Technical Controls and System Security Quiz

Latisha’s organization has faced a significant increase in successful phishing attacks, resulting in compromised accounts. She knows that she needs to implement additional technical controls to prevent successful attacks. Which of the following controls will be the most effective while remaining relatively simple and inexpensive to deploy?

After restoring a system from 30-day-old backups after a compromise, administrators at Piper’s company return the system to service. Shortly after that, Piper detects similar signs of compromise again. Why is restoring a system from a backup problematic in many cases?

Geoff is responsible for hardening systems on his network and discovers that a number of network appliances have exposed services, including telnet, FTP, and web servers. What is his best option to secure these systems?

Greg suspects that an attacker is running an SSH server on his network over a nonstandard port. What port is normally used for SSH communications?

What services will the following nmap scan test for? nmap -sV -p 22,25,53,389 192.168.2.50/27

During a port scan of a server, Miguel discovered that the following ports are open on the internal network:

■ TCP port 25 ■ TCP port 80 ■ TCP port 110 ■ TCP port 443 ■ TCP port 1433 ■ TCP port 3989

The scan results provide evidence that a variety of services are running on this server. Which one of the following services is not indicated by the scan results?

Which one of the following risk management strategies is most likely to limit the probability of a risk occurring?

A hospital needs to ensure patient data is only accessible to authorized medical staff. Which security principle is MOST important in this scenario?

A company wants to ensure that its employees are aware of the latest phishing scams. Which of the following is the MOST effective way to achieve this?

A company wants to allow its employees to securely access the internal network from home. Which of the following technologies should they use?