secPlus+

Match the description with the most accurate attack type.
- Attacker obtains bank account number and birth date by calling the victim
Match the description with the most accurate attack type.
- Attacker modifies a legitimate DNS server to resolve the IP address of a malicious site
Match the description with the most accurate attack type.
- Attacker intercepts all communication between a client and a web server
Match the description with the most accurate attack type.
- Multiple attackers overwhelm a web server
Match the description with the most accurate attack type.
- A virus alert appears in your browser from Microsoft with a phone number to call for support
Select the BEST security control.
  • Library Web Server and Database Server Computer Room
  • High security
(May be more than one.)
Select the BEST security control.
  • Library Employee Laptops
  • Offsite use
  • Contains PII
(May be more than one.)
Select the BEST security control.
  • Library Lending Systems
  • Manages the check-in and check-out process
(May be more than one.)
Select the BEST security control.
  • Digital Newspaper Reading Lab
  • Open Area
  • No supervision
  • Laptop computers
(May be more than one.)
BEST secure network protocol for the description: Accept customer purchases from your primary website
BEST secure network protocol for the description: Synchronize the time across all of your devices
BEST secure network protocol for the description: Access your switch using a CLI terminal screen
BEST secure network protocol for the description: Talk with customers on scheduled conference calls
BEST secure network protocol for the description: Gather metrics from routers at remote sites
Match the appropriate authentication reference: During the login process, your phone receives a text message with a one-time passcode
Match the appropriate authentication reference: You enter your PIN to make a deposit into an ATM
Match the appropriate authentication reference: You must sign a check-in sheet before entering a controlled area
Match the appropriate authentication reference: You can use your fingerprint to unlock the door to the data center
Match the appropriate authentication reference: Your login will not work unless you are connected to the VPN
You’ve hired a third-party to gather information about your company’s servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach?
Which of these protocols use TLS to provide secure communication?
(Select TWO)
Which of these threat actors would be MOST likely to attack systems for direct financial gain?
An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices?
Which of the following standards provides information on privacy and managing PII?
Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration?
A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement?
An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies:
  • Access records from all devices must be saved and archived
  • Any data access outside of normal working hours must be immediately reported
  • Data access must only occur inside of the country
  • Access logs and audit reports must be created from a single database
Which of the following should be implemented by the security team to meet these requirements? (Select THREE)
Rodney, a security engineer, is viewing this record from the firewall logs:
UTC 04/05/2018 03:09:15809 AV Gateway Alert
136.127.92.171 80 -> 10.16.10.14 60818
Gateway Anti-Virus Alert:
XPACK.A_7854 (Trojan) blocked.
Which of the following can be observed from this log information?
A user connects to a third-party website and receives this message: Your connection is not private. NET::ERR_CERT_INVALID Which of the following attacks would be the MOST likely reason for this message?
Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site?
A system administrator, Daniel, is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. Daniel needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information?
An attacker calls into a company’s help desk and pretends to be the director of the company’s manufacturing department. The attacker states that they have forgotten their password and they need to have the password reset quickly for an important meeting. What kind of attack would BEST describe this phone call?
A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The companys network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network team’s requirements?
Which of the following would be commonly provided by a CASB?
(Select TWO)
The embedded OS in a company’s time clock appliance is configured to reset the file system and reboot when a file system error occurs. On one of the time clocks, this file system error occurs during the startup process and causes the system to constantly reboot. Which of the following BEST describes this issue?
A recent audit has found that existing password policies do not include any restrictions on password attempts, and users are not required to periodically change their passwords. Which of the following would correct these policy issues?
(Select TWO)
What kind of security control is associated with a login banner?
A security team has been provided with a non-credentialed vulnerability scan report created by a third-party. Which of the following would they expect to see on this report?
A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps?
A security administrator is concerned about data exfiltration resulting from the use of malicious phone charging stations. Which of the following would be the BEST way to protect against this threat?
A company would like to protect the data stored on laptops used in the field. Which of the following would be the BEST choice for this requirement?
A file server has a full backup performed each Monday at 1 AM. Incremental backups are performed at 1 AM on Tuesday, Wednesday, Thursday, and Friday. The system administrator needs to perform a full recovery of the file server on Thursday afternoon. How many backup sets would be required to complete the recovery?
A company is creating a security policy that will protect all corporate mobile devices:
  • All mobile devices must be automatically locked after a predefined time period.
  • Some mobile devices will be used by the remote sales teams, so the location of each device needs to be traceable.
  • All of the user's information should be completely separated from company data.
Which of the following would be the BEST way to establish these security policy rules?
A security engineer runs a monthly vulnerability scan. The scan doesn’t list any vulnerabilities for Windows servers, but a significant vulnerability was announced last week and none of the servers are patched yet. Which of the following best describes this result?
A security administrator is adding additional authentication controls to the existing infrastructure. Which of the following should be added by the security administrator?
(Select TWO)
A network administrator would like each user to authenticate with their personal username and password when connecting to the company's wireless network. Which of the following should the network administrator configure on the wireless access points?
A security administrator needs to identify all references to a Javascript file in the HTML of a web page. Which of the following tools should be used to view the source of the web page and search through the file for a specific filename?
(Select TWO)
A user has assigned individual rights and permissions to a file on their network drive. The user adds three additional individuals to have readonly access to the file. Which of the following would describe this access control model?
A remote user has received a text message requesting login details to the corporate VPN server. Which of the following would BEST describe this message?
A department store policy requires that a floor manager approves each transaction when a gift certificate is used for payment. The security team has found that some of these transactions have been processed without the approval of a manager. Which of the following would provide a separation of duties to enforce this store policy?
Which of the following is true of a rainbow table? (Select TWO)
A server administrator at a bank has noticed a decrease in the number of visitors to the bank's website. Additional research shows that users are being directed to a different IP address than the bank's web server. Which of the following would MOST likely describe this attack?
Which of these cloud deployment models would share resources between a private virtualized data center and externally available cloud services?
A company hires a large number of seasonal employees, and their system access should normally be disabled when the employee leaves the company. The security administrator would like to verify that their systems cannot be accessed by any of the former employees. Which of the following would be the BEST way to provide this verification?
A network administrator has installed a new access point, but only a portion of the wireless devices are able to connect to the network. Other devices can see the access point, but they are not able to connect even when using the correct wireless settings. Which of the following security features was MOST likely enabled?
A security administrator has gathered this information:
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp6 416 0 2601:4c3:4080:82.63976 yv-in-x5e.1e100..https CLOSE_WAIT
tcp6 0 0 2601:4c3:4080:82.63908 atl14s80-in-x0a..https ESTABLISHED
tcp6 0 0 fe80::4de1:1d4:8.36253 fe80::38b0:a2b1:.1025 ESTABLISHED
tcp6 0 0 fe80::4de1:1d4:8.1024 fe80::38b0:a2b1:.1024 ESTABLISHED
Which of the following is being used to create this information?
An attacker has discovered a way to disable a server by sending specially crafted packets from many remote devices to the operating system. When the packet is received, the system crashes and must be rebooted to restore normal operations. Which of the following would BEST describe this attack?
A data breach has occurred in a large insurance company. A security administrator is building new servers and security systems to get all of the financial systems back online. Which part of the incident response process would BEST describe these actions?
A manufacturing company has moved an inventory application from their internal systems to a PaaS service. Which of the following would be the BEST way to manage security policies on this new service?
An organization has identified a significant vulnerability in a firewall that was recently installed for Internet connectivity. The firewall company has stated there are no plans to create a patch for this vulnerability. Which of the following would BEST describe this issue?
A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise?
A security administrator needs to identify all computers on the company network infected with a specific malware variant. Which of the following would be the BEST way to identify these systems?
A system administrator has been called to a system that is suspected to have a malware infection. The administrator has removed the device from the network and has disconnected all USB flash drives. Which of these incident response steps is the administrator following?
How can a company ensure that all data on a mobile device is unrecoverable if the device is lost or stolen?
A security administrator is collecting information associated with a ransomware infection on the company's web servers. Which of the following log files would provide information regarding the memory contents of these servers?
Which part of the PC startup process verifies the digital signature of the OS kernel?
Which of these best describes two-factor authentication?
Which of these best describes two-factor authentication?
A manufacturing company would like to track the progress of parts as they are used on an assembly line. Which of the following technologies would be the BEST choice for this task?