Show:
Attacks, threats and vulnerabilities.
Governance, risk and compliance.
Operations and incident response.
Implementation.
100

What is a central security-monitoring tool used to collect and aggregate log data? 

- SIEM

- SEIM

- SOAR

SIEM- Security information and event management. 

100

Which type of control is designed to stop an incident before it occurs? 

-Preventive

-Deterrent

-Compensating

Preventive

100


A loss of _________ is the unauthorized disclosure of information.

-Confidentiality 

-Authenticity

-Integrity 

Confidentiality

100

You want to perform a code scan to find any malicious code hidden inside. Which of the following method should you use?

- Use a sandbox

-Preform a static analysis 

-Preform a dynamic analysis

Preform a static analysis.

Static code analysis requires you to review the code and find errors and malicious code hidden inside it.

200

What is a separate area on the internet that cannot be accessed through a traditional web browser?

The dark web. 

200

Which organization produces the CCM framework for the cloud environment? 

-CIS

-CSA

-ISO

The Cloud Security Alliance (CSA) produces the Cloud Controls Matrix (CCM), which provides users with standards, best practices, and applicable regulations pertaining to the cloud environment.

200

A________ level breach of security could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

-Moderate

-High

-Low

High

200

If you compromise a jump server, which of the following outcomes is likely to occur as an attacker?

- You will have access to the entire network

- You will be navigated to a restricted and isolated environment

- You will have access to the jump server only

A jump server is a server that authenticates the users before they can access a network. It is like a gatekeeper. After the users are authenticated, they can access the network with fewer restrictions. If the jump server is compromised, the attacker virtually has access to the (entire network).

300

What type of scan attempts to seek out and exploit vulnerabilities in a network and can cause network issues if not carefully run? 

- Intrusive

- Credentialed

- Non Intrusive  

Intrusive

(An intrusive scan is a scan that attempts to seek out vulnerabilities in a network and act upon those vulnerabilities. These scans can cause network outages)

300

Which personnel policy specifies how a company laptop can be used? 

-BYOD

-MSA

-MOU

An acceptable use policy (AUP) is designed to detail how company resources, such as company-owned devices, can be used.

300

Masquerade, falsification, and repudiation are threat actions that cause __________ threat consequences.

-Deception

-Disruption

-Usurpation

Deception

300

Which of the following can reduce the impact of lateral movement in an attack?

-Screened subnet 

-Network segmentation 

-VPN 

When an attack occurs on a network, the attacker wants to perform the lateral movement to search for sensitive information. This usually happens when you have a flat network. With the help of (network segmentation), you can reduce the attack by preventing the attacker from moving laterally in the network.

400

What type of attack involves a group of well-organized threat actors who attempt to remain hidden and persistent in a network? 


advanced persistent threat.

An advanced persistent threat (APT) is a group of well-organized threat actors (sometimes state-sponsored groups) that plan attacks against companies, organizations, or even other countries.  


400

What document could be used to specify the process that will be used when a provider discontinues a specific service? 

-EOL

-EOSL

-BPA

An end of service life (EOSL) agreement is used to detail what the discontinuation of a service will look like to the client, including support and alternate service options. An end of life (EOL) agreement is similar, but it relates to products, not services.

400

A threat action in which sensitive data are directly released to an unauthorized entity is __________.

-Corruption

-Exposure

-Spillage

-Disruption

Exposure.

400

Which of the following would be a secure replacement of Telnet?

-HTTPS 

-SNMP 

-SSH 

(Telnet) transmits the information in clear text and is rarely used. SSH is secure, replaces Telnet, and encrypts the channels information needs to travel.

500

What type of attack tries to intercept and reroute an IP address that belongs to a legitimate domain? 

-DNS Poisoning

-Domain hijacking

-URL Redirection 

DNS Poisoning.

An on-path DNS poisoning attack occurs when a threat actor attempts to intercept a DNS request and redirect it to another malicious website.  

500

Which regulation specifies how the personal data of residents of the European Union is handled? 

-GDRP

-CCM

-PCI DSS

The General Data Protection Regulation (GDPR) is a regulation specifying data security measures that must be adhered to by all entities interacting with the personal data of EU residents.

500

The _________ prevents or inhibits the normal use or management of communications facilities.


Denial Of Service

500

Which of the following protocol should you use to secure voice and video?

-SFTP 

- IPSec 

-SRTP 

Secure Real-time Transport Protocol (SRTP). It is mainly used to secure voice and video transmissions.