Loading...
EAP Codes
QuizΒ by Liberty
Customize this quiz to suit your class
Instantly translate to 100+ languages
Tag the questions with any skills you have. Your dashboard will track each student's mastery of each skill.
Give this quiz to my class
βWhat is the code for a tornado warning?
Code Grey
Code White
Code Black
Code Yellow
βWhat is the code for fecal matter in the pool?
Code Black
Code Blue
Code Green
Code Brown
What is the code for a tornado warning?
What is the code for fecal matter in the pool?
What is the code for a life-threatening emergency?
What is the code for a chemical leak?
What is the code for vomit in the pool?
What is the code for a non life-threatening emergency?
What is the code for a fire?
What is the code for "all clear"?
What is the code for a threat of violence?
Instructors will call the code for "all clear" once the situation is taken care of.
Let's pretend you have a student who has a fecal accident in the pool during class. How would you go about alerting the D.A./Manager/Owner of this emergency?Β
EAP EAP-TLSEAP essayeap quizOperations Supervisor / LS Meeting EAP QuizMultiple Choice Questions A6. Youβve hired a third-party to gather information about your companyβs servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach? β A. Backdoor testing β B. Passive footprinting β C. OS fingerprinting β D. Partially known environment A7. Which of these protocols use TLS to provide secure communication? (Select TWO) β A. HTTPS β B. SSH β C. FTPS β D. SNMPv2 β E. DNSSEC β F. SRTP A8. Which of these threat actors would be MOST likely to attack systems for direct financial gain? β A. Organized crime β B. Hacktivist β C. Nation state β D. Competitor A9. A security incident has occurred on a file server. Which of the following data sources should be gathered to address file storage volatility? (Select TWO) β A. Partition data β B. Kernel statistics β C. ROM data β D. Temporary file systems β E. Process table Quick Answer: 33 The Details: 43 Quick Answer: 33 The Details: 44 Quick Answer: 33 The Details: 45 Quick Answer: 33 The Details: 46 6 Practice Exam A - Questions A10. An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices? β A. IoT β B. RTOS β C. MFD β D. SoC A11. Which of the following standards provides information on privacy and managing PII? β A. ISO 31000 β B. ISO 27002 β C. ISO 27701 β D. ISO 27001 A12. Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration? β A. Create an operating system security policy to prevent the use of removable media β B. Monitor removable media usage in host-based firewall logs β C. Only allow applications that do not use removable media β D. Define a removable media block rule in the UTM Quick Answer: 33 The Details: 47 Quick Answer: 33 The Details: 48 Quick Answer: 33 The Details: 49 Practice Exam A - Questions 7 A13. A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement? β A. ISO 27701 β B. PKI β C. IaaS β D. SOAR A14. An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies: β’ Access records from all devices must be saved and archived β’ Any data access outside of normal working hours must be immediately reported β’ Data access must only occur inside of the country β’ Access logs and audit reports must be created from a single database Which of the following should be implemented by the security team to meet these requirements? (Select THREE) β A. Restrict login access by IP address and GPS location β B. Require government-issued identification during the onboarding process β C. Add additional password complexity for accounts that access data β D. Conduct monthly permission auditing β E. Consolidate all logs on a SIEM β F. Archive the encryption keys of all disabled accounts β G. Enable time-of-day restrictions on the authentication server Quick Answer: 33 The Details: 50 Quick Answer: 33 The Details: 51 8 Practice Exam A - Questions A15. Rodney, a security engineer, is viewing this record from the firewall logs: UTC 04/05/2018 03:09:15809 AV Gateway Alert 136.127.92.171 80 -> 10.16.10.14 60818 Gateway Anti-Virus Alert: XPACK.A_7854 (Trojan) blocked. Which of the following can be observed from this log information? β A. The victim's IP address is 136.127.92.171 β B. A download was blocked from a web server β C. A botnet DDoS attack was blocked β D. The Trojan was blocked, but the file was not A16. A user connects to a third-party website and receives this message: Your connection is not private. NET::ERR_CERT_INVALID Which of the following attacks would be the MOST likely reason for this message? β A. Brute force β B. DoS β C. On-path β D. Disassociation A17. Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site? β A. Federation β B. 802.1X β C. PEAP β D. EAP-FAST Quick Answer: 33 The Details: 53 Quick Answer: 33 The Details: 54 Quick Answer: 33 The Details: 55 Practice Exam A - Questions 9 A18. A system administrator, Daniel, is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. Daniel needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information? β A. MTBF β B. RTO β C. MTTR β D. MTTF A19. An attacker calls into a companyβs help desk and pretends to be the director of the companyβs manufacturing department. The attacker states that they have forgotten their password and they need to have the password reset quickly for an important meeting. What kind of attack would BEST describe this phone call? β A. Social engineering β B. Tailgating β C. Watering hole β D. On-path A20. A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The companyβs network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network teamβs requirements? β A. EAP-TLS β B. PEAP β C. EAP-TTLS β D. EAP-MSCHAPv2 Quick Answer: 33 The Details: 56 Quick Answer: 33 The Details: 57 Quick Answer: 33 The Details: 58 10 Practice Exam A - Questions A21. Which of the following would be commonly provided by a CASB? (Select TWO) β A. List of all internal Windows devices that have not installed the latest security patches β B. List of applications in use β C. Centralized log storage facility β D. List of network outages for the previous month β E. Verification of encrypted data transfers β F. VPN connectivity for remote users A22. The embedded OS in a companyβs time clock appliance is configured to reset the file system and reboot when a file system error occurs. On one of the time clocks, this file system error occurs during the startup process and causes the system to constantly reboot. Which of the following BEST describes this issue? β A. DLL injection β B. Resource exhaustion β C. Race condition β D. Weak configuration A23. A recent audit has found that existing password policies do not include any restrictions on password attempts, and users are not required to periodically change their passwords. Which of the following would correct these policy issues? (Select TWO) β A. Password complexity β B. Password expiration β C. Password history β D. Password lockout β E. Password recovery Quick Answer: 33 The Details: 59 Quick Answer: 33 The Details: 60 Quick Answer: 33 The Details: 61 Practice Exam A - Questions 11 A24. What kind of security control is associated with a login banner? β A. Preventive β B. Deterrent β C. Corrective β D. Detective β E. Compensating β F. Physical A25. A security team has been provided with a noncredentialed vulnerability scan report created by a thirdparty. Which of the following would they expect to see on this report? β A. A summary of all files with invalid group assignments β B. A list of all unpatched operating system files β C. The version of web server software in use β D. A list of local user accounts A26. A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps? β A. Communication plan β B. Continuity of operations β C. Stakeholder management β D. Tabletop exercise A27. A security administrator is concerned about data exfiltration resulting from the use of malicious phone charging stations. Which of the following would be the BEST way to protect against this threat? β A. USB data blocker β B. Personal firewall β C. MFA β D. FDE Quick Answer: 33 The Details: 62 Quick Answer: 33 The Details: 63 Quick Answer: 33 The Details: 64 Quick Answer: 33 The Details: 65 12 Practice Exam A - Questions A28. A company would like to protect the data stored on laptops used in the field. Which of the following would be the BEST choice for this requirement? β A. MAC β B. SED β C. CASB β D. SOAR A29. A file server has a full backup performed each Monday at 1 AM. Incremental backups are performed at 1 AM on Tuesday, Wednesday, Thursday, and Friday. The system administrator needs to perform a full recovery of the file server on Thursday afternoon. How many backup sets would be required to complete the recovery? β A. 2 β B. 3 β C. 4 β D. 1110.31.b.17.C Topic: Reading/Vocabulary Development