.png){kind=logo}
D488 - Cybersecurity Architecture & Engineering 10 studiers recently Leave the first rating Students also studied Terms in this set (106) Science Computer Science Computer Security and Reliability Save D488 - Cybersecurity Architecture a...1,074 terms SpaceChimpanzee Preview D488 19 terms lcerv337Preview D488 121 terms top5travelmail Preview Practic 25 terms d4t Which type of security should a business use on its layer
- switch to isolate the finance network from other
departmental networks?A - Virtual Private Network (VPN) B - Internet Protocol Security (IPSec) C - Virtual Local Area Network (VLAN) D - Remotely Triggered Black Hole (RTBH) C - Virtual Local Area Network (VLAN) VLANs allow companies to logically segment network traffic, ensuring devices on different VLANs cannot communicate unless otherwise specified in a layer 3 device like a router.Which type of software testing should be used when there has been a change within the existing environment?A - Regression Testing B - Penetration Testing C - Requirements Testing D - Release Testing A - Regression Testing Regression testing ensures that recent changes within the environment have not introduced new defects or broken existing functionality.Which security technique should be used to detect a weak password that may match common dictionary words?A - Password Spraying B - Password Auditing C - Password Guessing D - Password History B - Password Auditing Password auditing allows for existing passwords to be compared against known weak passwords to help determine the security of a credential.What should an organization implement if it wants users of their site to provide a password, memorable word, and pin?A - Multi-factor authentication (MFA) B - Two-factor authentication (2FA) C - Two-step verification D - Single-factor authentication A - Multi-factor authentication MFA enhances security by requiring multiple forms of authentication, therefore reducing the risk of unauthorized access.
A network technician is asked by their manager to update security to block several known bad actor IP addresses.A - Signature rules B - Firewall rules C - Behavior rules D - Data loss prevention (DLP) rules B - Firewall rules Firewall rules can be set up to deny traffic coming from known malicious IP addresses.On a shopping website, there is a 500-millisecond delay when the authorized payment button is selected for purchases. Attackers have been running a script to alter the final payment that takes 200 milliseconds. Which vulnerability on the website is being targeted by the attackers?A - Buffer Overflow B - Integer Overflow C - Broken Authentication D - Race Condition D - Race Condition A race condition occurs when multiple processes or actions are executed simultaneously, and the outcome depends on the sequence or timing of events.A company wants to provide laptops to its employees so they can work remotely. What should be implemented to ensure only work applications can be installed on company laptops?A - Containerization B - Token-based access C - Patch repository D - Whitelisting D - Whitelisting Whitelisting ensures that only approved applications can be installed and executed on company laptops.What should a business use to provide non-repudiation for emails between employees?
A - TLS/SSL
B - AES-256
C - S/MIME
D - IPSec C - S/MIME (Secure/Multipurpose Internet Mail Extensions) S/MIME provides non-repudiation for emails by using digital signatures.Which strategy is appropriate for a risk management team to determine if a business has insufficient security controls?A - Qualitative assessment B - Gap assessment C - Quantitative risk assessment D - Impact assessment B - Gap assessment A gap assessment identifies the gaps between the current security control and the desired or required levels of security.An organization has leased office space that is suitable for its computer equipment so personnel and systems can be relocated if the main office location is unavailable.It currently has some equipment. Which type of site is the organization using?A - Cold site B - Warm site C - Hot site D - Mobile site B - Warm site A warm site is a disaster recovery site that provides a partially equipped facility that can be used to restore critical operations faster than having no equipment at all.
A risk assessment consultant is discussing segmentation options with a client. What are a few standard options the consultant could offer? Select the best 2 answers.A - VLANs B - Transmission Control C - Physical D - Access control lists A & C; VLANs & Physical A network device can perform segmentation logically, for example, implementing virtual local area networks (VLANs). A system can bypass VLANs if an attacker gains access to a trunk port where all VLANs can talk.Physical segmentation is another type of segmentation more commonly found in industrial control systems (ICS) and supervisory control and data acquisition (SCADA) networks. This is where, traditionally, there is an IT and OT (operational technology) network.Transmission control is not a type of segmentation. Transmission control defines how a system protects communication channels from infiltration, exploitation, and interception.Access control lists (ACLs) are used to define permissions on a network, file, or object. While they can restrict access to resources, they do not segment a network in the same way as VLANs or physical segmentation.A disaster recovery manager wants to perform a qualitative analysis on intangible assets but is unsure how to perform the calculations. Which departments should the manager bring on to help determine metrics? Select
- answers.
A - Marketing B - Sales C - Human Resources D - Communications A, B & D; Marketing, Sales, and Communications Marketing is one of the departments that should help the manager with the metrics. Qualitative risk assessment is well-suited to the analysis of intangible assets, for example, an organization's reputation or brand image.Sales is another department brought on to assist the manager with metrics. These groups are best-suited to provide input based on their unique insights.Communications is another department that can help the manager assess the value of many intangible business assets and the impacts that various risk events can have on them.The Human Resource department does not necessarily need to participate in an intangible metric discussion.A security analyst is performing a security assessment and is recommending ways to manage risk relating to personnel. Which of the following should the analyst recommend? Select 3 answers.A - Mandatory vacation B - Least privilege C - Email protection D - Auditing requirements A, B & D; Mandatory Vacation, Least Privilege, and Auditing Requirements Mandatory vacation is one way of helping to manage personnel risk. An administrator forces employees to take their vacation time, during which someone else fulfills their duties.The principle of least privilege is a practice in which an administrator only gives users account privileges they need to perform their duties. This practice serves in various capacities, such as helping against both insider threats and compromised accounts.Auditing requirements describe the capability for auditing account creation, modification, deletion, and account activity for all accounts. Auditing is a way to help manage personnel risk.Email protection is a technical control, although it does help to safeguard against attacks against personnel.
A security engineer is considering moving his organization's IT services to the cloud but is concerned whether the vendor they are considering will be in business on an ongoing basis. What type of vendor assessment is this?A - Vendor viability B - Source code escrow C - Vendor lock-in D - Vendor lockout A - Vendor Viability Vendor viability considers whether a vendor will remain in business on an ongoing basis, that they have a viable and in-demand product, and the financial means to stay afloat.Source code escrow is a copy of vendor-developed source code provided to a trusted third party in case a vendor ceases business.Vendor lock-in occurs when a customer is completely dependent on a vendor for products or services, as switching is either impossible or would result in substantial complexity and costs.Vendor lockout occurs when a vendor develops its product in such a way that makes it inoperable with other products, and the ability to integrate it with other vendor products is not a feasible option, or it does not exist.A security manager is standing up a risk management program at a company. What should the security manager set up that might be considered the most recognized output?A - Processes B - Key Performance Indicators C - Key Risk Indicators D - Risk Register D - Risk Register The risk register can be the most recognized output of the risk management program. It includes metadata such as threat, impact, likelihood, plan, and risk level.Processes are an important component of risk, but the risk register would be the most recognized output. Processes drive consistency and reliability.Key Performance Indicators (KPIs) are a formal mechanism designed to measure the performance of a program against desired goals.Key Risk Indicators (KRIs) are closely related to KPIs. By analyzing KPIs, trends may appear and be indicative of additional risk items and should be further analyzed and addressed proactively.A security architect for an organization is conducting an internal assessment on current policies, processes, and procedures to ensure protection for the businesses' technology and financial operations. Which of the following would be best suited to support this assessment?
A - STAR
B - SOC
C - ISO
D - CMMC
B - SOC
System and Organization Controls (SOC) uses standards established by the American Institute of Certified Public Accountants (AICPA) to evaluate policies, processes, and procedures to protect technology and financial operations.The Cloud Security Alliance (CSA) Security Trust and Risk (STAR) program demonstrate a cloud service provider's adherence to key principles of transparency, auditing, and best practice security operations.International Organization for Standardization (ISO) audits can evaluate many aspects of an organization. However, in terms of cybersecurity, an audit for compliance with the ISO 27k standard is most relevant.Cybersecurity Maturity Model Certification (CMMC) is a set of cybersecurity standards developed and designed by the United States Department of Defense (DoD) to help fortify the DoD supply chain.
.png)