Q1. According to the shared responsibility model, which cloud computing model places the most responsibility on the cloud service provider (CSP)?
- Hybrid Cloud
- Software as a Service (SaaS)
- Platform as a Service (PaaS)
- Infrastructure as a Service (IaaS)
- PaaS
- public cloud
- private cloud
- IaaS
Q3. Your organization recently implemented a unified messaging solution and VoIP phones on every desktop. You are responsible for researching the vulnerabilities of the VoIP system. Which type of attack are VoIP phones most vulnerable to experiencing?
- denial-of-service
- brute force attacks
- malware
- buffer overflow
- cloud access security broker (CASB)
- intrusion prevention system (IPS)
- intrusion detection system (IDS)
- next generation firewall
Explaination: An intrusion detection system (IDS
) is a device or software application that monitors a network or systems for malicious activity or policy violations. Source Quizlet
- SIEM
- UTM
- protocol analyzer
- data sink
- code review
- code analysis
- static analysis
- dynamic analysis
Q7. Which option describes testing that individual software developers can conduct on their own code?
- gray box testing
- integration testing
- white box testing
- unit testing
Q8. In black box penetration testing, what information is provided to the tester about the target environment?
- none
- limited details of server and network infrastructure
- all information
- limited details of server infrastructure
Q9. Which security control can best protect against shadow IT by identifying and preventing use of unsanctioned cloud apps and services?
- intrusion prevention system (IPS)
- next generation firewall
- cloud access security broker (CASB)
- intrusion detection system (IDS)
- monitoring of normal employee system and data access patterns
- applying system and application updates regularly
- fault tolerant infrastructure and data redundancy
- separation of duties and job rotation
Source: Stack Exchange
Q11. During a penetration test, you find a file containing hashed passwords for the system you are attempting to breach. Which type of attack is most likely to succeed in accessing the hashed passwords in a reasonable amount of time?
- rainbow table attack
- pass-the-hash attack
- password spray attack
- brute force attack
Explanation: A rainbow table attack is a more efficient and effective way of cracking many hashed passwords, whereas brute-forcing would take much longer and may not complete in a reasonable amount of time. Source Professor Messer.
- 4
- 1
- 2
- 3
Q13. You configure an encrypted USB drive for a user who needs to deliver a sensitive file at an in-person meeting. What type of encryption is typically used to encrypt the file?
- file hash
- asymmetric encryption
- digital signature
- symmetric encryption
- DRP works to keep a business up and running despite a disaster. BCP works to restore the original business capabilities.
- BCP works to keep a business up and running despite a disaster. DRP works to restore the original business capabilities.
- BCP is part of DRP.
- DRP is part of BCP.
- non-repudiation
- integrity
- availability
- confidentiality
Source: screenshot of LinkedIn assessment practice mode question.
Q16. You need to recommend a solution to automatically assess your cloud-hosted VMs against CIS benchmarks to identify deviations from security best practices. What type of solution should you recommend?
- Cloud Security Posture Management (CSPM)
- Intrusion Detection and Prevention System (IDPS)
- Cloud Workload Protection Platforms (CWPP)
- Cloud Access Security Brokers (CASBs)
Source: screenshot of LinkedIn assessment practice mode question.
- Compression
- Hashing
- Symmetric encryption
- Stenography
- CCPA
- GDPR
- NIST Privacy Framework
- OSPF
Q19. what is the term for the policies and technologies implemented to protect, limit, monitor, audit, and govern identities with access to sensitive data and resources?
- identity and access management (IAM)
- privileged account management (PAM)
- authentication and authorization
- least privilege
Q20. You have configured audit settings in your organization's cloud services in the event of a security incident. What type of security control is an audit trail?
- preventive control
- detective control
- directive control
- corrective control
- grayout
- blackout
- brownout
- whiteout
Q22. Your security team recommends adding a layer of defense against emerging persistent threats and zero-day exploits for all endpoints on your network. The solution should offer protection from external threats for network-connected devices, regardless of operating system. Which solution is best suited to meet this requirement?
- Security Information Event Management (SIEM)
- Extended Detection and Response (XDR)
- next generation firewall (NGFW)
- Cloud App Security Broker (CASB)
- TRIKE
- TOGAF
- STRIDE
- MITRE ATT&CK
Q24. You organization is conducting a pilot deployment of a new e-commerce application being considered for purchase. You need to recommend a strategy to evaluate the security of the new software. Your organization does not have access to the application's source code.
- dynamic application security testing
- unit testing
- white box testing
- static application security testing
Q25. You need to disable the camera on corporate devices to prevent screen capture and recording of sensitive documents, meetings, and conversations. Which solution would be be suited to the task?
- Mobile Device Management (MDM)
- Data Loss Prevention (DLP)
- Intrusion Detection and Prevention System (IDPS)
- cloud access security broker (CASB)
- 200
- 400
- 100
- 300
Explaintion: The formula for asymmetric encryption is 2n
; where n
is the number of communicating parties.
Q27. Two competing online retailers process credit card transactions for customers in countries on every continent. One organization is based in the United States. The other is based in the Netherlands. With which regulation must both countries comply while ensuring the security of these transactions?
- Federal Information Security Managment Act (FISMA)
- Payment Card Industry Data Security Standard (PCI-DSS)
- General Data Protection Regulation (GDPR)
- International Organization for Standardization and Internation Electronical Commission (ISO/IEC 27018)
Explaintion: The Payment Card Industry Data Security Standard (PCI DSS
) is the global card industry security standard that is required of all entities that store, process, or transmit cardholder data, including financial institutions, online retailers and service providers. Source: (PCI Security Overview).
Q28. What provides a common language for describing security incidents in a structures and repeatable manner?
- Common event format
- common weakness enumeration
- common vulnerabilties and exposures
- common vulnerability scoring system
Explaination: The Common Vulnerabilities and Exposures (CVE
) system provides a reference-method for publicly known information-security vulnerabilities and exposures.
Q29. Which type of application can intercept sensative information such as passwoprds on a network segment?
- log server
- network scanner
- firewall
- protocol analyzer
Explaination: A protocol analyzer
is a tool used to capture and analyze signals and data traffic over a communication channel. WireShark is a protocol analyzer.
Q30. An attacker has discovered that they can deduce a sensitive piece of confidential information by analyzing multiple pieces of less sensative public data.
- aggregation
- inference
- SQL injection
- cross-origin resouce sharing
Explaination: An Inference Attack
is a data mining technique performed by analyzing data in order to illegitimately gain knowledge about a subject or database. A subject's sensitive information can be considered as leaked if an adversary can infer its real value with a high confidence. Source: (Wikipedia).
- Zero Trust Security
- Role-Based Access Control (RBAC)
- authorization
- Single Sign-On
Source Okata.com
- processor
- object
- subject
- controller
Source Intersoft Consulting
- use least privilege access
- verify explicitly
- trust but verify
- assume breach
Explaination: zero trust assumes that the system will be breached and designs security as if there is no perimeter. Hence, don’t trust anything by default. Source NIST
- ARP spoofing
- pharming attacks
- cross-site scripting (XSS)
- DNS poisoning
Source White Hat Sec
Q35. You are a security analyst, and you receive a text message alerting you of a possible attack. Which security control is the least likely to produce this type of alert?
- IDS
- SIEM
- packet sniffer
- IPS
Q35. SQL injection inserts a code fragment that makes a database statement universally true, like _.
-
SELECT * FROM users WHERE username = " AND 1=1--'
-
SELECT * FROM users WHERE username = " AND 1!=1--'
-
SELECT * FROM users WHERE username = " OR 1=1--'
-
SELECT * FROM users WHERE username = " OR 1!=1--'
- static analysis
- black box testing
- dynamic analysis
- penetration testing
- Autopsy
- Snort
- Nmap
- Wireshark
nmap is a port scanner https://en.wikipedia.org/wiki/Nmap wireshark is a traffic analyzer snort is an IDS autopsy is for forensic analysis
Q39. When implementing a data loss prevention (DLP) strategy, what is the first step in the process?
- Evaluate the features of available DLP products to determine which best meet your organizations's needs.
- Examine the flow of sensitive data in your organization to better understand usage patterns.
- Conduct an inventory of all the data in your organization to establish classifications based on sensitivity.
- Conduct a risk assessment to determine the best data labeling strategy for your organization.
- virus
- worm
- rootkit
- Trojan horse
- encryption
- a metropolitan area network
- a virtual local area network
- a wide area network
- authentication
- Single Sign-On
- authorization
- Role-Based Access Control (RBAC)
Q43. Which cyberattack aims to exhaust an application's resources, making the application unavailable to legitimate users?
- SQL injection
- dictionary attack
- Distributed Denial of Service (DDoS)
- rainbow table attack
Q44. You are a recent cybersecurity hire, and your first assignment is to present on the possible threats to your organization. Which of the following best describes the task?
- risk mitigation
- threat assessment
- risk management
- enumeration
Q45. You are at a coffee shop and connect to a public wireless access point (WAP). What a type of cybersecurity attack are you most likely to experience?
- man-in-the-middle attack
- back door
- logic bomb
- virus
Q46. You have been tasked with recommending a solution to centrally manage mobile devices used throughout your organization. Which technology would best meet this need?
- Extended Detection and Responde (XDR)
- Security Information Event Management (SIEM)
- Intrusion Detection and Prevention System (IDPS)
- Mobile Device Management (MDM)
Q47. Which type of vulnerability cannot be discovered in the course of a typical vulnerability assessment?
- file permissions
- buffer overflow
- zero-day vulnerability
- cross-site scripting
Q48. The DLP project team is about to classify your organization's data. Whats is the primary purpose of classifying data?
- It identifies regulatory compliance requirements.
- It prioritizes IT budget expenditures.
- It quantifies the potential cost of a data breach.
- It establishes the value of data to the organization.
Q49. You are responsible for managing security of your organization's public cloud infrastructure. You need to implement security to protect the data and applications running in a variety of IaaS and PaaS services, including a new Kubernetes cluster. What type of solution is best suited to this requirement?
- Cloud Workload Protection Platforms (CWPP)
- Cloud Security Posture Management (CSPM)
- Cloud Access Security Brokers (CASBs)
- Intrusion Detection and Prevention System (IDPS)
- identification
- authorization
- accounting
- authentication
Q51. You have recovered a server that was compromised in a malware attack to its previous state. What is the final step in the incident response process?
- Eradication / Remediation
- Certification
- Reporting
- Lessons Learned
- dynamic analysis
- static analysis
- penetration testing
- black box testing
- asymmetric
- symmetric
- hashing
- all of these answers
Q54. You have just identified and mitigated an active malware attack on a user's computer, in which command and control was established. What is the next step in the process?
- Reporting
- Recovery
- Eradiction / Remediation
- Lessons Learned
- assume breach
- verify explicitly
- use least privilege access
- trust but verify
- C
- Java
- Ruby
- Python
- risk acceptance, risk mitigation, risk containment, and risk qualification
- risk avoidance, risk transference, risk containment, and risk quantification
- risk avoidance, risk mitigation, risk containment, and risk acceptance
- risk avoidance, risk transference, risk mitigation, and risk acceptance
Q58. To implement encryption in transit, such as with the HTTPS protocol for secure web browsing, which type(s) of encryption is/are used?
- asymmetric
- both symmetric and asymmetric
- neither symmetric or asymmetric
- symmetric