CMIT 382 FINAL EXAM LATEST 2023 REAL EXAM 2
LATEST VERSIONS QUESTIONS AND CORRECT
ANSWERS|AGRADE
what connection type is very similar to bluetooth but used by more specialized
devices, such as sensors and fitness trackers - ANSWER: ANT (Adaptive Network
Technology)
What would you recommend to a team member who is interested in additional
sources of information to assist with refining their own understanding of the current
attack surface of the organization? - ANSWER: Output from the latest configuration
review, vulnerability scanning, and penetration tests
A user complains that after entering a URL into a browser, what appeared to be the
correct page is displayed in the browser. However, after clicking a few links on the
page, it became obvious that the site the user arrived at was not the correct site, but
instead a malicious copy of the site the user intended to visit. Which of the following
attacks did the user most likely fall prey to? - ANSWER: typosquatting
An enterprise cloud administrator needs to create a trust boundary between two
compute instances in the same default security group and on the same IPv4 subnet
within an AWS virtual private cloud (VPC). What would be an effective solution to
the administrator's needs? - ANSWER: Place the instances in separate subnets and
use a network firewall between the subnets.
You've taken up a contract helping to upgrade the existing industrial control network
for an oil refinery. What network type should you expect to work with? - ANSWER:
DCS
Which of the following is a risk to cloud services that is not a risk to on-premises
services? - ANSWER: Your data may be threatened by attacks launched on the data
of others.
Which of the following factors has no effect on chain of custody, with regard to
digital evidence that is presented to the court? - ANSWER: Documentation of the
presiding judge and opposing counsel
On a subnet with limited physical security, you're worried about ARP poisoning and
DHCP spoofing attacks. What switch feature could help prevent both? - ANSWER:
802.1AE/MACsec
Your company is developing a custom web app for the sales team. It should be able
to access a list of Salesforce contacts, but for security reasons, the app shouldn't be
able to access the actual Salesforce account. What standard would allow this? -
ANSWER: OAuth
,Uses an authenticator to block communications between unauthorized users or
workstations and the local network
Requires the use of EAP and an authentication server - ANSWER: 802.1X
Centrally secures access to server resources deployed within or across a non-secure
network - ANSWER: Kerberos
Restricts access to a LAN via a WAN link - ANSWER: Point to Point Protocol (PPP) with
Challenge Handshake Authentication Protocol (CHAP)
a framework for enterprise risk management - ANSWER: 31000
focuses on personal data and privacy - ANSWER: 27701
defines the various security controls in greater detail - ANSWER: 27002
details the steps to implement a compliant ISMS - ANSWER: 27001
what area of compliance requirements is part of all of the following regulations
HIPAA
PCI DSS
SOX
GLBA
FISMA - ANSWER: log retention
describes attacks as the pivoting interactions among adversaries, victims,
capabilities, and infrastructure - ANSWER: The Diamond Model of Intrusion Analysis
a knowledge base of adversary techniques presented as a matrix for enterprise -
ANSWER: mitre att&ck
a linear seven step attack model that defenders use to interrupt the steps and stop
the attack - ANSWER: cyber kill chain
After a security incident, you rush to take a screenshot of a telltale running process
before you leisurely take a backup of suspicious files on the hard drive. What
forensic principle are you exercising? - ANSWER: Order of Volatility
Which of the following are forms of cybersecurity resilience that help to ensure fault
tolerance or recoverability of services in the case of an outage? - ANSWER: A diesel
generator
NIC teaming
Geographically dispersed data centers
Which organization offers freely accessible top-ten lists and cheat sheets in the field
of secure development of web applications? - ANSWER: OWASP
, What is the difference between a bluejacking and a bluesnarfing attack? - ANSWER:
Bluesnarfing involves data compromise.
In the area of threat hunting, what is meant by intelligence fusion? - ANSWER:
Gathering intelligence from multiple sources to feed advanced analytics
Upon browsing the website shop.javatucana.com, which your company uses
regularly in the normal course of business, you are greeted by a privacy error that
states, "Your connection is not private." After confirming that your own computer's
date and time are correct, you positively verify the following details:
The valid-date range of the web server's certificate is current.
The certificate's chain of trust is valid, which includes the fact that your computer
trusts the root CA's certificate
The certificate's Subject Alternative Name field contains javatucana.com.
You accurately entered shop.javatucana.com in the web browser.
Given your inability to explain the privacy error based on your investigation of these
factors, what could be the cause for the error? - ANSWER: The web server's
certificate is on the CRL.
There are no wildcards in the web server's certificate.
What technology uses the TPM to store hashes of signed boot files for comparison
the next time the system boots and for export in a quote for remote attestation? -
ANSWER: measured boot
After having trouble navigating to a webpage on the Internet, resulting in a privacy
error, you inspect the site's certificate and notice the chain of certificates contains
three nodes, one being the leaf certificate of the site you are attempting to reach.
You inspect the root certificate and find that your operating system stores an exact
match for it locally and, therefore, it and your browser trust it explicitly. Which of the
following actions might solve the problem you are facing? - ANSWER: install the
certificate of the intermediate CA
Which solution allows separation of resources down to the application level if
necessary? - ANSWER: containers
What's one of the best ways to reduce the threat associated with dead code? -
ANSWER: implementing version control
An attacker with a fraudulent certificate for your bank is planning to intercept your
transactions in an on-path (MitM) attack. The certificate hasn't been revoked yet,
but what technology could still let you know something is wrong? - ANSWER: key
pinning
What kind of security training is most important for a company executive? -
ANSWER: Overall awareness of the organization's assets and threats to them
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper morrismuriithi009. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €17,20. Je zit daarna nergens aan vast.