D488- Cybersecurity Architecture & Engineering
Exam Questions and Answers Verified
VERIFIED ANSWERS QUESTIONS
C - Virtual Local Area Network (VLAN) 1) Which type of security should a
business use on its layer 2 switch to
VLANs allow companies to logically isolate the finance network from other
segment network traffic, ensuring departmental networks?
devices on different VLANs cannot A - Virtual Private Network (VPN)
communicate unless otherwise specified B - Internet Protocol Security (IPSec)
in a layer 3 device like a router. C - Virtual Local Area Network
(VLAN)
D - Remotely Triggered Black Hole
(RTBH)
A - Regression Testing 2) Which type of software testing should
be used when there has been a change
Regression testing ensures that recent within the existing environment?
changes within the environment have not A - Regression Testing
, introduced new defects or broken B - Penetration Testing
existing functionality. C - Requirements Testing
D - Release Testing
B - Password Auditing 3) Which security technique should be
used to detect a weak password that
Password auditing allows for existing may match common dictionary
passwords to be compared against words?
known weak passwords to help A - Password Spraying
determine the security of a credential. B - Password Auditing
C - Password Guessing
D - Password History
A - Multi-factor authentication 4) What should an organization
implement if it wants users of their
MFA enhances security by requiring site to provide a password, memorable
multiple forms of authentication, word, and pin?
therefore reducing the risk of A - Multi-factor authentication (MFA)
unauthorized access. B - Two-factor authentication (2FA)
C - Two-step verification
D - Single-factor authentication
B - Firewall rules 5) A network technician is asked by their
manager to update security to block
Firewall rules can be set up to deny several known bad actor IP addresses.
traffic coming from known malicious IP A - Signature rules
, addresses. B - Firewall rules
C - Behavior rules
D - Data loss prevention (DLP) rules
D - Race Condition 6) On a shopping website, there is a 500-
millisecond delay when the authorized
A race condition occurs when multiple payment button is selected for
processes or actions are executed purchases. Attackers have been
simultaneously, and the outcome running a script to alter the final
depends on the sequence or timing of payment that takes 200 milliseconds.
events. Which vulnerability on the website is
being targeted by the attackers?
A - Buffer Overflow
B - Integer Overflow
C - Broken Authentication
D - Race Condition
D - Whitelisting 7) A company wants to provide laptops
to its employees so they can work
Whitelisting ensures that only approved remotely. What should be
applications can be installed and implemented to ensure only work
executed on company laptops. applications can be installed on
company laptops?
A - Containerization
B - Token-based access
, C - Patch repository
D - Whitelisting
C - S/MIME (Secure/Multipurpose 8) What should a business use to provide
Internet Mail Extensions) non-repudiation for emails between
employees?
S/MIME provides non-repudiation for A - TLS/SSL
emails by using digital signatures. B - AES-256
C - S/MIME
D - IPSec
B - Gap assessment 9) Which strategy is appropriate for a
risk management team to determine if
A gap assessment identifies the gaps a business has insufficient security
between the current security control and controls?
the desired or required levels of security. A - Qualitative assessment
B - Gap assessment
C - Quantitative risk assessment
D - Impact assessment
B - Warm site 10) An organization has leased office
space that is suitable for its computer
A warm site is a disaster recovery site equipment so personnel and systems
that provides a partially equipped facility can be relocated if the main office
that can be used to restore critical location is unavailable. It currently has
operations faster than having no some equipment. Which type of site is
Exam Questions and Answers Verified
VERIFIED ANSWERS QUESTIONS
C - Virtual Local Area Network (VLAN) 1) Which type of security should a
business use on its layer 2 switch to
VLANs allow companies to logically isolate the finance network from other
segment network traffic, ensuring departmental networks?
devices on different VLANs cannot A - Virtual Private Network (VPN)
communicate unless otherwise specified B - Internet Protocol Security (IPSec)
in a layer 3 device like a router. C - Virtual Local Area Network
(VLAN)
D - Remotely Triggered Black Hole
(RTBH)
A - Regression Testing 2) Which type of software testing should
be used when there has been a change
Regression testing ensures that recent within the existing environment?
changes within the environment have not A - Regression Testing
, introduced new defects or broken B - Penetration Testing
existing functionality. C - Requirements Testing
D - Release Testing
B - Password Auditing 3) Which security technique should be
used to detect a weak password that
Password auditing allows for existing may match common dictionary
passwords to be compared against words?
known weak passwords to help A - Password Spraying
determine the security of a credential. B - Password Auditing
C - Password Guessing
D - Password History
A - Multi-factor authentication 4) What should an organization
implement if it wants users of their
MFA enhances security by requiring site to provide a password, memorable
multiple forms of authentication, word, and pin?
therefore reducing the risk of A - Multi-factor authentication (MFA)
unauthorized access. B - Two-factor authentication (2FA)
C - Two-step verification
D - Single-factor authentication
B - Firewall rules 5) A network technician is asked by their
manager to update security to block
Firewall rules can be set up to deny several known bad actor IP addresses.
traffic coming from known malicious IP A - Signature rules
, addresses. B - Firewall rules
C - Behavior rules
D - Data loss prevention (DLP) rules
D - Race Condition 6) On a shopping website, there is a 500-
millisecond delay when the authorized
A race condition occurs when multiple payment button is selected for
processes or actions are executed purchases. Attackers have been
simultaneously, and the outcome running a script to alter the final
depends on the sequence or timing of payment that takes 200 milliseconds.
events. Which vulnerability on the website is
being targeted by the attackers?
A - Buffer Overflow
B - Integer Overflow
C - Broken Authentication
D - Race Condition
D - Whitelisting 7) A company wants to provide laptops
to its employees so they can work
Whitelisting ensures that only approved remotely. What should be
applications can be installed and implemented to ensure only work
executed on company laptops. applications can be installed on
company laptops?
A - Containerization
B - Token-based access
, C - Patch repository
D - Whitelisting
C - S/MIME (Secure/Multipurpose 8) What should a business use to provide
Internet Mail Extensions) non-repudiation for emails between
employees?
S/MIME provides non-repudiation for A - TLS/SSL
emails by using digital signatures. B - AES-256
C - S/MIME
D - IPSec
B - Gap assessment 9) Which strategy is appropriate for a
risk management team to determine if
A gap assessment identifies the gaps a business has insufficient security
between the current security control and controls?
the desired or required levels of security. A - Qualitative assessment
B - Gap assessment
C - Quantitative risk assessment
D - Impact assessment
B - Warm site 10) An organization has leased office
space that is suitable for its computer
A warm site is a disaster recovery site equipment so personnel and systems
that provides a partially equipped facility can be relocated if the main office
that can be used to restore critical location is unavailable. It currently has
operations faster than having no some equipment. Which type of site is
