DCOM 258 - SECURITY + EXAM QUESTIONS AND ANSWERS
WITH COMPLETE SOLUTIONS GRADED A++ LATEST UPDATE
A system analyst is tasked with searching the dark web for harvested customer data. Because these
sites cannot be readily found in standard website searches, what is often gained by "word of mouth"
bulletin boards to assist in reaching the desired page?
Dark Website URL - Access to deep websites are accessed via URL.
One aspect of threat modeling is to identify potential threat actors and the risks associated with each
one. When assessing the risk that any one type of threat actor poses to an organization, what are the
most critical factors to profile? (Select all that apply.)
Intent, motivation
Which of the following are the best examples of an insider threat? (Select all that apply.)
Former employee, contractor
A contractor has been hired to conduct security reconnaissance on a company. The contractor browses
the company's website to identify employees and then finds their Facebook pages. Posts found on
Facebook indicate a favorite bar that employees frequently visit. The contractor visits the bar and
learns details of the company's security infrastructure through small talk. What reconnaissance phase
techniques does the contractor practice? (Select all that apply.)
OSINT, Social engineering
, A Department of Defense (DoD) security team identifies a data breach in progress, based on some
anomalous log entries, and take steps to remedy the breach and harden their systems. When they
resolve the breach, they want to publish the cyber threat intelligence (CTI) securely, using
standardized language for other government agencies to use. The team will transmit threat data feed
via which protocol?
Structured Threat Information eXpression (STIX)
Which situation would require keyboard encryption software to be installed on a computer?
To protect against spyware
Analyze the following attacks to determine which best illustrates a pharming attack.
A customer enters the correct URL address of their bank, which should point to the IP address
172.1.24.4. However, the browser goes to 168.254.1.1, which is a fake site designed to look exactly like
the real bank site.
An employee calls IT personnel and states that they received an email with a PDF document to review.
After the PDF was opened, the system has not been performing correctly. An IT admin conducted a
scan and found a virus. Determine the two types of viruses the computer most likely has. (Select all
that apply.)
Macro, script
Which of the following utilizes both symmetric and asymmetric encryption?
Digital Envelope - A type of key exchange system that utilizes symmetric encryption for speed and
asymmetric encryption for security.
What is the trade-off when considering which type of encryption cipher to use?
WITH COMPLETE SOLUTIONS GRADED A++ LATEST UPDATE
A system analyst is tasked with searching the dark web for harvested customer data. Because these
sites cannot be readily found in standard website searches, what is often gained by "word of mouth"
bulletin boards to assist in reaching the desired page?
Dark Website URL - Access to deep websites are accessed via URL.
One aspect of threat modeling is to identify potential threat actors and the risks associated with each
one. When assessing the risk that any one type of threat actor poses to an organization, what are the
most critical factors to profile? (Select all that apply.)
Intent, motivation
Which of the following are the best examples of an insider threat? (Select all that apply.)
Former employee, contractor
A contractor has been hired to conduct security reconnaissance on a company. The contractor browses
the company's website to identify employees and then finds their Facebook pages. Posts found on
Facebook indicate a favorite bar that employees frequently visit. The contractor visits the bar and
learns details of the company's security infrastructure through small talk. What reconnaissance phase
techniques does the contractor practice? (Select all that apply.)
OSINT, Social engineering
, A Department of Defense (DoD) security team identifies a data breach in progress, based on some
anomalous log entries, and take steps to remedy the breach and harden their systems. When they
resolve the breach, they want to publish the cyber threat intelligence (CTI) securely, using
standardized language for other government agencies to use. The team will transmit threat data feed
via which protocol?
Structured Threat Information eXpression (STIX)
Which situation would require keyboard encryption software to be installed on a computer?
To protect against spyware
Analyze the following attacks to determine which best illustrates a pharming attack.
A customer enters the correct URL address of their bank, which should point to the IP address
172.1.24.4. However, the browser goes to 168.254.1.1, which is a fake site designed to look exactly like
the real bank site.
An employee calls IT personnel and states that they received an email with a PDF document to review.
After the PDF was opened, the system has not been performing correctly. An IT admin conducted a
scan and found a virus. Determine the two types of viruses the computer most likely has. (Select all
that apply.)
Macro, script
Which of the following utilizes both symmetric and asymmetric encryption?
Digital Envelope - A type of key exchange system that utilizes symmetric encryption for speed and
asymmetric encryption for security.
What is the trade-off when considering which type of encryption cipher to use?
