Threats, Attacks, and Vulnerabilities
Which of the following is the BEST way for home users to mitigate vulnerabilities associated with IoT devices on their home networks?
A. Power off the devices when they are not in use.
B. Prevent IoT devices from contacting the Internet directly.
C. Apply firmware and software updates upon availability.
D. Deploy a bastion host on the home network.
C. Apply firmware and software updates upon availability.
Users are attempting to access a company's website but are transparently redirected to another websites. The users confirm the URL is correct. Which of the following would BEST prevent this issue in the future?
A. DNSSEC
B. HTTPS
C. IPSec
D. TLS/SSL
A. DNSSEC
Which of the following BEST explains why sandboxing is a best practice for testing software from an untrusted vendor prior to an enterprise deployment?
A. It allows the software to run in an unconstrained environment with full network access.
B. It eliminates the possibility of privilege escalation attacks against the local VM host.
C. It facilitates the analysis of possible malware by allowing it to run until resources are exhausted.
D. It restricts the access of the software to a contained logical space and limits possible damage.
D. It restricts the access of the software to a contained logical space and limits possible damage.
Which of the following is a compensating control that will BEST reduce the risk of weak passwords?
A. Requiring the use of one-time tokens
B. Increasing password history retention count
C. Disabling user accounts after exceeding maximum attempts
D. Setting expiration of user passwords to a shorter time
A. Requiring the use of one-time tokens
Port for Secure File Transfer Protocol (SFTP)
TCP 22
A consumer purchases an exploit from the dark web. The exploit targets the online shopping cart of a popular website, allowing the shopper to modify the price of an item as checkout. Which of the following BEST describes this type of user?
A. Insider
B. Script kiddie
C. Competitor
D. Hacktivist
E. APT
B. Script kiddie
An organization wants to implement a solution that allows for automated logical controls for network defense. An engineer plans to select an appropriate network security component, which automates response actions based on security threats to the network. Which of the following would be MOST appropriate based on the engineers requirements?
A. NIPS
B. HIDS
C. Web proxy
D. Elastic load balancer
E. NAC
A. NIPS
An instructor is teaching a hands-on wireless security class and needs to configure a test access point to show students an attack on a weak protocol. Which of the following configurations should the instructor implement?
A. WPA2
B. WPA
C. EAP
D. WEP
D. WEP
A group of developers is collaborating to write software for a company. The developers need to work in subgroups and control who has access to their modules. Which of the following access control methods is considered user-centric?
A. Time-based
B. Mandatory
C. Rule-based
D. Discretionary
D. Discretionary
Port for Hypertext Transfer Protocol Secure (HTTPS)
TCP 443
A help desk technician receives a phone call from an individual claiming to be an employee of the organization and requesting assistance to access a locked account. The help desk technician asks the individual to provide proof of identity before access can be granted. Which of the following types of attack is the caller performing?
A. Phishing
B. Shoulder surfing
C. Impersonation
D. Dumpster diving
C. Impersonation
A company recently experienced data exfiltration via the corporate network. In response to the breach, a security analyst recommends deploying an out-of-band IDS solution. The analyst says the solution can be implemented without purchasing any additional network hardware. Which of the following solutions will be used to deploy the IDS?
A. Network tap
B. Network proxy
C. Honeypot
D. Port mirroring
D. Port mirroring
A systems administrator is deploying a new mission essential server into a virtual environment. Which of the following is BEST mitigated by the environment's rapid elasticity characteristic?
A. Data confidentiality breaches
B. VM escape attacks
C. Lack of redundancy
D. Denial of service
D. Denial of service
Which of the following scenarios BEST describes an implementation of non-repudiation?
A. A user logs into a domain workstation and access network file shares for another department
B. A user remotely logs into the mail server with another user's credentials
C. A user sends a digitally signed email to the entire finance department about an upcoming meeting
D. A user access the workstation registry to make unauthorized changes to enable functionality within an application
C. A user sends a digitally signed email to the entire finance department about an upcoming meeting
Port for Remote Desktop Protocol (RDP)
TCP/UDP 3389
A security administrator is trying to eradicate a worm, which is spreading throughout the organization, using an old remote vulnerability in the SMB protocol. The worm uses Nmap to identify target hosts within the company. The administrator wants to implement a solution that will eradicate the current worm and any future attacks that may be using zero-day vulnerabilities.
Which of the following would BEST meet the requirements when implemented?
A. Host-based firewall
B. Enterprise patch management system
C. Network-based intrusion prevention system
D. Application blacklisting
E. File integrity checking
C. Network-based intrusion prevention system
Which of the following is used to validate the integrity of data?
A. CBC
B. Blowfish
C. MD5
D. RSA
C. MD5
A security analyst is hardening a WiFi infrastructure.
The primary requirements are the following:
The infrastructure must allow staff to authenticate using the most secure method.
The infrastructure must allow guests to use an "open" WiFi network that logs valid email addresses before granting access to the Internet.
Given these requirements, which of the following statements BEST represents what the analyst should recommend and configure?
A. Configure a captive portal for guests and WPS for staff.
B. Configure a captive portal for staff and WPA for guests.
C. Configure a captive portal for staff and WEP for guests.
D. Configure a captive portal for guest and WPA2 Enterprise for staff
D. Configure a captive portal for guest and WPA2 Enterprise for staff
A company wants to implement an access management solution that allows employees to use the same usernames and passwords for multiple applications without having to keep multiple credentials synchronized.
Which of the following solutions would BEST meet these requirements?
A. Multifactor authentication
B. SSO
C. Biometrics
D. PKI
E. Federation
B. SSO
Kerberos
UDP 88
An attacker impersonating a software beta tester replies to a victim's post in a forum thread discussing the best options for affordable productivity software. A while later, he/she follows up by sending the victim private message mentioning the discussion thread and offering free access to a closed beta version of a fake office app. Which social engineering principles apply to this attack scenario? (Select 3 answers)
A. Authority
B. Intimidation
C. Consensus
D. Scarcity
E. Familiarity
F. Trust
G. Urgency
D. Scarcity
E. Familiarity
F. Trust
An organization has several production-critical SCADA supervisory systems that cannot follow the normal 30- day patching policy.
Which of the following BEST maximizes the protection of these systems from malicious software?
A. Configure a firewall with deep packet inspection that restricts traffic to the systems.
B. Configure a separate zone for the systems and restrict access to known ports.
C. Configure the systems to ensure only necessary applications are able to run.
D. Configure the host firewall to ensure only the necessary applications have listening ports
C. Configure the systems to ensure only necessary applications are able to run.
A security analyst is hardening a large-scale wireless network. The primary requirements are the following:
Must use authentication through EAP-TLS certificates
Must use an AAA server
Must use the most secure encryption protocol
Given these requirements, which of the following should the analyst implement and recommend? (Select TWO.)
A. 802.1X
B. 802.3
C. LDAP
D. TKIP
E. CCMP
F. WPA2-PSK
A. 802.1X
F. WPA2-PSK
A systems administrator is configuring a system that uses data classification labels.
Which of the following will the administrator need to implement to enforce access control?
A. DAC
B. MAC
C. ABAC
D. Rule-BAC
B. MAC
Network Time Protocol (NTP)
UDP 123