Which term describes the ability of a web server to keep a log of the users who access the server, as well as the length of time they use it?…
What is the purpose of the network security accounting function? to require users to prove who they are to determine which resources a user can access to keep track of…
Which component of the zero trust security model focuses on secure access when an API, a microservice, or a container is accessing a database within an application? workforce workflow workload…
When designing a prototype network for a new server farm, a network designer chooses to use redundant links to connect to the rest of the network. Which business goal will…
Match the information security component with the description. Explanation & Hint: Confidentiality: Ensuring that data is accessible only to those with the required authorization. It matches the description "Only authorized…
What is the principle behind the nondiscretionary access control model? It applies the strictest access control possible. It allows access decisions to be based on roles and responsibilities of a…
Which type of access control applies the strictest access control and is commonly used in military or mission critical applications? attribute-based access control (ABAC) discretionary access control (DAC) mandatory access…
Passwords, passphrases, and PINs are examples of which security term? identification authorization authentication access Answers Explanation & Hints: Authentication methods are used to strengthen access control systems. It is important…
When a security audit is performed at a company, the auditor reports that new users have access to network resources beyond their normal job roles. Additionally, users who move to…
Which statement describes an operational characteristic of NetFlow? NetFlow captures the entire contents of a packet. NetFlow can provide services for user access control. NetFlow flow records can be viewed…
Which two functions are provided by NetFlow? (Choose two.) It provides a complete audit trail of basic information about every IP flow forwarded on a device. It provides 24x7 statistics…
Which technology is a proprietary SIEM system? StealthWatch SNMP agent NetFlow collector Splunk Answers Explanation & Hints: Security Information Event Management (SIEM) is a technology that is used in enterprise…
A white hat hacker is using a security tool called Skipfish to discover the vulnerabilities of a computer system. What type of tool is this? debugger packet sniffer vulnerability scanner…
Match the security tool with the description. (Not all options apply.) Explanation & Hint: Helix: This is a forensic tool that can be used by white hat hackers to find…
Once a cyber threat has been verified, the US Cybersecurity Infrastructure and Security Agency (CISA) automatically shares the cybersecurity information with public and private organizations. What is this automated system…
An administrator discovers a vulnerability in the network. On analysis of the vulnerability the administrator decides the cost of managing the risk outweighs the cost of the risk itself. The…
Match the threat actors with the descriptions. (Not all options are used.) Explanation & Hint: Hacktivists: They are threat actors that publicly protest against organizations or governments by posting articles,…
What scenario describes a vulnerability broker? a teenager running existing scripts, tools, and exploits, to cause harm, but typically not for profit a threat actor attempting to discover exploits and…
Which type of attack is carried out by threat actors against a network to determine which IP addresses, protocols, and ports are allowed by ACLs? phishing reconnaissance denial of service…
A network administrator is checking the system logs and notices unusual connectivity tests to multiple well-known ports on a server. What kind of potential network attack could this indicate? access…