Question
51. Question 51 Which type of threat is a social engineering attack? 1 point System based External App based Internal 52. Question 52 Which three
51.
Question 51
Which type of threat is a social engineering attack?
1 point
System based
External
App based
Internal
52.
Question 52
Which three (3) of these are among the 5 common pitfalls of data security? (Select 3)
1 point
Failure to recognize the need for centralized data security
Failure to define who owns responsibility for the data itself
Failure to hire an adequately skilled workforce
Failure to move beyond compliance
53.
Question 53
True or False. WireShark has an impressive array of features and is distributed free of charge.
1 point
True
False
54.
Question 54
Port numbers 1024 through 49151 are known as what?
1 point
Registered Ports
Well known ports
Virtual Ports
Dynamic and Private Ports
55.
Question 55
The Decommission step in the DevSecOps Release, Deploy & Decommission phase contains which of these activities?
1 point
IAM controls to regulate authorization
Centralized Key-Value & Secret stores
Creation of Immutable images
Versioning of infrastructure
56.
Question 56
Which form of penetration testing allows the testers partial knowledge of the systems they are trying to penetrate in advance of their attack to streamline costs and focus efforts?
1 point
Red Box Testing
Black Box Testing
White Box testing
Gray Box Testing
57.
Question 57
Which of the OWASP Top 10 Application Security Risks would be occur when there are no safeguards against a user being allowed to execute HTML or JavaScript in the user's browser that can hijack sessions.
1 point
Insecure deserialization
Cross-site scripting
Insufficient logging and monitoring
Security misconfiguration
58.
Question 58
Why should you always look for common patterns before starting a new security architecture design?
1 point
They can help identify best practices
They can shorten the development lifecycle
Some document complete tested solutions
All of the above
59.
Question 59
A robust cybersecurity defense includes contributions from 3 areas, human expertise, security analytics and artificial intelligence. Rapidly analyzing large quantities of unstructured data lends itself best to which of these areas?
1 point
Security analytics
Human expertise
Artificial intelligence
60.
Question 60
The triad of a security operations centers (SOC) is People, Process and Technology. Which part of the triad would network monitoring belong?
1 point
People
Process
Technology
None of the above
61.
Question 61
Which of these is a good definition for cyber threat hunting?
1 point
The act of simulating attacks to identify vulnerabilities, testing new software to help protect the company's data, and helping users adhere to new regulations and processes to ensure the network stays safe
The act of creating and maintaining corporate security structures and ensuring that they function as designed As high-level leaders, they also supervise security teams and have a hand in creating security-related policies and procedures
The act of detecting, investigating, and responding to incidents, including planning and implementing preventative security measures building disaster recovery plans
The act of proactively and aggressively identifying, intercepting, tracking, investigating and eliminating cyber adversaries as early as possible in the cyber kill chain
62.
Question 62
The cyber hunting team and the SOC analysts are informally referred to as the ____ and ____ teams, respectively.
1 point
Blue Red
Attack, Defense
Red, Blue
Visitors, Home
63.
Question 63
Which three (3) soft skills are important to have in an organization's incident response team? (Select 3)
1 point
Problem solving and Critical thinking
Motivational
Communication
Teamwork
64.
Question 64
True or False. Communications of a data breach should be handled by a team composed of members of the IR team, legal personnel and public relations.
1 point
True
False
65.
Question 65
Which three (3) of these statistics about phishing attacks are real? (Select 3)
1 point
Around 15 million new phishing sites are created each month
Phishing attempts tripled between 2017 and 2018
Phishing accounts for nearly 20% of data breaches
30% of phishing messages are opened by their targeted users
66.
Question 66
Which three (3) of these control processes are included in the PCI-DSS standard? (Select 3)
1 point
Require a photo ID for all credit card transactions
Maintain an information security policy
Regularly monitor and test networks
Implement strong access control measures
67.
Question 67
Which three (3) are malware types commonly used in PoS attacks to steal credit card data? (Select 3)
1 point
Alina
BlackPOS
vSkimmer
Stuxnet
68.
Question 68
According to a 2018 Ponemon study third party risk management, which three (3) of these were identified as best practices? (Select 3)
1 point
Frequent review of third-party management policies and programs
Evaluation of the security and privacy practices of all third parties
Requirement that all third-parties are bonded against data loss in the event of a breach
An inventory of all third parties with whom you share information
69.
Question 69
You get a phone call from a technician at the "Windows company" who tells you that they have detected a problem with your system and would like to help you resolve it. In order to help, they need you to go to a web site and download a simple utility that will allow them to fix the settings on your computer. Since you only own an Apple Mac, you are suspicious of this caller and hang up. What would the attack vector have been if you had downloaded the "simple utility" as asked?
1 point
Remote Desktop Protocol (RDP)
Software Vulnerabilities
Malicious Links
Phishing
70.
Question 70
Very provocative articles that come up in news feeds or Google searches are sometimes called "click-bait". These articles often tempt you to link to other sites that can be infected with malware. What attack vector is used by these click-bait sites to get you to go to the really bad sites?
1 point
Software Vulnerabilities
Phishing
Malicious Links
Remote Desktop Protocol (RDP)
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started