CMIT 320 FINAL EXAM 2026-2027
NEWEST QUESTIONS AND CORRECT
ANSWERS | A+ GRADE VERIFIED
ANSWERS
What policy document generally describes mutual goals
between organizations? Correct Answer MOU
(memorandum of understanding)
What could you use to help with building a specific and
detailed defense methodology against the recent attacks
on your corporate network that rely on various forms of
privilege escalation for success? You are looking for
information on the nature of the attacks and how to detect
them to be sure you are attempting to defend against the
correct threat, in addition to actual mitigation techniques
and advice. Correct Answer MITRE ATT&CK
Which of the following are implicitly secure protocols that
were created by adding SSL/TLS security to protocols that
were insecure on their own? Correct Answer FTPS
HTTPS
SNMPv3
While conducting a penetration test, you've just managed
to get access to a critical server. You are concerned,
however, because you gained access through a session-
hijacking attack that took both luck and precise timing and
that you might be cut off at any time. Given potentially
,limited time, what should your next step be? Correct
Answer establish persistence
During a massive security-impacting incident that takes a
critical system offline, which type of plan should be
consulted to determine the correct procedure to minimize
lost revenue until the system can be brought back online?
Correct Answer BCP (Business continuity plan)
What security feature makes it more difficult for an
attacker to trick you into installing a fraudulent Ethernet
driver that reports on your network activities? Correct
Answer code signing
Which policy is focused on preventing data loss? Correct
Answer clean desk policy
An administrator sets up a new virtualization server with
virtual machines intended to run instances of a web-based
application while following secure configuration guides
from CIS for the operating system, hypervisor, webserver,
and application server. What can the administrator use to
confirm that all efforts to secure these components were
successful or to find out what steps are recommended to
bridge any gaps that might exist? Correct Answer a
benchmark
Which feature of SIEM utilities brings together log entries
from multiple components in order to find broader trends
and relationships than those formed by the individual
entries? Correct Answer correlation
,You were told to set up a "structured walkthrough" of a
disaster recovery plan, but that terminology isn't in the
procedures manual. What other term should you look for?
Correct Answer tabletop exercise
what is an example of IP theft Correct Answer A
competitor's unauthorized use of your organization's
original engineering documents
The VP of human resources has put you in charge of
securing a critical server for the department. You'll be
hardening its operating system according to company
policies and regularly checking configuration and system
logs. In asset management terms, what role have you
taken on? Correct Answer custodian
What standard-based protocol collects and analyzes
information surrounding sequences of packets from
exporting devices, each of which enters the same
interface of the exporting device, have the same source
and destination TCP/IP sockets, and have the same class
of service? Correct Answer IPFIX (IP Flow Information
Export)
You need to install a new fire extinguisher next to the
server closet. What class would be most useful? Correct
Answer Class C
, Which of the following commands will display the most
recent "failed" entries in logfile? Correct Answer grep
"failed" logfile | tail
grep command searches for lines containing "failed", and
then the | operator pipes it as input to a tail command that
shows the last ten lines of results, unless the -n NUM
option is used, where NUM would be replaced by the
number of lines to display.
Which of the following controls primarily protect data
integrity? Correct Answer hashing
backups
When is it acceptable for the subject of a digital certificate
to sign their own certificate? Correct Answer It is
necessary when the subject is a root CA.
What data management model assists professionals in
decision making with regard to the creation of policy based
on the convergence of data security and privacy, focusing
on such aspects as to how it's attained and classified, how
it's used and stored, and how it's archived and destroyed?
Correct Answer the information life cycle
How is ALE computed? Correct Answer SLE x ARO
Which member role of the CSIRT/CIRT/CERT is most
responsible for advising the team on matters regarding
actions to be taken directly against offending or involved
employees? Correct Answer HR
NEWEST QUESTIONS AND CORRECT
ANSWERS | A+ GRADE VERIFIED
ANSWERS
What policy document generally describes mutual goals
between organizations? Correct Answer MOU
(memorandum of understanding)
What could you use to help with building a specific and
detailed defense methodology against the recent attacks
on your corporate network that rely on various forms of
privilege escalation for success? You are looking for
information on the nature of the attacks and how to detect
them to be sure you are attempting to defend against the
correct threat, in addition to actual mitigation techniques
and advice. Correct Answer MITRE ATT&CK
Which of the following are implicitly secure protocols that
were created by adding SSL/TLS security to protocols that
were insecure on their own? Correct Answer FTPS
HTTPS
SNMPv3
While conducting a penetration test, you've just managed
to get access to a critical server. You are concerned,
however, because you gained access through a session-
hijacking attack that took both luck and precise timing and
that you might be cut off at any time. Given potentially
,limited time, what should your next step be? Correct
Answer establish persistence
During a massive security-impacting incident that takes a
critical system offline, which type of plan should be
consulted to determine the correct procedure to minimize
lost revenue until the system can be brought back online?
Correct Answer BCP (Business continuity plan)
What security feature makes it more difficult for an
attacker to trick you into installing a fraudulent Ethernet
driver that reports on your network activities? Correct
Answer code signing
Which policy is focused on preventing data loss? Correct
Answer clean desk policy
An administrator sets up a new virtualization server with
virtual machines intended to run instances of a web-based
application while following secure configuration guides
from CIS for the operating system, hypervisor, webserver,
and application server. What can the administrator use to
confirm that all efforts to secure these components were
successful or to find out what steps are recommended to
bridge any gaps that might exist? Correct Answer a
benchmark
Which feature of SIEM utilities brings together log entries
from multiple components in order to find broader trends
and relationships than those formed by the individual
entries? Correct Answer correlation
,You were told to set up a "structured walkthrough" of a
disaster recovery plan, but that terminology isn't in the
procedures manual. What other term should you look for?
Correct Answer tabletop exercise
what is an example of IP theft Correct Answer A
competitor's unauthorized use of your organization's
original engineering documents
The VP of human resources has put you in charge of
securing a critical server for the department. You'll be
hardening its operating system according to company
policies and regularly checking configuration and system
logs. In asset management terms, what role have you
taken on? Correct Answer custodian
What standard-based protocol collects and analyzes
information surrounding sequences of packets from
exporting devices, each of which enters the same
interface of the exporting device, have the same source
and destination TCP/IP sockets, and have the same class
of service? Correct Answer IPFIX (IP Flow Information
Export)
You need to install a new fire extinguisher next to the
server closet. What class would be most useful? Correct
Answer Class C
, Which of the following commands will display the most
recent "failed" entries in logfile? Correct Answer grep
"failed" logfile | tail
grep command searches for lines containing "failed", and
then the | operator pipes it as input to a tail command that
shows the last ten lines of results, unless the -n NUM
option is used, where NUM would be replaced by the
number of lines to display.
Which of the following controls primarily protect data
integrity? Correct Answer hashing
backups
When is it acceptable for the subject of a digital certificate
to sign their own certificate? Correct Answer It is
necessary when the subject is a root CA.
What data management model assists professionals in
decision making with regard to the creation of policy based
on the convergence of data security and privacy, focusing
on such aspects as to how it's attained and classified, how
it's used and stored, and how it's archived and destroyed?
Correct Answer the information life cycle
How is ALE computed? Correct Answer SLE x ARO
Which member role of the CSIRT/CIRT/CERT is most
responsible for advising the team on matters regarding
actions to be taken directly against offending or involved
employees? Correct Answer HR
