A company has drafted an insider-threat policy that prohibits the use of external storage devices. Which of the following would BEST protect the company from data exfiltration via removable media?

Blocking removable-media devices and write capabilities using a host-based security tool

Monitoring large data transfer transactions in the firewall logs

Developing mandatory training to educate employees about the removable media policy

Implementing a group policy to block user access to system files

To secure an application after a large data breach, an e-commerce site will be resetting all users' credentials. Which of the following will BEST ensure the site's users are not compromised after the reset?

Encrypted credentials in transit

Account lockout after three failed attempts

A geofencing policy based on login history

An organization has implemented a policy requiring the use of conductive metal lockboxes for personal electronic devices outside of a secure research lab. Which of the following did the organization determine to be the GREATEST risk to intellectual property when creating this Policy ?

Data exfiltration over a mobile hotspot

The theft of portable electronic devices

Geotagging in the metadata of images

A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?

Credentialed vulnerability scanning

A commercial cyber-threat intelligence organization observes loCs across a variety of unrelated customers. Prior to releasing specific threat intelligence to other paid subscribers, the organization is MOST likely obligated by contracts to:

anonymize any PII that is observed within the loC data.

perform attribution to specific APTs and nation-state actors.

add metadata to track the utilization of threat intelligence reports.

assist companies with impact assessments based on the observed data.

While checking logs, a security engineer notices a number of end users suddenly downloading files with the tar.g extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on an external email containing an infected MHT file with an href link a week prior. Which of the following is MOST likely occurring?

A RAT was installed and is transferring additional exploit tools.

The workstations are beaconing to a command-and-control server.

A logic bomb was executed and is responsible for the data transfers.

A fireless virus is spreading in the local network environment.

Which of the following is the purpose of a risk register?

To identify the risk, the risk owner, and the risk measures

To define the level or risk using probability and likelihood

To register the risk with the required regulatory agencies

To formally log the type of risk mitigation strategy the organization is using

A Chief Security Officer (CSO) is concerned about the amount of PlI that is stored locally on each salesperson's laptop. The sales department has a higher-than-average rate of lost equipment. Which of the following recommendations would BEST address the SO's concern?

Replace all hard drives with SEDs.

Install DLP agents on each laptop.

A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

Configure the perimeter firewall to deny inbound external connections to SMB ports.

Ensure endpoint detection and response systems are alerting on suspicious SMB connections.

Deny unauthenticated users access to shared network folders.

Verify computers are set to install monthly operating system, updates automatically.

A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO's objectives?

Implement application whitelisting and centralized event log management, and perform regular testing and validation of full backups.

Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.

Purchase cyber insurance from a reputable provider to reduce expenses during an incident.

Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks.

Phishing and spear-phishing attacks have been occurring more frequently against a company's staff. Which of the following would MOST likely help mitigate this issue?

Exact mail exchanger records in the DNS

The addition of DNS conditional forwarders

On which of the following is the live acquisition of data for forensic analysis MOST dependent? (Choose two.)

Cryptographic or hash algorithm

A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?

The scan enumerated software versions of installed programs

The scan results show open ports, protocols, and services exposed on the target host

The scan produced a list of vulnerabilities on the target host

The scan identified expired SSL certificates

Bns6

University

•

102 Qs

Similar activities

PPNN-Matemáticas-Selección Múltiple-Sep2025

University

•

100 Qs

Матрицалар және анықтауыштар бойынша тапсырмалар

University

•

100 Qs

Geometry Finals

10th Grade - University

•

100 Qs

Gr 3 Quarterly #2 Review

3rd Grade - University

•

103 Qs

Pipe 1-100

University

•

100 Qs

College Algebra Unit 1 Review

10th Grade - University

•

100 Qs

ÁRBOLES BINARIOS

University

•

107 Qs

One Hundred Word Problem Challenge

1st Grade - University

•

100 Qs

Bns6

Quiz

•

Mathematics

•

University

•

Practice Problem

•

Hard

jaret valdez

Used 2+ times

FREE Resource

102 questions

Show all answers

MULTIPLE SELECT QUESTION

45 sec • 1 pt

An organization is developing an authentication service for use at the entry and exit ports of country borders. The service will use data feeds obtained from passport systems, passenger manifests, and high- definition video feeds from CCTV systems that are located at the ports. The service will incorporate machine-learning techniques to eliminate biometric enrollment processes while still allowing authorities to identify passengers with increasing accuracy over time. The more frequently passengers travel, the more accurately the service will identify them.
Which of the following biometrics will MOST likely be used, without the need for enrollment?

Voice

Gait

Vein

Facial

Retina

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?

MSSP

SOAR

laaS

PaaS

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An organization's help desk is flooded with phone calls from users stating they can no longer access certain websites. The help desk escalates the issue to the security team, as these websites were accessible the previous day. The security analysts run the following command: ipconfig /flushdns, but the issue persists. Finally, an analyst changes the DNS server for an impacted machine, and the issue goes away. Which of the following attacks MOST likely occurred on the original DNS server?

DNS cache poisoning

Domain hijacking

Distributed denial-of-service

DNS tunneling

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A cybersecurity manager has scheduled biannual meetings with the IT team and department leaders to discuss how they would respond to hypothetical cyberattacks. During these meetings, the manager presents a scenario and injects additional information throughout the session to replicate what might occur in a dynamic cybersecurity event involving the company, its facilities, its data, and its staff. Which of the following describes what the manager is doing?

Developing an incident response plan

Building a disaster recovery plan

Conducting a tabletop exercise

Running a simulation exercise

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A RAT that was used to compromise an organization's banking credentials was found on a user's computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would BEST prevent this from reoccurring?

Create a new acceptable use policy.

Segment the network into trusted and untrusted zones.

Enforce application whitelisting.

Implement DLP at the network boundary.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A security analyst is reviewing a new website that will soon be made publicly available. The analyst sees the following in the URL:
http://dev-site.comptia.org/home/show.php?sessionID=77276554&loc=us
The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is able to browse the website with the following URL:
http://dev-site.comptia.org/home/show.php?sessionID=98988475&loc=us
Which of the following application attacks is being tested?

Pass-the-hash

Session replay

Object deference

Cross-site request forgery

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?

Corrective

Physical

Detective

Administrative

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

100 questions

Unit 9: Conic Sections - review

Quiz

•

9th Grade - University

100 questions

Transformar 2021 3

Quiz

•

University

103 questions

Algebra 1 - Bootcamp Review

Quiz

•

9th Grade - University

100 questions

Проф. ин. яз. 40-139

Quiz

•

University

100 questions

matematika

Quiz

•

5th Grade - University

98 questions

Kinh tế vi mô

Quiz

•

University

100 questions

Research Methodology Quiz

Quiz

•

11th Grade - University

98 questions

Mecanico Motores

Quiz

•

University

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

Discover more resources for Mathematics

20 questions

Slopes and Slope-Intercept Form

Quiz

•

8th Grade - University

10 questions

Function or Relation?

Quiz

•

KG - University

13 questions

Direct Variation Word Problems

Quiz

•

8th Grade - University

10 questions

PC: Unit 5 Quiz Review

Quiz

•

11th Grade - University

30 questions

Solving Systems of Equations

Quiz

•

KG - University

Bns6

102 questions

A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?

A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

A startup company is using multiple SaaS and laaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?

A root cause analysis reveals that a web application outage was caused by one of the company's developers uploading a newer version of the third-party libraries that were shared among several applications. Which of the following implementations would be BEST to prevent the issue from reoccurring?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Mathematics