When setting up a new firewall on a network segment to allow web traffic while hardening the network, which action would best correct the issue of users receiving errors stating the website could not be located?

Ensuring that port 53 has been explicitly allowed in the rule set

Setting an explicit deny to all traffic using port 80 instead of 443

Moving the implicit deny from the bottom of the rule set to the top

Configuring the first line in the rule set to allow all traffic

During a security incident, the security operations team identified sustained network traffic from a malicious IP address: 10.1.4.9. A security analyst is creating an inbound firewall rule to block the IP address from accessing the organization's network. Which of the following fulfills this request?

access-list inbound deny ip source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound deny ip source 0.0.0.0/0 destination 10.1.4.9/32

access-list inbound permit ip source 10.1.4.9/32 destination 0.0.0.0/0

access-list inbound permit ip source 0.0.0.0/0 destination 10.1.4.9/32

A company needs to centralize its records to create a baseline and have visibility over its security events. Which of the following technologies will achieve this goal?

Security information and event management

Which of the following is the most likely reason for a wireless network outage if the access points are up and running but users in a building near the parking lot cannot connect?

Someone near the building is jamming the signal.

A user has set up a rogue access point near the building.

Someone set up an evil twin access point in the affected area.

The APs in the affected area have been unplugged from the network.

Sec+ Study Quiz 13

Professional Development

•

42 Qs

Similar activities

SOAL ASJ 3

Professional Development

•

40 Qs

AZ-900 2 de 3

Professional Development

•

40 Qs

Java Feature

Professional Development

•

42 Qs

TUGAS_4 REMEDIAL 1 ANIMASI 2D KELAS XI DKV-1,2,3

Professional Development

•

40 Qs

sains komputer tingkatan 4

Professional Development

•

45 Qs

MS office 2016

1st Grade - Professional Development

•

40 Qs

RA2 (HyS) - Examen 1

Professional Development

•

40 Qs

202508500004

Professional Development

•

40 Qs

Sec+ Study Quiz 13

Quiz

•

Computers

•

Professional Development

•

Practice Problem

•

Hard

Pat Johnson

FREE Resource

42 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following documents specifies what to do in the event of catastrophic loss of a physical or virtual system?

Data retention plan

Incident response plan

Disaster recovery plan

Communication plan

Answer explanation

The correct choice is the Disaster recovery plan, which specifies what to do in the event of catastrophic loss of a physical or virtual system.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following roles is responsible for defining the protection type and classification type for a given set of files?

General counsel

Data owner

Risk manager

Chief Information Officer

Answer explanation

The data owner is responsible for defining the protection type and classification type for a given set of files.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An employee's company email is configured with conditional access and requires that MFA is enabled and used. An example of MFA is a phone call and:

a push notification

a password

an SMS message

an authentication application

Answer explanation

The correct choice for MFA in the scenario described is an authentication application, which is an example of a method used for multi-factor authentication.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a security implication of newer ICS devices that are becoming more common in corporations?

Devices with cellular communication capabilities bypass traditional network security controls

Many devices do not support elliptic-curve encryption algorithms due to the overhead they require

These devices often lack privacy controls and do not meet newer compliance regulations

Unauthorized voice and audio recording can cause loss of intellectual property

Answer explanation

Devices with cellular communication capabilities bypass traditional network security controls, posing a security risk in corporations.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is required in order for an IDS and a WAF to be effective on HTTPS traffic?

Hashing

DNS sinkhole

TLS inspection

Data masking

Answer explanation

TLS inspection is required for an IDS and a WAF to be effective on HTTPS traffic as it allows for the decryption and analysis of encrypted traffic.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A company policy requires third-party suppliers to self-report data breaches within a specific time frame. Which of the following third-party risk management policies is the company complying with?

MOU

SLA

EOL

NDA

Answer explanation

The company is complying with the SLA policy by requiring third-party suppliers to self-report data breaches within a specific time frame.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

While troubleshooting service disruption on a mission-critical server, a technician discovered the user account that was configured to run automated processes was disabled because the user's password failed to meet password complexity requirements. Which of the following would be the best solution to securely prevent future issues?

Using an administrator account to run the processes and disabling the account when it is not in use

Implementing a shared account the team can use to run automated processes

Configuring a service account to run the processes

Removing the password complexity requirements for the user account

Answer explanation

Configuring a service account to run the processes is the best solution as it ensures secure automation without relying on individual user accounts.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

40 questions

202508500004

Quiz

•

Professional Development

40 questions

SOAL ASJ 3

Quiz

•

Professional Development

40 questions

AZ-900 2 de 3

Quiz

•

Professional Development

40 questions

Excel

Quiz

•

6th Grade - Professio...

40 questions

PC Maintenance Chapter 02 Part 01

Quiz

•

Professional Development

44 questions

SISKOM_X-TJKT

Quiz

•

Professional Development

40 questions

CMD y Terminal Master 🧠🖥️

Quiz

•

Professional Development

40 questions

MS office 2016

Quiz

•

1st Grade - Professio...

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

20 questions

Black History Month Trivia Game #1

Quiz

•

Professional Development

100 questions

Screening Test Customer Service

Quiz

•

Professional Development

20 questions

90s Cartoons

Quiz

•

Professional Development

10 questions

Reading a ruler in Inches

Quiz

•

4th Grade - Professio...

16 questions

Parallel, Perpendicular, and Intersecting Lines

Quiz

•

KG - Professional Dev...

12 questions

Valentines Day Trivia

Quiz

•

Professional Development

Sec+ Study Quiz 13

42 questions

Which of the following documents specifies what to do in the event of catastrophic loss of a physical or virtual system?

The correct choice is the Disaster recovery plan, which specifies what to do in the event of catastrophic loss of a physical or virtual system.

Which of the following roles is responsible for defining the protection type and classification type for a given set of files?

The data owner is responsible for defining the protection type and classification type for a given set of files.

An employee's company email is configured with conditional access and requires that MFA is enabled and used. An example of MFA is a phone call and:

The correct choice for MFA in the scenario described is an authentication application, which is an example of a method used for multi-factor authentication.

Which of the following is a security implication of newer ICS devices that are becoming more common in corporations?

Devices with cellular communication capabilities bypass traditional network security controls, posing a security risk in corporations.

Which of the following is required in order for an IDS and a WAF to be effective on HTTPS traffic?

TLS inspection is required for an IDS and a WAF to be effective on HTTPS traffic as it allows for the decryption and analysis of encrypted traffic.

A company policy requires third-party suppliers to self-report data breaches within a specific time frame. Which of the following third-party risk management policies is the company complying with?

The company is complying with the SLA policy by requiring third-party suppliers to self-report data breaches within a specific time frame.

Configuring a service account to run the processes is the best solution as it ensures secure automation without relying on individual user accounts.

A security analyst is assessing a newly developed web application by testing SQL injection, CSRF, and XML injection. Which of the following frameworks should the analyst consider?

The analyst should consider OWASP as it provides guidelines and tools for web application security testing, including SQL injection, CSRF, and XML injection.

A user's laptop constantly disconnects from the Wi-Fi network. Once the laptop reconnects, the user can reach the internet but cannot access shared folders or other network resources. Which of the following types of attacks is the user most likely experiencing?

The user is likely experiencing an Evil Twin attack, where a malicious access point impersonates a legitimate one to intercept network traffic and access sensitive information.

Which of the following procedures would be performed after the root cause of a security incident has been identified to help avoid future incidents from occurring?

Lessons learned would be performed after the root cause of a security incident has been identified to help avoid future incidents from occurring by applying knowledge gained from the incident.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers