CNL_CH_1

3回閲覧 • 185問 • 2年前

問題一覧

After returning from a conference, a user's laptop has been operating slower than normal and overheating and the fans have been running constantly During the diagnosis process, an unknown piece of hardware is found connected to the laptop's motherboard. Which of the following attack vectors was exploited to install the hardware?

Removable media

Physical access to the organization's servers in the data center requires entry and exit through multiple access points: a lobby, an access control vestibule, three doors leading to the server floor itself and eventually to a caged area solely for the organization's hardware. Which of the following controls is described in this scenario?

Preventive

Which of the following control Types would be BEST to use in an accounting department to reduce losses from fraudulent transactions?

Detective

Which of the following control types is focused primarily on reducing risk before an incident occurs?

Preventive

Which of the following control types is patch management classified under?

Corrective

A security analyst is tasked with classifying data to be stored on company servers. Which of the following should be classified as proprietary?

. Marketing strategies

An organization implemented a process that compares the settings currently configured on systems against secure configuration guidelines in order to identify any gaps. Which of the following control types has the organization implemented?

Detective

A company is focused on reducing risks from removable media threats. Due to certain primary applications, removable media cannot be entirely prohibited at this time. Which of the following best describes the company's approach?

Mitigating controls

Which of the following documents provides expectations at a technical level for quality, availability, and responsibilities?

SLA

Which of the following is an example of transference of risk?

Purchasing insurance

An organization has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five- year cost of the insurance policy. The organization is enabling risk;

transference

A security team is conducting a security review of a hosted data provider. The management team has asked the hosted data provider to share proof that customer data is being appropriately protected. Which of the following would provide the best proof that customer data is being protected?

SOC2

Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

Dark web

Which of the following risk management strategies would an organization use to maintain a legacy system with known risks for operational purposes?

Acceptance

The Chief Compliance Officer from a bank has approved a background check policy for all new hires Which of the following is the policy MOST likely protecting against?

Hiring an employee who has been convicted of theft to adhere to industry compliance

An IT manager is estimating the mobile device budget for the upcoming year Over the last five years, the number of devices that were replaced due to loss damage or theft steadily increased by 10%. Which of the following would BEST describe the estimated number of devices to be replaced next year?

ARO

A security analyst is designing the appropriate controls to limit unauthorized access to a physical site. The analyst has a directive to utilize the lowest possible budget Which of the following would BEST meet the requirements?

Deterrent controls

A routine audit of medical billing claims revealed that several claims were submitted without the subscriber's knowledge. A review of the audit logs for the medical billing company's system indicated a company employee downloaded customer records and adjusted the direct deposit information to a personal bank account. Which of the following does this action describe?

Insider threat

Which of the following terms describes a broad range of information that is sensitive to a specific organization?

Proprietary

Which of the following would most likely include language prohibiting end users from accessing personal email from a company device?

AUP

Which of the following organizations sets frameworks and controls for optimal security configuration on systems?

NIST

Two organizations plan to collaborate on the evaluation of new SIEM solutions for their respective companies. A combined effort from both organizations' SOC teams would speed up the effort. Which of the following can be written to document this agreement?

MOU

A technician enables full disk encryption on a laptop that will be taken on a business trip. Which of the following does this process BEST protect?

Data at rest

The board of doctors at a company contracted with an insurance firm to limit the organization’s liability. Which of the following risk management practices does this BEST describe?

Transference

Which of the following is a benefit of including a risk management framework into an organization's security approach?

It incorporates control, development, policy, and management activities into IT operations.

A company is auditing the manner in which its European customers' personal information is handled. Which of the following should the company consult?

GDPR

Two hospitals merged into a single organization. The privacy officer requested a review of all records to ensure encryption was used during record storage, in compliance with regulations. During the review, the officer discovered that medical diagnosis codes and patient names were left unsecured. Which of the following types of data does this combination BEST represent?

Personal health information

An organization recently completed a security control assessment The organization determined some controls did not meet the existing security measures. Additional mitigations are needed to lessen the risk of the non- compliant controls. Which of the following best describes these mitigations?

Compensating

Which of the following is an example of risk avoidance?

Not installing new software to prevent compatibility errors

A company policy requires third-party suppliers to self-report data breaches within a specific time frame. Which of the following third-party risk management policies is the company complying with?

SLA

Which of the following documents provides guidance regarding the recommended deployment of network security systems from the manufacturer?

Reference architecture

A major political party experienced a server breach. The hacker then publicly posted stolen internal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors?

State actors

Which of the following should a Chief Information Security Officer consider using to take advantage of industry standard guidelines?

NIST CSF

Which of the following measures the average time that equipment will operate before it breaks?

MTBF

A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?

Lack of vendor support

Which of the following control types is patch management classified under?

Corrective

Which of the following best describes a tool used by an organization to identify, log, and track any potential risks and corresponding risk information?

Risk register

Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?

AUP

A company discovered that terabytes of data have been exfiltrated over the past year after an employee clicked on an email link. The threat continued to evolve and remain undetected until a security analyst noticed an abnormal amount of external connections when the employee was not working. Which of the following is the MOST likely threat actor?

APT

The president of a regional bank likes to frequently provide SOC tours to potential investors. Which of the following policies BEST reduces the risk of malicious activity occurring after a tour?

Clean desk

Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?

AUP

Which of the following is a policy that provides a greater depth of knowledge across an organization?

Job Rotation policy

Users are presented with a banner upon each login to a workstation. The banner mentions that users are not entitled to any reasonable expectation of privacy and access is for authorized personnel only. In order to proceed past that banner. users must click the OK button. Which of the following is this an example of?

AUP

A company's security team received notice of a critical vulnerability affecting a high-profile device within the web infrastructure. The vendor patch was just made available online but has not yet been regression tested in development environments. In the interim, firewall rules were implemented to reduce the access to the interface affected by the vulnerability. Which of the following controls does this scenario describe?

Compensating

Which of the following explains why RTO is included in a BIA?

It identifies the amount of allowable downtime for an application or system,

After a recent external audit, the compliance team provided a list of several non- compliant, in-scope hosts that were not encrypting cardholder data at rest, Which of the following compliance frameworks would address the compliance team's GREATEST concern?

PCI DSS

A security analyst has been tasked with finding the maximum amount of data loss that can occur before ongoing business operations would be impacted. Which of the following terms BEST defines this metric?

RPO

An attacker has determined the best way to impact operations is to infiltrate third- party software vendors. Which of the following vectors is being exploited?

Supply chain

Which of the following controls is used to make an organization initially aware of a data compromise?

Detective

A vulnerability has been discovered and a known patch to address the vulnerability does not exist. Which of the following controls works BEST until a proper fix is released?

Compensating

Which of the following control types fixes a previously identified issue and mitigates a risk?

Corrective

A company recently set up an e-commerce portal to sell its product online. The company wants to start accepting credit cards for payment, which requires compliance with a security standard. Which of the following standards must the company comply with before accepting credit cards on its e-commerce platform?

PCI DSS

A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers the company is unable to upgrade the encryption standard. Which of the following types of controls should be used to reduce the risk created by this scenario?

Compensating

A company posts a sign indicating its server room is . Which of the following control types is represented?

Deterrent

Which of the following threat actors is MOST likely to be motivated by ideology?

Hacktivist

A social media company based in North America is looking to expand into new global markets and needs to maintain compliance with international standards With which of the following is the company's data protection officer MOST likely concerned''

ISO 27001

Which of the following secure coding techniques makes compromised code more difficult for hackers to use?

Obfuscation

Which of the following would a security analyst use to determine if other companies in the same sector have seen similar malicious activity against their systems?

Threat feeds

A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?

Offboarding

Which of the following describes business units that purchase and implement scripting software without approval from an organization's technology Support staff?

Shadow IT

A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers?

A capture-the-flag competition

When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

Transference

A preventive control differs from a compensating control in that a preventive control is:

designed to specifically mitigate a risk.

A security team discovered a large number of company-issued devices with non-work-related software installed. Which of the following policies would most likely contain language that would prohibit this activity?

AUP

An audit Identified Pll being utilized In the development environment of a critical application. The Chief Privacy Officer (CPO) Is adamant that this data must be removed; however, the developers are concerned that without real data they cannot perform functionality tests and search for specific data. Which of the following should a security professional implement to BEST satisfy both the CPO's and the development team's requirements?

Data masking

A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?

Detective

A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?

Detective

A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers, the company is unable to upgrade the encryption standard. Which of the following types of controls should be used to reduce the risk created by this scenario?

Compensating

The following is an administrative control that would be MOST effective to reduce the occurrence of malware execution?

Security awareness training

Which of the following can be used to calculate the total loss expected per year due to a threat targeting an Asset?

SLE x ARO

A company has a "right to forgotten" request to legally comply, the company must remove data related to the requester from its systems. Which Of the following Companies most likely complying with?

GDPR

A financial institution recently joined a bug bounty program to identify security issues in the institution's new public platform. Which of the following best describes who the institution is working with to identify security Issues?

Authorized hacker

Which of the following control types is focused primarily on reducing risk before an incident occurs?

Preventive

Which of the following control types would be BEST to use to identify violations and incidents?

A.Detective

A security personnel is tasked with restricting access to a military site. He has a directive to use the possible lowest budget. Which one of the following would be best?

Deterrent

Security analyst (or technician) has to implement a control in a cost effective way (with low budget) in order to limit unauthorized access physically?

Deterrent

Which of the following provides a catalog of security and privacy controls related to the United States federal information systems?

NIST 800-53

A company's Chief Information Security Officer (CISO) recently warned the security manager that the company’s Chief Executive Officer (CEO) is planning to publish a controversial option article in a national newspaper, which may result in new cyberattacks. Which of the following would be BEST for the security manager to use in a threat mode?

Hacktivists

The IT department at a university is concerned about professors placing servers on the university network in an attempt to bypass security controls. Which of the following BEST represents this type of threat?

Shadow IT

A public relations team will be taking a group of guests on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboards are cleaned and all desks are cleared. The company is MOST likely trying to protect against.

Loss of proprietary information (clean desk policy)

Which of the following refers to applications and systems that are used within an organization without consent or approval?

Shadow IT

A Chief Executive Officer's (CEO) personal information was stolen in a social engineering attack. Which of the following sources would reveal if the CEO's personal information is for sale?

The dark web

An organization just experienced a major cyber attack incident. The attack was well coordinated, sophisticated and highly skilled. Which of the following targeted the organization?

An advanced persistent threat

A security analyst is concerned about traffic initiated to the dark web from the corporate LAN. Which of the following networks should the analyst monitor?

TOR

The database administration team is requesting guidance for a secure solution that will ensure confidentiality of cardholder data at rest only in certain fields in the database schema. The requirement is to substitute a sensitive data field with a non-sensitive field that is rendered useless if a data breach occurs. Which of the following is the BEST solution to meet the requirement?

Tokenization

A security monitoring company offers a service that alerts ifs customers if their credit cards have been stolen. Which of the following is the MOST likely source of this information?

The dark web

Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?

Dark web

A security practitioner is performing due diligence on a vendor that is being considered for cloud services.Which of the following should the practitioner consult for the best insight into the current security posture of the vendor?

SOC 2 report

A security analyst needs to find real-time data on the latest malware and locs which of the following best describe the solution the analyst should pursue?Threat feeds

Threat feeds

PCI DSS

Which of the following would be BEST for a technician to review to determine the total risk an organization can bear when assessing a "cloud-first" adoption strategy?

Risk appetite

A multinational organization that offers web-based services has datacenters that are located only in the United States; however, a large number of its customers are in Australia, Europe, and China. Payments for services are managed by a third party in the United Kingdom that specializes in payment gateways. The management team is concerned the organization is not compliant with privacy laws that cover some of its customers. Which of the following frameworks should the management team follow?

General Data Protection Regulation

After consulting with the Chief Risk Officer (CRO), a manager decides to acquire cybersecurity insurance for the company. Which of the following risk management strategies is the manager adopting?

Risk transference

Which of the following serves to warn users against downloading and installing pirated software on company devices?

AUP (Acceptable Use Policy)

In which of the following risk management strategies would cybersecurity insurance be used?

Transference

Which of the following are requirements that must be configured for PCI DSS compliance? (Select TWO) A. Testing security systems and processes regularly B. Installing and maintaining a web proxy to protect cardholder data C. Assigning a unique ID to each person with computer access D. Encrypting transmission of cardholder data across private networks E. Benchmarking security awareness training for contractors F. Using vendor-supplied default passwords for system passwords

Testing security systems and processes regularly, Assigning a unique ID to each person with computer access

Transference

Which of the following is the MOST likely motivation for a script kiddie threat actor?

Notoriety - (Söhret)

Which of the following scenarios BEST describes a risk reduction technique?

A security control objective cannot be met through a technical change, so the company implements a policy to train users on a more secure method of operation

100

Which of the following is the purpose of a risk register?

To identify the risk, the risk owner, and the risk measures

CNL_CH_2

Son Cagrı · 109問 · 2年前

CNL_CH_2