What is the most secure encryption and protocol combination that should be supported by a wireless network for authenticated guest access according to the simulation instructions?

802.1X with the most secure encryption available

As per the simulation instructions, what are the credentials provided for the guest AD user?

User: guest01 - Password: guestpass

User: guest - Password: password

User: visitor01 - Password: visitorpass

User: guestuser - Password: guestpassword

What is the purpose of the RADIUS server in the context of the simulation?

To authenticate and authorize users for network access

To distribute IP addresses to clients

To control the power supply to the network

To route traffic between different network segments

After a recent security incident, a security analyst discovered that unnecessary ports were open on a firewall policy for a web server. Which of the following firewall policies would be MOST secure for a web server?

Allow TCP 80, Allow TCP 443, Deny Any

Allow TCP 53, Allow TCP 80, Allow TCP 443, Allow Any

Deny TCP 53, Allow TCP 80, Allow TCP 445, Allow Any

Deny TCP 80, Allow TCP 443, Allow Any

Which of the following would be the BEST way to analyze diskless malware that has infected a VDI?

Use NetFlow to identify command-and-control IPs.

Shut down the VDI and copy off the event logs.

Take a memory snapshot of the running system.

Run a full on-demand scan of the root volume.

Two hospitals merged into a single organization. The privacy officer requested a review of all records to ensure encryption was used during record storage, in compliance with regulations. During the review, the officer discovered that medical diagnosis codes and patient names were left unsecured. Which of the following types of data does this combination BEST represent?

Personally identifiable information

Which of the following is the MOST likely reason for an untrusted SSL certificate being discovered during a vulnerability scan, if the certificate is signed properly and is valid on other company servers?

B. The certificate is on the CRL and is no longer valid.

A. The required intermediate certificate is not loaded as part of the certificate chain.

C. The corporate CA has expired on every server, causing the certificate to fail verification.

D. The scanner is incorrectly configured to not trust this certificate when detected on the server.

Which of the following is a security best practice that ensures the integrity of aggregated log files within a SIEM?

Set up hashing on the source log file servers that complies with local regulatory requirements.

Back up the aggregated log files at least two times a day or as stated by local regulatory requirements.

Write protect the aggregated log files and move them to an isolated server with limited access.

Back up the source log files and archive them for at least six years or in accordance with local regulatory requirements.

A security analyst is evaluating the risks of authorizing multiple security solutions to collect data from the company's cloud environment. Which of the following is an immediate consequence of these integrations?

Non-compliance with data sovereignty rules

Loss of the vendors interoperability support

Mandatory deployment of a SIEM solution

Which of the following explains why RTO is included in a BIA?

It identifies the amount of allowable downtime for an application or system.

It prioritizes risks so the organization can allocate resources appropriately.

It monetizes the loss of an asset and determines a break-even point for risk mitigation.

It informs the backup approach so that the organization can recover data to a known time.

Sec Study Quiz 5

Authored by Pat Johnson

Computers

Professional Development

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

48 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is NOT a type of attack listed in the network diagram section?

SQL Injection

Cross Site Scripting

XML Injection

Phishing

Answer explanation

The correct choice is Phishing because it is NOT a type of attack listed in the network diagram section.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the purpose of the anonymizer in the network diagram?

To protect the web server

To hide the attacker's identity

To filter out malicious traffic

To store application source code

Answer explanation

The purpose of the anonymizer in the network diagram is to hide the attacker's identity, not to protect the web server, filter out malicious traffic, or store application source code.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

According to the network diagram, where is the application source code repository located?

On the CRM server

On the attacker's tablet

Behind the firewall

Within the web server

Answer explanation

The application source code repository is located behind the firewall, as shown in the network diagram.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What device is directly connected to the internet in the network diagram?

Router

Switch A

Firewall

CRM Server

Answer explanation

The Firewall is directly connected to the internet in the network diagram as it acts as a barrier between the internal network and the internet, controlling incoming and outgoing traffic.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is the function of the WAF in the context of the network diagram?

Web Application Firewall to protect against web-based attacks

Wide Area Filesystem for file sharing

Wireless Access Facility for network access

Workstation Application Function for desktop applications

Answer explanation

The function of the WAF in the context of the network diagram is to act as a Web Application Firewall to protect against web-based attacks.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which type of attack is NOT listed in the 'Select type of attack' section?

SQL Injection

Cross Site Scripting

Phishing

Session Hijacking

Answer explanation

The correct choice is Phishing because it is NOT listed in the 'Select type of attack' section.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What is placed between the Internet and Switch A to protect the network?

Anonymizer

Firewall

Router

Web Server

Answer explanation

A firewall is placed between the Internet and Switch A to protect the network by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

50 questions

AICTE-STTP_"BlockChain & Applications" Slot-1_Assessment

Quiz

•

Professional Development

50 questions

Amadeus Final Exam

Quiz

•

Professional Development

50 questions

SC-900 Day 3

Quiz

•

Professional Development

43 questions

Data and Voice Copper Cabling Knowledge Check #1

Quiz

•

Professional Development

44 questions

Movies

Quiz

•

2nd Grade - Professio...

50 questions

CUESTIONARIO REPASO COMPLETO BASTIONADO DE REDES

Quiz

•

Professional Development

53 questions

HTML And CSS

Quiz

•

4th Grade - Professio...

50 questions

2ºDAW - Diseño de Interfaces Web - Trim.2 - Prof. C. Boni

Quiz

•

University - Professi...

Popular Resources on Wayground

10 questions

5.P.1.3 Distance/Time Graphs

Quiz

•

5th Grade

10 questions

Fire Drill

Quiz

•

2nd - 5th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

15 questions

Hargrett House Quiz: Community & Service

Quiz

•

5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

35 questions

World War Two 8th G

Quiz

•

6th Grade - Professio...

7 questions

DOL REC: Solutions & Solubility Curves

Quiz

•

Professional Development

20 questions

Block Buster Movies

Quiz

•

10th Grade - Professi...

20 questions

NCAA Logo Quiz

Quiz

•

Professional Development

Sec Study Quiz 5

Which of the following is NOT a type of attack listed in the network diagram section?

The correct choice is Phishing because it is NOT a type of attack listed in the network diagram section.

What is the purpose of the anonymizer in the network diagram?

The purpose of the anonymizer in the network diagram is to hide the attacker's identity, not to protect the web server, filter out malicious traffic, or store application source code.

According to the network diagram, where is the application source code repository located?

The application source code repository is located behind the firewall, as shown in the network diagram.

What device is directly connected to the internet in the network diagram?

The Firewall is directly connected to the internet in the network diagram as it acts as a barrier between the internal network and the internet, controlling incoming and outgoing traffic.

What is the function of the WAF in the context of the network diagram?

The function of the WAF in the context of the network diagram is to act as a Web Application Firewall to protect against web-based attacks.

Which type of attack is NOT listed in the 'Select type of attack' section?

The correct choice is Phishing because it is NOT listed in the 'Select type of attack' section.

What is placed between the Internet and Switch A to protect the network?

A firewall is placed between the Internet and Switch A to protect the network by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules.

Which security measure is shown directly connected to the Database in the diagram?

The security measure directly connected to the Database in the diagram is Input Validation, as it is shown as the immediate layer of defense for the Database.

What is implemented at the Web Server for security as per the diagram?

URL Filtering is implemented at the Web Server for security as per the diagram, allowing control over the URLs accessed by users.

According to the diagram, what type of control is implemented on the CRM Server?

The correct type of control implemented on the CRM Server is record level access control, as shown in the diagram.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers