CMIT 320 Final Exam
a binary file format found mainly in Java environments - ANS-DER
A company configures workstations only to run software on an approved list. What is
this an example of? - ANS-allow listing
A company decides to invest in embedded systems to improve security by limiting the
number of components used in various critical and sensitive systems. Which of the
following would make it more difficult to justify embedded systems in certain cases?
This task contains the radio buttons and checkboxes for options. Press the enter key to
select the option. option A - ANS-the wireless networking range
a format for sharing and archiving certificates without the private key - ANS-P7B
a framework for enterprise risk management - ANS-31000
a knowledge base of adversary techniques presented as a matrix for enterprise -
ANS-mitre att&ck
a linear seven step attack model that defenders use to interrupt the steps and stop the
attack - ANS-cyber kill chain
A manufacturer that relies on purchasing various components for the fabrication of their
finished products made the decision to work only with suppliers that use a particular
blockchain solution to track individual items along the supply chain. What is the key
feature of a private blockchain that assures the manufacturer that the status
transformation of any given component along its journey cannot be forged or corrupted,
ensuring all status updates are verified accurately? - ANS-the public ledger
A network technician has been asked to troubleshoot recently observed performance
issues as well as the root cause of new alerts regarding network traffic anomalies.
Which monitoring tool should the technician choose first to troubleshoot both problems?
- ANS-bandwidth monitor
A secure records room installed a new iris scanner, chosen for its low crossover error
rate. What does that mean it has? - ANS-Low FRR (false rejection rate) & low FAR
(false acceptance rate)
,A security program alerts you of a failed login attempt to a secure system. On
investigation, you learn the system's regular user accidentally had caps lock turned on.
What kind of alert was it? - ANS-false positive
A user complains that after entering a URL into a browser, what appeared to be the
correct page is displayed in the browser. However, after clicking a few links on the page,
it became obvious that the site the user arrived at was not the correct site, but instead a
malicious copy of the site the user intended to visit. Which of the following attacks did
the user most likely fall prey to? - ANS-typosquatting
A user complains that every time they open their Internet browser, it no longer goes to
their preferred home page, and advertisements pop up in dialog boxes that they have to
close. What is the likely cause? - ANS-spyware
a very popular Base-64 ASCII-encoded file format - ANS-PEM
ACLs that are secure by default are based on which assumption? - ANS-implicit deny
After a security incident, you rush to take a screenshot of a telltale running process
before you leisurely take a backup of suspicious files on the hard drive. What forensic
principle are you exercising? - ANS-Order of Volatility
After finishing a full antimalware scan on all drives in a server, a technician is convinced
an infection of some sort persists. Which of the following malware variants would have
evaded the scan that was performed? - ANS-fileless virus
After having trouble navigating to a webpage on the Internet, resulting in a privacy error,
you inspect the site's certificate and notice the chain of certificates contains three
nodes, one being the leaf certificate of the site you are attempting to reach. You inspect
the root certificate and find that your operating system stores an exact match for it
locally and, therefore, it and your browser trust it explicitly. Which of the following
actions might solve the problem you are facing? - ANS-install the certificate of the
intermediate CA
Also known as after-action meetings and reports, what alternate name for these bears
evidence to the importance of discussing and documenting the outcome of an incident
response-team activation? - ANS-lessons learned
Among the options listed, which mitigation technique is known most for increasing
security at the expense of flexibility? - ANS-whitelisting
, An administrator has created two EC2 instances in an AWS VPC. Noticing that the
default behavior of the instances is to allow full communication between them, the
administrator investigates ways to control their interaction with one another. What option
best supports the interests of the administrator? - ANS-Using non-standard security
groups
An administrator sets up a new virtualization server with virtual machines intended to
run instances of a web-based application while following secure configuration guides
from CIS for the operating system, hypervisor, webserver, and application server. What
can the administrator use to confirm that all efforts to secure these components were
successful or to find out what steps are recommended to bridge any gaps that might
exist? - ANS-a benchmark
An attack on your web application began with a long string of numbers sent to a field
that's only supposed to hold a four-digit variable. What kind of attack was it? -
ANS-buffer overflow
An attacker with a fraudulent certificate for your bank is planning to intercept your
transactions in an on-path (MitM) attack. The certificate hasn't been revoked yet, but
what technology could still let you know something is wrong? - ANS-key pinning
An enterprise cloud administrator needs to create a trust boundary between two
compute instances in the same default security group and on the same IPv4 subnet
within an AWS virtual private cloud (VPC). What would be an effective solution to the
administrator's needs? - ANS-Place the instances in separate subnets and use a
network firewall between the subnets.
arduino - ANS-an embedded microcontroller
Bob Smith received an email delivered to his enterprise email account. The email
stressed the importance for Bob to verify the balance in his bank account and offered a
link to do so. Bob hovered his mouse cursor over the link and observed a popup tag
containing a URL ending in a domain that was not related to his bank. All of the logos in
the email were legitimate icons for his bank. What kind of attack is Bob likely the victim
of? - ANS-phishing
Bollards have recently been installed as a corrective control right outside your corporate
office building. Under which category or type of control do bollards fall? - ANS-physical
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller modockochieng06. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for £6.37. You're not tied to anything after your purchase.