Miscellaneous Questions You Should Probably Know

Fill in the blank.

Match the RAID Level with its description.

A company is implementing a new software system. To ensure a smooth transition, they need to involve various individuals and groups who have a stake in the outcome. What is the primary role of these stakeholders in the change management process?

A company is migrating its infrastructure to a cloud service provider. The company wants to ensure that the CSP has adequate security measures in place to protect this data. Which of the following documents would best outline the security responsibilities of both the company and the CSP?

A security analyst discovers a text file on a compromised system containing a list of usernames and passwords. The company was hit by a successful phishing campaign. Which of the following attack types best describes the scenario?

An expense report web app lets attackers inject malicious scripts into a form field. These scripts steal credit card information from other users’ submissions? What type of vulnerability is most likely being exploited by this attack?

Amanda is beginning a penetration test against a client and would like to begin with passive reconnaissance. Which one of the following tools may be used for passive reconnaissance?

Within the context of Autopsy’s capabilities, which of the following features is not part of its built-in offerings?

Having collected evidence from a diverse range of sources, Amanda has noticed possible synchronization issues with the clocks on the systems involved; What should she do next to ensure the accuracy of her findings?

When upgrading a critical file server, what RAID level should the systems administrator select to ensure both parity and the capability to handle 2 simultaneous disk failures?

What fundamental role does STIX play in enhancing the sharing of cyber threat information among organizations and security professionals?

While working in a Linux environment, a cyber threat intelligence analyst capture utilizes a command with the below flags:

-i eth0 -r output.pcap

What is the most notable risk or downsides of employing journaling as part of a backup restoration strategy?

Which backup strategy should the company adopt to achieve the fastest restoration time for its database during a failure while also taking into account the constraints of limited available storage space and the requirements for a down-time of no more than 4 hours?

How many passwords how many previous passwords do cybersecurity experts recommend storing in a password history to adequately prevent users from reusing old passwords?

What importance does the risk threshold hold within a risk register and how does it return the organization’s approach to managing and mitigating risk?

Bob is in the process of designing a remote access VPN intended for employees who frequently travel to customer locations for sales calls. His main goal is to enable these employees to access the VPN without necessitating any reconfiguration of the customer’s network. Which of the following solutions would best fulfill Bob’s requirements?

Which of the following options would be the most effective in identifying and addressing a data-loss event within an enterprise that utilizes third-party web-based services and
file-sharing platforms?