1
NEW
UPDATE CMIT 320 FINAL EXAM PRACTICE
QUESTIONS WITH ANSWERS TESTED AND
APPROVED!!!
A user complains that after entering a URL into a browser, what appeared to be
the correct page is displayed in the browser. However, after clicking a few links
on the page, it became obvious that the site the user arrived at was not the
correct site, but instead a malicious copy of the site the user intended to visit.
Which of the following attacks did the user most likely fall prey to? --
ANSWER--typosquatting
An enterprise cloud administrator needs to create a trust boundary between two
compute instances in the same default security group and on the same IPv4
subnet within an AWS virtual private cloud (VPC). What would be an effective
solution to the administrator's needs? -- ANSWER--Place the instances in
separate subnets and use a network firewall between the subnets.
You've taken up a contract helping to upgrade the existing industrial control
network for an oil refinery. What network type should you expect to work with?
-- ANSWER--DCS
P a g e 1 | 41
, 2
Which of the following is a risk to cloud services that is not a risk to onpremises
services? -- ANSWER--Your data may be threatened by attacks launched on the
data of others.
Which of the following factors has no effect on chain of custody, with regard to
digital evidence that is presented to the court? -- ANSWER--Documentation of
the presiding judge and opposing counsel
On a subnet with limited physical security, you're worried about ARP poisoning
and DHCP spoofing attacks. What switch feature could help prevent both? --
ANSWER--802.1AE/MACsec
Your company is developing a custom web app for the sales team. It should be
able to access a list of Salesforce contacts, but for security reasons, the app
shouldn't be able to access the actual Salesforce account. What standard would
allow this? -- ANSWER--OAuth
Uses an authenticator to block communications between unauthorized users or
workstations and the local network
Requires the use of EAP and an authentication server -- ANSWER--802.1X
P a g e 2 | 41
, 3
After a security incident, you rush to take a screenshot of a telltale running
process before you leisurely take a backup of suspicious files on the hard drive.
What forensic principle are you exercising? -- ANSWER--Order of Volatility
Which of the following are forms of cybersecurity resilience that help to ensure
fault tolerance or recoverability of services in the case of an outage? --
ANSWER--A diesel generator
NIC teaming
Geographically dispersed data centers
Which organization offers freely accessible top-ten lists and cheat sheets in the
field of secure development of web applications? -- ANSWER--OWASP
What is the difference between a bluejacking and a bluesnarfing attack? --
ANSWER--Bluesnarfing involves data compromise.
In the area of threat hunting, what is meant by intelligence fusion? -- ANSWER-
-Gathering intelligence from multiple sources to feed advanced analytics
Upon browsing the website shop.javatucana.com, which your company uses
regularly in the normal course of business, you are greeted by a privacy error
P a g e 3 | 41
, 4
that states, "Your connection is not private." After confirming that your own
computer's date and time are correct, you positively verify the following details:
The valid-date range of the web server's certificate is current.
The certificate's chain of trust is valid, which includes the fact that your
computer trusts the root CA's certificate
The certificate's Subject Alternative Name field contains javatucana.com.
You accurately entered shop.javatucana.com in the web browser.
Given your inability to explain the privacy error based on your investigation of
these factors, what could be the cause for the error? -- ANSWER--The web
server's certificate is on the CRL.
There are no wildcards in the web server's certificate.
What technology uses the TPM to store hashes of signed boot files for
comparison the next time the system boots and for export in a quote for remote
attestation? -- ANSWER--measured boot
what connection type is very similar to bluetooth but used by more specialized
devices, such as sensors and fitness trackers -- ANSWER--ANT (Adaptive
Network Technology)
What would you recommend to a team member who is interested in additional
sources of information to assist with refining their own understanding of the
P a g e 4 | 41
NEW
UPDATE CMIT 320 FINAL EXAM PRACTICE
QUESTIONS WITH ANSWERS TESTED AND
APPROVED!!!
A user complains that after entering a URL into a browser, what appeared to be
the correct page is displayed in the browser. However, after clicking a few links
on the page, it became obvious that the site the user arrived at was not the
correct site, but instead a malicious copy of the site the user intended to visit.
Which of the following attacks did the user most likely fall prey to? --
ANSWER--typosquatting
An enterprise cloud administrator needs to create a trust boundary between two
compute instances in the same default security group and on the same IPv4
subnet within an AWS virtual private cloud (VPC). What would be an effective
solution to the administrator's needs? -- ANSWER--Place the instances in
separate subnets and use a network firewall between the subnets.
You've taken up a contract helping to upgrade the existing industrial control
network for an oil refinery. What network type should you expect to work with?
-- ANSWER--DCS
P a g e 1 | 41
, 2
Which of the following is a risk to cloud services that is not a risk to onpremises
services? -- ANSWER--Your data may be threatened by attacks launched on the
data of others.
Which of the following factors has no effect on chain of custody, with regard to
digital evidence that is presented to the court? -- ANSWER--Documentation of
the presiding judge and opposing counsel
On a subnet with limited physical security, you're worried about ARP poisoning
and DHCP spoofing attacks. What switch feature could help prevent both? --
ANSWER--802.1AE/MACsec
Your company is developing a custom web app for the sales team. It should be
able to access a list of Salesforce contacts, but for security reasons, the app
shouldn't be able to access the actual Salesforce account. What standard would
allow this? -- ANSWER--OAuth
Uses an authenticator to block communications between unauthorized users or
workstations and the local network
Requires the use of EAP and an authentication server -- ANSWER--802.1X
P a g e 2 | 41
, 3
After a security incident, you rush to take a screenshot of a telltale running
process before you leisurely take a backup of suspicious files on the hard drive.
What forensic principle are you exercising? -- ANSWER--Order of Volatility
Which of the following are forms of cybersecurity resilience that help to ensure
fault tolerance or recoverability of services in the case of an outage? --
ANSWER--A diesel generator
NIC teaming
Geographically dispersed data centers
Which organization offers freely accessible top-ten lists and cheat sheets in the
field of secure development of web applications? -- ANSWER--OWASP
What is the difference between a bluejacking and a bluesnarfing attack? --
ANSWER--Bluesnarfing involves data compromise.
In the area of threat hunting, what is meant by intelligence fusion? -- ANSWER-
-Gathering intelligence from multiple sources to feed advanced analytics
Upon browsing the website shop.javatucana.com, which your company uses
regularly in the normal course of business, you are greeted by a privacy error
P a g e 3 | 41
, 4
that states, "Your connection is not private." After confirming that your own
computer's date and time are correct, you positively verify the following details:
The valid-date range of the web server's certificate is current.
The certificate's chain of trust is valid, which includes the fact that your
computer trusts the root CA's certificate
The certificate's Subject Alternative Name field contains javatucana.com.
You accurately entered shop.javatucana.com in the web browser.
Given your inability to explain the privacy error based on your investigation of
these factors, what could be the cause for the error? -- ANSWER--The web
server's certificate is on the CRL.
There are no wildcards in the web server's certificate.
What technology uses the TPM to store hashes of signed boot files for
comparison the next time the system boots and for export in a quote for remote
attestation? -- ANSWER--measured boot
what connection type is very similar to bluetooth but used by more specialized
devices, such as sensors and fitness trackers -- ANSWER--ANT (Adaptive
Network Technology)
What would you recommend to a team member who is interested in additional
sources of information to assist with refining their own understanding of the
P a g e 4 | 41
