Quiz Summary
0 of 50 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Results
0 of 50 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 50
1. Question
Jane, a security analyst, is reviewing emails from a user who claims that their account was hacked. She notices that some of the emails have a digital signature attached while others do not. What can Jane conclude from this information?
CorrectIncorrect -
Question 2 of 50
2. Question
Tom, a security analyst, is investigating an incident where an employee’s email account was used to send malicious attachments to multiple colleagues. Tom reviews the email logs and notices that the messages containing the malicious attachments have a digital signature attached. What can Tom conclude from this information?
CorrectIncorrect -
Question 3 of 50
3. Question
In an organization, several employees have reported receiving suspicious emails with embedded links in their inboxes. The security analyst wants to investigate further to ensure that the emails are not malicious. Which of the following actions can the analyst take to analyze the emails for embedded links?
CorrectIncorrect -
Question 4 of 50
4. Question
A security analyst received an email from the organization’s CEO requesting access to sensitive data stored on a server. The email contains an embedded link to a website where the analyst can grant the requested access. The analyst suspects that the email may be a phishing attempt. Which of the following actions can the analyst take to analyze the email for embedded links?
CorrectIncorrect -
Question 5 of 50
5. Question
A company’s employees receive an email from what appears to be their CEO’s email address, requesting that they click on a link to verify their email accounts. However, one of the employees notices that the link points to a suspicious website. Upon investigation, the email headers reveal that the email was not actually sent from the CEO’s email address, but from a spoofed email address. Which of the following email analysis techniques is being used in this scenario?
CorrectIncorrect -
Question 6 of 50
6. Question
A security analyst is tasked with improving the security posture of a company’s file server. The analyst has identified that some users have excessive permissions to sensitive files, which increases the risk of data breaches. Which of the following would be the BEST configuration change to address this issue?
CorrectIncorrect -
Question 7 of 50
7. Question
A company is experiencing frequent malware attacks, and their current antivirus solution is not catching all the malicious files. The security team decides to implement an allow list. Which of the following is the BEST approach for configuring the allow list?
CorrectIncorrect -
Question 8 of 50
8. Question
A company has been experiencing a large number of successful phishing attacks against their employees. The security team has determined that many of these attacks are using links to malicious websites. What control can they implement to help prevent these attacks in the future?
CorrectIncorrect -
Question 9 of 50
9. Question
A company has been experiencing a large number of malware infections on its endpoints. The security team has determined that the malware is being downloaded from unapproved websites. What control can they implement to help prevent these infections in the future?
CorrectIncorrect -
Question 10 of 50
10. Question
A company has noticed an increase in unauthorized access attempts to its internal network. The security team has determined that many of these attempts are coming from external IP addresses. What configuration change can be made to the firewall to mitigate this issue?
CorrectIncorrect -
Question 11 of 50
11. Question
A company has experienced several successful cyber attacks on its network. The security team has determined that many of these attacks were able to bypass the firewall due to outdated firewall rules. What configuration change can be made to the firewall to prevent similar attacks in the future?
CorrectIncorrect -
Question 12 of 50
12. Question
A company wants to improve security by implementing a new intrusion prevention system (IPS) rule. The rule should block all traffic coming from IP addresses that have attempted to access the network more than five times within the last minute. Which of the following is the BEST way to configure this rule?
CorrectIncorrect -
Question 13 of 50
13. Question
A company has experienced several cyber attacks that have exploited vulnerabilities in their network. After conducting an assessment, the security team identifies that the intrusion prevention system (IPS) needs to be updated. Which of the following is the MOST effective configuration change the team can make to the IPS to improve security?
CorrectIncorrect -
Question 14 of 50
14. Question
A financial institution has identified that its employees are accessing non-work-related websites during work hours, increasing the risk of a security incident. Which of the following would be the BEST configuration change to improve security in this scenario?
CorrectIncorrect -
Question 15 of 50
15. Question
A company’s security team has identified that sensitive data is being accidentally leaked through email attachments. Which of the following would be the BEST configuration change to improve security in this scenario?
CorrectIncorrect -
Question 16 of 50
16. Question
An organization has recently experienced a cyber attack that resulted in the loss of sensitive data. The IT team has decided to implement an EDR solution to better protect their endpoints. Which of the following configuration changes should be made to the EDR solution to improve security?
CorrectIncorrect -
Question 17 of 50
17. Question
An organization has identified that the majority of cyber attacks they have experienced are the result of employees clicking on malicious links in emails. The IT team has decided to implement an EDR solution to better protect their endpoints. Which of the following configuration changes should be made to the EDR solution to improve security?
CorrectIncorrect -
Question 18 of 50
18. Question
A company’s security team is implementing Network Access Control (NAC) to improve security. Which of the following configuration changes would BEST improve security?
CorrectIncorrect -
Question 19 of 50
19. Question
In a recent security audit, it was discovered that several endpoints in your organization are communicating with known malicious domains. To prevent further communication with these domains, which of the following configuration changes should you implement?
CorrectIncorrect -
Question 20 of 50
20. Question
A company wants to implement a new security control that can execute and analyze untrusted code in an isolated environment. Which of the following options would best suit this requirement?
CorrectIncorrect -
Question 21 of 50
21. Question
A company is concerned about network security breaches caused by rogue devices being connected to the network. Which port security feature can be configured to disable a port if the switch detects a violation?
CorrectIncorrect -
Question 22 of 50
22. Question
A company has noticed an increase in suspicious activity on their network and suspects that they may have been breached. They decide to conduct proactive threat hunting to investigate the issue. During the investigation, the security team establishes a hypothesis that the breach was initiated through a phishing email. What is the importance of establishing a hypothesis during proactive threat hunting?
CorrectIncorrect -
Question 23 of 50
23. Question
A company has experienced several cyber attacks in the past year and has decided to implement a proactive threat hunting program to detect and prevent future attacks. During the threat hunting process, the security team establishes a hypothesis that an insider threat is responsible for the attacks. What is the importance of establishing a hypothesis during proactive threat hunting in this scenario?
CorrectIncorrect -
Question 24 of 50
24. Question
A security analyst is using the tactic of “baiting” in a threat-hunting operation. What is the analyst doing?
CorrectIncorrect -
Question 25 of 50
25. Question
In a threat hunting operation, a security analyst is using the tactic of “reconnaissance.” What is the analyst doing?
CorrectIncorrect -
Question 26 of 50
26. Question
A company’s security team is concerned about potential vulnerabilities in its network infrastructure. They suspect that there may be unnecessary services running on their servers that could be exploited by attackers. Which of the following is an effective threat hunting tactic to reduce the attack surface area in this scenario?
CorrectIncorrect -
Question 27 of 50
27. Question
A company is planning to deploy additional security controls to protect its critical assets. They have decided to bundle the assets together and implement various security measures to defend against potential threats. Which of the following is a potential benefit of bundling critical assets?
CorrectIncorrect -
Question 28 of 50
28. Question
A company has been experiencing repeated incidents of unauthorized access to its network resources. The security team has implemented several controls but has been unable to stop the attacks. After conducting threat hunting, they discover that the attackers are exploiting a vulnerability in an outdated software version that is still in use. Which of the following attack vectors is the MOST likely cause of this incident?
CorrectIncorrect -
Question 29 of 50
29. Question
A security analyst is performing threat hunting for a company’s network and identifies a suspicious pattern of traffic going to an external IP address. Upon investigation, the analyst discovers that a group of employees unknowingly installed a third-party application that contained malware. Which of the following attack vectors is the MOST likely cause of this incident?
CorrectIncorrect -
Question 30 of 50
30. Question
A security team is tasked with identifying and mitigating potential threats in an e-commerce organization. Which of the following actions is an example of using integrated intelligence to improve threat hunting?
CorrectIncorrect -
Question 31 of 50
31. Question
A security analyst is looking for a way to automate the incident response process. Which of the following automation technologies would be BEST suited for this purpose?
CorrectIncorrect -
Question 32 of 50
32. Question
In an organization, the security team wants to automate the process of checking user passwords for complexity and age. Which of the following scripting languages would be the best choice for this task?
CorrectIncorrect -
Question 33 of 50
33. Question
An organization has implemented a security information and event management (SIEM) solution to monitor its network. The security team wants to automate the process of analyzing logs generated by the SIEM and taking necessary actions. Which of the following scripting languages would be MOST suitable for this task?
CorrectIncorrect -
Question 34 of 50
34. Question
An organization has a large number of security tools from different vendors, and they are struggling to manage and coordinate their workflows. Which of the following automation technologies would be the MOST suitable for integrating these disparate tools?
CorrectIncorrect -
Question 35 of 50
35. Question
In an effort to streamline its incident response processes, a company is considering automating the creation of malware signatures. Which of the following is an advantage of using automated malware signature creation?
CorrectIncorrect -
Question 36 of 50
36. Question
An organization wants to improve its threat hunting capabilities by automating the process of data enrichment. Which of the following automation concepts would be MOST useful in achieving this goal?
CorrectIncorrect -
Question 37 of 50
37. Question
In a security operations center, an analyst noticed a suspicious IP address attempting to connect to a critical server. The analyst used an automated tool to enrich the IP address with additional information, including the reputation of the IP address, the associated domain name, and its geographic location. Which of the following statements BEST describes the purpose of data enrichment in this scenario?
CorrectIncorrect -
Question 38 of 50
38. Question
In an effort to enhance its security posture, a company subscribes to several threat intelligence feeds to keep up to date with emerging threats. The security team decides to use an automation tool to combine these feeds into a single threat feed to be used in their security monitoring processes. What technology or concept does this process involve?
CorrectIncorrect -
Question 39 of 50
39. Question
In an effort to improve its threat detection capabilities, a company has decided to implement machine learning algorithms. Which of the following is an advantage of using machine learning for threat detection?
CorrectIncorrect -
Question 40 of 50
40. Question
A security analyst is evaluating the different automation technologies available for threat detection and response. Which of the following is a key advantage of using SOAR over other automation technologies?
CorrectIncorrect -
Question 41 of 50
41. Question
A company wants to improve its software development process by implementing continuous integration. Which of the following is a benefit of this automation concept?
CorrectIncorrect -
Question 42 of 50
42. Question
A company wants to improve its software development process by incorporating automation techniques. They want to ensure that any new code added to their system is continuously tested to ensure it meets their security standards. Which automation concept would BEST fit their needs?
CorrectIncorrect -
Question 43 of 50
43. Question
A software development team wants to implement a process where code changes are automatically tested and deployed to a staging environment for manual testing before being deployed to production. Which of the following BEST describes this process?
CorrectIncorrect -
Question 44 of 50
44. Question
A company wants to automate its software deployment process to speed up software releases and improve efficiency. Which of the following is a characteristic of continuous deployment?
CorrectIncorrect -
Question 45 of 50
45. Question
A security team wants to automate the process of responding to security incidents by using scripting. Which of the following statements is true about scripting?
CorrectIncorrect -
Question 46 of 50
46. Question
A security analyst is tasked with automating the process of patching vulnerabilities on a large number of systems. The analyst decides to use scripting to automate this process. Which of the following statements is true about scripting?
CorrectIncorrect -
Question 47 of 50
47. Question
During a security investigation, you are asked to review the event logs for a Windows server. You notice a large number of failed logon attempts from various IP addresses over the past 24 hours. Which of the following is the MOST likely explanation for this activity?
CorrectIncorrect -
Question 48 of 50
48. Question
A security analyst is reviewing syslog data for a web server and notices multiple entries with the same IP address accessing the server. The analyst suspects a brute-force attack is occurring. Which of the following is the BEST course of action for the analyst to take?
CorrectIncorrect -
Question 49 of 50
49. Question
A company’s security team is reviewing the firewall logs and notices that a large number of requests are being made to a particular website from multiple internal devices. They investigate the website and find that it is a phishing site that is trying to steal user credentials. Which of the following actions should the security team take in response to this finding?
CorrectIncorrect -
Question 50 of 50
50. Question
An organization has recently implemented an IDS/IPS solution to monitor network traffic for potential security threats. During a routine log review, an analyst notices a large number of alerts related to a specific IP address. Which of the following actions should the analyst take FIRST to investigate this issue?
CorrectIncorrect