SEC+Practice Quiz B6-B26

: A. Server hardening Many applications and services include secure configuration guides that can assist in hardening the system. These hardening steps will make the system as secure as possible while simultaneously allowing the application to run efficiently. The incorrect answers: B. Multi-factor authentication Although multi-factor authentication is always a good best practice, simply enabling multiple authentication methods would not resolve the issues identified during the audit. C. Enable HTTPS Most web servers will use HTTPS to ensure that network communication is encryption. However, the encrypted network traffic would not correct the issues identified during the audit. D. Run operating system updates Keeping the system up to date is another good best practice, but the issues identified during the audit were not bugs related to the operating systems. All of the issues identified in the audit appear to be related to the configuration of the web server, so any resolution will focus on correcting these configuration issues. More information: SY0-601, Objective 5.2 - Secure Configurations https://professormesser.link/601050203

D. Detective An IPS can detect and record any intrusion attempt. The incorrect answers: A. Managerial Managerial controls would control how people act, such as security policies and standard operating procedures. B. Compensating A compensating control can’t prevent an attack, but it can compensate when an attack occurs. For example, a compensating control would be the re-imaging process or a server restored from backup if an attack had been identified. C. Physical A physical control would block access. For example, a door lock or security guard would be a physical control. More information: SY0-601, Objective 5.1 - Security Controls https://professormesser.link/601050101

: A. Data owner The data owner is accountable for specific data, and is often a senior officer of the organization. The incorrect answers: B. Data protection officer The data protection officer (DPO) is responsible for the organization's data privacy. The DPO commonly sets processes and procedures for maintaining the privacy of data. C. Data steward The data steward manages access rights to the data. In this example, the IT team would be the data steward. D. Data processor The data processor is often a third-party that processes data on behalf of the data controller. More information: SY0-601, Objective 5.5 - Data Roles and Responsibilities https://professormesser.link/601050504

B. OSINT OSINT (Open Source Intelligence) describes the process of obtaining information from open sources, such as social media sites, corporate websites, online forums, and other publicly available locations. The incorrect answers: A. Partially known environment A partially known environment test describes how much information the attacker knows about the test. The attacker may have access to some information about the test, but not all information is disclosed. C. Exfiltration Exfiltration describes the theft of data by an attacker. D. Active footprinting Active footprinting would show some evidence of data gathering. For example, performing a ping scan or DNS query wouldn’t exploit a vulnerability, but it would show that someone was gathering information. More information: SY0-601, Objective 1.8 - Reconnaissance https://professormesser.link/601010802

D. SOAR SOAR (Security Orchestration, Automation, and Response) provides security teams with integration and automation of processes and procedures. The incorrect answers: A. Active footprinting Active footprinting will gather information about a system, but it does not provide any ongoing monitoring or response features. B. IaaS IaaS (Infrastructure as a Service) is a type of cloud service that provides the basic hardware required to install an OS and application. IaaS does not provide ongoing monitoring for security events or automation features. C. Vulnerability scan A vulnerability scan will identify any known vulnerabilities that may be associated with a system. However, a vulnerability scan will not identify real-time infections or automate the response. More information: SY0-601, Objective 4.4 - Security Configurations https://professormesser.link/601040402

C. Invoice scam Invoice scams attempt to take advantage of the miscommunication between different parts of the organization. Fake invoices are submitted by the attacker, and these invoices can sometimes be incorrectly paid without going through the expected verification process. The incorrect answers: A. Spear phishing Spear phishing is a directed attack that attempts to obtain private or personal information. In this example, the result was to obtain payment and not to gather private information. B. Watering hole attack A watering hole attack requires users to visit a central website or location. This example did not require the user to visit any third-party websites. D. Credential harvesting Credential harvesting attempts to transfer password files and authentication information from other computers. More information: SY0-601, Objective 1.1 - Other Social Engineering Attacks https://professormesser.link/601010109

D. VM escape A VM (Virtual Machine) escape is a vulnerability that allows communication between separate VMs. The incorrect answers: A. Containerization Containerization is an application deployment architecture that uses a self-contained group of application code and dependencies. Many separate containers can run on a single system B. Service integration Service Integration and Management (SIAM) allows the integration of many different service providers into a single management system. This simplifies the application management and deployment process when using separate cloud providers. C. SDN SDN (Software-Defined Networking) separates the control plane of networking devices from the data plane. This allows for more automation and dynamic changes to the infrastructure. More information: SY0-601, Objective 2.2 - Virtualization Security https://professormesser.link/601020205

D. DNS poisoning An attacker that gains access to a DNS (Domain Name System) server can modify the configuration files and redirect users to a different website. Anyone using a different DNS server may not see any problems with connectivity to the original site. The incorrect answers: A. Bluejacking Bluejacking allows a third-party to send unsolicited messages to another device using Bluetooth. The attack in this example did not use Bluetooth as an attack vector. B. Wireless disassociation Wireless disassociation would cause users on a wireless network to constantly disconnect. Wireless disassociation would not cause a redirection of a website URL (Uniform Resource Locator). C. DDoS DDOS (Distributed Denial of Service) would attack a service from many different devices and cause the service to be unavailable. In this example, the service did not have any availability problems to valid users. More information: SY0-601, Objective 1.4 - DNS Attacks https://professormesser.link/601010409

C. Authentication The process of proving who you say you are is authentication. In this example, the password and smart card are two factors of authentication, and both reasonably prove that the person logging in is authentic. The incorrect answers: A. Federation Federation provides a way to authenticate and authorize between two different organizations. In this example, the authentication process uses internal information without any type of connection or trust to a third-party. B. Accounting Accounting will document information regarding a user’s session, such as login time, data sent and received, files transferred, and logout time. D. Authorization The authorization process assigns users to resources. This process commonly occurs after the authentication process is complete. More information: SY0-601, Objective 2.4 - Authentication Methods https://professormesser.link/601020401

C. Partially known environment A partially known environment test is performed when the attacker knows some information about the victim, but not all information is available. The incorrect answers: A. Known environment A known environment test is performed when the attacker has complete details about the victim’s systems and infrastructure. B. Passive footprinting Passive footprinting is the process of gathering information from publicly available sites, such as social media or corporate websites. D. Ping scan A ping scan is a type of network scan that can identify devices connected to the network. A ping scan is not a type of penetration test. More information: SY0-601, Objective 1.8 - Penetration Testing https://professormesser.link/601010801