100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Cybersecurity 601 Exam $12.49   Add to cart

Exam (elaborations)

Cybersecurity 601 Exam

 6 views  0 purchase
  • Course
  • Institution

Cybersecurity 601 Exam NO.6 An enterprise has hired an outside security firm to conduct penetration testing on its Network and applications. The firm has only been given the documentation available to the customers of the applications. Which of the following BEST represents the type of testing th...

[Show more]

Preview 3 out of 19  pages

  • April 5, 2024
  • 19
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
Cybersecurity 601 Exam
NO.6 An enterprise has hired an outside security firm to conduct penetration testing on its
Network and applications. The firm has only been given the documentation available to the
customers of the applications. Which of the following BEST represents the type of testing that will
occur?
A. Bug bounty
B. Black-box
C. Gray-box
D. White-box
D. White-box


NO.18 A systems administrator needs to install a new wireless network for authenticated guest
access. The wireless network should support 802. IX using the most secure encryption and protocol
available. Perform the following slops:
1. Configure the RADIUS server.
2. Configure the WiFi controller.
3. Preconfigure the client for an incoming guest. The guest AD credentials are:
User: guest01
Password: guestpass
Answer: Use the same settings as describe in below images.


NO.22 A security administrator needs to create a RAIS configuration that is focused on high read
speeds and fault tolerance. It is unlikely that multiple drivers will fail simultaneously. Which of the
following RAID configurations should the administration use?
A. RA1D 0
B. RAID1
C. RAID 5
D. RAID 10
C. RAID 5


NO.24 During an incident response, a security analyst observes the following log entry on the web
server. Which of the following BEST describes the type of attack the analyst is experience?
A. SQL injection
B. Cross-site scripting
C. Pass-the-hash
D. Directory traversal
Directory traversal


NO.30 A security analyst receives a SIEM alert that someone logged in to the appadmin test account,
which is only used for the early detection of attacks. The security analyst then reviews the following
application log: Which of the following can the security analyst conclude?
A. A replay attack is being conducted against the application.
B. An injection attack is being conducted against a user authentication system.
C. A service account password may have been changed, resulting in continuous failed logins within the
application.
D. A credentialed vulnerability scanner attack is testing several CVEs against the application.
A service account password may have been changed, resulting in continuous failed logins within the
application.


NO.35 Which of the following represents a biometric FRR?

,A. Authorized users being denied access
B. Users failing to enter the correct PIN
C. The denied and authorized numbers being equal
D. The number of unauthorized users being granted access
A. Authorized users being denied access


developers are writing code and merging it into shared repositories several times a day, where it is
tested automatically. Which of the following concepts does this BEST represent?
A. Functional testing
B. Stored procedures
C. Elasticity
D. Continuous integration
D. Continuous integration


The SIEM at an organization has detected suspicious traffic coming a workstation in its internal
network. An analyst in the SOC the workstation and discovers malware that is associated with a
botnet is installed on the device A review of the logs on the workstation reveals that the privileges of
the local account were escalated to a local administrator. To which of the following groups should the
analyst report this real-world event?
A. The NOC team
B. The vulnerability management team
C. The CIRT
D. The read team
A. The NOC team


NO.48 Several employees return to work the day after attending an industry trade show. That same
day, the security manager notices several malware alerts coming from each of the employee's
workstations. The security manager investigates but finds no signs of an attack on the perimeter
firewall or the NIDS. Which of the following is MOST likely causing the malware alerts?
A. A worm that has propagated itself across the intranet, which was initiated by presentation media
B. A fileless virus that is contained on a vCard that is attempting to execute an attack
C. A Trojan that has passed through and executed malicious code on the hosts
D. A USB flash drive that is trying to run malicious code but is being blocked by the host firewall
A. A worm that has propagated itself across the intranet, which was initiated by presentation media


56 Which of the following would BEST identify and remediate a data-loss event in an enterprise using
third-party, web-based services and file-sharing platforms?
A. SIEM
B. CASB
C. UTM
D. DLP
D. DLP


NO.68 An attacker is trying to gain access by installing malware on a website that is known to be
visited by the target victims. Which of the following is the attacker MOST likely attempting?
A. A spear-phishing attack
B. A watering-hole attack
C. Typo squatting
D. A phishing attack
B. A watering-hole attack

, NO.69 A desktop support technician recently installed a new document-scanning software program
on a computer However, when the end user tried to launch the program, it did not respond. Which of
the following is MOST likely the cause?
A. A new firewall rule is needed to access the application.
B. The system was quarantined for missing software updates
C. The software was not added to the application whitelist.
D. The system was isolated from the network due to infected software.
C. The software was not added to the application whitelist.


NO.71 A company just developed a new web application for a government agency. The application
must be assessed and authorized prior to being deployed. Which of the following is required to assess
the vulnerabilities resident in the application?
A. Repository transaction logs
B. Common Vulnerabilities and Exposures
C.Static code analysis
D. non-credentialed scans
C. Static code analysis


NO.80 A company recently experienced an attack during which its main website was directed to the
attacker's web server, allowing the attacker to harvest credentials from unsuspecting customers.
Which of the following should the company implement to prevent this type of attack occurring in the
future?
A. IPSec
B. SSL/TLS
C. DNSSEC
D. S/MIME
A. IPSec


NO.83 The spread of misinformation surrounding the outbreak of a novel virus on election day ted to
eligible voters choosing not to take the risk of going to the polls This is an example of: A. prepending.
B. an influence campaign
C. a watering-hole attack
D. intimidation
E. information elicitation
D. intimidation


NO.85 Which of the following terms should be included in a contract to help a company monitor the
ongoing security maturity of a new vendor?
A. A right-to-audit clause allowing for annual security audits
B. Requirements for event logs to be kept for a minimum of 30 days
C. Integration of threat intelligence in the company's AV
D. A data-breach clause requiring disclosure of significant data loss
A. A right-to-audit clause allowing for annual security audits


NO.92 The new Chief Executive Officer (CEO) of a large company has announced a partnership with a
vendor that will provide multiple collaboration applications t make remote work easier. The company
has a geographically dispersed staff located in numerous remote offices in different countries. The
company's IT administrators are concerned about network traffic and load if all users simultaneously
download the application. Which of the following would work BEST to allow each geographic region
to download the software without negatively impacting the corporate network?
A. Update the host IDS rules.
B. Enable application whitelisting.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller LectAziim. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $12.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

78252 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$12.49
  • (0)
  Add to cart