SANS SEC530 Complete Questions And Answers With Verified Updates
2 keer bekeken 0 keer verkocht
Vak
SANS SEC530
Instelling
SANS SEC530
SANS SEC530 Complete Questions And Answers With Verified Updates
Which of the following is a recommended USB keyboard mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D)...
sans sec530 complete questions and answers with ve
sans sec530 complete questions
which of the following is a recommended usb keyboa
Geschreven voor
SANS SEC530
SANS SEC530
Verkoper
Volgen
Labtech
Ontvangen beoordelingen
Voorbeeld van de inhoud
SANS SEC530 Complete Questions And Answers With
Verified Updates
Which of the following is a recommended USB keyboard mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D) Restrict USB devices with approved user accounts. ANS C) Block the USB devices
physically.
Which of the following Cisco IOS commands is used to shut the port down automatically when the
maximum number of MAC addresses is exceeded?
A) switchport port-security violation shutdown
B) switchport port-security limit rate source-mac-shutdown
C) switchport port-security violation auto-shutdown
D) switchport port-security mac-exceed-port-shutdown ANS A) switchport port-security
violation shutdown
What is a common failing associated with focusing only on compliance-drive security?
A) Compliance-driven security tends to focus only on hardening internal systems.
B) Compliance-driven security tends to focus only on hardening the perimeter.
C) Compliance-driven security tends to be costly in terms of solutions and resources.
D) Compliance-driven security tends to fail in the face of a persistent adversary. ANS D)
Compliance-driven security tends to fail in the face of a persistent adversary.
Which of the following is described by Lockheed Martin as a countermeasure action to the Kill
Chain?
,A) Disrupt
B) Prevent
C) React
D) Remove ANS A) Disrupt
What is an easy to implement and effective control an organization can leverage to make pivoting
more difficult for an attacker?
A) WPA2
B) P2P patching
C) Private VLAN
D) VPN ANS C) Private VLAN
Which type of private VLAN ports may only communicate with promiscuous ports?
A) Isolated
B) Promiscuous
C) Network
D) Community ANS A) Isolated
Which of the following wireless standards supports up to 1300 Mbps?
A) 802.11b
B) 802.11ac
C) 802.11n
D) 802.11w ANS B) 802.11ac
In which phase of the security architecture design lifecycle is threat modeling and attack surface
analysis conducted?
,A) Scan
B) Discover and Assess
C) Plan
D) Design ANS C) Plan
Which of the following is the best practice to mitigate against the Cisco Discovery Protocol (CDP)
information leakage attack?
A) Disable the CDP unless expressly required.
B) No mitigations are needed since CDP is secure by default.
C) Schedule the CDP patch regularly.
D) Enable the SECDP feature in the CDP to secure the CDP. ANS A) Disable the CDP unless
expressly required.
Which of the following prevents physical access to the network when plugging in an unauthorized
device?
A) MAC address filtering
B) Packet filtering firewall
C) Background checks
D) Two-factor authentication ANS A) MAC address filtering
What would be one of the first steps for a security architect when building or redesigning a security
architecture to secure an organization?
A) Remove unnecessary egress traffic
B) Perform a perimeter pen test
C) Deploy patches to external systems
D) Identify critical assets ANS D) Identify critical assets
, Which of the following is a method of detecting a BYOAP problem on a network?
A) Multiple VPN connections from the internal network.
B) Multiple URL requests from the same source IP.
C) Multiple SSIDs in the area.
D) Multiple user agent strings from the same IP address. ANS D) Multiple user agent strings
from the same IP address.
What could be implemented to mitigate the risk of one client pivoting to another on the same
network?
A) Host-based antipivot
B) Next-gen antivirus
C) NAC controls
D) Private VLANs ANS D) Private VLANs
What is the term used for when the red team is working together with the blue team through
simulation of specific threat scenarios?
A) Purple teaming
B) Black-hat teaming
C) Defensive teaming
D) Multi-front teaming ANS A) Purple teaming
When discussing Prevention (P), Detection (D), and Response (R) in a time-based security model,
which of the following must be true to achieve a possible effective security?
A) P<D+R
B) P=D+R
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Labtech. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €14,57. Je zit daarna nergens aan vast.
