Page 1 out of 11. Viewing questions 1-15 out of 153
Question 1
Topic 1
Topic 1 Which event is user interaction?
A. gaining root access
B. executing remote code
C. reading and writing file permission
D. opening a malicious file
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
Topic 1
Topic 1 Which security principle requires more than one person is required to perform a critical task?
A. least privilege
B. need to know
C. separation of duties
D. due diligence
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
Topic 1
Topic 1 How is attacking a vulnerability categorized?
A. action on objectives
B. delivery
C. exploitation
D. installation
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
Topic 1
Topic 1 What is a benefit of agent-based protection when compared to agentless protection?
A. It lowers maintenance costs
B. It provides a centralized platform
C. It collects and detects all traffic locally
D. It manages numerous devices simultaneously
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
Topic 1
Topic 1 Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
A. decision making
B. rapid response
C. data mining
D. due diligence
Answer:
A
User Votes:
A 1 votes
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
Topic 1
Topic 1 One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?
A. confidentiality, identity, and authorization
B. confidentiality, integrity, and authorization
C. confidentiality, identity, and availability
D. confidentiality, integrity, and availability
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
Topic 1
Topic 1 What is rule-based detection when compared to statistical detection?
A. proof of a user's identity
B. proof of a user's action
C. likelihood of user's action
D. falsification of a user's identity
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
Topic 1
Topic 1 A user received a malicious attachment but did not run it. Which category classifies the intrusion?
A. weaponization
B. reconnaissance
C. installation
D. delivery
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
Topic 1
Topic 1 Which process is used when IPS events are removed to improve data integrity?
A. data availability
B. data normalization
C. data signature
D. data protection
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 10
Topic 1
Topic 1 An analyst is investigating an incident in a SOC environment. Which method is used to identify a session from a group of logs?
A. sequence numbers
B. IP identifier
C. 5-tuple
D. timestamps
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 11
Topic 1
Topic 1 What is a difference between SOAR and SIEM?
A. SOAR platforms are used for threat and vulnerability management, but SIEM applications are not
B. SIEM applications are used for threat and vulnerability management, but SOAR platforms are not
C. SOAR receives information from a single platform and delivers it to a SIEM
D. SIEM receives information from a single platform and delivers it to a SOAR
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 12
Topic 1
Topic 1 What is the difference between mandatory access control (MAC) and discretionary access control (DAC)?
A. MAC is controlled by the discretion of the owner and DAC is controlled by an administrator
B. MAC is the strictest of all levels of control and DAC is object-based access
C. DAC is controlled by the operating system and MAC is controlled by an administrator
D. DAC is the strictest of all levels of control and MAC is object-based access
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 13
Topic 1
Topic 1 What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?
A. least privilege
B. need to know
C. integrity validation
D. due diligence
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 14
Topic 1
Topic 1 What is the virtual address space for a Windows process?
A. physical location of an object in memory
B. set of pages that reside in the physical memory
C. system-level memory protection feature built into the operating system
D. set of virtual memory addresses that can be used
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 15
Topic 1
Topic 1 Which security principle is violated by running all processes as root or administrator?