Configure the following stateful firewall rules: • Allow the Web Server to access the Database Server using LDAP Choose the correct answer (Source IP/Destination IP/Protocol[TCP/UDP]/Port #/Allow or Block)

Source: 10.1.1.2 / Destination: 10.2.1.20/ Protocol: TCP / Port 389 / Allow

Source: 10.2.1.33 / Destination: 10.1.1.7/ Protocol: TCP / Port 443 / Allow

Source: 10.2.1.47 / Destination: 10.1.1.3/ Protocol: TCP / Port 22 / Allow

Configure the following stateful firewall rules: • Allow the Storage Server to transfer files to the Video Server over HTTPS Choose the correct answer (Source IP/Destination IP/Protocol[TCP/UDP]/Port #/Allow or Block)

Source: 10.2.1.33 / Destination: 10.1.1.7/ Protocol: TCP / Port 443 / Allow

Source: 10.1.1.2 / Destination: 10.2.1.20/ Protocol: TCP / Port 389 / Allow

Source: 10.2.1.47 / Destination: 10.1.1.3/ Protocol: TCP / Port 22 / Allow

Configure the following stateful firewall rules: • Allow the Management Server to use a secure terminal on the File Server Choose the correct answer (Source IP/Destination IP/Protocol[TCP/UDP]/Port #/Allow or Block)

Source: 10.2.1.47 / Destination: 10.1.1.3/ Protocol: TCP / Port 22 / Allow

Source: 10.1.1.2 / Destination: 10.2.1.20/ Protocol: TCP / Port 389 / Allow

Source: 10.2.1.33 / Destination: 10.1.1.7/ Protocol: TCP / Port 443 / Allow

Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration?

Create an operating system security policy to prevent the use of removable media

Monitor removable media usage in host-based firewall logs

Only allow applications that do not use removable media

Define a removable media block rule in the UTM

An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies: • Access records from all devices must be saved and archived • Any data access outside of normal working hours must be immediately reported • Data access must only occur inside of the country • Access logs and audit reports must be created from a single database Which of the following should be implemented by the security team to meet these requirements? (Select THREE)

Restrict login access by IP address and GPS location

Enable time-of-day restrictions on the authentication server

Require government-issued identification during the onboarding process

Add additional password complexity for accounts that access data

Rodney, a security engineer, is viewing this record from the firewall logs: Which of the following can be observed from this log information?

A download was blocked from a web server

The victim's IP address is 136.127.92.171

A botnet DDoS attack was blocked

The Trojan was blocked, but the file was not

Which of the following would be commonly provided by a CASB? (Select TWO)

Verification of encrypted data transfers

List of all internal Windows devices that have not installed the latest security patches

Centralized log storage facility

List of network outages for the previous month

A security team has been provided with a non-credentialed vulnerability scan report created by a third-party. Which of the following would they expect to see on this report?

The version of web server software in use

A summary of all files with invalid group assignments

A list of all unpatched operating system files

MSSR-PRCT-SC+_A

Authored by Marq Valenzuela

English

2nd - 3rd Grade

Used 20+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

108 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Attacker obtains bank account number
and birth date by calling the victim

Vishing

Spoofing

On-path

DDoS

Hoax

Answer explanation

Social engineering over the telephone continues to be an effective attack vector,
and obtaining personal information such as a bank account or birth date would
be considered phishing over voice, or vishing.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Attacker modifies a legitimate DNS server to resolve
the IP address of a malicious site

Vishing

Spoofing

On-path

DDoS

Hoax

Answer explanation

Spoofing happens any time a device pretends to be another device. If a DNS
server has been modified to hand out the IP address of a different server, then
it's spoofing the IP address of the attacker.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Attacker intercepts all communication between
a client and a web server

Vishing

Spoofing

On-path

DDoS

Hoax

Answer explanation

On-path attacks are quite effective because the attacker can often sit invisibly
between two devices and gather useful information or modify the data streams
in real-time.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Multiple attackers
overwhelm a web server

Vishing

Spoofing

On-path

DDoS

Hoax

Answer explanation

A DoS (Denial of Service) occurs when a service is unavailable due to the
effects of a third-party. A DDoS (Distributed Denial of Service) occurs when
multiple third-parties work together to create a service outage.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A virus alert appears in your browser from Microsoft
with a phone number to call for support

Vishing

Spoofing

On-path

DDoS

Hoax

Answer explanation

A threat that seems real but doesn't actually exist is a hoax. In this example, a
fake web site message is trying to convince you that this fake threat is actually a
real security issue.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Web Server and
Database Server
Description:
Computer Room
High security
Choose 3.

Locking Cabinets

Environmental Sensors

Video Surveillance

Full-Disk Encryption

Biometric Reader

Answer explanation

The security in the computer room requires both physical security and ongoing
surveillance. The locking cabinets will secure the physical equipment, and the
video surveillance will provide a method to monitor the systems without being
physically present. Including an environmental sensor will provide information
about the temperature and humidity levels in the computer room.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Employee
Laptops
Description:
Offsite use
Contains PII
Choose 2.

Locking Cabinets

Environmental Sensors

Video Surveillance

Full-Disk Encryption

Biometric Reader

Answer explanation

Since the laptops are used away from the main location, it's important to
protect the data and provide additional authentication options. The storage
drives on the laptop should be configured with FDE (full-disk encryption) and
a biometric reader on the laptop can ensure that the proper users have access.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

109 questions

untitled

Quiz

•

1st - 5th Grade

103 questions

Grammar test

Quiz

•

1st - 5th Grade

104 questions

English Language Quiz

Quiz

•

3rd Grade

105 questions

Vocabulary Final ESL Beginners

Quiz

•

3rd - 9th Grade

113 questions

Listening 1 bản chuẩn không có file nghe Lis8-16

Quiz

•

1st - 5th Grade

112 questions

Tłumaczenie fragmentów

Quiz

•

2nd Grade

103 questions

Câu hỏi về giáo dục và văn học Việt Nam

Quiz

•

2nd Grade

105 questions

unit 3 and 4 vocabulary

Quiz

•

1st - 5th Grade

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for English

20 questions

Prefix and Suffix Review

Quiz

•

3rd - 5th Grade

7 questions

History of Valentine's Day

Passage

•

3rd - 5th Grade

15 questions

Theme

Lesson

•

3rd - 7th Grade

20 questions

Revising and Editing Practice

Quiz

•

3rd Grade

20 questions

Inferences

Quiz

•

3rd Grade

10 questions

IRead Practice 1

Quiz

•

3rd Grade

15 questions

Quotation Marks in Dialogue

Quiz

•

3rd Grade

14 questions

Text Structures

Quiz

•

3rd - 5th Grade

MSSR-PRCT-SC+_A

Attacker obtains bank account number
and birth date by calling the victim

Social engineering over the telephone continues to be an effective attack vector,
and obtaining personal information such as a bank account or birth date would
be considered phishing over voice, or vishing.

Attacker modifies a legitimate DNS server to resolve
the IP address of a malicious site

Spoofing happens any time a device pretends to be another device. If a DNS
server has been modified to hand out the IP address of a different server, then
it's spoofing the IP address of the attacker.

Attacker intercepts all communication between
a client and a web server

On-path attacks are quite effective because the attacker can often sit invisibly
between two devices and gather useful information or modify the data streams
in real-time.

Multiple attackers
overwhelm a web server

A DoS (Denial of Service) occurs when a service is unavailable due to the
effects of a third-party. A DDoS (Distributed Denial of Service) occurs when
multiple third-parties work together to create a service outage.

A virus alert appears in your browser from Microsoft
with a phone number to call for support

A threat that seems real but doesn't actually exist is a hoax. In this example, a
fake web site message is trying to convince you that this fake threat is actually a
real security issue.

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Web Server and
Database Server
Description:
Computer Room
High security
Choose 3.

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Employee
Laptops
Description:
Offsite use
Contains PII
Choose 2.

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Lending
Systems
Description:
Manages the check-in
and check-out process
Choose 1.

The lending library systems are only used inside of the library, and it would
be common for employees to always have their identification cards available.
When combined with a smart card, these identification cards can be used as a
method of authentication for the lending systems.

The reading lab computers are laptops that are used in a public area with no
supervision. To prevent these portable systems from becoming too portable,
they can be fitted with cable locks while in the reading lab.

Choose the BEST secure network protocol
for the description:
Accept customer purchases from your primary website

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for English

MSSR-PRCT-SC+_A

Attacker obtains bank account numberand birth date by calling the victim

Social engineering over the telephone continues to be an effective attack vector,and obtaining personal information such as a bank account or birth date wouldbe considered phishing over voice, or vishing.

Attacker modifies a legitimate DNS server to resolvethe IP address of a malicious site

Spoofing happens any time a device pretends to be another device. If a DNSserver has been modified to hand out the IP address of a different server, thenit's spoofing the IP address of the attacker.

Attacker intercepts all communication betweena client and a web server

On-path attacks are quite effective because the attacker can often sit invisiblybetween two devices and gather useful information or modify the data streamsin real-time.

Multiple attackersoverwhelm a web server

A DoS (Denial of Service) occurs when a service is unavailable due to theeffects of a third-party. A DDoS (Distributed Denial of Service) occurs whenmultiple third-parties work together to create a service outage.

A virus alert appears in your browser from Microsoftwith a phone number to call for support

A threat that seems real but doesn't actually exist is a hoax. In this example, afake web site message is trying to convince you that this fake threat is actually areal security issue.

The security team at a local public library system is creating a set ofminimum security standards for the various computer systems.Select the BEST security control for each available placeholder.Location: LibraryWeb Server andDatabase ServerDescription:Computer RoomHigh securityChoose 3.

The security team at a local public library system is creating a set ofminimum security standards for the various computer systems.Select the BEST security control for each available placeholder.Location: LibraryEmployeeLaptopsDescription:Offsite useContains PIIChoose 2.

The security team at a local public library system is creating a set ofminimum security standards for the various computer systems.Select the BEST security control for each available placeholder.Location: LibraryLendingSystemsDescription:Manages the check-inand check-out processChoose 1.

The lending library systems are only used inside of the library, and it wouldbe common for employees to always have their identification cards available.When combined with a smart card, these identification cards can be used as amethod of authentication for the lending systems.

The security team at a local public library system is creating a set ofminimum security standards for the various computer systems.Select the BEST security control for each available placeholder.Location: Digital NewspaperReading LabDescription:Open AreaNo supervisionLaptop computersChoose 1.

The reading lab computers are laptops that are used in a public area with nosupervision. To prevent these portable systems from becoming too portable,they can be fitted with cable locks while in the reading lab.

Choose the BEST secure network protocolfor the description:Accept customer purchases from your primary website

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for English

Attacker obtains bank account number
and birth date by calling the victim

Social engineering over the telephone continues to be an effective attack vector,
and obtaining personal information such as a bank account or birth date would
be considered phishing over voice, or vishing.

Attacker modifies a legitimate DNS server to resolve
the IP address of a malicious site

Spoofing happens any time a device pretends to be another device. If a DNS
server has been modified to hand out the IP address of a different server, then
it's spoofing the IP address of the attacker.

Attacker intercepts all communication between
a client and a web server

On-path attacks are quite effective because the attacker can often sit invisibly
between two devices and gather useful information or modify the data streams
in real-time.

Multiple attackers
overwhelm a web server

A DoS (Denial of Service) occurs when a service is unavailable due to the
effects of a third-party. A DDoS (Distributed Denial of Service) occurs when
multiple third-parties work together to create a service outage.

A virus alert appears in your browser from Microsoft
with a phone number to call for support

A threat that seems real but doesn't actually exist is a hoax. In this example, a
fake web site message is trying to convince you that this fake threat is actually a
real security issue.

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Web Server and
Database Server
Description:
Computer Room
High security
Choose 3.

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Employee
Laptops
Description:
Offsite use
Contains PII
Choose 2.

The security team at a local public library system is creating a set of
minimum security standards for the various computer systems.
Select the BEST security control for each available placeholder.
Location:
Library
Lending
Systems
Description:
Manages the check-in
and check-out process
Choose 1.

The lending library systems are only used inside of the library, and it would
be common for employees to always have their identification cards available.
When combined with a smart card, these identification cards can be used as a
method of authentication for the lending systems.

The reading lab computers are laptops that are used in a public area with no
supervision. To prevent these portable systems from becoming too portable,
they can be fitted with cable locks while in the reading lab.

Choose the BEST secure network protocol
for the description:
Accept customer purchases from your primary website