Pen used to do a practice exam.

Domain 3 Quiz

Domain 3 Quiz

  1. Decide where things go. On the real test you will drag them and they snap into place.
    Physical security map
  2. Management wants to use a security framework that is designed to bridge the gap between management and technical groups in order to quantitatively analyze and control risk, focusing on identifying the maturity of processes and establishing sound metrics. What do you recommend?
    1. ISO 27001 and 27002
    2. NIST SP 800-37 RMF
    3. COBIT
    4. COVID
  3. Which of these can you put in a boot script to prevent MitM?
    1. nmap -sS -sV -T5 192.168.12.72
    2. arp -s 00:13:3B:12:6f:aa 192.168.12.72
    3. tcpdump -i eth0 host 192.168.12.72 or ether host 00:13:3b:12:6f:aa
    4. netstat -an
    5. ping 192.168.12.72
  4. You are examining records from a busy server that is critical to your organization's financial well-being. You find this:
    LAST WEEK:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	d6328ceea77c930e853da08b494c71ad2f8f9b47
    /etc/passwd:		02f727aaabab9c2963092ba3d7f3543980fef790
    /etc/shadow:		71558dd386a50333ffb71c07ad904e9abd6792cf
    /etc/ssh/sshd_config:	5a960d6641b42ff8f9e947e218b371b2ad12a728
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842
    
    TODAY:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	d6328ceea77c930e853da08b494c71ad2f8f9b47
    /etc/passwd:		02f727aaabab9c2963092ba3d7f3543980fef790
    /etc/shadow:		9a4fb74ef00824d6e84785ad53d6fed364947778
    /etc/ssh/sshd_config:	5a960d6641b42ff8f9e947e218b371b2ad12a728
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842 
    What should you report to management?
    1. Everything seems to be fine.
    2. A user is violating the AUP.
    3. An intruder has gained administrative access and changed the system configuration.
    4. An intruder has gained administrative access and replaced operating system components, and we can no longer trust the operating system itself or any programs installed there.
  5. You are examining records from a busy server that is critical to your organization's financial well-being. You observe the following:
    LAST WEEK:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	d6328ceea77c930e853da08b494c71ad2f8f9b47
    /etc/passwd:		02f727aaabab9c2963092ba3d7f3543980fef790
    /etc/shadow:		71558dd386a50333ffb71c07ad904e9abd6792cf
    /etc/ssh/sshd_config:	5a960d6641b42ff8f9e947e218b371b2ad12a728
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842
    
    TODAY:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	d6328ceea77c930e853da08b494c71ad2f8f9b47
    /etc/passwd:		7c6fa9266a5abfa03d685ea7f7164393c984b710
    /etc/shadow:		9a4fb74ef00824d6e84785ad53d6fed364947778
    /etc/ssh/sshd_config:	5a960d6641b42ff8f9e947e218b371b2ad12a728
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842 
    What should you report to management?
    1. Everything seems to be fine.
    2. A user is violating the AUP.
    3. An intruder has gained administrative access and changed the system configuration.
    4. An intruder has gained administrative access and replaced operating system components, and we can no longer trust the operating system itself or any programs installed there.
  6. You are examining records from a busy server that is critical to your organization's financial well-being. You observe this:
    LAST WEEK:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	d6328ceea77c930e853da08b494c71ad2f8f9b47
    /etc/passwd:		02f727aaabab9c2963092ba3d7f3543980fef790
    /etc/shadow:		71558dd386a50333ffb71c07ad904e9abd6792cf
    /etc/ssh/sshd_config:	5a960d6641b42ff8f9e947e218b371b2ad12a728
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842
    
    TODAY:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	d6328ceea77c930e853da08b494c71ad2f8f9b47
    /etc/passwd:		02f727aaabab9c2963092ba3d7f3543980fef790
    /etc/shadow:		71558dd386a50333ffb71c07ad904e9abd6792cf
    /etc/ssh/sshd_config:	9c5bbcbdc2994a9835b8804b9ffa699935715a34
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842 
    What should you report to management?
    1. Everything seems to be fine.
    2. A user is violating the AUP.
    3. An intruder has gained administrative access and changed the system configuration.
    4. An intruder has gained administrative access and replaced operating system components, and we can no longer trust the operating system itself or any programs installed there.
  7. You are examining records from a busy server that is critical to your organization's financial well-being. You observe this:
    LAST WEEK:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	d6328ceea77c930e853da08b494c71ad2f8f9b47
    /etc/passwd:		02f727aaabab9c2963092ba3d7f3543980fef790
    /etc/shadow:		71558dd386a50333ffb71c07ad904e9abd6792cf
    /etc/ssh/sshd_config:	5a960d6641b42ff8f9e947e218b371b2ad12a728
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842
    
    TODAY:
    /boot/grub/grub.cfg:	6c3209882734351aa672d3f222bb382267c22ad4
    /boot/vmlinuz-4.13.0:	cfc34c90281bbed47540c6288ec975a4602ee3df
    /etc/passwd:		02f727aaabab9c2963092ba3d7f3543980fef790
    /etc/shadow:		71558dd386a50333ffb71c07ad904e9abd6792cf
    /etc/ssh/sshd_config:	5a960d6641b42ff8f9e947e218b371b2ad12a728
    /bin/ls			b79f70b18538de0199e6829e06b547e079df8842 
    What should you report to management?
    1. Everything seems to be fine.
    2. A user is violating the AUP.
    3. An intruder has gained administrative access and changed the system configuration.
    4. An intruder has gained administrative access and replaced operating system components, and we can no longer trust the operating system itself or any programs installed there.
  8. Management has decided that they want wireless security, but they don't have the resources to do key management and maintain certificates. What should they use?
    1. WEP
    2. WAP
    3. WPA
    4. WPA2 Enterprise
    5. WPS
  9. Management has decided to use geo-fencing to restrict mobile device operation to company premises. Which technology should you select?
    1. BYOD
    2. COPE
    3. CYOD
    4. BODE
  10. Lori's manager, Brian, has just returned from a board meeting where it was announced that the company would be deploying Infrastructure as a Service. Brian didn't know what that was, and was embarrassed to ask. Which is the best explanation of what it will involve?
    1. Logical rather than physical network isolation
    2. Air gaps
    3. Virtualization
    4. Subcontracting
  11. Why might you use fuzzing? Select two.
    1. You need to detect logical errors
    2. You don't have the source code
    3. You have the source code
    4. You have the source code, but you signed a non-disclosure agreement
    5. You're uncertain of the purpose of the software
  12. Refineries and waste water treatment plants are controlled by which of the following, which have been successfully attacked on multiple occasions:
    1. RTOS
    2. IoT
    3. SCADA
    4. SoC
    5. Embedded
  13. Dorothy, the software development manager, needs development and testing platforms for her programmers. However, she doesn't want to have to buy server hardware, or cross-train programmers to be system administrators. Which cloud solution could solve her problem?
    1. IaaS
    2. IDaaS
    3. PaaS
    4. SaaS
  14. Maria, a security analyst, was about to boot a suspect system with a Kali Linux DVD. Her manager stopped her, saying that she mustn't modify the computer's operating system or data. She explained that it was safe, it would load an operating system into RAM and treat everything on disk as read-only data, because it's:
    1. Non-modification boot
    2. Live boot
    3. Transparent boot
    4. Ephemeral boot
  15. Suheb, the IT department manager, needs to be able to assess organizational security at any time, and identify issues before they become big problems. Which should he use?
    1. Monthly audits
    2. Continuous monitoring
    3. Continuous improvement
    4. Baseline analysis
  16. Chuck, a network engineer, needs to compartmentalize traffic flow on the Intranet, and authenticate each connected endpoint device. What should he use? Select two.
    1. NAC
    2. DLP
    3. 802.3
    4. VLAN
  17. Alexei, an attacker from Eastern Europe, was able to break into one of your organization's virtual web servers. However, he was unable to pivot to any of several other virtual servers running on the same hardware platform. What happened?
    1. VM Escape
    2. Shadow IT
    3. VM sprawl
    4. Sandboxing
    5. Hypervisor flaws
  18. Akio, a systems engineer, needs to implement a technical defense that verifies the validity of the operating system itself before booting the system. He hopes this will solve the problem of root kits and other kernel modification. What should he use?
    1. Anti-malware scanning
    2. BIOS checks
    3. UEFI
    4. Trusted supply chain
  19. Philip, a system administrator, has been asked for recommendations for protecting compute servers in the data center. Which should he suggest? Select three.
    1. FM-200
    2. Biometrics
    3. DLP
    4. Remote wipe
    5. Mantrap
    6. GPS tracking

To the answers

To the Cybersecurity Page