Exam (elaborations)
March 2023, September, August, and July (2022) (1
- Course
- Institution
March 2023, September, August, and July (2022) (1
[Show more]
Seller
Follow
modockochieng06
Content preview
March 2023, September, August, and July (2022)Which of the following would best describe an OT DoS? - ANS-OT is operational Technology,
power failure, hardware.
A security professional has received documentation containing a common vulnerabilities and
exposures number. Which of the following would best describe this number? - ANS-Vulnerability
feed, (well it's said vulnerability in the question), reactive notification that a vulnerability has
been found. Third-party feed
A company is using a cloud-based service to provide centralized authentication for all of their
users. Which of the following would BEST describe this service? - ANS-IdP (identity provider),
centralized authenticating service using SAML, OAuth, OpenID Connect,
(CA: certificate authority, COPE: corporate-owned personally enabled, ALE: annualized loss
expectancy, SED: self-encrypted drive)
An attacker has captured all traffic from a switch without using a tap or on-path technique.
Which of the following would allow the attacker access to this data? - ANS-MAC flooding: attack
the switch by flood the switch with fake MAC addresses that the switch becomes a hub that
forward all data to every device including the hackers'
DLP - ANS-Data Loss Prevention (network security measure); application techniques and
solutions not just a concept; block private information from traversing the network; alert and stop
data from going out to the network.
Proxy server vs. jump server - ANS--Proxy servers perform web server requests on behalf of a
client (secure network appliances to protect the client in the networks)
vs.
-A server that allow access a secure network zone from an insecure network, (network
appliance), VPN connection to the jump server, a jump server is hardened because it allows
access to a private network so it only allows authorized users to connect to.
Sensor - ANS-a device that create performance statistics from a network link, gather data in the
network, monitor
NGFW - ANS-Next Generation Firewall, block all unwanted application traffic flows, can
recognize an application (differ from older firewall which block ports)
vulnerability scanner - ANS-Identify known vulnerabilities on a server
HSM - ANS-Hardware security module. Store encryption keys in a secure appliance
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
75759 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now