Abel, a cloud architect, uses container technology to deploy applications/software including
all its dependencies, such as libraries and configuration files, binaries, and other resources
that run independently from other processes in the cloud environment. For the
containerization of applications, he follows the five-tier container technology architecture.
Currently. Abel is verifying and validating image contents, signing images, and sending
them to the registries. Which of the following tiers of the container technology architecture
Is Abel currently working in?
A.
Tier-1: Developer machines
B.
Tier-4: Orchestrators
C.
Tier-3: Registries
D.
Tier-2: Testing and accreditation systems
Tier-2: Testing and accreditation systems
Explanation: The official management decision given by a senior agency official to
authorize operation of an information system and to explicitly accept the risk to agency
operations (including mission, functions, image, or reputation), agency assets, or
individuals, based on the implementation of an agreed-upon set of security controls.
formal declaration by a designated accrediting authority (DAA) or principal accrediting
authority (PAA) that an information system is approved to operate at an acceptable level of
risk, based on the implementation of an approved set of technical, managerial, and
procedural safeguards. See authorization to operate (ATO). Rationale: The Risk
Management Framework uses a new term to refer to this concept, and it is called
authorization.
Identifies the information resources covered by an accreditation decision, as distinguished
from separately accredited information resources that are interconnected or with which
information is exchanged via messaging. Synonymous with Security Perimeter.
For the purposes of identifying the Protection Level for confidentiality of a system to be
accredited, the system has a conceptual boundary that extends to all intended users of the
system, both directly and indirectly connected, who receive output from the system. See
authorization boundary. Rationale: The Risk Management Framework uses a new term to
refer to the concept of accreditation, and it is called authorization. Extrapolating, the
accreditation boundary would then be referred to as the authorization boundary.
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?
A.
Copy the system files from a known good system
B.
Perform a trap and trace
C.
Delete the files and try to determine the source
D.
Reload from a previous backup
E.
Reload from known good media
Reload from known good media
in an attempt to increase the security of your network, you Implement a solution that will
help keep your wireless network undiscoverable and accessible only to those that know It.
How do you accomplish this?
A.
Delete the wireless network
B.
Remove all passwords
C.
Lock all users
D.
Disable SSID broadcasting
Disable SSID broadcasting
An incident investigator asks to receive a copy of the event logs from all firewalls, proxy
servers, and Intrusion Detection Systems (IDS) on the network of an organization that has
experienced a possible breach of security. When the investigator attempts to correlate the
information in all of the logs, the sequence of many of the logged events do not match up.
What is the most likely cause?
A.
The network devices are not all synchronized.
B.
Proper chain of custody was not observed while collecting the logs.
C.
The attacker altered or erased events from the logs.
D.
The security breach was a false positive.
The network devices are not all synchronized.
Which of the following tools is used to analyze the files produced by several packet-capture
programs such as tcpdump, WinDump, Wireshark, and EtherPeek?
A.
tcptrace
B.
Nessus
C.
OpenVAS
D.
tcptraceroute
tcptrace
Suppose that you test an application for the SQL injection vulnerability. You know that the
backend database
is based on Microsoft SQL Server. In the login/password form, you enter the following
credentials:
Username: attack' or 1»1 -
Password: 123456
Based on the above credentials, which of the following SQL commands are you expecting
to be executed by the server, if there is indeed an SQL injection vulnerability?
A.
select * from Users where UserName ='attack or 1=1 -and UserPassword = '123456"
B.
select * from users wherefuserName = 'attack' or 1=1 --'and UserPassword = '123456'
C.
select * from Users where UserName ='attack" or 1=1 -and UserPassword = '123456'
D.
select * from users where UserName"'attack'or 1=1 - and UserPassword "'123456
select * from users where UserName"'attack'or 1=1 - and UserPassword "'123456
If you want to only scan fewer ports than the default scan using Nmap tool, which option
would you use?
A.
–r
B.
–F
C.
–P
D.
–sP
–F
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming
through the firewall if your network is comprised of Windows NT, 2000, and XP?
A.
110
B.
135
C.
139
D.
161
E.
445
F.
1024
135
139
445
George is a security professional working for iTech Solutions. He was tasked with securely
transferring sensitive data of the organization between industrial systems. In this process,
he used a short-range communication protocol based on the IEEE 203.15.4 standard. This
protocol is used in devices that transfer data infrequently at a low rate in a restricted area,
within a range of 10-100 m. What is the short-range wireless communication technology
George employed in the above scenario?
A.
MQTT
B.
LPWAN
C.
Zigbee
D.
NB-IOT
LPWAN
Explanation: Low-power WAN (LPWAN) could be a wireless wide space network
technology that interconnects low-bandwidth, powered devices with low bit rates over long
ranges.
Created for machine-to-machine (M2M) and net of things (IoT) networks, LPWANs operate
at a lower value with bigger power potency than ancient mobile networks. they’re
additionally ready to support a greater range of connected devices over a bigger space.
LPWANs will accommodate packet sizes from ten to 1,000 bytes at transmission speeds
up to two hundred Kbps. LPWAN’s long vary varies from a pair of kilometre to one,000 km,
counting on the technology.
Most LPWANs have a star wherever, like Wi-Fi, every end point connects on to common
central access points.
Types of LPWANsLPWAN isn’t one technology, however a bunch of assorted low-power,
wide space network technologies that take several shapes and forms. LPWANs will use
licenced or unauthorised frequencies and embody proprietary or open normal choices.
The proprietary, unauthorised Sigfox is one among the foremost wide deployed LPWANs
these days. Running over a public network within the 868 MHz or 902 MHz bands, the
ultra-narrowband technology solely permits one operator per country. whereas it will deliver
messages over distances of 30-50 kilometre in rural areas, 3-10 kilometre in urban settings
and up to one,000 kilometre in line-of-site applications, its packet size is restricted to a
hundred and fifty messages of twelve bytes per day. Downlink packets area unit smaller,
restricted to four messages of eight bytes per day. causation information back to endpoints
may also be vulnerable to interference.
Random part multiple access, or RPMA, could be a proprietary LPWAN from Ingenu INC.
tho’ it’s a shorter vary (up to fifty kilometre line of sight and with 5-10 kilometre nonline of
sight), it offers higher duplex communication than Sigfox. However, as a result of it runs
within the a pair of.4 gigahertz spectrum, it’s vulnerable to interference from Wi-Fi,
Bluetooth and physical structures. It additionally usually has higher power consumption
than different LPWAN choices.
The unauthorised LoRa, nominative and backed by the LoRa Alliance, transmits in many
sub-gigahertz frequencies, creating it less vulnerable to interference. A spinoff of chirp
unfold spectrum (CSS) modulation, LoRa permits users to outline packet size. whereas
open supply, the underlying transceiver chip accustomed implement LoRa is barely offered
from Semtech Corporation, the corporate behind the technology. LoRaWAN is that the
media access management (MAC) layer protocol that manages communication between
LPWAN devices and gateways.
Weightless SIG has developed 3 LPWAN standards: The unifacial weightless-N, duplex
Weightless-P and Weightless-W, that is additionally duplex and runs off of unused TV
spectrum. Weightless-N and Weightless-P area unit usually a lot of in style choices
because of Weightless-W’s shorter battery life. Weightless-N and Weightless-P run within
the sub-1 gigahertz unauthorised spectrum however additionally support licenced spectrum
operation mistreatment twelve.5 kilohertz narrowband technology.
Narrowband-IoT (NB-IoT) and LTE-M area unit each third Generation Partnership Project
(3GPP) standards that treat the licenced spectrum. whereas they need similar performance
to different standards, they treat existing cellular infrastructure, permitting service suppliers
to quickly add cellular IoT property to their service portfolios.
NB-IoT, additionally referred to as CAT-NB1, operates on existing LTE and international
System for Mobile (GSM) infrastructure. It offers transmission and downlink rates of around
two hundred Kbps, mistreatment solely two hundred kilohertz of accessible information
measure.
LTE-M, additionally referred to as CAT-M1, offers higher information measure than NB-IoT,
and therefore the highest information measure of any LPWAN technology.
Some vendors, as well as Orange and SK medium, area unit deploying each licenced and
unauthorised technologies to capture each markets.
GreenOFDM from GreenWaves Technologies
DASH7 from hayrick Technologies INC.
Symphony Link from Link Labs INC.
ThingPark Wireless from Actility
Ultra slim Band from numerous corporations as well as Telensa, Nwave and
Sigfox
WAVIoT
Other LPWAN technologies include:
is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types
of attacks.
A.
DNSSEC
B.
Resource records
C.
Resource transfer
D.
Zone transfer
DNSSEC
Joseph was the Web site administrator for the Mason Insurance in New York, who's main
Web site was located at www.masonins.com. Joseph uses his laptop computer regularly to
administer the Web site. One night, Joseph received an urgent phone call from his friend,
Smith. According to Smith, the main Mason Insurance web site had been vandalized! All of
its normal content was removed and replaced with an attacker's message ''Hacker
Message: You are dead! Freaks!” From his office, which was directly connected to Mason
Insurance's internal network, Joseph surfed to the Web site using his laptop. In his
browser, the Web site looked completely intact.
No changes were apparent. Joseph called a friend of his at his home to help troubleshootthe problem. The Web site appeared defaced when his friend visited using his DSL
connection. So, while Smith and his friend could see the defaced page, Joseph saw the
intact Mason Insurance web site. To help make sense of this problem, Joseph decided to
access the Web site using hisdial-up ISP. He disconnected his laptop from the corporate
internal network and used his modem to dial up the same ISP used by Smith. After his
modem connected, he quickly typed www.masonins.com in his browser to reveal the
following web page:
After seeing the defaced Web site, he disconnected his dial-up line, reconnected to the
internal network, and used Secure Shell (SSH) to log in directly to the Web server. He ran
Tripwire against the entire Web site, and determined that every system file and all the Web
content on the server were intact. How did the attacker accomplish this hack?
A.
ARP spoofing
B.
SQL injection
C.
DNS poisoning
D.
Routing table injection
DNS poisoning
Larry, a security professional in an organization, has noticed some abnormalities In the
user accounts on a web server. To thwart evolving attacks, he decided to harden the
security of the web server by adopting a countermeasures to secure the accounts on the
web server.
Which of the following countermeasures must Larry implement to secure the user accounts
on the web server?
A.
Enable unused default user accounts created during the installation of an OS
B.
Enable all non-interactive accounts that should exist but do not require interactive login
C.
Limit the administrator or toot-level access to the minimum number of users
D.
Retain all unused modules and application extensions
Limit the administrator or toot-level access to the minimum number of users
| Page 4 out of 44 Pages |
| Previous |