A security analyst is hardening a network infrastructure The analyst is given the following requirements • Preserve the use of public IP addresses assigned to equipment on the core router • Enable "in transport" encryption protection to the web server with the strongest ciphers. Which of the following should the analyst implement to meet these requirements? (Select two).

Configure NAT on the core router.

Enable TLSv2 encryption on the web server

Configure VLANs on the core router

Configure BGP on the core router

Enable AES encryption on the web server

A technician is setting up a new firewall on a network segment to allow web traffic to the internet while hardening the network. After the firewall is configured, users receive errors stating the website could not be located. Which of the following would best correct the issue?

Ensuring that port 53 has been explicitly allowed in the rule set

Setting an explicit deny to all traffic using port 80 instead of 443

Moving the implicit deny from the bottom of the rule set to the top

Configuring the first line in the rule set to allow all traffic

A company recently suffered a breach in which an attacker was able to access the internal mail servers and directly access several user inboxes. A large number of email messages were later posted online. Which of the following would best prevent email contents from being released should another breach occur?

Implement S/MIME to encrypt the emails at rest.

Enable full disk encryption on the mail servers.

Use digital certificates when accessing email via the web.

Configure web traffic to only use TLS-enabled channels.

Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclosed?

A full inventory of all hardware and software

Documentation of system classifications

Third-party risk assessment documentation

A list of system owners and their departments

A network manager is concerned that business may be negatively impacted if the firewall in its data center goes offline. The manager would like to implement a high availability pair to:

remove the single point of failure.

decrease the mean time between failures.

cut down the mean time to repair

reduce the recovery time objective

A local server recently crashed, and the team is attempting to restore the server from a backup. During the restore process, the team notices the file size of each daily backup is large and will run out of space at the current rate. The current solution appears to do a full backup every night. Which of the following would use the least amount of storage space for backups?

A weekly, full backup with daily incremental backups

A weekly, incremental backup with daily differential backups

weekly, full backup with daily snapshot backups

A weekly, full backup with daily differential backups

A company needs to centralize its logs to create a baseline and have visibility on its security events. Which of the following technologies will accomplish this objective?

Security information and event management

A security architect is required to deploy to conference rooms some workstations that will allow sensitive data to be displayed on large screens. Due to the nature of the data, it cannot be stored in the conference rooms. The file share is located in a local data center. Which of the following should the security architect recommend to best meet the requirement?

Full drive encryption and thick clients

A government organization is developing an advanced AI defense system. Developers are using information collected from third-party providers. Analysts are noticing inconsistencies in the expected performance of the system and attribute the outcome to a recent attack on one of the suppliers. Which of the following IS the most likely reason for the inaccuracy of the system?

A. Improper algorithms security

During a security incident, the security operations team identified a sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization's network. Which of the following fulfills this request?

access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0 C. access-list inbound permit ip source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound deny ip source 0.0.0.0/0 destination 10.1.4.9/32

access-list inbound permit ip source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound permit ip source 0.0.0.0/0 destination 10.1.4.9/32

A company's help desk received several AV alerts indicating Mimikatz attempted to run on the remote systems. Several users also reported that the new company flash drives they picked up in the break room only have 512KB of storage. Which of the following is most likely the cause?

The GPO blocking the flash drives is being bypassed by a malicious flash drive that is attempting to harvest plaintext credentials from memory.

The GPO prevents the use of flash drives, which triggers a false positive AV indication and restricts the drives to only 512KB of storage

The new flash drives need a driver that is being blocked by the AV software because the flash drives are not on the application's allow list, temporarily restricting the drives to 512KB of storage.

The new flash drives are incorrectly partitioned, and the systems are automatically trying to use an unapproved application to repartition the drives.

A research company discovered that an unauthorized piece of software has been detected on a small number of machines in its lab. The researchers collaborate with other machines using port 445 and on the internet using port 443. The unauthorized software is starting to be seen on additional machines outside of the lab and is making outbound communications using HTTPS and SMS. The security team has been instructed to resolve the issue as quickly as possible while causing minimal disruption to the researchers. Which of the following is the best course of action in this scenario?

Place the machines with the unapproved software in containment,

Update the host firewalls to block outbound Stv1B.

Place the unauthorized application in a Bocklist.

Implement a content filter to block unauthorized software communication.

While troubleshooting a firewall configuration, a technician determines that a "deny any" policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable. Which of the following actions would prevent this issue?

Testing the policy in a non-production environment before enabling the policy in the production network

Documenting the new policy in a change request and submitting the request to change management

Disabling any intrusion prevention signatures on the "deny any" policy prior to enabling the new policy

Including an "allow any" policy above the "deny any" policy

Which of the following best reduces the security risks introduced when running systems that have expired vendor support and lack an immediate replacement?

Implement proper network access restrictions.

Classify the system as shadow IT.

Increase the frequency of vulnerability scans.

Which of the following best reduces the security risks introduced when running systems that have expired vendor support and lack an immediate replacement?

Implement proper network access restrictions.

Classify the system as shadow IT.

Increase the frequency of vulnerability scans.

cwicz4

Quiz

•

Design

•

4th Grade

•

Practice Problem

•

Medium

malgorzata malgorzata

Used 11+ times

FREE Resource

37 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A web server has been compromised due to a ransomware attack. Further Investigation reveals the ransomware has been in the server for the past 72 hours. The systems administrator needs to get the services back up as soon as possible. Which of the following should the administrator use to restore services to a secure state?

The last incremental backup that was conducted 72 hours ago

The last known-good configuration stored by the operating system

The last full backup that was conducted seven days ago

The baseline OS configuration

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company recently experienced a significant data loss when proprietary information was leaked to a competitor. The company took special precautions by using proper labels; however, email filter logs do not have any record of the incident. An investigation confirmed the corporate network was not breached, but documents were downloaded from an employee's COPE tablet and passed to the competitor via cloud storage. Which of the following is the best mitigation strategy to prevent this from happening in the future?

User training

CAsB

MDM

EDR

MULTIPLE SELECT QUESTION

1 min • 1 pt

An organization experiences a cybersecurity incident involving a command-and-control server. Which of the following
logs should be analyzed to identify the impacted host? (Select two).

Application

Authentication

Network

Firewall

System

MULTIPLE CHOICE QUESTION

1 min • 1 pt

Which of the following is most likely to contain ranked and ordered information on the likelihood and potential impact
of catastrophic events that may affect business processes and systems, while also highlighting the residual risks that need to be managed after mitigating controls have been implemented?

An RTO report

A risk register

A business impact analysis

An asset value register

A disaster recovery plan

MULTIPLE CHOICE QUESTION

1 min • 1 pt

During an assessment, a systems administrator found several hosts running FTP and decided to immediately block FTP
communications at the firewall. Which of the following describes the greatest risk associated with using FTP?

Private data can be leaked

FTP is prohibited by internal policy.

Users can upload personal files

Credentials are sent in cleartext.

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A security professional wants to enhance the protection of a critical environment that is used to store and manage a company's encryption keys. The selected technology should be tamper resistant. Which of the following should the security professional implement to achieve the goal?

DLP

HSM

FIM

MULTIPLE CHOICE QUESTION

1 min • 1 pt

A company's help desk has received calls about the wireless network being down and users being unable to connect to it. The network administrator says all access points are up and running One of the help desk technicians notices the affected users are working in a building near the parking lot. Which of the following is the most likely reason for the outage?

Someone near the building is jamming the signal

A user has set up a rogue access point near the building

Someone set up an evil twin access point in the affected area.

The APs in the affected area have been unplugged from the network

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

40 questions

Basic Design

Quiz

•

1st - 12th Grade

40 questions

กลางภาค-ว31103 การออกแบบและเทคโนโลยี

Quiz

•

4th Grade

32 questions

Modern and SMART Materials GCSE

Quiz

•

1st - 12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Design

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

10 questions

Groundhog Day Trivia Questions

Interactive video

•

3rd - 6th Grade

16 questions

Interpreting Line Graphs & Double Tables

Quiz

•

4th Grade

14 questions

Nonfiction Text Structures

Quiz

•

4th Grade

10 questions

Groundhog Behavior and Hibernation Facts

Interactive video

•

3rd - 5th Grade

10 questions

Understanding Poetry and Literary Devices

Interactive video

•

4th - 8th Grade

77 questions

Mixed Multiplication and Division Facts

Quiz

•

4th Grade

cwicz4

37 questions

An organization experiences a cybersecurity incident involving a command-and-control server. Which of the followinglogs should be analyzed to identify the impacted host? (Select two).

During an assessment, a systems administrator found several hosts running FTP and decided to immediately block FTPcommunications at the firewall. Which of the following describes the greatest risk associated with using FTP?

A security professional wants to enhance the protection of a critical environment that is used to store and manage a company's encryption keys. The selected technology should be tamper resistant. Which of the following should the security professional implement to achieve the goal?

Which of the following best ensures minimal downtime for organizations with critical computing equipment located inearthquake-prone areas?

A technician is setting up a new firewall on a network segment to allow web traffic to the internet while hardening the network. After the firewall is configured, users receive errors stating the website could not be located. Which of the following would best correct the issue?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Design

An organization experiences a cybersecurity incident involving a command-and-control server. Which of the following
logs should be analyzed to identify the impacted host? (Select two).

During an assessment, a systems administrator found several hosts running FTP and decided to immediately block FTP
communications at the firewall. Which of the following describes the greatest risk associated with using FTP?

Which of the following best ensures minimal downtime for organizations with critical computing equipment located in
earthquake-prone areas?