WGU C795 OA Prep 1 Questions and Answers
Document Content and Description Below
A chief information officer (CIO) recently read an article involving a similar
company that was hit with ransomware due to ineffective patch-management
practices. The CIO tasks a security profession
...
al with gathering metrics on the
effectiveness of the company's patch-management program to avoid a similar
incident.
Which method enables the security professional to gather current, accurate
metrics?
a. Review authenticated vulnerability scan reports
b. Review reports from Windows Update
c. Review patch history on nonproduction systems
d. Review patch tickets in the change control system,a
A combined mail server and calendaring server environment contains no secure
sockets layer (SSL) certificate.
Which security principle of the CIA triad is affected by the lack of an SSL
certificate?
a. Confidentiality
b. Integrity
c. Authentication
d. Availability,a
A company develops a business continuity plan in addition to an emergency
communication plan.
What should be included in the company's emergency communication plan?
Choose 2 answers.
a. Alternate means of contact
b. Backup people for each role
c. The best time to call each person
d. Employee's phone service providers,a, b
A company does not have a disaster recovery plan (DRP) and suffers a multiday
power outage.
Which provisioning should the company perform to provide stable power for a long
period of time?
a. Purchase generators
b. Purchase additional servers
c. Create a RAID array
d. Create a failover cluster,a
A company has identified a massive security breach in its healthcare records
department. Over 50% of customers' personally identifiable information (PII) has
been stolen. The customers are aware of the breach, and the company is taking
actions to protect customer assets through the personal security policy, which
addresses PII data.
Which preventive measure should the company pursue to protect against future
attacks?
a. Require cognitive passwords
b. Employ password tokens
c. Use network-based and host-based firewalls
d. Install auditing tools,c
A company has signed a contract with a third-party vendor to use the vendor's
inventory management system hosted in a cloud. For convenience, the vendor set
up the application to use Lightweight Directory Access Protocol (LDAP) queries
but did not enable secure LDAP queries or implement a secure sockets layer (SSL)
on the application's web server. The vendor does not have the ability to secure
the system, and company management insists on using the application.
Which defense-in-depth practices should the company implement to minimize the
likelihood of an account compromise due to insecure setup by the vendor?
a. Location-based access control and multifactor authentication
b. Intrusion prevention system (IPS) and honeypot systems
c. Antivirus and intrusion detection system (IDS)
d. Password hashing and authentication encryption,a
A company has user credentials compromised through a phishing attack.
Which defense-in-depth practice will reduce the likelihood of misuse of the
user's credentials?
a. Configure firewall rules
b. Deploy multifactor authentication
c. Deploy RADIUS authentication
d. Configure encryption protocols,b
A company hires several contractors each year to augment its IT workforce. The
contractors are granted access to the internal corporate network, but they are
not provided laptops containing the corporate image. Instead, they are required
to bring their own equipment.
Which defense-in-depth practice should be required for contractor laptops to
ensure that contractors do not connect infected laptops to the internal
corporate network?
a. Enable command-line audit logging on contractor laptops
b. Configure devices to not autorun content
c. Configure antimalware scanning of removable devices
d. Ensure antimalware software and signatures are updated,d
A company is concerned about loss of data on removable media when media are lost
or stolen.
Which standard should this company implement on all flash drives?
a. Maximum password age
b. Encryption
c. Awareness training
d. Layer 2 tunneling protocol,b
A company is concerned about securing its corporate network, including its
wireless network, to limit security risks.
Which defense-in-depth practice represents an application of least privilege?
a. Implement mutual multifactor authentication
b. Configure Wi-Fi-Protected Access for encrypted communication
c. Disable wireless access to users who do not need it
d. Implement an intrusion detection system,c
A company is concerned about unauthorized network traffic.
Which procedure should the company implement to block FTP traffic?
a. Install a packet filter
b. Update the DNS
c. Filter ports 20 and 21 at the firewall
d. Decrease the network bandwidth,c
A company is concerned about unauthorized programs being used on network
devices.
Which defense-in-depth strategy would help eliminate unauthorized software on
network devices?
a. Develop an acceptable use policy and update all network device firmware
b. Use application controls tools and update AppLocker group policies
c. Limit administrative access to devices and create DHCP scope options
d. Upgrade to a 64-bit operating system and install an antimalware application,b
A company is concerned about unneeded network protocols being available on the
network.
Which two defense-in-depth practices should the company implement to detect
whether FTP is being used?
Choose 2 answers.
a. Install BIOS firmware updates
b. Perform automated packet scanning
c. Implement application firewalls
d. Physically segment the network,b, c
A company is concerned that disgruntled employees are sending sensitive data to
its competitors.
Which defense-in-depth practices assist a company in identifying an insider
threat?
a. Data loss prevention (DLP) and audit logs
b. Antivirus and intrusions detection systems (IDS)
c. Data loss prevention (DLP) and instusion detection systems (IDS)
d. Antivirus and audit logs,a
A company is hit with a number of ransomware attacks. These attacks are causing
a significant amount of downtime and data loss since users with access to
sensitive company documents are being targeted. These attacks have prompted
management to invest in new technical controls to prevent ransomware.
Which defense-in-depth practices should this company implement?
a. Password resets and a log review
b. Mandatory vacation and job rotation
c. Spam filtering and anti-malware
d. Encryption and an internal firewall,c
A company is implementing a defense-in-depth approach that includes capturing
audit logs. The audit logs need to be written in a manner that provides
integrity.
Which defense-in-depth strategy should be applied?
a. Write the data to a write-once, read-many (WORM) drive
b. Write the data to an encrypted hard drive
c. Write the data to an encrypted flash drive
d. Write the data to an SD card and store the SD card in a safe,a
A company is moving its database backups from an off-site location to an
alternate processing site warehouse using bulk transfers.
Which type of database recovery is this company employing?
a. Electronic vaulting
b. Remote jounailing
c. Remote mirroring
d. Mutual assistance,a
A company is terminating several employees with high levels of access. The
company wants to protect itself from possible disgruntled employees who could
become potential insider threats.
Which defense-in-depth practices should be applied?
a. Account revocation and conducting a vulnerability assessment
b. Account revocation and conducting a full backup of critical data
c. A mandatory 90-day password change and conducting a full backup of critical
data
d. A mandatory 90-day password change and conducting a vulnerability
assessment,a
A company needs to improve its ability to detect and investigate rogue WAPs.
Which defense-in-depth practice should be used?
a. Configure a captive portal to request information
b. Configure MAC address filtering to control access
c. Install a wireless IDS to monitor irregular behavior
d. Install a stateful firewall to block network connections,c
A company notices that someone keeps trying to access its system using different
passwords and usernames.
What can help mitigate the success of this attack?
a. Require a CAPTCHA
b. Block the IP address of the user
c. Use the user sessions after authentication
d. Use cookie authentication,a
A company performs a data audit on its critical information every six months.
Company policy states that the audit cannot be conducted by the same employee
within a two-year time frame.
Which principle is this company following?
a. Job rotation
b. Two person control
c. Least privilege
d. Need to know,a
A company presents team members with a disaster recovery scenario, asks members
to develop an appropriate response, and then tests some of the technical
responses without shutting down operations at the primary site.
Which type of disaster recovery test is being performed?
a. Read-through
b. Structured walk-through
c. Simulation
d. Full-interruption,c
A company relies exclusively on a system for critical functions. An audit is
performed, and the report notes that there is no log review performed on the
system. Management has been tasked with selecting the appropriate person to
perform the log reviews in order to correct the deficiency.
Which role is responsible for reviewing and auditing logs in order to detect any
malicious behavior?
a. Security Administrator
b. System user
c. Database administrator
d. Senior management,a
A company wants to monitor the inbound and outbound flow of packets and not the
content.
Which defense-in-depth strategy should be implemented?
a. The organization should use egress filtering on the network.
b. Traffic and trend analyses should be installed on the router.
c. The administrator should configure network data loss prevention.
d. RADIUS authentication should be used on the bastion host.,b
A company wants to prevent cybercriminals from gaining easy access into its
email server. The company wants to know which user is accessing which resources
and to prevent hackers from easily gaining access to the server.
Which defense-in-depth strategy should be used?
a. Authenticate users and devices and log events within the network
b. Deploy VLANs for traffic separation and coarse-grained security
c. Place encryption throughout the network to ensure privacy
d. Use stateful firewall technology at the port level and log firewall
activity,a
A company wants to reduce the risk of an employee with internal knowledge
committing an act of sabotage once that employee is no longer with the company.
Which control should the company implement to mitigate this risk?
a. Deploy an intrusion detection system
b. Monitor email for blackmail attempts
c. Perform annual employee credit checks
d. Enable an access termination procedure,d
A company's business operations are disrupted due to a flash flood.
Which consequences to business continuity should be addressed in the disaster
recovery plan?
a. Evaluation of risk from possible flood damage
b. Identify essential personnel and decision makers
c. Provide flood-response training to the disaster recovery team
d. Provision additional backup power sources,a
A company's database administrator requires access to a database server to
perform maintenance. The director of information technology will provide the
database administrator access to the database server but will not provide the
database administrator access to all the data within the server's database.
Which defense-in-depth practice enhances the company's need-to-know data access
strategy?
a. Using compartmented mode systems and least privilege
b. Using compartmented mode systems and two-person control
c. Using dedicated mode systems and least privilege
d. Using dedicated mode systems and two-person control,a
A company's main asset is a physical working prototype stored in the research
and development department. The prototype is not currently connected to the
company's network.
Which privileged user activity should be monitored?
a. Accessing camera logs
b. Adding accounts to the administrator group
c. Running scripts in PowerShell
d. Disabling host firewall,a
A company's main asset is its client list stored in the company database, which
is accessible to only specific users. The client list contains Health Insurance
Portability and Accountability Act (HIPAA) protected data.
Which user activity should be monitored?
[Show More]
Last updated: 3 years ago
Preview 1 out of 11 pages
.png)
