Which of the following vulnerabilities would you consider the greatest threat to information confidentiality?

Web application SQL injection vulnerability

HTTP TRACE/TRACK methods enabled

SSL Server with SSLv3 enabled vulnerability

phpinfo information disclosure vulnerability

Barrett noticed a critical vulnerability in a database at his organization. He received permission to implement an emergency change after the close of the business day. There are currently eight hours before the change window. What else needs to be done to prepare for the change?

Ensure all stakeholders are informed of planned outage

Document the change in the change management system

Identify any potential risks associated with the change

You have been tasked to conduct a review of the firewall logs. During your review, you notice that an IP address from within your company’s server subnet had been transmitting between 125 to 375 megabytes of data to a foreign IP address during nighttime hours. Looking over the logs, you have determined this has been occurring for approximately 5 days and the affected server has since been taken offline for forensic review. What is MOST likely to increase the impact assessment of the incident?

PII of company employees and customers was exfiltrated

Raw financial information about the company was accessed

Forensic review of the server required fallback on a less efficient service

IP addresses and other network-related configurations were exfiltrated

Laura needs a forensic copy of a drive encrypted with BitLocker. Which of the following methods is not one that should be used?

Retrieving the key from the MBR

Performing a FireWire attack on mounted drives

After analyzing and correlating activity from the firewall logs, server logs, and the intrusion detection system logs, a cyber security analyst has determined that a sophisticated breach of the company’s network security may have occurred from a group of specialized attackers in a foreign country over the past five months. Up until now, these cyber attacks against the company network had gone unnoticed by the company’s information security team. What would this be an example of?

advanced persistent threat (APT)

Mark wants to validate the application file that he downloaded from the vendor of the application. What information should be requested from the vendor?

File size and file creation date

Private key and cryptographic hash

Public key and cryptographic hash

CySa+ PT 4: 2/3

9th Grade - Professional Development

•

20 Qs

Similar activities

BERLATIH SOAL PPPK Part 2

Professional Development

•

15 Qs

Cyber Security KS4

8th - 12th Grade

•

15 Qs

12AIT - All About W3C <3

10th Grade - University

•

18 Qs

E-Commerce

University - Professional Development

•

16 Qs

DCN5511: Chapter 5 - 7

University

•

15 Qs

5S Concepts Quiz

Professional Development

•

15 Qs

TO PAS AIJ

11th Grade

•

20 Qs

Normas de cableado estructurado

Professional Development

•

20 Qs

CySa+ PT 4: 2/3

Quiz

•

Computers, Professional Development, Instructional Technology

•

9th Grade - Professional Development

•

Practice Problem

•

Medium

MRCOACHRAY RAY

Used 3+ times

FREE Resource

20 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The presence of _________________ triggers specific vulnerability scanning requirements based upon law or regulation.

Credit card information

Protected health information

Personally identifiable information

Trade secret information

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Jesus is creating a remediation procedure for vulnerabilities discovered in his organization. He would like to make sure that any vendor patches are tested prior to deploying them in production. What type of environment should be included to best address this issue?

Sandbox

Honeypot

Honeynet

Production

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

James is working on developing a vulnerability scanner program for a large network of sensors that his organization uses to monitor a transcontinental gas pipeline. What term is typically used to describe this type of network?

WLAN

VPN

P2P

SCADA

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Timothy’s company is starting a BYOD (bring your own device) policy for all mobile devices. Which of the following allows you to secure the sensitive information on personally owned devices, including administrators, and the ability to remotely wipe corporate information without affecting personal data?

Remote wipe

Strong passwords

Biometric authentication

Containerization

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Patrick is the manager of his organization's vulnerability scanning program. He’s experiencing some issues with scans aborting because the previous day scans are still running when the scanner attempts to start the current scans. Which of the following solutions is least likely to resolve the issue?

Add a new scanner

Reduce the scope of scans

Reduce the sensitivity of scans

Reduce the frequency of scans

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Cherish is attempting to determine what systems should be subject to vulnerability scanning and what systems are exempt. She’d like to have a base for this decision relating to the criticality of system to business operations. Where would she find this information?

The CEO

System names

IP addresses

Asset inventory

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

TRUE or FALSE: Organizations may decide not to remediate vulnerabilities because of conflicting business requirements.

TRUE

FALSE

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

20 questions

R-COMM Quiz

Quiz

•

Professional Development

16 questions

Unit 8 Practice Test For CSP

Quiz

•

9th Grade

16 questions

E-Commerce

Quiz

•

University - Professi...

20 questions

COMMUNICATION INTERNE

Quiz

•

Professional Development

15 questions

Cyber Security KS4

Quiz

•

8th - 12th Grade

15 questions

LA1.C1: Introduction to Small Basic

Quiz

•

9th Grade

20 questions

Vocabulary: Housekeeping

Quiz

•

University - Professi...

18 questions

12AIT - All About W3C <3

Quiz

•

10th Grade - University

Popular Resources on Wayground

25 questions

Multiplication Facts

Quiz

•

5th Grade

15 questions

4:3 Model Multiplication of Decimals by Whole Numbers

Quiz

•

5th Grade

10 questions

The Best Christmas Pageant Ever Chapters 1 & 2

Quiz

•

4th Grade

12 questions

Unit 4 Review Day

Quiz

•

3rd Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

15 questions

Solving Equations with Variables on Both Sides Review

Quiz

•

8th Grade

Discover more resources for Computers

40 questions

Introduction to Microsoft Word

Quiz

•

8th - 12th Grade

85 questions

Word Processing Review

Quiz

•

8th - 9th Grade

11 questions

Internet Terms Vocabulary- Notebook Check #1- CTEA

Quiz

•

12th Grade

39 questions

UNIT 7 and UNIT 8 — Multiple Choice Question Bank (Extracted)

Quiz

•

9th Grade

31 questions

Python Conditionals Review

Quiz

•

9th - 12th Grade

CySa+ PT 4: 2/3

20 questions

The presence of _________________ triggers specific vulnerability scanning requirements based upon law or regulation.

Jesus is creating a remediation procedure for vulnerabilities discovered in his organization. He would like to make sure that any vendor patches are tested prior to deploying them in production. What type of environment should be included to best address this issue?

James is working on developing a vulnerability scanner program for a large network of sensors that his organization uses to monitor a transcontinental gas pipeline. What term is typically used to describe this type of network?

Cherish is attempting to determine what systems should be subject to vulnerability scanning and what systems are exempt. She’d like to have a base for this decision relating to the criticality of system to business operations. Where would she find this information?

TRUE or FALSE: Organizations may decide not to remediate vulnerabilities because of conflicting business requirements.

Which of the following vulnerabilities would you consider the greatest threat to information confidentiality?

Barrett noticed a critical vulnerability in a database at his organization. He received permission to implement an emergency change after the close of the business day. There are currently eight hours before the change window. What else needs to be done to prepare for the change?

What SCAP component provides a language for specifying checklists?

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers