Loading...
Solar - Team Meeting
QuizΒ by Solar Field
Customize this quiz to suit your class
Instantly translate to 100+ languages
Tag the questions with any skills you have. Your dashboard will track each student's mastery of each skill.
Give this quiz to my class
Multiple Choice Questions A6. Youβve hired a third-party to gather information about your companyβs servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach? β A. Backdoor testing β B. Passive footprinting β C. OS fingerprinting β D. Partially known environment A7. Which of these protocols use TLS to provide secure communication? (Select TWO) β A. HTTPS β B. SSH β C. FTPS β D. SNMPv2 β E. DNSSEC β F. SRTP A8. Which of these threat actors would be MOST likely to attack systems for direct financial gain? β A. Organized crime β B. Hacktivist β C. Nation state β D. Competitor A9. A security incident has occurred on a file server. Which of the following data sources should be gathered to address file storage volatility? (Select TWO) β A. Partition data β B. Kernel statistics β C. ROM data β D. Temporary file systems β E. Process table Quick Answer: 33 The Details: 43 Quick Answer: 33 The Details: 44 Quick Answer: 33 The Details: 45 Quick Answer: 33 The Details: 46 6 Practice Exam A - Questions A10. An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices? β A. IoT β B. RTOS β C. MFD β D. SoC A11. Which of the following standards provides information on privacy and managing PII? β A. ISO 31000 β B. ISO 27002 β C. ISO 27701 β D. ISO 27001 A12. Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration? β A. Create an operating system security policy to prevent the use of removable media β B. Monitor removable media usage in host-based firewall logs β C. Only allow applications that do not use removable media β D. Define a removable media block rule in the UTM Quick Answer: 33 The Details: 47 Quick Answer: 33 The Details: 48 Quick Answer: 33 The Details: 49 Practice Exam A - Questions 7 A13. A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement? β A. ISO 27701 β B. PKI β C. IaaS β D. SOAR A14. An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies: β’ Access records from all devices must be saved and archived β’ Any data access outside of normal working hours must be immediately reported β’ Data access must only occur inside of the country β’ Access logs and audit reports must be created from a single database Which of the following should be implemented by the security team to meet these requirements? (Select THREE) β A. Restrict login access by IP address and GPS location β B. Require government-issued identification during the onboarding process β C. Add additional password complexity for accounts that access data β D. Conduct monthly permission auditing β E. Consolidate all logs on a SIEM β F. Archive the encryption keys of all disabled accounts β G. Enable time-of-day restrictions on the authentication server Quick Answer: 33 The Details: 50 Quick Answer: 33 The Details: 51 8 Practice Exam A - Questions A15. Rodney, a security engineer, is viewing this record from the firewall logs: UTC 04/05/2018 03:09:15809 AV Gateway Alert 136.127.92.171 80 -> 10.16.10.14 60818 Gateway Anti-Virus Alert: XPACK.A_7854 (Trojan) blocked. Which of the following can be observed from this log information? β A. The victim's IP address is 136.127.92.171 β B. A download was blocked from a web server β C. A botnet DDoS attack was blocked β D. The Trojan was blocked, but the file was not A16. A user connects to a third-party website and receives this message: Your connection is not private. NET::ERR_CERT_INVALID Which of the following attacks would be the MOST likely reason for this message? β A. Brute force β B. DoS β C. On-path β D. Disassociation A17. Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site? β A. Federation β B. 802.1X β C. PEAP β D. EAP-FAST Quick Answer: 33 The Details: 53 Quick Answer: 33 The Details: 54 Quick Answer: 33 The Details: 55 Practice Exam A - Questions 9 A18. A system administrator, Daniel, is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. Daniel needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information? β A. MTBF β B. RTO β C. MTTR β D. MTTF A19. An attacker calls into a companyβs help desk and pretends to be the director of the companyβs manufacturing department. The attacker states that they have forgotten their password and they need to have the password reset quickly for an important meeting. What kind of attack would BEST describe this phone call? β A. Social engineering β B. Tailgating β C. Watering hole β D. On-path A20. A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The companyβs network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network teamβs requirements? β A. EAP-TLS β B. PEAP β C. EAP-TTLS β D. EAP-MSCHAPv2 Quick Answer: 33 The Details: 56 Quick Answer: 33 The Details: 57 Quick Answer: 33 The Details: 58 10 Practice Exam A - Questions A21. Which of the following would be commonly provided by a CASB? (Select TWO) β A. List of all internal Windows devices that have not installed the latest security patches β B. List of applications in use β C. Centralized log storage facility β D. List of network outages for the previous month β E. Verification of encrypted data transfers β F. VPN connectivity for remote users A22. The embedded OS in a companyβs time clock appliance is configured to reset the file system and reboot when a file system error occurs. On one of the time clocks, this file system error occurs during the startup process and causes the system to constantly reboot. Which of the following BEST describes this issue? β A. DLL injection β B. Resource exhaustion β C. Race condition β D. Weak configuration A23. A recent audit has found that existing password policies do not include any restrictions on password attempts, and users are not required to periodically change their passwords. Which of the following would correct these policy issues? (Select TWO) β A. Password complexity β B. Password expiration β C. Password history β D. Password lockout β E. Password recovery Quick Answer: 33 The Details: 59 Quick Answer: 33 The Details: 60 Quick Answer: 33 The Details: 61 Practice Exam A - Questions 11 A24. What kind of security control is associated with a login banner? β A. Preventive β B. Deterrent β C. Corrective β D. Detective β E. Compensating β F. Physical A25. A security team has been provided with a noncredentialed vulnerability scan report created by a thirdparty. Which of the following would they expect to see on this report? β A. A summary of all files with invalid group assignments β B. A list of all unpatched operating system files β C. The version of web server software in use β D. A list of local user accounts A26. A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps? β A. Communication plan β B. Continuity of operations β C. Stakeholder management β D. Tabletop exercise A27. A security administrator is concerned about data exfiltration resulting from the use of malicious phone charging stations. Which of the following would be the BEST way to protect against this threat? β A. USB data blocker β B. Personal firewall β C. MFA β D. FDE Quick Answer: 33 The Details: 62 Quick Answer: 33 The Details: 63 Quick Answer: 33 The Details: 64 Quick Answer: 33 The Details: 65 12 Practice Exam A - Questions A28. A company would like to protect the data stored on laptops used in the field. Which of the following would be the BEST choice for this requirement? β A. MAC β B. SED β C. CASB β D. SOAR A29. A file server has a full backup performed each Monday at 1 AM. Incremental backups are performed at 1 AM on Tuesday, Wednesday, Thursday, and Friday. The system administrator needs to perform a full recovery of the file server on Thursday afternoon. How many backup sets would be required to complete the recovery? β A. 2 β B. 3 β C. 4 β D. 1Welcome, Carlos! One late summer day, Carlos sat at the kitchen table. He wanted to begin his poster. He had found paper, glue, and colored markers. He had a box of family photoS. But what should I put on it? he thought. Soon, Carlos would start school in a new town, in a new country. He had just met his new school principal. "You can bring this poster on the first day of school, Carlos," his principal had said. "This will help the kids get to know you." Carlos picked photos of his family. He added one of their old home in Monterrey, Mexico. He wrote about the books, sports, and foods he liked. He carried his poster across the hall of his apartment building. He knocked on the door, and a smiling girl opened it. "Hola, Carlos!" said Maria. "Hola, Maria," said Carlos. "Do you want to see my poster? It's for the first day of school." "Oh, yes!" said Maria. Carlos spread out the poster. "This is a photo of my parents," Carlos explained. "This is our house. These are the mountains in Monterrey." "My padre works for a big solar energy company from Monterrey. They moved us to the United States to open a new factory here." "Monterrey looks beautiful, Carlos," said Maria. "It was sunny and a great place to do things outdoors," Carlos said. "Was it hard to leave your relatives?" Maria asked. "Yes, but we'll go back during the holidays to visit them," said Carlos. Maria looked at another photo. "That's my older brother, Mateo. This is my little sister, Selena," Carlos said. "My abuela will come to live with us soon, too." Maria read that Carlos liked to play baseball. "You could join our baseball team!" said Maria. "That would be fun," said Carlos. He showed Maria his best batting swing. "That's a good hit, for sure!" laughed Maria. Then Maria brought out crayons and markers. Together they colored the rest of the poster. "There's something I want to add," said Carlos. Carlos drew a picture of a smiling girl. She had long, soft hair. "Is that your friend in Monterrey?" asked Maria. "No, it's my first friend in America!" said Carlos. Grace Hopper (1906-1992): An American computer scientist and U.S. Navy rear admiral. She was a pioneer in computer programming and developed the first compiler for a computer programming language, laying the groundwork for cobol. Garrett Augustus Morgan Sr. (1877-1963): An African American inventor who patented the traffic signal and the safety hood, a precursor to the modern gas mask. Hedy Lamarr (1914-2000): An Austrian-American actress and inventor who co-invented an early technique for spread spectrum communications, a key to modern wifi and bluetooth technology. Otis Boykin (1920-1982): An African American inventor who patented over 25 electronic devices, including a control unit for the pacemaker that is widely used today. Stephanie Kwolek (1923-2014): An American chemist who invented the synthetic fiber Kevlar, which is used in bulletproof vests and other protective equipment. Gladys West (b. 1930): An African American mathematician who played a crucial role in the development of the GPS technology we use today. Shirley Ann Jackson (b. 1946): An African American physicist who was the first African American woman to receive a doctorate at MIT and her work laid the foundations for the touch-tone telephone, caller ID, and call waiting. Tu Youyou (b. 1930): A Chinese pharmaceutical chemist who discovered artemisinin, a drug therapy that has significantly reduced the mortality rates for malaria, for which she was awarded the Nobel Prize in Physiology or Medicine in 2015. Chien-Shiung Wu (1912-1997): A Chinese-American physicist who made significant contributions to the Manhattan Project and disproved the hypothetical law of conservation of parity, for which her male colleagues received the Nobel Prize (she did not). MΓ‘ria Telkes (1900-1995): A Hungarian-American biophysicist and architect dubbed the "Sun Queen" for her pioneering work in solar energy, including the development of the first solar-powered house. Percy Lavon Julian (1899-1975): An African American chemist and pioneer in the chemical synthesis of medicinal drugs from plants. Charles Ginsburg (1925-1992): An American engineer who led the team that developed the first commercial videotape recorder. Philo Farnsworth (1906-1971): An American inventor who developed an electronic television system and made major contributions to early television technology. MarΓa Montoya MartΓnez (1887-1980): A Native American (Tewa) potter from San Ildefonso Pueblo, New Mexico, who helped revive the traditional black-on-black pottery style and is considered one of the most influential Pueblo potters of the 20th century. Satya Nadella (b. 1967): An Indian-American business executive who has been the chief executive officer of Microsoft since 2014, overseeing the company's transformation into a cloud computing powerhouse. Junko Tabei (1939-2016): A Japanese mountaineer who in 1975 became the first woman to reach the summit of Mount Everest, and the first woman to ascend the Seven Summits, climbing the highest peaks on each continent. Mildred Dresselhaus (1930-2017): An American physicist and engineer, known as the "Queen of Carbon Science," who made groundbreaking contributions to the study of carbon materials like graphite and carbon nanotubes. Ellen Ochoa (b. 1958): An American engineer and former astronaut. In 1993, she became the first Hispanic woman to go to space when she flew on the Space Shuttle Discovery. FranΓ§oise BarrΓ©-Sinoussi (b. 1947): A French virologist who co-discovered HIV as the cause of AIDS, for which she was awarded the Nobel Prize in Physiology or Medicine in 2008. Esther Lederberg (1922-2006): An American microbiologist who made significant contributions to genetics and microbiology, including the discovery of the bacterial virus lambda, but whose work was often overshadowed by her husband's Nobel Prize-winning accomplishments.SolarSolar system Solar system and planetssolar EnergySolar energy and the atmosphere;