NO.8 A nuclear plant was the victim of a recent attack, and all the networks were air gapped. A subsequent investigation revealed a worm as the source of the issue. Which of the following BEST explains what happened?

(A). A malicious USB was introduced by an unsuspecting employee.

(B). The ICS firmware was outdated

(C). A local machine has a RAT installed.

(D). The HVAC was connected to the maintenance vendor.

NO.12 A Chief Executive Officer (CEO) is dissatisfied with the level of service from the company's new service provider. The service provider is preventing the CEO from sending email from a work account to a personal account. Which of the following types of service providers is being used?

(D) Managed security service provider

(A). Telecommunications service provider

(C). Master managed service provider

NO.14 A smart retail business has a local store and a newly established and growing online storefront. A recent storm caused a power outage to the business and the local ISP, resulting in several hours of lost sales and delayed order processing. The business owner now needs to ensure two things: * Protection from power outages * Always-available connectivity In case of an outage The owner has decided to implement battery backups for the computer equipment Which of the following would BEST fulfill the owner's second need?

(C). Purchase services from a cloud provider for high availability

(A). Lease a point-to-point circuit to provide dedicated access.

(B). Connect the business router to its own dedicated UPS.

D Replace the business's wired network with a wireless network.

NO.15 A company Is concerned about is security after a red-team exercise. The report shows the team was able to reach the critical servers due to the SMB being exposed to the Internet and running NTLMV1, Which of the following BEST explains the findings?

(A). Default settings on the servers

(B). Unsecured administrator accounts

NO.16 A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted web-browsing protocols. A security engineer runs a port scan against the server from the Internet and sees the following output: Which of the following steps would be best for the security engineer to take NEXT?

(D). Block SSH access from the Internet.

(A). Allow DNS access from the internet.

(B). Block SMTP access from the Internet

(C). Block HTTPS access from the Internet

NO.19 A financial organization has adopted a new secure, encrypted document-sharing application to help with its customer loan process. Some important PII needs to be shared across this new platform, but it is getting blocked by the DLP systems. Which of the following actions will BEST allow the PII to be shared with the secure application without compromising the organization's security posture?

(D). Configure the DLP policies to whitelist this application with the specific PII

(A). Configure the DLP policies to allow all PII

(B). Configure the firewall to allow all ports that are used by this application

(C). Configure the antivirus software to allow the application

(E). Configure the application to encrypt the PII

NO.20 An organization's Chief Security Officer (CSO) wants to validate the business's involvement in the incident response plan to ensure its validity and thoroughness. Which of the following will the CSO MOST likely use?

(A). An external security assessment

NO.21 A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

(A). Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent basis

(B). Restrict administrative privileges and patch ail systems and applications.

(C). Rebuild all workstations and install new antivirus software

(D). Implement application whitelisting and perform user application hardening

NO.28 An organization hired a consultant to assist with an active attack, and the consultant was able to identify the compromised accounts and computers. Which of the following is the consultant MOST likely to recommend to prepare for eradication?

(C) Isolating the compromised accounts and computers, cutting off all network and internet access.

(A). Quarantining the compromised accounts and computers, only providing them with network access

(B). Segmenting the compromised accounts and computers into a honeynet so as to not alert the attackers.

(D). Logging off and deleting the compromised accounts and computers to eliminate attacker access.

NO.30 A major political party experienced a server breach. The hacker then publicly posted stolen internal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors?

(D). Advanced persistent threats

1-30 Quiz

Authored by Hacker Eurotech

Computers

Professional Development

Used 12+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

30 questions

Show all answers

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.1 The process of passively gathering information prior to launching a cyberattack is called:

(A). tailgating

(B). reconnaissance

(C). pharming

(D). prepending

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.2 A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and
recovery practices to minimize system downtime and enhance organizational resilience to
ransomware attacks. Which of the following would BEST meet the CSO's objectives?

(A). Use email-filtering software and centralized account management, patch high-risk systems, and

restrict administration privileges on fileshares.

(B). Purchase cyber insurance from a reputable provider to reduce expenses during an incident.

(C). Invest in end-user awareness training to change the long-term culture and behavior of staff and

executives, reducing the organization's susceptibility to phishing attacks.

(D). Implement application whitelisting and centralized event-log management, and perform regular

testing and validation of full backups.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.3 A new plug-and-play storage device was installed on a PC in the corporate environment. Which
of the following safeguards will BEST help to protect the PC from malicious files on the storage
device?

(A). Change the default settings on the PC.

(B). Define the PC firewall rules to limit access.

(C). Encrypt the disk on the storage device.

(D). Plug the storage device in to the UPS

MULTIPLE SELECT QUESTION

2 mins • 1 pt

NO.4 An organization is concerned about hackers potentially entering a facility and plugging in a
remotely accessible Kali Linux box. Which of the following should be the first lines of defense against
such an attack? (Select Two)

(A). MAC filtering

(B). Zero Trust segmentation

(C). Network access control

(D) Access control vestibules

(E) Guards

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.5 The following is an administrative control that would be MOST effective to reduce the
occurrence of malware execution?

(A). Security awareness training

(B). Frequency of NIDS updates

(C). Change control procedures

(D). EDR reporting cycle

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.6 A security analyst is investigation an incident that was first reported as an issue connecting to
network shares and the internet, While reviewing logs and tool output, the analyst sees the
following:
Which of the following attacks has occurred?

(A). IP conflict

(B). Pass-the-hash

(C). MAC flooding

(D). Directory traversal

(E). ARP poisoning

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.7 Which of the following technical controls is BEST suited for the detection and prevention of
buffer overflows on hosts?

(A). DLP

(B). HIDS

(C). EDR

(D). NIPS

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

Struktogramme

Quiz

•

Professional Development

25 questions

PowerApps Parte 1

Quiz

•

Professional Development

33 questions

6 ÔT GHK 1 - TIN HỌC

Quiz

•

Professional Development

25 questions

Bukber Trivia Games

Quiz

•

Professional Development

25 questions

SDdbC#_Final Quiz

Quiz

•

Professional Development

25 questions

Réseaux 4 - Couche Liaison de données

Quiz

•

Professional Development

25 questions

CEPAC - Diagnóstico Informática

Quiz

•

Professional Development

25 questions

4. DITS. Definiciones Capítulo 5. Donde queremos estar

Quiz

•

Professional Development

Popular Resources on Wayground

8 questions

Spartan Way - Classroom Responsible

Quiz

•

9th - 12th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

3 questions

Integrity and Your Health

Lesson

•

6th - 8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

9 questions

FOREST Perception

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

Discover more resources for Computers

15 questions

LOTE_SPN2 5WEEK3 Day 2 Itinerary

Quiz

•

Professional Development

6 questions

Copy of G5_U6_L5_22-23

Lesson

•

KG - Professional Dev...

10 questions

March Quiz

Quiz

•

Professional Development

5 questions

Copy of G5_U6_L8_22-23

Lesson

•

KG - Professional Dev...

10 questions

suffixes FUL OR LESS

Quiz

•

Professional Development

1-30 Quiz

NO.1 The process of passively gathering information prior to launching a cyberattack is called:

NO.2 A Chief Security Office's (CSO's) key priorities are to improve preparation, response, andrecovery practices to minimize system downtime and enhance organizational resilience toransomware attacks. Which of the following would BEST meet the CSO's objectives?

NO.3 A new plug-and-play storage device was installed on a PC in the corporate environment. Whichof the following safeguards will BEST help to protect the PC from malicious files on the storagedevice?

NO.4 An organization is concerned about hackers potentially entering a facility and plugging in aremotely accessible Kali Linux box. Which of the following should be the first lines of defense againstsuch an attack? (Select Two)

NO.5 The following is an administrative control that would be MOST effective to reduce theoccurrence of malware execution?

NO.6 A security analyst is investigation an incident that was first reported as an issue connecting tonetwork shares and the internet, While reviewing logs and tool output, the analyst sees thefollowing:Which of the following attacks has occurred?

NO.7 Which of the following technical controls is BEST suited for the detection and prevention ofbuffer overflows on hosts?

NO.8 A nuclear plant was the victim of a recent attack, and all the networks were air gapped. Asubsequent investigation revealed a worm as the source of the issue. Which of the following BESTexplains what happened?

NO.9 Which of the following ISO standards is certified for privacy?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

NO.2 A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and
recovery practices to minimize system downtime and enhance organizational resilience to
ransomware attacks. Which of the following would BEST meet the CSO's objectives?

NO.3 A new plug-and-play storage device was installed on a PC in the corporate environment. Which
of the following safeguards will BEST help to protect the PC from malicious files on the storage
device?

NO.4 An organization is concerned about hackers potentially entering a facility and plugging in a
remotely accessible Kali Linux box. Which of the following should be the first lines of defense against
such an attack? (Select Two)

NO.5 The following is an administrative control that would be MOST effective to reduce the
occurrence of malware execution?

NO.6 A security analyst is investigation an incident that was first reported as an issue connecting to
network shares and the internet, While reviewing logs and tool output, the analyst sees the
following:
Which of the following attacks has occurred?

NO.7 Which of the following technical controls is BEST suited for the detection and prevention of
buffer overflows on hosts?

NO.8 A nuclear plant was the victim of a recent attack, and all the networks were air gapped. A
subsequent investigation revealed a worm as the source of the issue. Which of the following BEST
explains what happened?