CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. An alert has been distributed throughout the information security community regarding a critical Apache vulnerability. Which of the following courses of action wouldONLY identify the known vulnerability?
A) Perform an authenticated scan on all web servers in the environment.
B) Perform an unauthenticated vulnerability scan on all servers in the environment.
C) Perform a web vulnerability scan on all servers in the environment.
D) Perform a scan for the specific vulnerability on all web servers.
2. A cybersecurity analyst has several SIEM event logs to review for possible APT activity. The analyst was given several items that include lists of indicators for bothIP addresses and domains. Which of the following actions is the BEST approach for the analyst to perform?
A) Analyze the trends of the events while manually reviewing to see if any of the indicators match.
B) Use the IP addresses to search through the event logs.
C) Create an advanced query that includes all of the indicators, and review any of the matches.
D) Scan for vulnerabilities with exploits known to have been used by an APT.
3. A security analyst is assisting with a computer crime investigation and has been asked to secure a PC and deliver it to the forensic lab. Which of the following itemswould be MOST helpful to secure the PC? (Choose three.)(Select 3answers)
A) Network tap
B) Write blockers
C) Drive eraser
D) Chain of custody form
E) Tamper-proof seals
F) Faraday cage
4. The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like toachieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?
A) SANS
B) SDLC
C) ISO
D) OSSIM
5. A red team actor observes it is common practice to allow cell phones to charge on company computers, but access to the memory storage is blocked. Which of thefollowing are common attack techniques that take advantage of this practice? (Choose two.)(Select 2answers)
A) A USB attack that tricks the computer into thinking the connected device is a keyboard, and then sends characters one at a time as a keyboard to launch theattack (a prerecorded series of keystrokes)
B) A Bluetooth attack that modifies the device registry (Windows PCs only) to allow the flash drive to mount, and then launches a Java applet attack
C) A Bluetooth peering attack called Snarfing that allows Bluetooth connections on blocked device types if physically connected to a USB port
D) A USB attack that turns the connected device into a rogue access point that spoofs the configured wireless SSIDs
E) A USB attack that tricks the system into thinking it is a network adapter, then runs a user password hash gathering utility for offline password cracking
A) Perform an authenticated scan on all web servers in the environment.
B) Perform an unauthenticated vulnerability scan on all servers in the environment.
C) Perform a web vulnerability scan on all servers in the environment.
D) Perform a scan for the specific vulnerability on all web servers.
2. A cybersecurity analyst has several SIEM event logs to review for possible APT activity. The analyst was given several items that include lists of indicators for bothIP addresses and domains. Which of the following actions is the BEST approach for the analyst to perform?
A) Analyze the trends of the events while manually reviewing to see if any of the indicators match.
B) Use the IP addresses to search through the event logs.
C) Create an advanced query that includes all of the indicators, and review any of the matches.
D) Scan for vulnerabilities with exploits known to have been used by an APT.
3. A security analyst is assisting with a computer crime investigation and has been asked to secure a PC and deliver it to the forensic lab. Which of the following itemswould be MOST helpful to secure the PC? (Choose three.)(Select 3answers)
A) Network tap
B) Write blockers
C) Drive eraser
D) Chain of custody form
E) Tamper-proof seals
F) Faraday cage
4. The Chief Information Security Officer (CISO) has asked the security staff to identify a framework on which to base the security program. The CISO would like toachieve a certification showing the security program meets all required best practices. Which of the following would be the BEST choice?
A) SANS
B) SDLC
C) ISO
D) OSSIM
5. A red team actor observes it is common practice to allow cell phones to charge on company computers, but access to the memory storage is blocked. Which of thefollowing are common attack techniques that take advantage of this practice? (Choose two.)(Select 2answers)
A) A USB attack that tricks the computer into thinking the connected device is a keyboard, and then sends characters one at a time as a keyboard to launch theattack (a prerecorded series of keystrokes)
B) A Bluetooth attack that modifies the device registry (Windows PCs only) to allow the flash drive to mount, and then launches a Java applet attack
C) A Bluetooth peering attack called Snarfing that allows Bluetooth connections on blocked device types if physically connected to a USB port
D) A USB attack that turns the connected device into a rogue access point that spoofs the configured wireless SSIDs
E) A USB attack that tricks the system into thinking it is a network adapter, then runs a user password hash gathering utility for offline password cracking
1. Right Answer: D
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D,E,F
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B,C
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D,E,F
Explanation:
4. Right Answer: C
Explanation:
5. Right Answer: B,C
Explanation:
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
