_______________ is a framework used to
organize information about an attacker’s TTPs and
other indicators of compromise in a machinereadable
format for easy sharing and follow-on
automation.
A. TAXII B. STIX C. OpenIOC D. APT.
A security engineer analyzes computer networks, ensures they’re running securely, and tries to
foresee possible security issues that may arise in the future so that protections can be built into a
system from the beginning. How does sharing threat intelligence with security engineers provide
a benefit? (Choose all that apply.)
A. Allows quick action when dealing with new threats B. Provides insight into the possible effectiveness
of security measures C. Enables security engineers to operationalize
countermeasures to specific adversary tactics D. Prepares them to predict the capability, intent,
and opportunity for a threat in the future.
Talos and VirusTotal provide lookup information on potentially malicious URLs, domains, and IP
addresses across the Internet and rate them on the potential of being risky based on association with
the following types of data or activities: malware, spyware, spam, phishing, fraud, and so on. The
data described is commonly referred to as which type of data? A. Reputation B. Indicator of compromise C. Attack vector D. Kill chain.
According to the Center for Internet Security (CIS)
best practices, vulnerability scanning should be
performed weekly or more frequently. All of the
following factors should be considered when
creating your organization’s vulnerability scanning
policy except which one?
A. Technical constraints B. Regulatory requirements C. Vulnerability feed D. Mitigation strategy.
Network segmentation makes threat attacks more difficult by separating your network into smaller
chunks and is one method to implement layered network defenses. Which of the following could be
considered benefits of network segmentation? (Choose all that apply.) A. Increased visibility B. Granular security control C. Complex management D. Prevents attacker lateral movement.
Testing software for security flaws is more critical today than ever. One must consider several factors,
such as the programming language, availability of source code, financial budget to fund software
testing, and so forth when determining how to approach software testing. Utilizing a tool such as Fortify, Coverity, Lapse, or FindBugs to test the software source code without code execution is which of the following software assessment techniques? A. Dynamic analysis B. Static analysis C. Reverse engineering D. Fuzzing.
Which of the following tools, on sectools.org for wireless tools, is most known for its ability to
recover wireless keys from WEP and WPA Wi-Fi security protocols?
A. OpenVAS B. Aircrack-ng C. Reaver D. oclHashcat.
Which of the following cloud security tools ships with over 30 modules that enable a range of
attacks, including user privilege escalation, enumeration, and attacking vulnerable Lambda
functions, and is designed to be used in penetration tests, not just compliance checks?
A. Prowler B. Pacu C. Burp Suite D. Scout Suite.
A. Wireshark B. DumpSec C. Responder D. Untidy.
XYZ, Inc., has invested in robotic process automation (RPA) technology to help with
workflow and process automation. Which of the following are potential risks applicable to RPA?
(Choose all that apply.) Nu am gresit dar e interesanta A. Compromised bot used to access sensitive data B. Malicious threat actor using social engineering
on bots to perform nefarious privileged activities C. System disruption caused by scheduled bot
activities overwhelming network resources D. Poor bot design enabling a remote network
attack.
(Interesanta) Angela is preparing a proposal regarding automation/digitization of a client’s building
control systems (HVAC, energy management, lighting control, access control, and related
sensors). There are many advantages for the client to make this upgrade, including some cybersecurity
advantages. Which of the following would be considered legitimate cybersecurity disadvantages
of automating the client’s building control systems? (Choose two.) A. Use of legacy insecure protocols, common in building control systems, can create security
gaps when converged with newer IT. B. Decreased efficiency of building control systems resulting in higher energy and operational costs. C. Reduces client’s ability to continuously monitor building control systems vulnerabilities, threats, and anomalies. D. Explosion of connected devices expands the attack surface, increasing the likelihood of a successful cybersecurity attack.
A. 1 – Weak, Guessable, or Hardcoded Passwords B. 2 – Insecure Network Services C. 3 – Insecure Ecosystem Interfaces D. 4 – Lack of Secure Update Mechanism.
While reviewing vulnerability scan results, Ainsley found that one of the reported vulnerabilities, CVE-
2014-0160, remained open and not patched. Ainsley’s research on this vulnerability found it
affected OpenSSL and, if exploited, could allow attackers to read memory, potentially recover
encryption keys, access credentials, and then use the credentials to access the system for nefarious
purposes. What is the more common name for the vulnerability described? A. SS7 B. FREAK C. POODLE D. Heartbleed.
Susan has been researching cybersecurity challenges related to embedded systems utilized in
the hospital network. To her surprise, the utilization of embedded systems was more
widespread than anticipated. After briefing her findings to her supervisor, Susan was tasked to
draft a plan to address cybersecurity challenges related to these embedded systems. According to
her research, which of the following is the toughest challenge to address?
A. Vulnerability identification B. Vulnerability protection C. Vulnerability remediation D. Vulnerability testing.
Google’s Project Zero identified significant
cybersecurity issues with Broadcom’s wireless
system on a chip (SoC), causing both Apple and
Android to scramble to get patches deployed. Why
are cybersecurity weaknesses in SoC technology
significant? (Choose all that apply.) A. Difficulty in detecting malicious use of
Hardware Description Language (HDL) processes B. Increased attack surface due to SoC utilization in almost all mobile technology C. SoC design increases likelihood of system-wide impacts D. High integration of hardware and software increases attack complexity.
Compared to integrated circuits, field programmable
gate array (FPGA) technology is
more flexible because it can be reconfigured to
accommodate new functionality. One FPGA
vulnerability discovered in Cisco firewall devices, if
exploited, can cause the firewall to stop processing
packets. This type of attack is referred to as:
A. Buffer overflow B. Denial of service C. Trojan horse D. SQL injection.
Controller area network (CAN) bus is another
example, similar to Modbus, where technology was
designed purely for functionality with little or no
consideration for cybersecurity. Which of the
following are the primary cybersecurity weaknesses
of the CAN bus implementation? (Choose all that apply.) A. Lack of authentication schemes B. Limited to a maximum length of 40 meters C. Lacks implementation of cryptographic
protections D. Incurs more expenditure for software
development and maintenance .
Scott is looking for a method to increase
consistency in his cloud implementations. He has
found a method that looks promising which
basically uses configuration files to manage his IT
infrastructure instead of manually making the
changes. Which of the following methods has he discovered? Alege doar una A. Software as a Service B. Infrastructure as Code C. Function as a Service D. Platform as a Service.
The growth of public cloud continues at a rapid pace, and organizations rely upon publicly exposed
interfaces to manage and interact with cloud services such as provisioning, managing, and
monitoring assets/users. Because the organizations utilize a large number of these interfaces, the
interfaces are often not secured properly, making
them an attractive attack vector. Which type of interface is referred to here? A. Application programming interface B. Open Cloud Computing Interface C. Cloud Data Management Interface D. Hybrid Deployment Interface.
The type of serverless computing where the serverside
logic runs in a stateless compute container,
such as AWS Lambda, is known as
_______________. A. Software as a Service B. Function as a Service C. Platform as a Service D. Infrastructure as a Service.
Jason is reviewing the AWS shared responsibility model, as shown in the following image. Based on
this model, who is responsible for monitoring and logging? A. AWS B. Customer C. Third-party service provider D. Responsibility cannot be determined.
Based on the situation described in previous Question , which action would you recommend Jason take next? A. Request AWS clarify all responsibilities B. Research cloud monitoring and logging tools to purchase C. Contact a third party to obtain quotes for monitoring and logging services D. Explore the use of other cloud service providers.
Kathy is considering a hybrid cloud model for her
organization. Which of the following would be a
good reason for her to pursue a hybrid cloud model
for her organization’s needs? A. Cloud compatibility B. Reduced deployment cost C. Less complex cybersecurity implementation D. Benefits of public, private, and on-premises
cloud models.
|
