General Security Concepts
A cyber security analyst is implementing full disk encryption by utilizing the features offered by the hardware components of the company's laptops, tablets, and smartphones. What type of hardware device does this describe?
a. Trusted Platform Module (TPM)
b. Public Key Infrastructure (PKI)
c. Certificate Revocation Lists (CRL)
d. Hardware Security Module (HSM)
a. Trusted Platform Module (TPM)
An IT team diligently works to ensure their systems and networks remain secure. The primary focus is relationships with external entities such as the service provider who hosts their web based applications, the hardware provider that furnishes their server equipment, and the software provider supplying them with operating system licenses. When an enterprise's IT security posture depends on external entities, what should the IT team prioritize to ensure continued security?
a. Update all software systems without regard to the service provider's updates.
b. Replace all hardware equipment annually regardless of its current
state.
c. Ensure thorough auditing of service providers, hardware providers, and software providers is conducted on a regular basis.
d. Relocate the hosting of web-based applications to in-house servers.
c. Ensure thorough auditing of service providers, hardware providers, and software providers is conducted on a regular basis.
The IT department of a medium-sized enterprise is reviewing its network architecture with a focus on increasing security and efficiency. The organization currently uses a flat network model, but the security team has proposed implementing Virtual Local Area Networks (VLANs) to compartmentalize traffic and minimize potential attack surfaces. The team's goal is to limit lateral movement between network devices and enforce a principle of least privilege across the network. Considering this security improvement initiative, what is a major benefit of integrating VLANs into the existing network architecture from a security standpoint?
a. Providing an alternative for physical cabling and switches
b. Enhancing bandwidth efficiency and speed
c. Isolating network traffic and reducing the potential attack surface Correct
d. Improving scalability by adding more devices to the network
c. Isolating network traffic and reducing the potential attack surface Correct
Which of the following statements is correct regarding user account provisioning and de-provisioning?
(Select the two best options.)
a. Provisioning and de-provisioning of user accounts involve creating, modifying, and removing user accounts to maintain appropriate access levels.
b. Provisioning and permission assignments are exclusively managed by individual users.
c. De-provisioning accounts is the process of granting additional access to prevent delays in user tasks.
d. The principle of least privilege guides the assignment of permissions, ensuring users have only the necessary access for their job roles.
a. Provisioning and de-provisioning of user accounts involve creating, modifying, and removing user accounts to maintain appropriate access levels.
d. The principle of least privilege guides the assignment of permissions, ensuring users have only the necessary access for their job roles.
As part of a business continuity plan, a company wants to create a resilient work model that securely allows employees to access critical network resources, regardless of physical location. This model must enforce strict access controls and multifactor authentication while facilitating on-site and remote work capabilities. What type of work environment mostly aligns with these requirements?
a. Fully remote work environment
b. Third-party outsourced work environment
c. On-premises work environment
d. Hybrid work environment
d. Hybrid work environment
An organization's IT department wants to implement a security model responsible for verifying user identities, determining access rights, and monitoring activities within a system. Which concept is MOST appropriate for the department to implement?
a. Zero trust
b. RBAC
c. Policy engine
d. AAA
d. AAA (Authentication, Authorization and Accounting)
A company's IT team has detected an anomaly in a cloud-based environment after a recent software update. There are suspicions that the update could contain malicious code, potentially leading to unauthorized access to sensitive data. Which of the following actions should the IT team take as a first step to address the threat posed by the potential malicious update?
a. Migrate all data to a different cloud service provider immediately.
b. Isolate the affected systems and perform a rollback to the previous update.
c. Update firewall rules to block all incoming traffic.
d. Implement two-factor authentication for all user accounts.
b. Isolate the affected systems and perform a rollback to the previous update.
A company is prioritizing the security of its sensitive financial information. With a diverse team of remote and in-office staff, the IT security team must ensure that this data is secure, whether on a server in the data center, sent via email to international partners, or actively used by an authorized user on the corporate network. Which two methods are MOST effective for securing this company's data?
a. Encryption and hashing
b. Permission restrictions and geographic restrictions
c. Obfuscation and segmentation
d. Tokenization and masking
a. Encryption and hashing
An auditor performs a compliance scan based on the security content automation protocol (SCAP). Which of the following elements represents best practice configuration checklists and rules?
a. Simple Network Management Protocol
b. Open Vulnerability and Assessment Language
c. Extensible configuration checklist description format
d. Security content automation protocol
c. Extensible configuration checklist description format
An organization observes employees leaving sensitive documents on their desks, thereby exposing sensitive data in the work area. To stop unauthorized staff or guests from accessing this information, the organization decides to introduce a new policy. Which policy would resolve this issue?
a. Use of personally owned devices in the workplace
b. Acceptable use policy
c. Code of conduct and social media analysis
d. Clean desk policy
d. Clean desk policy
A security analyst wishes to implement a system that enforces access decisions to ensure that the privileges granted to an individual are appropriate for their role within the organization. Which component is critical for enforcing these access control decisions?
a. Zero trust
b. Authenticating systems
c. Non-repudiation
d. Policy enforcement point
d. Policy enforcement point
Software vendors no longer support an accounting firm's critical applications. The security team is exploring strategies to mitigate the risk posed by these unsupported apps. What is the most effective approach to mitigating risks associated with unsupported software?
a. Implementing regular patch management.
b. Increase security awareness training.
c. Consolidating all applications into one product.
d. Isolating unsupported software from other systems.
d. Isolating unsupported software from other systems.
The IT department of a healthcare provider maintains a database containing personal health information for its patients. Which of the following labels best describes this data?
a. Public
b. Nonsensitive
c. Regulated
d. Critical
c. Regulated
A financial institution plans to repurpose several older servers to expand the resources available in its test environment. The servers contain sensitive customer data. Which of the following represents the appropriate action for repurposing the servers in this manner?
a. Degauss the server disks.
b. Perform data sanitization through data wiping
c. Leave the data on the servers, as the system will eventually overwrite it.
d. Use a basic method of overwriting, such as zero filling, once.
b. Perform data sanitization through data wiping
What type of policy defines the appropriate handling of a customer's personally identifiable information (PII)?
a. Information security policy
b. Acceptable use policy
c. Disaster recovery policy
d. Data privacy policy
d. Data privacy policy
An organization is transitioning from an on-premises server system to a public cloud platform. What security design paradigm requires all requests to be authenticated before they can continue?
a. Zero trust
b. SD-WAN
c. SASE
d. Deperimeterization
a. Zero trust
When an enterprise's IT security posture depends on external entities such as software developers, hardware manufacturers, and web-hosting companies, what should the enterprise prioritize to ensure continued security?
a. Conduct thorough audits of service, hardware, and software providers regularly.
b. Relocate the hosting of web-based applications to in-house servers.
c. Update all software systems without regard to the service provider's updates.
d. Replace all hardware equipment annually, regardless of its current state.
a. Conduct thorough audits of service, hardware, and software providers regularly.
A multinational business is improving its data security strategy and wants to apply different protective measures to secure data, whether stored, transferred, or processed. What term is used to describe data in this context?
a. Data segmentation
b. Data states
c. Geographic restrictions
d. Data obfuscation
b. Data states
A cybersecurity analyst in a multinational corporation is responsible for sensitive customer data and proprietary information and is now dealing with a security breach. The team is managing the incident response process using the CompTIA incident response lifecycle. The team has just completed the third step in the process. What must the team do next?
a. Containment
b. Preparation
c. Analysis
d. Detection
a. Containment
A company helps employees get up to speed quickly with correct documentation. Guidelinescan be beneficial in accomplishing this goal. To ensure guidelines remain relevant, what mustthe company do to them? (Select the two best options.)
a. Continually update them
Incorrect
b. Periodic assessments
c. Regular review
d. Mandatory employee review
b. Periodic assessments
c. Regular review
A properly implemented change plan helps keep business operations moving forward.Restarts, dependencies, and downtime go hand-in-hand with change management. When isthe BEST time to implement changes for an international organization? (Select the two bestoptions.)
a. Off-peak times
b. Peak times
c. After the workday
d. Maintenance windows
a. Off-peak times
d. Maintenance windows
An organization observes several computer systems in a secured area showing signs of damage, having various cables disconnected, or hardware component tampering. Which type of attack is likely responsible for these issues?
a. Insider threats
b. Malware attacks
c. Physical attacks
d. Denial-of-service attacks
c. Physical attacks
A cybersecurity analyst at a large corporation is assessing the security implications of transitioning to a hybrid model that incorporates both traditional network and cloud architectures. The corporation aims to leverage the advantages of both architectures while minimizing potential vulnerabilities. The analyst needs to understand the distinctive characteristics of each model to manage risks effectively. Given the differences in the architecture models, which statements correctly describe unique features related to the security implications of each model? (Select the two best options.)
a. Cloud architectures solely depend on customers to manage the physical hardware and its security.
b. Physical device security and controlled access gain heightened importance in traditional network architectures due to onsite storage of devices.
c. Cloud architectures actively delegate security tasks between cloud service providers and customers, creating a shared responsibility model.
d. Traditional network architectures inherently prioritize data encryption during transit more than cloud architectures.
b. Physical device security and controlled access gain heightened importance in traditional network architectures due to onsite storage of devices.
c. Cloud architectures actively delegate security tasks between cloud service providers and customers, creating a shared responsibility model.
Regarding centralized web filtering, what uses the proxy server to implement obstructions based on various factors such as the website's URL, domain, IP address, content category, or even specific keywords within the web content?
a. Reputation-based filtering
b. Content categorization
c. Block rules
d. URL scanning
c. Block rules
The IT team at a financial services company has decided to conduct an external penetration test on the company's public-facing web applications. Rules of engagement (ROE) must be established before entering into an agreement for penetration testing services. What is the purpose of establishing ROE in a penetration testing engagement?
a. To eliminate all security vulnerabilities identified during the testing process
b. To define the scope of the assessment, testing methods, and timeframe for conducting the test
c. To allow penetration testers unrestricted access to all systems and data within the organization
d. To ensure the penetration test results are shared with external parties to strengthen collaboration
b. To define the scope of the assessment, testing methods, and timeframe for conducting the test