You are the security administrator for the British secret service. What type of access method will you use for secret and top-secret data?

You will use MAC, with the security administrator giving access.

You will use DAC, with the owner of the data giving access.

You will use MAC, with the custodian of the data giving access.

You will use DAC, with the security administrator giving access.

John goes to a sports website and gets the following error: THIS WEBSITE CANNOT BE TRUSTED. What two actions does the website administrator need to take to resolve this error? Choose two.

Update the root certificate into the client computer's trusted root certificate authority's store

Verify whether the certificate on the server has expired

Ask the key escrow to store his private key

Ensure that the website uses a valid SAN certificate

The security administrator is going to open a risk register for the company. What will be recorded in the risk register?

Risk descriptions, the owner, and risk mitigation strategies

An auditor made a recommendation in an annual audit last year that an embedded device be patched immediately. A year later, a second audit made the same recommendation and noted the fact that the outcomes from the last audit had not been adhered to. What is the reason that the patching has not been carried out? Select the most likely reason.

The vendor is not producing any more patches as it is the end of life.

The audit recommendation has been ignored.

The company disagreed with the audit recommendation.

There is no interface for patching.

Company A is due to upgrade all its IT systems and has been investigating moving to the cloud as there is no capital expenditure since the CSP provides the hardware. Company A would still like to control the IT systems in the cloud. Which cloud model would best serve Company A's needs?

Infrastructure as a Service (IaaS)

Your company is opening a new data center in Galway, Ireland. A server farm has been installed there and now a construction company has come in to put a 6-foot mantrap at the entrance. What are the TWO main reasons why this mantrap will be installed?

To prevent unauthorized personnel from gaining access to the data center

To allow faster access to the facility

An auditor has just finished a risk assessment of the company, and they have recommended that we need to mitigate some of our risks. Which of the following is an example of risk mitigation?

Installing antivirus software on a new laptop

Turning off host-based firewalls on laptops

Insuring your car against fire and theft

Outsourcing your IT to another company

Deciding not to jump into the Grand Canyon

Mock Exam 1 (Ian Neil)

Authored by SBS TS

Computers

Professional Development

Used 17+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

56 questions

Show all answers

MULTIPLE SELECT QUESTION

30 sec • 1 pt

You work for a ticketing company that sells the best theater tickets in London. Your office holds an emergency supply of 150 tickets that take two hours to sell. What is the terminology for this two-hour period, and what must happen before the two hours expire? Choose the BEST TWO answers.

The two-hour period is the RTO.

The two-hour period is the RPO.

The event that must happen before the two-hour period expires is the RTO.

The event that must happen before the two-hour period expires is the RPO.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

You are an administrator for a college that has 10 intranet web servers, and you need to install an X509 certificate so that they can support HTTPS. You need to use the solution that is the most cost-effective. Which of the following will you use for the certificates?

Wildcard

Domain

Self-signed

SAN

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A group of chartered accountants visited the website belonging to their institution last Friday and were attacked by malware. What type of attack were they the victim of?

Social Engineering

Watering Hole Attack

Remote Access Trojan

Cross-Site Scripting

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A cybersecurity analyst notices the following information in one of the log files on the company web server:
GET http://www.website.com.br/get-files../../../..etc/ passwd

What type of attack has the analyst just discovered?

Banner Grabbing

CSRF

XSS

Directory Traversal

SSL Stripping

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following threat intelligence sources is likely to provide much more accurate data?

OSINT

Public/private information sharing centers

Closed/proprietary

Threat maps

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A cybersecurity administrator wants to add comments to a log file that they are monitoring. Which tool is best for this?

Nmap

Head

Logger

Tail

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A cybersecurity analyst has noticed a suspicious transaction on the server that holds the financial data. The output from the log file shows the following:
Get http://yourbank.com/transfer.do?acctnum=087646958&amount+80000 HTTP 1.1
Get http://yourbank.com/transfer.do?acctnum=087646958&amount+200000 HTTP 1.1
Get http://yourbank.com/transfer.do?acctnum=087646958&amount+25000 HTTP 1.1
Get http://yourbank.com/transfer.do?acctnum=087646958&amount+10000 HTTP 1.1
What type of attack has the analyst just discovered?

Ransomware

XSS

Social Engineering

CSRF

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

54 questions

Web Design (HTML + CSS)

Quiz

•

Professional Development

54 questions

Randy's Networking Quiz 1

Quiz

•

Professional Development

60 questions

Scratch Basic

Quiz

•

Professional Development

56 questions

ITF+ Practice Exam #1

Quiz

•

Professional Development

59 questions

Python CH1-3 Review

Quiz

•

8th Grade - Professio...

60 questions

AWS CP Exam 02

Quiz

•

Professional Development

51 questions

AZ-900 Practice Test 3

Quiz

•

Professional Development

60 questions

MODULO 1

Quiz

•

Professional Development

Popular Resources on Wayground

10 questions

5.P.1.3 Distance/Time Graphs

Quiz

•

5th Grade

10 questions

Fire Drill

Quiz

•

2nd - 5th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

15 questions

Hargrett House Quiz: Community & Service

Quiz

•

5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

35 questions

World War Two 8th G

Quiz

•

6th Grade - Professio...

7 questions

DOL REC: Solutions & Solubility Curves

Quiz

•

Professional Development

20 questions

Block Buster Movies

Quiz

•

10th Grade - Professi...

20 questions

NCAA Logo Quiz

Quiz

•

Professional Development

Mock Exam 1 (Ian Neil)

You work for a ticketing company that sells the best theater tickets in London. Your office holds an emergency supply of 150 tickets that take two hours to sell. What is the terminology for this two-hour period, and what must happen before the two hours expire? Choose the BEST TWO answers.

You are an administrator for a college that has 10 intranet web servers, and you need to install an X509 certificate so that they can support HTTPS. You need to use the solution that is the most cost-effective. Which of the following will you use for the certificates?

A group of chartered accountants visited the website belonging to their institution last Friday and were attacked by malware. What type of attack were they the victim of?

A cybersecurity analyst notices the following information in one of the log files on the company web server:
GET http://www.website.com.br/get-files../../../..etc/ passwd

What type of attack has the analyst just discovered?

Which of the following threat intelligence sources is likely to provide much more accurate data?

A cybersecurity administrator wants to add comments to a log file that they are monitoring. Which tool is best for this?

A cybersecurity team has been attacked by a group of hackers from the internet. The cybersecurity team wishes to find all of the email addresses of this group. Which tool would be the best for this?

Which of the following tools can be used for banner grabbing? (Select all that apply)

A cybersecurity analyst has just finished reading the monthly release from a security advisory. They have now started searching the log files on all of the database servers. What task are they completing?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

Mock Exam 1 (Ian Neil)

You work for a ticketing company that sells the best theater tickets in London. Your office holds an emergency supply of 150 tickets that take two hours to sell. What is the terminology for this two-hour period, and what must happen before the two hours expire? Choose the BEST TWO answers.

You are an administrator for a college that has 10 intranet web servers, and you need to install an X509 certificate so that they can support HTTPS. You need to use the solution that is the most cost-effective. Which of the following will you use for the certificates?

A group of chartered accountants visited the website belonging to their institution last Friday and were attacked by malware. What type of attack were they the victim of?

A cybersecurity analyst notices the following information in one of the log files on the company web server: GET http://www.website.com.br/get-files../../../..etc/ passwd What type of attack has the analyst just discovered?

Which of the following threat intelligence sources is likely to provide much more accurate data?

A cybersecurity administrator wants to add comments to a log file that they are monitoring. Which tool is best for this?

A cybersecurity team has been attacked by a group of hackers from the internet. The cybersecurity team wishes to find all of the email addresses of this group. Which tool would be the best for this?

Which of the following tools can be used for banner grabbing? (Select all that apply)

A cybersecurity analyst has just finished reading the monthly release from a security advisory. They have now started searching the log files on all of the database servers. What task are they completing?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

A cybersecurity analyst notices the following information in one of the log files on the company web server:
GET http://www.website.com.br/get-files../../../..etc/ passwd

What type of attack has the analyst just discovered?