Quiz Summary
0 of 90 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Results
0 of 90 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the practice exam, but hey, you have unlimited access.😎
Practise makes you perfect! 👊 -
Congratulations! 🥳
You have passed the practice exam successfully! You are one step closer to pass the real exam!
We hope to see you again on another certification path.✌️
Good luck with the exam! Stay strong.👊
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 90
1. Question
An organization has recently experienced a cyber attack that resulted in the loss of sensitive data. The IT team has decided to implement an EDR solution to better protect their endpoints. Which of the following configuration changes should be made to the EDR solution to improve security?
CorrectIncorrect -
Question 2 of 90
2. Question
A company’s security team has identified that sensitive data is being accidentally leaked through email attachments. Which of the following would be the BEST configuration change to improve security in this scenario?
CorrectIncorrect -
Question 3 of 90
3. Question
A financial institution has identified that its employees are accessing non-work-related websites during work hours, increasing the risk of a security incident. Which of the following would be the BEST configuration change to improve security in this scenario?
CorrectIncorrect -
Question 4 of 90
4. Question
A company has experienced several cyber attacks that have exploited vulnerabilities in their network. After conducting an assessment, the security team identifies that the intrusion prevention system (IPS) needs to be updated. Which of the following is the MOST effective configuration change the team can make to the IPS to improve security?
CorrectIncorrect -
Question 5 of 90
5. Question
A company wants to improve security by implementing a new intrusion prevention system (IPS) rule. The rule should block all traffic coming from IP addresses that have attempted to access the network more than five times within the last minute. Which of the following is the BEST way to configure this rule?
CorrectIncorrect -
Question 6 of 90
6. Question
A company has experienced several successful cyber attacks on its network. The security team has determined that many of these attacks were able to bypass the firewall due to outdated firewall rules. What configuration change can be made to the firewall to prevent similar attacks in the future?
CorrectIncorrect -
Question 7 of 90
7. Question
A company has noticed an increase in unauthorized access attempts to its internal network. The security team has determined that many of these attempts are coming from external IP addresses. What configuration change can be made to the firewall to mitigate this issue?
CorrectIncorrect -
Question 8 of 90
8. Question
A company has been experiencing a large number of malware infections on its endpoints. The security team has determined that the malware is being downloaded from unapproved websites. What control can they implement to help prevent these infections in the future?
CorrectIncorrect -
Question 9 of 90
9. Question
A company has been experiencing a large number of successful phishing attacks against their employees. The security team has determined that many of these attacks are using links to malicious websites. What control can they implement to help prevent these attacks in the future?
CorrectIncorrect -
Question 10 of 90
10. Question
A company is experiencing frequent malware attacks, and their current antivirus solution is not catching all the malicious files. The security team decides to implement an allow list. Which of the following is the BEST approach for configuring the allow list?
CorrectIncorrect -
Question 11 of 90
11. Question
A security analyst is tasked with improving the security posture of a company’s file server. The analyst has identified that some users have excessive permissions to sensitive files, which increases the risk of data breaches. Which of the following would be the BEST configuration change to address this issue?
CorrectIncorrect -
Question 12 of 90
12. Question
A company’s employees receive an email from what appears to be their CEO’s email address, requesting that they click on a link to verify their email accounts. However, one of the employees notices that the link points to a suspicious website. Upon investigation, the email headers reveal that the email was not actually sent from the CEO’s email address, but from a spoofed email address. Which of the following email analysis techniques is being used in this scenario?
CorrectIncorrect -
Question 13 of 90
13. Question
A security analyst received an email from the organization’s CEO requesting access to sensitive data stored on a server. The email contains an embedded link to a website where the analyst can grant the requested access. The analyst suspects that the email may be a phishing attempt. Which of the following actions can the analyst take to analyze the email for embedded links?
CorrectIncorrect -
Question 14 of 90
14. Question
In an organization, several employees have reported receiving suspicious emails with embedded links in their inboxes. The security analyst wants to investigate further to ensure that the emails are not malicious. Which of the following actions can the analyst take to analyze the emails for embedded links?
CorrectIncorrect -
Question 15 of 90
15. Question
Tom, a security analyst, is investigating an incident where an employee’s email account was used to send malicious attachments to multiple colleagues. Tom reviews the email logs and notices that the messages containing the malicious attachments have a digital signature attached. What can Tom conclude from this information?
CorrectIncorrect -
Question 16 of 90
16. Question
Jane, a security analyst, is reviewing emails from a user who claims that their account was hacked. She notices that some of the emails have a digital signature attached while others do not. What can Jane conclude from this information?
CorrectIncorrect -
Question 17 of 90
17. Question
A security analyst notices suspicious activity originating from an employee’s email account. Upon further investigation, the analyst discovers that the employee’s email account has been forwarding all incoming and outgoing emails to an external email address without the employee’s knowledge. What type of email threat is this an example of?
CorrectIncorrect -
Question 18 of 90
18. Question
A user reports receiving a suspicious email claiming to be from their bank. The email contains a link to a website that looks like the bank’s website, but the URL is different. Which of the following should be the FIRST step in analyzing this email?
CorrectIncorrect -
Question 19 of 90
19. Question
In a phishing email analysis, which of the following is the best indicator of a potential phishing attack?
CorrectIncorrect -
Question 20 of 90
20. Question
A company’s security analyst is reviewing e-mail logs and notices that a large number of e-mails are being marked as spam. The analyst determines that many of these e-mails are originating from a known spammer’s domain. Which of the following techniques could the analyst use to block these e-mails from being received by the company’s e-mail servers?
CorrectIncorrect -
Question 21 of 90
21. Question
In analyzing e-mail traffic logs, a security analyst notices a large number of inbound e-mails with spoofed sender addresses. Which of the following techniques can the analyst use to verify the authenticity of the sender’s domain?
CorrectIncorrect -
Question 22 of 90
22. Question
A company’s email administrator has received reports of spoofed emails being sent from the company’s domain. The administrator wants to implement DMARC to prevent these emails from being delivered. Which of the following actions should the administrator take?
CorrectIncorrect -
Question 23 of 90
23. Question
A security analyst is reviewing email logs and notices that multiple email messages from a specific domain are being marked as spam by the company’s email filter. The analyst suspects that the domain’s DMARC record is not properly configured. Which of the following tools should the analyst use to verify the DMARC record?
CorrectIncorrect -
Question 24 of 90
24. Question
An organization is experiencing a large volume of phishing emails sent to its employees. The organization has implemented Domain Keys Identified Mail (DKIM) to prevent email spoofing, but some emails are still getting through. Which of the following could be causing this issue?
CorrectIncorrect -
Question 25 of 90
25. Question
A company has implemented Domain Keys Identified Mail (DKIM) to prevent email spoofing. However, some employees are still receiving suspicious emails claiming to be from internal email addresses. Which of the following should be checked to determine if the emails are legitimate?
CorrectIncorrect -
Question 26 of 90
26. Question
You are a cybersecurity analyst for a financial institution. A user has reported receiving an email that contained a suspicious attachment. After reviewing the email header, you determine that the email originated from an external source and contains a known malicious payload. What tool can be used to analyze the malicious payload?
CorrectIncorrect -
Question 27 of 90
27. Question
You work as a security analyst for a large corporation. One of your colleagues has received an email with a malicious attachment that appears to be a document. The email contains a link that takes the user to a fake login page. What is the BEST approach to analyze this email?
CorrectIncorrect -
Question 28 of 90
28. Question
A security analyst is investigating a potential security incident and wants to search for all instances of the keyword “password” in the log files. Which command can be used to search for the keyword in all log files within a directory?
CorrectIncorrect -
Question 29 of 90
29. Question
In a security monitoring scenario, an analyst wants to filter the output of a command and use it as input for another command. Which technique would be MOST appropriate to achieve this?
CorrectIncorrect -
Question 30 of 90
30. Question
A company suspects that an employee is stealing data and transferring it to an external device. The security team needs to identify any unauthorized file transfers on the company’s network. Which of the following queries will help them accomplish this task?
CorrectIncorrect -
Question 31 of 90
31. Question
A security analyst is investigating a possible data breach on a server. They suspect that a malicious script was used to exfiltrate sensitive data. Which of the following queries will help the analyst identify the script used?
CorrectIncorrect -
Question 32 of 90
32. Question
You are analyzing web server logs to identify potential brute force attacks on user accounts. You notice a pattern of multiple login attempts with different usernames originating from the same IP address within a short time period. Which of the following queries will help you identify these potential brute force attacks?
CorrectIncorrect -
Question 33 of 90
33. Question
You are an analyst in a security operations center (SOC) and you are tasked with investigating a potential security incident. You have been given a log file containing thousands of entries related to the event. Which of the following queries will be MOST effective in identifying the relevant entries?
CorrectIncorrect -
Question 34 of 90
34. Question
A security analyst is investigating a suspected data breach and needs to search through logs to identify any malicious activity. Which of the following queries is BEST suited for a string search to identify potential indicators of compromise?
CorrectIncorrect -
Question 35 of 90
35. Question
A security analyst is reviewing the SIEM dashboard and notices a significant increase in failed login attempts for a particular user account. Which of the following is the MOST likely cause of this activity?
CorrectIncorrect -
Question 36 of 90
36. Question
During a routine SIEM review, an analyst notices that a particular IP address has been flagged multiple times for suspicious activity. The IP address is not a part of the organization’s network but is frequently attempting to establish connections with various systems. Which of the following is the BEST action for the analyst to take?
CorrectIncorrect -
Question 37 of 90
37. Question
A security analyst has been tasked with creating a new rule in the organization’s SIEM to detect potential unauthorized access attempts on a critical system. Which of the following statements correctly describes the process of rule writing in a SIEM system?
CorrectIncorrect -
Question 38 of 90
38. Question
A security analyst is reviewing logs in a SIEM solution and notices a large number of failed login attempts on a critical server. The analyst decides to create a new rule in the SIEM solution to detect any future failed login attempts on this server. Which of the following is the BEST approach for creating this rule?
CorrectIncorrect -
Question 39 of 90
39. Question
A company has been hit by a ransomware attack that has affected its critical business operations. The incident response team is conducting an impact analysis to determine the extent of the damage and the impact on the organization’s operations. What type of impact analysis is the team conducting?
CorrectIncorrect -
Question 40 of 90
40. Question
A company experiences a major cyber attack that has brought down its primary web application. The company’s incident response team is conducting an impact analysis to determine the severity of the attack. They have identified that the application must be restored within the next hour to prevent significant financial loss. What type of impact analysis is the team conducting?
CorrectIncorrect -
Question 41 of 90
41. Question
A security team is investigating a ransomware attack that has affected multiple endpoints within the organization. The team needs to determine whether the attack is a localized incident or if it poses a threat to the entire organization. Which of the following would be the BEST approach for the team to take?
CorrectIncorrect -
Question 42 of 90
42. Question
A security analyst is reviewing the IDS/IPS logs and noticed that there have been several alerts related to a specific host on the network. The alerts indicate that the host is attempting to communicate with a known malicious IP address. The analyst wants to identify the source of the traffic and take appropriate action. Which of the following is the MOST appropriate action for the analyst to take?
CorrectIncorrect -
Question 43 of 90
43. Question
A security analyst has been tasked with assessing the impact of a recent security incident that affected the company’s HR database. During the investigation, it was discovered that the attacker gained access to the database through a phishing email. The analyst needs to determine the extent of the impact on the organization and its employees. Which of the following is the BEST approach for the analyst to take?
CorrectIncorrect -
Question 44 of 90
44. Question
A company recently deployed an IDS/IPS system to monitor their network traffic. The security analyst is reviewing the logs and noticed that there have been several alerts related to port scanning. The analyst wants to investigate further to identify the source of the scans. Which of the following is the MOST appropriate action for the analyst to take?
CorrectIncorrect -
Question 45 of 90
45. Question
You are a security analyst at a financial institution and you notice unusual traffic patterns in the network logs. Upon further investigation, you find that the logs show several attempts to connect to a known malicious IP address. Which of the following log sources would be MOST helpful in determining the origin of the connection attempts?
CorrectIncorrect -
Question 46 of 90
46. Question
A security analyst is reviewing the logs of a web application firewall (WAF) and notices several entries that indicate a potential DDoS attack. The entries show multiple requests from different IP addresses that are targeting a specific page of the application. What type of DDoS attack is being carried out in this scenario?
CorrectIncorrect -
Question 47 of 90
47. Question
A security analyst is reviewing the firewall logs and notices several failed login attempts from a single IP address within a short period of time. The analyst suspects a potential brute-force attack. Which of the following is the BEST course of action for the analyst to take?
CorrectIncorrect -
Question 48 of 90
48. Question
A security analyst has been tasked to review the firewall logs of a company’s network. The analyst is trying to determine if any unauthorized access or malicious activities have occurred. The analyst notices several outbound connections to an IP address that is known to be associated with a known malicious website. Which of the following is the BEST course of action for the analyst to take?
CorrectIncorrect -
Question 49 of 90
49. Question
A security analyst has been tasked with reviewing syslog logs from a company’s web server. The analyst notices that there are multiple attempts to access the server using common web application attack techniques. However, the logs do not show any successful attacks. Which of the following would be the MOST likely reason for this?
CorrectIncorrect -
Question 50 of 90
50. Question
A security analyst has been tasked with reviewing syslog logs for suspicious activity on a company’s network. Upon analyzing the logs, the analyst notices an abnormal amount of traffic to an external IP address during off-hours. The analyst suspects that a compromised system is communicating with a Command and Control (C2) server. Which of the following would be the BEST course of action for the analyst to take?
CorrectIncorrect -
Question 51 of 90
51. Question
As a security analyst for a healthcare organization, you have been asked to review the event logs for the organization’s electronic health record (EHR) system. You notice that there are several entries indicating a large number of patient records were accessed by a single user in a short period of time. What type of analysis should you perform to determine if this activity is suspicious?
CorrectIncorrect -
Question 52 of 90
52. Question
A company’s critical infrastructure system contains sensitive information and needs to be protected from external threats. The IT department has decided to implement segmentation as a security solution. Which of the following options would be the BEST approach to implementing segmentation?
CorrectIncorrect -
Question 53 of 90
53. Question
A company is planning to migrate its traditional server-based infrastructure to a serverless architecture. What security solution should the company consider to minimize the risk of malicious activity in the new infrastructure?
CorrectIncorrect -
Question 54 of 90
54. Question
A company wants to ensure the confidentiality of data being transmitted over their internal bus between various components of their computer system. Which of the following BEST describes an effective method to secure the bus against eavesdropping attacks?
CorrectIncorrect -
Question 55 of 90
55. Question
Which of the following BEST describes measured boot and attestation?
CorrectIncorrect -
Question 56 of 90
56. Question
In an organization, the IT team wants to ensure that firmware updates on all devices are secure and tamper-proof. Which of the following is the BEST hardware assurance practice to achieve this goal?
CorrectIncorrect -
Question 57 of 90
57. Question
A company wants to ensure the security of its sensitive data stored on its laptops. Which of the following options would be the BEST solution for this requirement?
CorrectIncorrect -
Question 58 of 90
58. Question
A company is developing a new hardware device that will be used in military applications. They want to ensure that the device cannot be tampered with or reverse-engineered. Which of the following would be the BEST solution to achieve this goal?
CorrectIncorrect -
Question 59 of 90
59. Question
A company wants to ensure the integrity and confidentiality of its data while it’s being processed on its servers. Which of the following hardware assurance techniques would BEST meet their requirement?
CorrectIncorrect -
Question 60 of 90
60. Question
A company wants to ensure that the processing of its sensitive data is done securely. Which of the following best describes a secure enclave?
CorrectIncorrect -
Question 61 of 90
61. Question
Which of the following is an example of trusted execution environment (TEE) technology?
CorrectIncorrect -
Question 62 of 90
62. Question
A company is looking to manufacture new hardware components for its product. They want to ensure that the hardware components are authentic and have not been tampered with. Which of the following methods can they use to ensure this?
CorrectIncorrect -
Question 63 of 90
63. Question
A company is planning to purchase new servers with the latest hardware components for its data center. The IT team wants to ensure the new servers have secure firmware and boot processes. Which of the following hardware assurance best practices can provide this level of security?
CorrectIncorrect -
Question 64 of 90
64. Question
A company is considering implementing a Hardware Security Module (HSM) to secure its payment processing systems. Which of the following is a benefit of using an HSM?
CorrectIncorrect -
Question 65 of 90
65. Question
A company wants to ensure that its servers’ boot process is secure and tamper-proof. Which of the following hardware security solutions would be the MOST appropriate for this scenario?
CorrectIncorrect -
Question 66 of 90
66. Question
A company is considering implementing a microservices architecture for their application. Which of the following best practices should they follow to ensure software assurance?
CorrectIncorrect -
Question 67 of 90
67. Question
In a RESTful web application, which secure coding best practice should be implemented to prevent SQL injection attacks?
CorrectIncorrect -
Question 68 of 90
68. Question
In a company, a SOAP web service is used to exchange sensitive data between different systems. Which of the following best practices should be implemented to ensure secure coding for this web service?
CorrectIncorrect -
Question 69 of 90
69. Question
A company has implemented a service-oriented architecture (SOA) to integrate its different business systems. They want to ensure secure communication between systems and have decided to use Security Assertion Markup Language (SAML). Which of the following statements about SAML is true?
CorrectIncorrect -
Question 70 of 90
70. Question
In a company that develops mobile applications, the development team uses a dynamic analysis tool to test the application’s functionality and identify any vulnerabilities. Which of the following is the primary benefit of using dynamic analysis tools in this scenario?
CorrectIncorrect -
Question 71 of 90
71. Question
A software development team is looking to implement a tool that can automatically scan their codebase for potential security vulnerabilities. Which of the following best describes the type of tool they should use?
CorrectIncorrect -
Question 72 of 90
72. Question
A software development team is tasked with creating a new application that allows users to submit personal information such as names, addresses, and credit card details. The team is concerned about the risk of SQL injection attacks and wants to implement secure coding best practices. Which of the following options describes a recommended approach to prevent SQL injection attacks?
CorrectIncorrect -
Question 73 of 90
73. Question
A software development team is working on an e-commerce application. The team is implementing a feature that allows users to store their credit card information for future purchases. What is the best practice for data protection in this scenario?
CorrectIncorrect -
Question 74 of 90
74. Question
In a software development project, the development team is implementing authentication mechanisms to secure user accounts. Which of the following is a secure coding best practice to follow when implementing authentication?
CorrectIncorrect -
Question 75 of 90
75. Question
Which of the following is an important step in implementing secure session management in a web application?
CorrectIncorrect -
Question 76 of 90
76. Question
In a web application, which of the following is an example of a secure session management practice?
CorrectIncorrect -
Question 77 of 90
77. Question
A web application developer is reviewing the code for an e-commerce platform. Which of the following BEST describes a secure coding best practice for output encoding?
CorrectIncorrect -
Question 78 of 90
78. Question
A web application developer is designing a new feature that requires user inputs to be displayed on the website. To ensure security, which secure coding best practice should the developer implement?
CorrectIncorrect -
Question 79 of 90
79. Question
A software development team is implementing a new feature that involves storing user data in a database. The team wants to ensure that the data is protected from injection attacks. Which of the following is a secure coding best practice for input validation?
CorrectIncorrect -
Question 80 of 90
80. Question
A software development team is conducting a code review for a new application. During the review, the team identifies a potential security vulnerability in the code. Which of the following is the BEST next step for the team?
CorrectIncorrect -
Question 81 of 90
81. Question
A software development team wants to ensure that changes to their application’s code do not introduce new security vulnerabilities. Which software assessment method should they use?
CorrectIncorrect -
Question 82 of 90
82. Question
A company wants to ensure that its web application can handle high traffic and heavy loads without crashing or losing data. Which of the following software assessment methods should they use?
CorrectIncorrect -
Question 83 of 90
83. Question
A software development team has created a new application that they are about to release to users. To ensure that the application meets the needs and expectations of the users, what software assurance best practice should the team implement?
CorrectIncorrect -
Question 84 of 90
84. Question
A company wants to implement a DevSecOps approach to its software development process. Which of the following best practices should the company follow to ensure that security is integrated into the entire development lifecycle?
CorrectIncorrect -
Question 85 of 90
85. Question
A software development team is working on a new project and wants to ensure that security is integrated throughout the SDLC. Which of the following is an important step in integrating software assurance best practices into the SDLC?
CorrectIncorrect -
Question 86 of 90
86. Question
A company is using embedded systems in their devices that require firmware updates. What is the best practice for ensuring the security of firmware updates?
CorrectIncorrect -
Question 87 of 90
87. Question
A company is designing a new IoT device that will be powered by a System-on-chip (SoC) and will be connected to the internet. What is the BEST software assurance practice that should be implemented to ensure the security of the device?
CorrectIncorrect -
Question 88 of 90
88. Question
A company has developed a new web application that will allow customers to make purchases online. Which of the following is a software assurance best practice that should be implemented to ensure the security of the payment process?
CorrectIncorrect -
Question 89 of 90
89. Question
A company has a bring-your-own-device (BYOD) policy in place. The IT department wants to ensure that employees can securely access company resources on their mobile devices. Which of the following software assurance best practices should they implement for mobile platforms?
CorrectIncorrect -
Question 90 of 90
90. Question
A software development team is working on a mobile app for a company. The team wants to implement software assurance best practices to ensure the security of the app. Which of the following practices should they implement specifically for mobile platforms?
CorrectIncorrect