Logic Bomb
A contractor for the German Company Siemens recently pled guilty to an attack
where he altered software that he sold to Siemens so that it would periodically
break, requiring the company to hire him to fix it. What term best describes this
type of attack?
a) RAT
b) Worm
c) Logic Bomb
d) Trojan horse
PAM (Privileged Access Management)
Chris would like to better manage the root accounts on Linux systems that he
administers. He would like to allow administrators to use the privileges of the
root account without knowing the password. What solution would best meet his
needs?
a) SIEM
b) SAML
c) CASB
d) PAM
False Positive
Vincent is reviewing the results of a vulnerability scan and determines that one
of the vulnerabilities identified in the report is incorrect because it was
addressed by a security patch previously applied to the server. How should
Vincent classify this scan result?
a) False Positive
b) True Negative
,c) False Negative
d) True Positive
Staging
Roland recently wrote code that implements a new feature demanded by end
users of an application he manages. He would like users to examine the feature
and determine whether it meets their needs. What environment is most
appropriate for this activity?
a) Development
b) Staging
c) Production
d) Test
NULL
Which one of the following pointer values is most likely to result in a denial of
service attack if it is dereferenced?
a) 0xBBBBBBBB
b) Ox20000000
c) NULL
d) 0x11111111
Upon Collection
When should a forensic investigator begin tracking the chain of custody for
evidence?
a) Upon Collection
b) Upon Creation
c) Upon Notification of Litigation
d) Upon Production
RTO (Recovery Time Objective)
Ed is working with functional units in his organization to document the
maximum amount of time that they could be without a critical IT service during
a disaster. What metric should he use to document this requirement?
, a) RPO
b) MTTR
c) MTBF
d) RTO
Review
In the eDiscovery reference model, what phase includes an attorney analysis of
material to determine what is relevant to the case?
a) Review
b) Identification
c) Production
d) Processing
SaaS (Software as a Service)
Nancy's firm is considering the use of a cloud service provider who will provide
a fully functional accounting suite to her firm's accounting department. the
accountants will access the suite through their web browsers. What type of
cloud service is being offered?
a) XaaS
b) IaaS
c) PaaS
d) SaaS
tail
Which one of the following Linux commands can be used to display the last few
lines of a file?
a) tail
b) grep
c) cat
d) head
Hashing
A contractor for the German Company Siemens recently pled guilty to an attack
where he altered software that he sold to Siemens so that it would periodically
break, requiring the company to hire him to fix it. What term best describes this
type of attack?
a) RAT
b) Worm
c) Logic Bomb
d) Trojan horse
PAM (Privileged Access Management)
Chris would like to better manage the root accounts on Linux systems that he
administers. He would like to allow administrators to use the privileges of the
root account without knowing the password. What solution would best meet his
needs?
a) SIEM
b) SAML
c) CASB
d) PAM
False Positive
Vincent is reviewing the results of a vulnerability scan and determines that one
of the vulnerabilities identified in the report is incorrect because it was
addressed by a security patch previously applied to the server. How should
Vincent classify this scan result?
a) False Positive
b) True Negative
,c) False Negative
d) True Positive
Staging
Roland recently wrote code that implements a new feature demanded by end
users of an application he manages. He would like users to examine the feature
and determine whether it meets their needs. What environment is most
appropriate for this activity?
a) Development
b) Staging
c) Production
d) Test
NULL
Which one of the following pointer values is most likely to result in a denial of
service attack if it is dereferenced?
a) 0xBBBBBBBB
b) Ox20000000
c) NULL
d) 0x11111111
Upon Collection
When should a forensic investigator begin tracking the chain of custody for
evidence?
a) Upon Collection
b) Upon Creation
c) Upon Notification of Litigation
d) Upon Production
RTO (Recovery Time Objective)
Ed is working with functional units in his organization to document the
maximum amount of time that they could be without a critical IT service during
a disaster. What metric should he use to document this requirement?
, a) RPO
b) MTTR
c) MTBF
d) RTO
Review
In the eDiscovery reference model, what phase includes an attorney analysis of
material to determine what is relevant to the case?
a) Review
b) Identification
c) Production
d) Processing
SaaS (Software as a Service)
Nancy's firm is considering the use of a cloud service provider who will provide
a fully functional accounting suite to her firm's accounting department. the
accountants will access the suite through their web browsers. What type of
cloud service is being offered?
a) XaaS
b) IaaS
c) PaaS
d) SaaS
tail
Which one of the following Linux commands can be used to display the last few
lines of a file?
a) tail
b) grep
c) cat
d) head
Hashing
