CMIT 320 ACTUAL FINAL EXAM | COMPLETE QUESTIONS WITH EXPERT
SOLUTIONS| 2026 LATEST UPDATED| A+
what connection type is very similar to bluetooth but used by more specialized devices, such as
sensors and fitness trackers - (answer)ANT (Adaptive Network Technology)
What would you recommend to a team member who is interested in additional sources of
information to assist with refining their own understanding of the current attack surface of the
organization? - (answer)Output from the latest configuration review, vulnerability scanning, and
penetration tests
A user complains that after entering a URL into a browser, what appeared to be the correct page
is displayed in the browser. However, after clicking a few links on the page, it became obvious
that the site the user arrived at was not the correct site, but instead a malicious copy of the site
the user intended to visit. Which of the following attacks did the user most likely fall prey to? -
(answer)typosquatting
An enterprise cloud administrator needs to create a trust boundary between two compute
instances in the same default security group and on the same IPv4 subnet within an AWS virtual
private cloud (VPC). What would be an effective solution to the administrator's needs? -
,(answer)Place the instances in separate subnets and use a network firewall between the
subnets.
You've taken up a contract helping to upgrade the existing industrial control network for an oil
refinery. What network type should you expect to work with? - (answer)DCS
Which of the following is a risk to cloud services that is not a risk to on-premises services? -
(answer)Your data may be threatened by attacks launched on the data of others.
Which of the following factors has no effect on chain of custody, with regard to digital evidence
that is presented to the court? - (answer)Documentation of the presiding judge and opposing
counsel
On a subnet with limited physical security, you're worried about ARP poisoning and DHCP
spoofing attacks. What switch feature could help prevent both? - (answer)802.1AE/MACsec
Your company is developing a custom web app for the sales team. It should be able to access a
list of Salesforce contacts, but for security reasons, the app shouldn't be able to access the
actual Salesforce account. What standard would allow this? - (answer)OAuth
,Uses an authenticator to block communications between unauthorized users or workstations
and the local network
Requires the use of EAP and an authentication server - (answer)802.1X
Centrally secures access to server resources deployed within or across a non-secure network -
(answer)Kerberos
Restricts access to a LAN via a WAN link - (answer)Point to Point Protocol (PPP) with Challenge
Handshake Authentication Protocol (CHAP)
a framework for enterprise risk management - (answer)31000
focuses on personal data and privacy - (answer)27701
defines the various security controls in greater detail - (answer)27002
details the steps to implement a compliant ISMS - (answer)27001
, what area of compliance requirements is part of all of the following regulations
HIPAA
PCI DSS
SOX
GLBA
FISMA - (answer)log retention
describes attacks as the pivoting interactions among adversaries, victims, capabilities, and
infrastructure - (answer)The Diamond Model of Intrusion Analysis
a knowledge base of adversary techniques presented as a matrix for enterprise - (answer)mitre
att&ck
a linear seven step attack model that defenders use to interrupt the steps and stop the attack -
(answer)cyber kill chain
SOLUTIONS| 2026 LATEST UPDATED| A+
what connection type is very similar to bluetooth but used by more specialized devices, such as
sensors and fitness trackers - (answer)ANT (Adaptive Network Technology)
What would you recommend to a team member who is interested in additional sources of
information to assist with refining their own understanding of the current attack surface of the
organization? - (answer)Output from the latest configuration review, vulnerability scanning, and
penetration tests
A user complains that after entering a URL into a browser, what appeared to be the correct page
is displayed in the browser. However, after clicking a few links on the page, it became obvious
that the site the user arrived at was not the correct site, but instead a malicious copy of the site
the user intended to visit. Which of the following attacks did the user most likely fall prey to? -
(answer)typosquatting
An enterprise cloud administrator needs to create a trust boundary between two compute
instances in the same default security group and on the same IPv4 subnet within an AWS virtual
private cloud (VPC). What would be an effective solution to the administrator's needs? -
,(answer)Place the instances in separate subnets and use a network firewall between the
subnets.
You've taken up a contract helping to upgrade the existing industrial control network for an oil
refinery. What network type should you expect to work with? - (answer)DCS
Which of the following is a risk to cloud services that is not a risk to on-premises services? -
(answer)Your data may be threatened by attacks launched on the data of others.
Which of the following factors has no effect on chain of custody, with regard to digital evidence
that is presented to the court? - (answer)Documentation of the presiding judge and opposing
counsel
On a subnet with limited physical security, you're worried about ARP poisoning and DHCP
spoofing attacks. What switch feature could help prevent both? - (answer)802.1AE/MACsec
Your company is developing a custom web app for the sales team. It should be able to access a
list of Salesforce contacts, but for security reasons, the app shouldn't be able to access the
actual Salesforce account. What standard would allow this? - (answer)OAuth
,Uses an authenticator to block communications between unauthorized users or workstations
and the local network
Requires the use of EAP and an authentication server - (answer)802.1X
Centrally secures access to server resources deployed within or across a non-secure network -
(answer)Kerberos
Restricts access to a LAN via a WAN link - (answer)Point to Point Protocol (PPP) with Challenge
Handshake Authentication Protocol (CHAP)
a framework for enterprise risk management - (answer)31000
focuses on personal data and privacy - (answer)27701
defines the various security controls in greater detail - (answer)27002
details the steps to implement a compliant ISMS - (answer)27001
, what area of compliance requirements is part of all of the following regulations
HIPAA
PCI DSS
SOX
GLBA
FISMA - (answer)log retention
describes attacks as the pivoting interactions among adversaries, victims, capabilities, and
infrastructure - (answer)The Diamond Model of Intrusion Analysis
a knowledge base of adversary techniques presented as a matrix for enterprise - (answer)mitre
att&ck
a linear seven step attack model that defenders use to interrupt the steps and stop the attack -
(answer)cyber kill chain
