0 of 19 Questions completed
Questions:
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
0 of 19 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
| Average score |
|
| Your score |
|
Which of the zero-trust concepts are associated with the Control Plane? (Select all that apply)
Which of these are examples of internal compliance reporting? (Select all that apply)
Organize the steps of the cyber kill chain in order of priority:
View Answers:
Which of these zero-trust concepts are associated with the data plane?
Which of these are examples of external compliance reporting? (Select all that apply)
Order these defensive courses of action can be taken against an attack by priority
View Answers:
Which statement is FALSE with respect to access control lists (ACLs)?
Match these cyber kill chain phases to their respective definitions:
|
Intruder selects target, researches it, and attempts to identify vulnerabilities in the target network.
|
|
|
Intruder creates remote access malware weapon, such as a virus or worm, tailored to one or more vulnerabilities.
|
|
|
Intruder transmits weapon to target (e.g., via e-mail attachments, websites or USB drives)
|
|
|
Malware weapon’s program code triggers, which takes action on target network to exploit vulnerability.
|
|
|
Malware weapon installs an access point (e.g., “backdoor”) usable by the intruder.
|
|
|
Malware enables intruder to have “hands on the keyboard” persistent access to the target network.
|
|
|
Intruder takes action to achieve their goals, such as data exfiltration, data destruction, or encryption for ransom.
|
|
Your company has recently started adopting formal security policies to comply with several state regulations. One of the security policies states that certain hardware is vital to the organization. As part of this security policy, you must ensure that you have the required number of components plus one extra to plug into any system in case of failure. Which strategy is this policy demonstrating?
After a recent vulnerability scan, a security engineer needs to harden the routers within the corporate network. Which of the following is the most appropriate to disable?
Match the security policy or plan with its description:
|
Framework for safeguarding an organization’s sensitive information and assets
|
|
|
Deals with the resumption and recovery of business operations once the initial disruption is contained
|
|
|
Similar in scope to another plan but focused on information technology; ensures that your company is able to resume operation in a timely manner.
|
|
|
Can be part of the business continuity plan; defines who owns the resumption process
|
|
|
Created to identify the vital functions and prioritize them based on need, it includes interviews to gather information about business units and their functions
|
|
|
Created to detail how all business functions will be carried out in the event of an outage or disaster. It should address residual risks.
|
|
|
Created to ensure that injury and loss of life are minimized when an outage or disaster occurs
|
|
A security engineer is implementing FDE for all laptops in an organization. Which of the following are the most important for the engineer to consider as part of the planning process? (Choose two.)
Drag and drop the roles to their corresponding role description:
|
Sets the data classifications and approves the level of access given to personnel
|
|
|
Performs backups and permissions management and is responsible for configuring the appropriate level of access for users
|
|
|
Ensures that appropriate privacy laws are followed, and that data is protected.
|
|
|
Entity that PROCESSES the data ON BEHALF OF the Data Controller
|
|
Security controls in a data center are being reviewed to ensure data is properly protected and that human life considerations are included. Which of the following best describes how the controls should be set up?
Match data classification with its description:
|
Data that requires careful handling due to its potential to cause harm or damage if disclosed or accessed by unauthorized parties.
|
|
|
Information that is kept secret or restricted to a certain group of individuals to maintain privacy, security, or proprietary advantage.
|
|
|
Data that is freely available to anyone, often intended for widespread dissemination and consumption without restrictions
|
|
|
Information with access limited to specific authorized personnel, typically requiring authentication or clearance to ensure proper handling and protection
|
|
|
Data intended for limited access and not publicly available, often containing personal, proprietary, or sensitive information.
|
|
|
Information essential to the core functions and success of an organization, requiring the highest level of protection and access controls to prevent disruption or compromise.
|
|
A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
You have asked your assistant to configure a firewall with the following access control list (ACL).
access list outbound deny ip 0.0.0.0 0.0.0.0/0 port 23
access list outbound permit ip 192.168.5.6/32 0.0.0.0/0 port 23
access list outbound permit ip 0.0.0.0 0.0.0.0/0
What will be the effect of these commands?
After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financial Officer wanted credit card information in order to close an invoice. Which of the following topics did the user recognize from the training?
Your organization has recently adopted SD-WAN to enhance its network connectivity. The IT team is tasked with implementing security controls to safeguard the enterprise infrastructure. Given this scenario, which actions would be most effective in securing the SD-WAN deployment? (Choose two.)