SEC+PracticeQuiz A66-86

D. CPU registers, memory, temporary files, remote monitoring data The most volatile data disappears quickly, so data such as the CPU registers and information in memory will be lost before temporary files and remote monitoring data are no longer available. The incorrect answers: A. CPU registers, temporary files, memory, remote monitoring data Memory is more volatile than temporary files. B. Memory, CPU registers, remote monitoring data, temporary files CPU registers are more volatile than memory, and temporary files are more volatile than remote monitoring data. C. Memory, CPU registers, temporary files, remote monitoring data CPU registers are more volatile than information in memory. More information: SY0-601, Objective 4.5 - Forensics Data Acquisition https://professormesser.link/601040502

A. Verifies that the file was not corrupted during the file transfer Once the file is downloaded, the administrator can calculate the file’s SHA256 hash and confirm that it matches the value on the website. The incorrect answers: B. Provides a key for decrypting the ISO after download ISO files containing public information are usually distributed without any encryption, and a hash value would not commonly be used as a decryption key. C. Authenticates the site as an official ISO distribution site Although it’s important to download files from known good sites, providing a hash value on a site would not provide any information about the site’s authentication. D. Confirms that the file does not contain any malware A hash value doesn’t inherently provide any protection against malware. More information: SY0-601, Objective 2.8 - Hashing and Digital Signatures https://professormesser.link/601020803

B. Biometric scanner A biometric scanner would require a person to be physically present to verify authentication. The incorrect answers: A. TOTP A TOTP (Time-based One-Time Password) generator may be associated with a single person, but the TOTP code does not guarantee that a person is physically present. C. PIN Although a PIN (Personal Identification Number) can be used as an authentication factor, the use of the PIN does not guarantee that a person is physically present. D. SMS SMS messages are commonly used as authentication factors. However, the use of a mobile device to receive the SMS message does not guarantee that the owner of the mobile device is physically present. More information: SY0-601, Objective 2.7 - Physical Security Controls https://professormesser.link/601020701

B. Open permissions Just like your local systems, proper permissions and security controls are also required when information is added to a cloud-based system. If any of your systems leave an open door, your data may be accessible by anyone on the Internet. The incorrect answers: A. Improper error handling This issue wasn’t associated with any error messages, so this wouldn’t be categorized as a problem with error handling. C. Race condition If two processes occur simultaneously without any prior consideration, bad things could happen. In this example, a single vulnerability scan has identified the issue and other processes do not appear to be involved. D. Memory leak An application with a memory leak will gradually use more and more memory until the system or application crashes. The issue in this question was related to permissions and not available resources. More information: SY0-601, Objective 1.6 - Vulnerability Types https://professormesser.link/601010601

D. Phishing Phishing is the process of manipulating a victim to disclose personal or private information. An email asking for login details from a server not under the control of the company would describe a phishing attempt. The incorrect answers: A. Whaling Whaling is phishing targeted towards individuals at a higher level of an organization. These persons are usually in upper management or have access to the financial operations of the company. B. Vishing Vishing, or voice phishing, is using voice communication for the phishing process. This phishing attempt used an email message, so it would not be categorized as vishing. C. Smishing Smishing, or SMS phishing, is an attacker using SMS or text messaging when phishing. Smishing text messages often include a link to a server where personal information or login credentials may be requested by the attacker. More information: SY0-601, Objective 1.1 - Phishing https://professormesser.link/601010101

B. Mitigation Mitigation is a strategy that decreases the threat level. This is commonly done through the use of additional security systems and monitoring, such as an NGFW (Next-Generation Firewall). The incorrect answers: A. Transference Transference would move the risk from one entity to another. Adding an NGFW would not transfer any risk to another party. C. Acceptance The acceptance of risk is a position where the owner understands the risk and has decided to accept the potential results. D. Risk-avoidance With risk-avoidance, the owner of the risk decides to stop participating in a high-risk activity. This effectively avoids the risky activity and prevents any future issues. More information: SY0-601, Objective 5.6 - Risk Management Types https://professormesser.link/601050401

B. Perform an integrity measurement An integrity measurement is designed to check for the secure baseline of firewall settings, patch levels, operating system versions, and any other security components associated with the application. These secure baselines may vary between different application versions. The incorrect answers: A. Compare the production application to the sandbox A sandbox is commonly used as a development environment. Security baselines in a production environment can be quite different when compared to the code in a sandbox. C. Compare the production application to the previous version The newer version of an application may have very different security requirements than previous versions. D. Perform QA testing on the application instance QA (Quality Assurance) testing is commonly used for finding bugs and verifying application functionality. The primary task of QA is not generally associated with verifying security baselines. More information: SY0-601, Objective 2.3 - Secure Deployments https://professormesser.link/601020301