceroute or network scan.
    • Buffer overflow attacks exploit input handling vulnerabilities to execute arbitrary code.
    • Key escrow entails storing private keys as a recovery option for encrypted materials.
    • Kerberos is an authentication process that requests user credentials once daily, minimizing repeated prompts.

    Network Segmentation and VPNs

    • VLANs offer the best solution for segmenting networks on the same physical switch without new hardware.
    • Full tunnel VPN configuration can disrupt local network resources like printers when connected.

    Security Measures

    • A Faraday cage protects equipment from electromagnetic interference and external attacks.
    • Continuous monitoring helps identify reintroduced vulnerabilities after patches are applied.
    • Salting is a technique used to add random data to password hashes for increased security.
    • Digital signatures enhance trust in digital certificates by proving authenticity.

    Redundancy and Access Control

    • RAID arrays and dual power supplies are essential for redundancy in a server room design.
    • Data custodians manage access rights to sensitive information within an organization.

    Compliance and Encryption

    • PII classification enhances compliance with privacy regulations.
    • Hardware Security Modules (HSMs) are the best choice for securely storing private encryption keys.
    • Standards like PCI DSS are crucial for organizations handling credit card information.

    Detecting Threats

    • Alerts generated from malformed requests or unauthorized transmissions of sensitive information indicate potential security incidents.
    • An external connection pattern suggests the presence of a backdoor on the network.

    Secure Remote Access

    • A honeypot server is intentionally left vulnerable to attract and study potential attackers.
    • Implementing S/MIME allows encrypted communication between email clients without altering the server configuration.

    Application Deployment

    • Containerization simplifies application deployment and resource management without the overhead of virtual machines.
    • Penetration testing provides insight into system vulnerabilities before production rollout, ensuring robust security measures.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Test your knowledge with these flashcards based on Professor Messer's Security+ practice exam. Each card covers essential concepts relevant to cybersecurity, such as passive footprinting and network security protocols. Perfect for reinforcing your understanding before the exam.

    More Like This

    Use Quizgecko on...
    Browser
    Browser