1) To mitigate the impact of a single VM being compromised by another VM on the same hypervisor, an administrator would like to utilize a technical control to further segregate the traffic. Which of the following solutions would BEST accomplish this objective? a) Install a hypervisor firewall to filter east-west traffic.  b) Add more VLANs to the hypervisor network switches.  c) Move exposed or vulnerable VMs to the DMZ.  d) Implement a zero-trust policy and physically segregate the hypervisor servers. 2) A nationwide company is experiencing unauthorized logins at all hours of the day. The logins appear to originate from countries in which the company has no employees. Which of the following controls should the company consider using as part of its IAM strategy? (Select TWO). a) A complex password policy  b) Geolocation  c) An impossible travel policy  d) Self-service password reset.  e) Geofencing  f) Time-based logins 3) An organization has expanded its operations by opening a remote office. The new office is fully furnished with office resources to support up to 50 employees working on any given day. Which of the following VPN solutions would BEST support the new office? a) Always On  b) Remote access  c) Site-to-site  d) Full tunnel 4) A security analyst has been reading about a newly discovered cyber-attack from a known threat actor. Which of the following would BEST support the analyst's review of the tactics, techniques, and protocols the threat actor was observed using in previous campaigns? a) Security research publications  b) The MITRE ATT&CK framework  c) The Diamond Model of Intrusion Analysis  d) The Cyber Kill Chain 5) Which of the following is the correct order of volatility from MOST to LEAST volatile? a) Memory, temporary filesystems, routing tables, disk, network storage  b) Cache, memory, temporary filesystems, disk, archival media  c) Memory, disk, temporary filesystems, cache, archival media  d) Cache, disk, temporary filesystems, network storage, archival media 6) After installing a Windows server, a cybersecurity administrator needs to harden it, following security best practices. Which of the following will achieve the administrator's goal? (Select TWO). a) Disabling guest accounts  b) Disabling service accounts  c) Enabling network sharing  d) Disabling NetBIOS over TCP/IP  e) Storing LAN manager hash values  f) Enabling NTLM 7) Accompany deployed a Wi-Fi access point in a public area and wants to harden the configuration to make it more secure. After performing an assessment, an analyst identifies that the access point is configured to use WPA3, AES, WPS, and RADIUS. Which of the following should the analyst disable to enhance the access point security? a) WPA3  b) AES  c) RADIUS  d) WPS 8) Which of the following distributes data among nodes, making it more difficult to manipulate the data while also minimizing downtime? a) MSSP  b) Public cloud  c) Hybrid cloud  d) Fog computing 9) A500 is implementing an insider threat detection program. The primary concern is that users may be accessing confidential data without authorization. Which of the following should be deployed to detect a potential insider threat? a) A honeyfile  b) A DMZ  c) ULF  d) File integrity monitoring 10) The website http://companywebsite.com requires users to provide personal information including security responses, for registration. Which of the following would MOST likely cause a date breach? a) LACK OF INPUT VALIDATION  b) OPEN PERMISSIONS  c) UNSCECURE PROTOCOL  d) MISSING PATCHES 11) A security analyst needs to find real-time data on the latest malware and IoCs. Which of the following would BEST describes the solution the analyst should pursue? a) Advisories and bulletins  b) Threat feeds  c) Security news articles  d) Peer-reviewed content 12) An end user reports a computer has been acting slower than normal for a few weeks. During an investigation, an analyst determines the system 3 sending the users email address and a ten-digit number to an IP address once a day. The only resent log entry regarding the user's computer is the following: Which of the following is the MOST likely cause of the issue?  a) The end user purchased and installed 2 PUP from a web browser.  b) 4 bots on the computer are rule forcing passwords against a website.  c) A hacker Is attempting to exfiltrated sensitive data.  d) Ransomware is communicating with a command-and-control server. 13) Which of the following would cause a Chief Information Security Officer (CISO) the MOST concern regarding newly installed Internet-accessible 4K surveillance cameras? a) An inability to monitor 100% of every facility could expose the company to unnecessary risk.  b) The cameras could be compromised if not patched in a timely manner.  c) Physical security at the facility may not protect the cameras from theft.  d) Exported videos may take up excessive space on the file servers. 14) A financial institution that would like to store customer data could still allow the data to be accessed and manipulated while encrypted. Doing so would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concerned about computational overheads and slow speeds. Which of the following cryptographic techniques would BEST meet the requirement? a) A. Asymmetric  b) B. Symmetric c) C. Homeomorphic d) D. Ephemeral 15) A major political party experienced a server breach. The hacker then publicly posted stolen internal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors? a) Semi-authorized hackers  b) State actors  c) Script kiddies  d) Advanced persistent threats 16) Which of the following often operates in a client-server architecture to act as a service repository, providing enterprise consumers access to structured threat intelligence data? a) STIX  b) CIRT  c) OSINT  d) TAXII 17) A security analyst is reviewing the following output from a system: Which of the following is MOST likely to be observed? a) ARP poisoning  b) Man in the middle.  c) Denial of service  d) DNS poisoning 18) Which of the following would a European company interested in implementing a technical, hands-on set of security standards MOST likely choose? a) GPPR  b) CIS controls  c) ISO 27001  d) ISO 37000 19) A security researcher is attempting to gather data on the widespread use of a Zero-day exploit. Which of the following will the researcher MOST likely use to capture this data? a) A DNS sinkhole  b) A honeypot  c) A vulnerability scan.  d) CVSS 20) An engineer is setting up a VDI environment for a factory location, and the business wants to deploy a low-cost solution to enable users on the shop floor to log in to the VDI environment directly. Which of the following should the engineer select to meet these requirements? a) Laptops  b) Containers  c) Thin clients  d) Workstations

Security + (Part 17)

vytvoril(a)
Vložiť

Rebríček

Vizuálny štýl

Možnosti

Prepnúť šablónu

Obnoviť automaticky uložené: ?