When setting up a new firewall on a network segment to allow web traffic while hardening the network, which action would best correct the issue of users receiving errors stating the website could not be located?

Ensuring that port 53 has been explicitly allowed in the rule set

Setting an explicit deny to all traffic using port 80 instead of 443

Moving the implicit deny from the bottom of the rule set to the top

Configuring the first line in the rule set to allow all traffic

During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization's network. Which of the following fulfills this request?

access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound deny ip source 0.0.0.0/0 destination 10.1.4.9/32

access-list inbound permit ip source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound permit ip source 0.0.0.0/0 destination 10.1.4.9/32

A company needs to centralize its records to create a baseline and have visibility over its security events. Which of the following technologies will achieve this goal?

Security information and event management

Which of the following is the most likely reason for a wireless network outage if the access points are up and running but users in a building near the parking lot cannot connect?

Someone near the building is jamming the signal.

A user has set up a rogue access point near the building.

Someone set up an evil twin access point in the affected area.

The APs in the affected area have been unplugged from the network.

Sec+ Study Quiz 13

Professional Development

•

42 Qs

Similar activities

MS-900 - Describe Microsoft 365 Pricing and Support

Professional Development

•

37 Qs

QUIZ TIK

Professional Development

•

40 Qs

AC Tema 2. Cuestionario

Professional Development

•

39 Qs

Switch Staff Challenge 2025 - Explorer

Professional Development

•

41 Qs

ĐỀ KIỂM TRA HỌC KỲ 1 TIN 10

Professional Development

•

40 Qs

UT 6.2 - Redes Locales. Nivel físico. Medios de transmisión.

Professional Development

•

38 Qs

Java Training Final Assessment

Professional Development

•

40 Qs

ENSA 86-127

Professional Development

•

42 Qs

Sec+ Study Quiz 13

Quiz

•

Computers

•

Professional Development

•

Practice Problem

•

Hard

Pat Johnson

FREE Resource

42 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following documents specifies what to do in the event of catastrophic loss of a physical or virtual system?

Data retention plan

Incident response plan

Disaster recovery plan

Communication plan

Answer explanation

The correct choice is the Disaster recovery plan, which specifies what to do in the event of catastrophic loss of a physical or virtual system.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following roles is responsible for defining the protection type and classification type for a given set of files?

General counsel

Data owner

Risk manager

Chief Information Officer

Answer explanation

The data owner is responsible for defining the protection type and classification type for a given set of files.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An employee's company email is configured with conditional access and requires that MFA is enabled and used. An example of MFA is a phone call and:

a push notification

a password

an SMS message

an authentication application

Answer explanation

The correct choice for MFA in the scenario described is an authentication application, which is an example of a method used for multi-factor authentication.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a security implication of newer ICS devices that are becoming more common in corporations?

Devices with cellular communication capabilities bypass traditional network security controls

Many devices do not support elliptic-curve encryption algorithms due to the overhead they require

These devices often lack privacy controls and do not meet newer compliance regulations

Unauthorized voice and audio recording can cause loss of intellectual property

Answer explanation

Devices with cellular communication capabilities bypass traditional network security controls, posing a security risk in corporations.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is required in order for an IDS and a WAF to be effective on HTTPS traffic?

Hashing

DNS sinkhole

TLS inspection

Data masking

Answer explanation

TLS inspection is required for an IDS and a WAF to be effective on HTTPS traffic as it allows for the decryption and analysis of encrypted traffic.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company policy requires third-party suppliers to self-report data breaches within a specific time frame. Which of the following third-party risk management policies is the company complying with?

MOU

SLA

EOL

NDA

Answer explanation

The company is complying with the SLA policy by requiring third-party suppliers to self-report data breaches within a specific time frame.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

While troubleshooting service disruption on a mission-critical server, a technician discovered the user account that was configured to run automated processes was disabled because the user's password failed to meet password complexity requirements. Which of the following would be the best solution to securely prevent future issues?

Using an administrator account to run the processes and disabling the account when it is not in use

Implementing a shared account the team can use to run automated processes

Configuring a service account to run the processes

Removing the password complexity requirements for the user account

Answer explanation

Configuring a service account to run the processes is the best solution as it ensures secure automation without relying on individual user accounts.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

46 questions

Unit 18 - Design User Interface

Quiz

•

Professional Development

40 questions

AZ-900 Deployment and Management

Quiz

•

Professional Development

41 questions

Introducción. Temas 1 y 2

Quiz

•

Professional Development

41 questions

Switch Staff Challenge 2025 - Explorer

Quiz

•

Professional Development

38 questions

UT 6.2 - Redes Locales. Nivel físico. Medios de transmisión.

Quiz

•

Professional Development

37 questions

MS-900 - Describe Microsoft 365 Pricing and Support

Quiz

•

Professional Development

40 questions

QUIZ TIK

Quiz

•

Professional Development

39 questions

AC Tema 2. Cuestionario

Quiz

•

Professional Development

Popular Resources on Wayground

25 questions

Multiplication Facts

Quiz

•

5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

15 questions

Solving Equations with Variables on Both Sides Review

Quiz

•

8th Grade

Discover more resources for Computers

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

20 questions

Disney Characters

Quiz

•

Professional Development

20 questions

Customer Service

Quiz

•

Professional Development

10 questions

Food Idioms

Quiz

•

Professional Development

20 questions

NCCER Power Tools Quiz

Quiz

•

Professional Development

Sec+ Study Quiz 13

42 questions

Which of the following documents specifies what to do in the event of catastrophic loss of a physical or virtual system?

The correct choice is the Disaster recovery plan, which specifies what to do in the event of catastrophic loss of a physical or virtual system.

Which of the following roles is responsible for defining the protection type and classification type for a given set of files?

The data owner is responsible for defining the protection type and classification type for a given set of files.

An employee's company email is configured with conditional access and requires that MFA is enabled and used. An example of MFA is a phone call and:

The correct choice for MFA in the scenario described is an authentication application, which is an example of a method used for multi-factor authentication.

Which of the following is a security implication of newer ICS devices that are becoming more common in corporations?

Devices with cellular communication capabilities bypass traditional network security controls, posing a security risk in corporations.

Which of the following is required in order for an IDS and a WAF to be effective on HTTPS traffic?

TLS inspection is required for an IDS and a WAF to be effective on HTTPS traffic as it allows for the decryption and analysis of encrypted traffic.

A company policy requires third-party suppliers to self-report data breaches within a specific time frame. Which of the following third-party risk management policies is the company complying with?

The company is complying with the SLA policy by requiring third-party suppliers to self-report data breaches within a specific time frame.

Configuring a service account to run the processes is the best solution as it ensures secure automation without relying on individual user accounts.

A security analyst is assessing a newly developed web application by testing SQL injection, CSRF, and XML injection. Which of the following frameworks should the analyst consider?

The analyst should consider OWASP as it provides guidelines and tools for web application security testing, including SQL injection, CSRF, and XML injection.

A user's laptop constantly disconnects from the Wi-Fi network. Once the laptop reconnects, the user can reach the internet but cannot access shared folders or other network resources. Which of the following types of attacks is the user most likely experiencing?

The user is likely experiencing an Evil Twin attack, where a malicious access point impersonates a legitimate one to intercept network traffic and access sensitive information.

Which of the following procedures would be performed after the root cause of a security incident has been identified to help avoid future incidents from occurring?

Lessons learned would be performed after the root cause of a security incident has been identified to help avoid future incidents from occurring by applying knowledge gained from the incident.

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers