I Will Always Be The BEST
A security administrator has performed an audit of the organization’s production web servers, and the results have identified banner information leakage, web services running from a privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?
❍ A. Server hardening
❍ B. Multi-factor authentication
❍ C. Enable HTTPS
❍ D. Run operating system updates
A. Server hardening
A user in the accounting department would like to send a spreadsheet with sensitive information to a list of third party vendors. Which of the following could be used to transfer this spreadsheet to the vendors?
❍ A. SNMPv3
❍ B. SRTP
❍ C. DNSSEC
❍ D. FTPS
D. FTPS
Which of the following control types is associated with a bollard?
❍ A. Physical
❍ B. Corrective
❍ C. Detective
❍ D. Compensating
A. Physical
A security administrator is researching an issue with conference room users at a remote site. When connected to the wireless network, users receive an IP address that is not part of the corporate addressing scheme. Communication over this network also appears to have slower performance than the wireless connections elsewhere in the building.
Which of the following would be the MOST likely reason for these issues?
❍ A. Rogue access point
❍ B. Domain hijack
❍ C. DDoS
❍ D. MAC flooding
A. Rogue access point
The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:
❍ A. Data owner
❍ B. Data protection officer
❍ C. Data steward
❍ D. Data processor
A. Data owner
A shipping company stores information in small regional warehouses around the country. The company keeps an IPS online at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?
○ A. Administrative
○ B. Compensating
○ C. Physical
○ D. Detective
○ D. Detective
A security administrator is updating the network infrastructure to support 802.1X authentication. Which of the following would be the BEST choice for this configuration?
❍ A. LDAP
❍ B. HTTPS
❍ C. SNMPv3
❍ D. MS-CHAP
A. LDAP
If a person is entering a data center facility, they must check-in before they are allowed to move further into the building. People who are leaving must be formally checked-out before they are able to exit the building.
Which of the following would BEST facilitate this process?
❍ A. Access control vestibule
❍ B. Air gap
❍ C. Faraday cage
❍ D. Protected distribution
A. Access control vestibule
An attacker has sent more information than expected in a single API call, and this has allowed the execution of arbitrary code.
Which of the following would BEST describe this attack?
❍ A. Buffer overflow
❍ B. Replay attack
❍ C. Session hijacking
❍ D. DDoS
A. Buffer overflow
A recent audit has determined that many IT department accounts have been granted Administrator access. The audit recommends replacing these permissions with limited access rights. Which of the following would BEST describe this policy?
❍ A. Separation of duties
❍ B. Offboarding
❍ C. Least privilege
❍ D. Discretionary Access Control
C. Least privilege
A company would like to automate their response when a virus is detected on company devices. Which of the following would be the BEST way to implement this function?
❍ A. Active footprinting
❍ B. IaaS
❍ C. Vulnerability scan
❍ D. SOAR
D. SOAR
A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The company’s network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network team’s requirements?
❍ A. EAP-TLS
❍ B. PEAP
❍ C. EAP-TTLS
❍ D. EAP-MSCHAPv2
C. EAP-TTLS
Last month, a finance company disposed of seven-yearold printed customer account summaries that were no longer required for auditing purposes. A recent online search has now found that images of these documents are available as downloadable torrents. Which of the following would MOST likely have prevented this information breach?
❍ A. Pulping
❍ B. Degaussing
❍ C. NDA
❍ D. Fenced garbage disposal areas
A. Pulping
A third-party vulnerability scan reports that a company's web server software version is susceptible to a memory leak vulnerability.
Which of the following would be the expected result if this vulnerability was exploited?
❍ A. DDoS
❍ B. Data theft
❍ C. Unauthorized system access
❍ D. Rootkit installation
A. DDoS
An organization has traditionally purchased insurance to cover a ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and deal with ransomware issues internally. Which of the following would best describe this action?
❍ A. Mitigation
❍ B. Acceptance
❍ C. Transference
❍ D. Risk-avoidance
B. Acceptance
A company has been informed of a hypervisor vulnerability that could allow users on one virtual machine to access resources on another virtual machine. Which of the following would BEST describe this vulnerability?
❍ A. Containerization
❍ B. Service integration
❍ C. SDN
❍ D. VM escape
D. VM escape
A security administrator is designing an authentication process for a new remote site deployment. They would like the users to provide their credentials when they authenticate in the morning, and they do not want any additional authentication requests to appear during the rest of the day. Which of the following should be used to meet this requirement?
❍ A. TACACS+
❍ B. LDAPS
❍ C. Kerberos
❍ D. 802.1X
C. Kerberos
An organization is installing a UPS for their new data center. Which of the following would BEST describe this type of control?
❍ A. Compensating
❍ B. Preventive
❍ C. Administrative
❍ D. Detective
A. Compensating
While working from home, users are attending a project meeting over a web conference. When typing in the meeting link, the browser is unexpectedly directed to a different website than the web conference. Users in the office do not have any issues accessing the conference site.
Which of the following would be the MOST likely
reason for this issue?
❍ A. Bluejacking
❍ B. Wireless disassociation
❍ C. DDoS
❍ D. DNS poisoning
D. DNS poisoning
A member of the accounting team was out of the office for two weeks, and an important financial transfer was delayed until they returned. Which of the following would have prevented this delay?
❍ A. Split knowledge
❍ B. Least privilege
❍ C. Job rotation
❍ D. Dual control
C. Job rotation
A company is launching a new internal application that will not start until a username and password is entered and a smart card is plugged into the computer. Which of the following BEST describes this process?
❍ A. Federation
❍ B. Accounting
❍ C. Authentication
❍ D. Authorization
C. Authentication
Sam, a security administrator, is configuring the authentication process used by technicians when logging into a router. Instead of using accounts that are local to the router, Sam would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?
❍ A. PAP
❍ B. RADIUS
❍ C. IPsec
❍ D. MS-CHAP
B. RADIUS
Visitors to a corporate data center must enter through the main doors of the building. Which of the following security controls would be the BEST choice to successfully guide people to the front door?
(Select TWO)
❍ A. Cable locks
❍ B. Bollards
❍ C. Biometrics
❍ D. Fencing
❍ E. Industrial camouflage
❍ F. Video surveillance
B. Bollards
D. Fencing
A security administrator attends an annual industry convention with other security professionals from around the world. Which of the following attacks would be MOST likely in this situation?
❍ A. Smishing
❍ B. Supply chain
❍ C. Impersonation
❍ D. Watering hole
D. Watering hole
A recent audit has found that existing password policies do not include any restrictions on password attempts, and users are not required to periodically change their passwords. Which of the following would correct these policy issues? (Select TWO)
❍ A. Password complexity
❍ B. Password expiration
❍ C. Password history
❍ D. Password lockout
❍ E. Password recovery
B. Password expiration
D. Password lockout