What is a characteristic of the security artichoke, defense-in-depth approach? Each layer has to be penetrated before the threat actor can reach the target data or system. Threat actors no…
Why is asset management a critical function of a growing organization against security threats? It serves to preserve an audit trail of all new purchases. It identifies the ever increasing…
What is the first line of defense when an organization is using a defense-in-depth approach to network security? IPS edge router firewall proxy server Answers Explanation & Hints: A defense-in-depth…
What is a characteristic of a layered defense-in-depth security approach? Three or more devices are used. Routers are replaced with firewalls. When one device fails, another one takes over. One…
In a defense-in-depth approach, which three options must be identified to effectively defend a network against attacks? (Choose three.) assets that need protection location of attacker or attackers threats to…
Which term describes the ability of a web server to keep a log of the users who access the server, as well as the length of time they use it?…
What is the purpose of the network security accounting function? to require users to prove who they are to determine which resources a user can access to keep track of…
Which component of the zero trust security model focuses on secure access when an API, a microservice, or a container is accessing a database within an application? workforce workflow workload…
When designing a prototype network for a new server farm, a network designer chooses to use redundant links to connect to the rest of the network. Which business goal will…
Match the information security component with the description. Explanation & Hint: Confidentiality: Ensuring that data is accessible only to those with the required authorization. It matches the description "Only authorized…
What is the principle behind the nondiscretionary access control model? It applies the strictest access control possible. It allows access decisions to be based on roles and responsibilities of a…
Which type of access control applies the strictest access control and is commonly used in military or mission critical applications? attribute-based access control (ABAC) discretionary access control (DAC) mandatory access…
Passwords, passphrases, and PINs are examples of which security term? identification authorization authentication access Answers Explanation & Hints: Authentication methods are used to strengthen access control systems. It is important…
When a security audit is performed at a company, the auditor reports that new users have access to network resources beyond their normal job roles. Additionally, users who move to…
Which statement describes an operational characteristic of NetFlow? NetFlow captures the entire contents of a packet. NetFlow can provide services for user access control. NetFlow flow records can be viewed…
Which two functions are provided by NetFlow? (Choose two.) It provides a complete audit trail of basic information about every IP flow forwarded on a device. It provides 24x7 statistics…
Which technology is a proprietary SIEM system? StealthWatch SNMP agent NetFlow collector Splunk Answers Explanation & Hints: Security Information Event Management (SIEM) is a technology that is used in enterprise…
A white hat hacker is using a security tool called Skipfish to discover the vulnerabilities of a computer system. What type of tool is this? debugger packet sniffer vulnerability scanner…
Match the security tool with the description. (Not all options apply.) Explanation & Hint: Helix: This is a forensic tool that can be used by white hat hackers to find…
Once a cyber threat has been verified, the US Cybersecurity Infrastructure and Security Agency (CISA) automatically shares the cybersecurity information with public and private organizations. What is this automated system…