Fridley Web Services
Administer a remote Linux server console. Which secure protocol should be used for this task?
A company would like to automate their response when a virus is detected on company devices. Which of the following would be the BEST way to implement this function?
Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration?
Monitor removable media usage in host-based firewall logs
Create an operating system security policy to prevent the use of removable media
Only allow applications that do not use removable media
Define a removable media block rule in the UTM
A transportation company has moved their reservation system to a cloud-based infrastructure. The security manager would like to monitor data transfers, identify potential threats, and ensure that all data transfers are encrypted. Which of the following would be the BEST choice for these requirements?
Which of the following is used by WPA3 to prevent PSK brute force attacks?
You’ve hired a third-party to gather information about your company’s servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach?
Partially known environment
Rodney, a security engineer, is viewing this record from the firewall logs: UTC 04/05/2018 03:09:15809 AV Gateway Alert 18.104.22.168 80 -> 10.16.10.14 60818 Gateway Anti-Virus Alert: XPACK.A_7854 (Trojan) blocked. Which of the following can be observed from this log information?
The Trojan was blocked, but the file was not
A download was blocked from a web server
A botnet DDoS attack was blocked
The victim's IP address is 22.214.171.124
An organization has developed an in-house mobile device app for order processing. The developers would like the app to identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following MUST be configured to allow this functionality?
Which of these protocols use TLS to provide secure communication? (Select TWO)
Which of the following would be the BEST way to monitor a cloud-based microservice architecture?
Transfer daily transaction files from one server to another. Which secure protocol should be used for this task?
An organization has traditionally purchased insurance to cover a ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and deal with ransomware issues internally. Which of the following would best describe this action?
Which of the following companies would be MOST likely to manage PHI?
Credit card services
Attacker intercepts all communication between a client and a web server
A virus alert appears in your browser from Microsoft with a phone number to call for support
Multiple attackers overwhelm a web server
Which of the following would be the BEST method of sending data to a specific port number on a remote device?
Secure Network Protocol: Talk with customers on scheduled conference calls
Which of the following standards provides information on privacy and managing PII?
Which of these would provide a connection between smartphones without the use of an access point?
A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement?
Which security framework is mandatory for US federal agencies and includes a six step process?
SSAE SOC 2 Type I/II
Build a secure tunnel between two remote locations. Which secure protocol should be used for this task?
Secure Network Protocol: Synchronize the time across all of your devices
Secure Network Protocol: Access your switch using a CLI terminal screen
A security incident has occurred on a file server. Which of the following data sources should be gathered to address file storage volatility? (Select TWO)
Temporary file systems
A shipping company stores information in small regional warehouses around the country. The company keeps an IPS online at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?
Which of the following would be the BEST way to provide connectivity to VPCs?
Function as a Service
Attacker modifies a legitimate DNS server to resolve the IP address of a malicious site
A recent security audit has discovered email addresses and passwords located in a packet capture. Which of the following did the audit identify?
Improper patch management
Secure Network Protocol: Gather metrics from routers at remote sites
An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices?
Secure Network Protocol: Accept customer purchases from your primary website
Sam, a security administrator, is configuring an IPsec tunnel to a remote site. Which protocol should she enable to protect all of the data traversing the VPN tunnel?
A security team has been asked to document information in the Diamond Model. Which of the following best describes this model?
Disaster recovery process
An attacker is modifying data sent in real-time between two devices. Which of the following attacks is MOST likely in use?
Denial of service
Which of the following is responsible for enforcing rules during a cybersecurity exercise?
Sam, a security administrator, is configuring the authentication process used by technicians when logging into a router. Instead of using accounts that are local to the router, Sam would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?
Which of these threat actors would be motivated by social change and would likely have limited funding options?
Attacker obtains bank account number and birth date by calling the victim
Which of the following would be considered an authentication attribute?
Something you have
Somewhere you are
Something you are
Something you know
The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:
Data protection officer
Lookup the IP address of a server based on the FQDN.Which secure protocol should be used for this task?
A security administrator is designing a storage array that would maintain an exact replica of all data without striping. The array needs to operate normally if a single drive was to fail. Which of the following would be the BEST choice for this storage system?
Which of these threat actors would be MOST likely to attack systems for direct financial gain?
A transportation company is installing new wireless access points in their corporate offices. The manufacturer estimates that the access points will operate an average of 100,000 hours before a hardware-related outage. Which of the following describes this estimate?
A security administrator has performed an audit of the organization’s production web servers, and the results have identified banner information leakage, web services running from a privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?
Run operating system updates
An IPS report shows a series of exploit attempts were made against externally facing web servers. The system administrator of the web servers has identified a number of unusual log entries on each system. Which of the following would be the NEXT step in the incident response process?
Disable any breached user accounts
Create a plan for removing malware from the web servers
Check the IPS logs for any other potential attacks
Disconnect the web servers from the network