NO.410 The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?

A. Updating the playbooks with better decision points

B. Dividing the network into trusted and untrusted zones

C. Providing additional end-user training on acceptable use

D. Implementing manual quarantining of infected hosts

NO.411 A new security engineer has started hardening systems. One of the hardening techniques the engineer is using involves disabling remote logins to the NAS. Users are now reporting the inability to use SCP to transfer files to the NAS, even though the data is still viewable from the users PCs. Which of the following is the MOST likely cause of this issue?

C. Remote login was disabled in the networkd.config instead of using the sshd.conf

A. TFTP was disabled on the local hosts

B. SSH was turned off instead of modifying the configuration file

D. Network services are no longer running on the NAS

NO.412 A Chief Executive Officer (CEO) is dissatisfied with the level of service from the company's new service provider. The service provider is preventing the CEO from sending email from a work account to a personal account. Which of the following types of service providers is being used?

D. Managed security service provider

A. Telecommunications service provider

C. Master managed service provider

NO.413 The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?

D. Segment the staff WiFi network from the environmental systems network.

A. install a smart meter on the staff WiFi.

B. Place the environmental systems in the same DHCP scope as the staff WiFi.

C. Implement Zigbee on the staff WiFi access points.

NO.414 After a phishing scam for a user's credentials, the red team was able to craft a payload to deploy on a server. The attack allowed the installation of malicious software that initiates a new remote session. Which of the following types of attacks has occurred?

C. Application programming interface

NO.415 A company's bank has reported that multiple corporate credit cards have been stolen over the past several weeks. The bank has provided the names of the affected cardholders to the company's forensics team to assist in the cyber-incident investigation. An incident responder learns the following information: The timeline of stolen card numbers corresponds closely with affected users making Internet-based purchases from diverse websites via enterprise desktop PCs. All purchase connections were encrypted, and the company uses an SSL inspection proxy for the inspection of encrypted traffic of the hardwired network. * Purchases made with corporate cards over the corporate guest WiFi network, where no SSL inspection occurs, were unaffected. Which of the following is the MOST likely root cause?

B. The SSL inspection proxy is feeding events to a compromised SIEM

A. HTTPS sessions are being downgraded to insecure cipher suites

C. The payment providers are insecurely processing credit card charges

D. The adversary has not yet established a presence on the guest WiFi network

NO.422 Which of the following would satisfy three-factor authentication?

A. Password, retina scanner, and NFC card

B. Password, fingerprint scanner, and retina scanner

C. Password, hard token, and NFC card

D. Fingerprint scanner, hard token, and retina scanner

NO.423 An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

E. It assures customers that the organization meets security standards

A. It allows for the sharing of digital forensics data across organizations

B. It provides insurance in case of a data breach

C. It provides complimentary training and certification resources to IT security staff.

D. It certifies the organization can work with foreign entities that require a security clearance

NO.425 A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the administrator use?

D. An extended validation certificate

NO.426 A retail company that is launching a new website to showcase the company's product line and other information for online shoppers registered the following URLs: Which of the following should the company use to secure its website rf the company is concerned with convenience and cost?

E. An extended validation certificate

NO.429 After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?

A. The vulnerability scan output

C. The full packet capture data

NO.430 A system administrator needs to implement an access control scheme that will allow an object's access policy be determined by its owner. Which of the following access control schemes BEST fits the requirements?

B. Discretionary access control

D. Attribute-based access control

NO.431 A network engineer needs to build a solution that will allow guests at the company's headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?

A. Implement open PSK on the APs

NO.432 A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements: The devices will be used internationally by staff who travel extensively. Occasional personal use is acceptable due to the travel requirements. Users must be able to install and configure sanctioned programs and productivity suites. The devices must be encrypted * The devices must be capable of operating in low-bandwidth environments. Which of the following would provide the GREATEST benefit to the security posture of the devices?

A. Configuring an always-on VPN

B. Implementing application whitelisting

C. Requiring web traffic to pass through the on-premises content filter

D. Setting the antivirus DAT update schedule to weekly

NO.438 A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?

A. A capture-the-flag competition

NO.439 Which of the following is the correct order of volatility from MOST to LEAST volatile?

B. Cache, memory, temporary filesystems, disk, archival media

A. Memory, temporary filesystems, routing tables, disk, network storage

C. Memory, disk, temporary filesystems, cache, archival media

D. Cache, disk, temporary filesystems, network storage, archival media

NO.440 A network manager is concerned that business may be negatively impacted if the firewall in its datacenter goes offline. The manager would like to Implement a high availability pair to:

B. remove the single point of failure

A. decrease the mean ne between failures

C. cut down the mean tine to repair

D. reduce the recovery time objective

NO.450 An end user reports a computer has been acting slower than normal for a few weeks, During an investigation, an analyst determines the system 3 sending the users email address and a ten-digit number ta an IP address once a day. The only resent log entry regarding the user's computer is the following: Which of the following is the MOST likely cause of the issue?

A. The end user purchased and installed 2 PUP from a web browser.

B. 4 bot on the computer is rule forcing passwords against a website.

C. A hacker Is attempting to exfilltrated sensitive data.

D. Ransomwere is communicating with a command-and-control server.

401-460

Authored by beyza avci

Computers

University

Used 9+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

57 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

NO.401 Which of the following represents a biometric FRR?

A. Authorized users being denied access

B. Users failing to enter the correct PIN

C. The denied and authorized numbers being equal

D. The number of unauthorized users being granted access

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

NO.402 During a security assessment, a security finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permission for the existing users and groups and remove the set-user-ID from the file?

A. 1a

B. chflags

C. chmod

D. leof

E. setuid

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

NO.403 When implementing automation with loT devices, which of the following should be considered FIRST to keep the network secure?

A. Z-Wave compatibility

B. Network range

C. Zigbee configuration

D. Communication protocols

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

NO.404 Which of the following describes the ability of code to target a hypervisor from inside

A. Fog computing

B. VM escape

C. Software-defined networking

D. Image forgery

E. Container breakout

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

NO.405 Users at organization have been installing programs from the internet on their workstations without first proper authorization. The organization maintains a portal from which users can install standardized programs. However, some users have administrative access on their workstations to enable legacy programs to function property. Which of the following should the security administrator consider implementing to address this issue?

A. Application code signing

B. Application whitellsting

C. Data loss prevention

D. Web application firewalls

Answer explanation

Explanation Application whitelisting is the practice of specifying an index of approved software applications or executable files that are permitted to be present and active on a computer system. The goal of whitelisting is to protect computers and networks from potentially harmful applications. In general, a whitelist is an index of approved entities. In information security (infosec), whitelisting works best in centrally managed environments, where systems are subject to a consistent workload.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

NO.406 A company is implementing a new SIEM to log and send alerts whenever malicious activity is blocked by its antivirus and web content filters. Which of the following is the primary use case for this scenario?

A. Implementation of preventive controls

B. Implementation of detective controls

C. Implementation of deterrent controls

D. Implementation of corrective controls

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

NO.407 Which of the following types of controls is a CCTV camera that is not being monitored?

A. Detective

B. Deterrent

C. Physical

D. Preventive

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

60 questions

Salesforce

Quiz

•

University

54 questions

Unit 4 Study Guide

Quiz

•

9th Grade - University

57 questions

IMD222 Memory Module

Quiz

•

University

60 questions

TIN6_ÔN TẬP HKI_2425

Quiz

•

6th Grade - University

53 questions

Scratch Programming

Quiz

•

9th Grade - University

60 questions

Network Models

Quiz

•

University

52 questions

PROTOCOLOS-1-ESPAÑOL

Quiz

•

University - Professi...

62 questions

Network Media

Quiz

•

University

Popular Resources on Wayground

10 questions

Main Idea and Supporting Details

Quiz

•

3rd - 6th Grade

20 questions

Math Review

Quiz

•

3rd Grade

14 questions

25-26 SY 8th Grade EOY Benchmark

Quiz

•

8th Grade

15 questions

Fast food

Quiz

•

7th Grade

20 questions

Math Review

Quiz

•

6th Grade

20 questions

Context Clues

Quiz

•

6th Grade

21 questions

EOY Grade 6 Benchmark Assessment - Content Skills

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

Discover more resources for Computers

20 questions

USA States

Quiz

•

4th Grade - University

11 questions

dog breeds

Quiz

•

3rd Grade - Professio...

20 questions

Present Perfect vs simple past quiz

Quiz

•

University

20 questions

Disney Trivia

Quiz

•

University

20 questions

Disney characters

Quiz

•

KG - Professional Dev...

55 questions

Mock EOC/ Interim 3 Review

Quiz

•

KG - University

401-460

NO.401 Which of the following represents a biometric FRR?

NO.402 During a security assessment, a security finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permission for the existing users and groups and remove the set-user-ID from the file?

NO.403 When implementing automation with loT devices, which of the following should be considered FIRST to keep the network secure?

NO.404 Which of the following describes the ability of code to target a hypervisor from inside

NO.406 A company is implementing a new SIEM to log and send alerts whenever malicious activity is blocked by its antivirus and web content filters. Which of the following is the primary use case for this scenario?

NO.407 Which of the following types of controls is a CCTV camera that is not being monitored?

NO.408 In which of the following common use cases would steganography be employed?

NO.409 An engineer is setting up a VDI environment for a factory location, and the business wants to deploy a low-cost solution to enable users on the shop floor to log in to the VDI environment directly. Which of the following should the engineer select to meet these requirements?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers