Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Daniel, a networking specialist, identifies a glitch in a networking tool and fixes it on a priority using a system. Daniel was authorized to make a copy of computers programs while maintaining or repairing the system.

Which of the following acts was demonstrated in the above scenario?

A.

Sarbanes-Oxley Act (SOX)

B.

The Digital Millennium Copyright Act (DMCA)

C.

Data Protection Act 2018 (DPA)

D.

Gramm-Leach-Bliley Act (GLBA)

Full Access
Question # 5

Which of the following solutions is a software or a hardware device on a network or host that filters the incoming and outgoing traffic to prevent unauthorized access to private networks?

A.

Firewall

B.

Router

C.

Hub

D.

Switch

Full Access
Question # 6

Identify the technique through which mobile application marketers utilize the user's location to gather sensitive data and know about users' offline activities from the location data.

A.

Containerization

B.

Push notification

C.

Full device encryption

D.

Geofencing

Full Access
Question # 7

Below are various authentication techniques.

1.Retina scanner

2.One-time password

3.DNA

4.Voice recognition

Identify the techniques that fall under biometric authentication.

A.

1, 3, and 4

B.

1, 2, and 3

C.

2, 3, and 4

D.

1, 2, and 4

Full Access
Question # 8

Jay, a network administrator, was monitoring traffic flowing through an IDS. Unexpectedly, he received an event triggered as an alarm, although there is no active attack in progress.

Identify the type of IDS alert Jay has received in the above scenario.

A.

True negative alert

B.

False positive alert

C.

True positive alert

D.

False negative alert

Full Access
Question # 9

Which of the following access control models refers to assigning permissions to a user role based on the rules defined for each user role by the administrator?

A.

Discretionary rule access control

B.

Mandatory rule access control

C.

Rule-based access control

D.

Role-based access control

Full Access
Question # 10

Which of the following components of VPN is used to manage tunnels and encapsulate private data?

A.

Remote network

B.

VPN protocol

C.

Network access server

D.

VPN client

Full Access
Question # 11

Kelly, a cloud administrator at TechSol Inc., was instructed to select a cloud deployment model to secure the corporate data and retain full control over the data.

Which of the following cloud deployment models helps Kelly in the above scenario?

A.

Public cloud

B.

Multi cloud

C.

Community cloud

D.

Private cloud

Full Access
Question # 12

James was recruited as security personnel in an organization and was instructed to secure the organization's infrastructure from physical threats. To achieve this, James installed CCTV systems near gates, reception, hallways, and workplaces to capture illicit activities inside the premises, identify activities that need attention, collect images as evidence, and aid in an alarm system.

Identify the type of physical security control implemented by James in the above scenario.

A.

Video surveillance

B.

Fire-fighting systems

C.

Lighting system

D.

Physical barriers

Full Access
Question # 13

Which of the following practices helps security professionals protect mobile applications from various attacks?

A.

Always cache app data

B.

Use containerization for critical corporate data

C.

Use query string while handling sensitive data

D.

Allow apps to save passwords to avoid multiple logins

Full Access
Question # 14

Which of the following algorithms uses a sponge construction where message blocks are XORed into the initial bits of the state that the algorithm then invertible permutes?

A.

MD5

B.

SHA-2

C.

SHA-3

D.

MD6

Full Access
Question # 15

Below are the various steps involved in the creation of a data retention policy.

1.Understand and determine the applicable legal requirements of the organization

2.Ensure that all employees understand the organization's data retention policy

3.Build a data retention policy development team

4.ldentify and classify the data to be included in the data retention policy

5.Develop the data retention policy

Identify the correct sequence of steps involved.

A.

3 -- >2 -- >5 -- >4 -- >1

B.

3 -- >1 -- >4 -- >5 -- >2

C.

1 -- >3 -- >4 -- >2 -- >5

D.

1 -- >5 -- >4 -- >2 -- >3

Full Access
Question # 16

Jamie wants to send a confidential file to her friend Alice. For this purpose, they installed an application for securely sharing the file. The application employs an encryption algorithm that usesthe same shared secret key for encryption and decryption of data.

Identify the type of cryptography employed by the application used by Alice and Jamie for file sharing.

A.

Symmetric cryptography

B.

Public-key cryptography

C.

RSA cryptosystem

D.

Asymmetric cryptography

Full Access
Question # 17

Sarah was accessing confidential office files from a remote location via her personal computer connected to the public Internet. Accidentally, a malicious file was downloaded onto Sarah's computer without her knowledge. This download might be due to the free Internet access and the absence of network defense solutions.

Identify the Internet access policy demonstrated in the above scenario.

A.

Permissive policy

B.

Promiscuous policy

C.

Paranoid policy

D.

Prudent policy

Full Access
Question # 18

Which of the following techniques is referred to as a messaging feature that originates from a server and enables the delivery of data or a message from an application to a mobile device without any explicit request from the user?

A.

Push notification

B.

PIN feature

C.

Geofencing

D.

Containerization

Full Access
Question # 19

John has recently joined an organization and completed his security training. The organization conducted a security campaign on their employees by sending a fake email stating the urgency of password reset. John identified that it was an illegitimate mail and reported it as spam.

Identify the type of attack initiated by the organization as part of the security campaign discussed in the above scenario.

A.

Phishing

B.

Tailgating

C.

Dumpster diving

D.

Shoulder surfing

Full Access
Question # 20

In an organization, employees are restricted from using their own storage devices, and only the company's portable storage devices are allowed. As employees are carrying the company's portable device outside their premises, the data should be protected from unauthorized access.

Which of the following techniques can be used to protect the data in a portable storage device?

A.

Data retention

B.

Data encryption

C.

Data resilience

D.

Disk mirroring

Full Access
Question # 21

Which of the following acts was enacted in 2002 and aims to protect the public and investors by increasing the accuracy and reliability of corporate disclosures?

A.

Sarbanes-Oxley Act (SOX)

B.

Digital Millennium Copyright Act (DMCA)

C.

Gramm-Leach-Bliley Act

D.

Payment Card Industry-Data Security Standard (PCI-DSS)

Full Access
Question # 22

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it.

Identify the type of IDS employed by Messy in the above scenario.

A.

Signature-based

B.

Stateful protocol analysis

C.

Anomaly-based

D.

Application proxy

Full Access