|Mila is executing an attack where the technique is to perform a one-time login attempt on multiple
hosts on a network using the same credentials to avoid account lockouts. What is this type of attack?
A. Man-in-the-middle attack B. Password spraying C. Credential stuffing D. Impersonation.
A senior cybersecurity analyst is explaining the
difference between stack-based and heap-based
overflow attacks to a new cybersecurity analyst.
Which of the following characteristics of overflow
attacks are true? (Choose two.) A. Most heap overflows are not exploitable because
memory is not being overwritten. B. Heap overflows are more difficult to implement
because heap is dynamically allocated. C. The stack is a type of data structure that
operates on the principle of “first in, first out.” D. Stack-based overflows overwrite key areas of
memory with too much data.
In the following image, an attacker sends malicious code to an unsuspecting user. The browser executes
the code because it thinks it came from a trusted source. The malicious code can access cookies, session tokens, or other sensitive information retained by the browser and used with the site.Which type of attack is this ? A. Reflective cross-site scripting B. DOM cross-site scripting C. Structured cross-site scripting D. Persistent cross-site scripting.
While performing a vulnerability assessment outbrief to the customer technical staff, Julie
describes a dereferencing vulnerability discovered in the systems tested. She explains that a dereferencing vulnerability is a vulnerability that A. arises when an application uses user-supplied
input to access objects directly B. occurs when a system attempts to perform two
or more operations at the same time C. occurs when software attempts to access a
stored value in memory that does not exist D. causes detailed internal error messages to be
revealed to the user.
A major factor in securing our networks is using the appropriate network architecture. Which network
architecture decouples data-forwarding functions from the decision-making functions, allowing for
holistic and adaptive control of how data moves around the network? A. Virtual private cloud B. Serverless C. Software defined D. Physical.
Some organizations find benefit in an architecture
where applications are hosted by a third-party
service and are broken up into individual functions,
allowing the business to focus purely on the
functions that can be invoked and scaled
individually. This is the architecture used by AWS
Lambda and Microsoft Azure Functions. Which
architecture does this describe? A. Virtual private cloud B. Serverless C. Software defined D. Physical.
Which of the following technologies allows multiple
applications to execute in isolated user spaces,
share the same operating system kernel, and run
on various types of infrastructure without needing
to adjust for each? A. Containerization B. Virtualization C. Hypervisor D. Virtual desktop infrastructure.
Many organizations operate based on the thought
that assigning privileged access is an all-or-nothing
proposition, but it doesn’t have to be that way.
Which of the following techniques/principles
address this issue to help organizations limit
overuse of privileges? (Choose two.) A. Least privilege B. Multifactor authentication C. Federated access control D. Role-based access control.
Access control methods are increasingly critical to
thwarting attackers’ efforts to gain a foothold into
your system and/or network. One method typically
provides a very granular ability because it can filter
access based on more factors, including username,
role, organization, security clearance, time of
access, location of data, current threat level,
creation date, resource owner, filename, and data
sensitivity. Which of the following access control
methods provides this granularity? A. Role based B. Attribute based C. Mandatory D. Discretionary.
In an effort to close the gap between attackers’
advantages and defenders’ disadvantages,
organizations such as the National Security Agency,
Department of Homeland Defense, and Defense
Advanced Research Projects Agency have been
developing active cyber defenses. One concept
spawned by this effort is a constantly evolving
attack surface, such as deploying false endpoint
decoys, servers, and devices. Additionally, the
approach includes constantly changing the
services, IP addresses, and ports being used. What
is this approach known as? A. Containerization B. Moving target defense C. Software-defined networking D. Cyber threat hunting.
Which of the following activities is not a standard part of digital certificate management activities?
A. Dynamically selecting a certificate hash algorithm B. Acquiring certificates from the certificate authority C. Reporting compromised certificates to the Revocation Authority D. Protecting private keys.
Garth is developing a customer solution that needs
a secure method to connect two sites to share
resources and also a secure method for employees
to perform remote work. Which protocols support
the solution needed to meet the customer
requirements? (Choose two.) A. SSL B. SSH C. L2TP/IPSec D. OpenVPN.
Troy has been tasked with ensuring cybersecurity is
integrated into the development of a new web
application from the beginning. Troy has
discovered a trove of useful application security
resources from a popular organization. What is the name of this organization? A. SysAdmin, Audit, Network, and Security Institute B. National Institute of Standards and Technology C. Center for Internet Security D. Open Web Application Security Project.
Software is engineered to separate processing, data management, and presentation functions into a
client/server n-tier architecture. Which of the following statements is true regarding software assurance in an n-tier architecture? A. It is more difficult to secure software because each tier handles data differently. B. Securing software is less difficult because security is distributed among the different tiers. C. There is no difference because the software assurance standards apply the same to all architectures. D. From a software assurance perspective, each tier is independent and therefore doesn’t affect the others.
Robert is auditing a client network and specifically
confirming the system enforces the use of complex
and long passwords, encrypts passwords both at
rest and in transit, disables login after a set number
of failed login attempts, and reduces the ability to
enumerate username/password by displaying a
standard failed login response such as “invalid
username and/or password.” Robert is auditing the
network specifically for which of the following top
weaknesses? A. Injection flaws B. Sensitive data exposure C. Broken access control D. Broken authentication.
Debbie is integrating a standard for exchanging
authentication and authorization identities
between security domains using an XML-based
protocol to pass information using security tokens.
Debbie is implementing which standard? A. Simple Object Access Protocol B. Security Assertions Markup Language C. Representational State Transfer D. Microservices.
Andrea needs to set up a protocol to interchange
data between web service applications. The
requirements state an XML-based solution that is
platform independent and works on the HTTP
protocol. Which of the following meets the
requirements for Andrea’s project? A. Simple Object Access Protocol B. Security Assertions Markup Language C. Representational State Transfer D. Microservices.
Which architectural style, among the most
commonly used in web services, is used in a
client/server architecture and utilizes a uniform
and predefined set of stateless operations to
provide interoperability on the Web? A. Simple Object Access Protocol B. Security Assertions Markup Language C. Representational State Transfer D. Microservices.
Jerry has been assigned the task of breaking up a
huge monolithic application into a collection of
small, modular services capable of being deployed
independently but loosely coupled so they can still
work together. Which architectural style meets
Jerry’s needs? A. Simple Object Access Protocol B. Security Assertions Markup Language C. Representational State Transfer D. Microservices.
IBM has developed a type of one-time
programmable memory that can be modified once
to either disable access to certain functionality on a
chip or prevent reverting back to a previous version
of firmware. What is this called? A. Atomic execution B. Trusted firmware updates C. eFuse D. Anti-tamper.
The secure boot feature of UEFI is self-contained
and inflexible, stopping the platform from booting
if a signature is invalid. When this is not practical,
there is an alternative, more flexible solution that
does not stop the platform from booting but does
compute and record the hash of the object so it can
be retrieved later to find out what objects were
encountered. What is this alternative approach
known as? A. Trusted Platform Module B. Trusted firmware updates C. Hardware security module D. Measured boot and attestation.
What is the technology called that protects against
software-based attacks by using hardware to create
an environment for applications to be run and
protected from all other software on the system,
thus preventing the success of malicious software
attacks? A. Secure boot B. Trusted execution C. eFuse D. Measured boot and attestation.
The Department of Defense is implementing dataat-
rest encryption to the maximum extent possible,
but they mostly rely on IT and program managers
to implement this requirement across their
portfolios. The DoD could mandate use of existing
technology that automatically, without user
interaction, continuously encrypts data on storage
devices. This technology, which uses a unique and
random data encryption key, is known as what?
A. Bus encryption B. Full disk encryption C. Endpoint encryption D. Self-encrypting drives.
Daniel is working on a project and needs a solution that can provide quick, safe, and secure
data transactions and verification. This solution should use specialized hardware that is well tested
and certified, utilizes a security-oriented operating system, separates business logic from cryptologic
calls, and is able to store and manage cryptographic keys to prevent attacks. Daniel’s project must be
able to add this technology to existing systems.
Which of the following meets Daniel’s criteria?
A. Trusted Platform Module B. Unified Extensible Firmware Interface C. Hardware security module D. eFuse.
A new system design specification requires the
hardware to allow programmers to designate
special regions in memory to be encrypted and
private for a given process. These regions must be
dynamically decrypted by the CPU while in use,
preventing any unauthorized process, including the
operating system or hypervisor, from accessing
plaintext stored there. Which of the following
meets this design specification requirement? A. Hardware security module B. Processor security extensions C. Trusted Platform Module D. Measured boot and attestation.
Which of the following is not a characteristic of
hardware root of trust?
A. Contains the keys used for cryptographic
functions B. Enables a secure boot process C. Prevents interruption and interference for
sections of software D. Secure by design.
What category of technology is designed to address
previously inherent security weaknesses in
hardware solutions and includes hardware
encryption to keep everything but security-related
processes from accessing certain protected parts of
hardware and to protect data in use?
A. eFuse technology B. Measured boot and attestation C. Bus encryption D. Secure processing.
Which type of environment only runs code that has
been appropriately authorized and checked by
other authorized code? This requires a secure boot
feature to check the integrity and authenticity of all
operating system components, and it ensures that
no one has tampered with the operating system’s
code when the device is powered off. A. Trusted execution B. Secure boot C. eFuse D. Measured boot and attestation.