Security+ SY0-501 Final Exam Study online at quizlet.com/_54lxo4 1. Acting on a client's behalf, a(n) ____ acts as an intermediary between a client and other devices. D. proxy 7. A. firewall B. filter C. concentrator D. proxy 2. ____ algorithms may be ideal for bulk transfers of data but are more susceptible to successful brute force attacks. D. Symmetric A(n) ____ is a contractual agreement between a provider and a consumer. 8. 4. A(n) ___ is designed for systems in which data cannot be queued or buffered for any significant length of time. 9. B. RTOS A(n) ____ ____ plan documents the steps that a company performs when responding to any situation determined to be abnormal in the operation of a computer system. 10. D. incident response A. change management B. active logging C. containment management D. incident response 6. Assume that an employee uses her smart card at an entry gate to enter a building. Also assume that another employee slips through the entry gate right behind the employee who just swiped her smart card for entry. Which of the following actions has just taken place? A. tailgating B. dumpster diving C. inpersonation D. watering hole attack A. fault tolerance Assume that your network has been attacked and that you have identified 4 computers that were infected. You quarantine these computers so that the rest of the network does not get infected. In what activity have you just engaged? C. sandboxing A. baselining B. pen testing C. sandboxing D. honeypotting A. SoC B. RTOS C. MFD D. IoT 5. Assume that your company's network is configured so that if a catastrophic failure occurs a mirror network can "take over." This mirrored system operation is know as ____ _____. A. fault tolerance B. high availability C. distributive allocation D. diminished redundancy A. SLA A. SLA B. MOU C. MOA D. ISA B. embedded systems A. IoT systems B. embedded systems C. ICS systems D. chip systems A. Secret B. Deprecated C. Asymmetric D. Symmetric 3. Assume that your company purchases 10 routers that are manufactured with chips manufactured by a third party. These thirdparty chips are referred to as ____. B. detective A. preventive B. detective C. corrective D. compensating 11. A. tailgating A fire alarm is a good example of a(n) ___ control. A government facility houses computerized data that is classified as both "top secret" and "secret." Which of the following access control models is most likely used at this facility? A. ABAC B. MAC C. DAC D. rule-based access control B. MAC 12. ____ is a cryptography concept in which a change in one character of plaintext alters the ciphertext so that the ciphertext cannot be used to reveal the structure of the plaintext. A. Diffusion 18. A. Identity B. Authorization C. Authentication D. Accountability A. Diffusion B. Collusion C. Confusion D. Collision 13. ____ is an attack in which the attacker gets escalated privileges to a device; the attack does not affect existing device functionality, but the attack does add additional functionality that bypasses the device's security. C. Jailbreaking ____ is the most preferred - and thorough form of data destruction. 19. ____ is the target time for resumption of normal operations after an incident has occurred. A. Burning 20. A logic bomb is a type of ___ that does not execute until certain conditions have been met (such as a specific date and time). A. virus B. worm C. rootkit D. backdoor 1-C 2-B 3-A 1. Has a fully configured network 2. Has a partially configured network 3. Has few computing components A. RTO B. physical A. virus Reading from left to right, which of the following options accurately depicts the forensic order of volatility? A. Cache > RAM > live network connections > hard disk data B. CPU > routing tables > RAM > backup data stored on archival media C. ARP cache > register contents > RAM > remotely logged data D. CPU > RAM > routing tables > remotely logged data A. logical B. physical C. virtual D. regulatory 17. Match the type of recovery site with its description. A. Cold site B. Warm site C. Hot site 21. Locks, biometrics, cameras, and mantraps are all examples of ____ security controls. 1-B 2-A 3-C 1. The "defenders" 2. The "attackers" 3. The planners and moderators A. RTO B. MTBF C. MTTR D. RPO 16. Match the penetration test team to its function A. Red team B. Blue team C. White team A. Burning B. Shredding C. Pulverizing D. Wiping 15. 1-D 2-C 3-B 4-A 1. Who did what and when 2. Proving who you say you are 3. Determining what you can access 4. Who you claim to be A. Tethering B. Sideloading C. Jailbreaking D. Unlocking 14. Match the concept with its description. 22. A risk assessment utilizes statistical methods to analyze potential risks. Which of the following risk assessment concepts can be defined as "an assessment of the risks imposed by embedded systems?" A. single loss expectancy B. risk register C. supply chain assessment D. likelihood of occurrence B. CPU > routing tables > RAM > backup data stored on archival media C. supply chain assessment 23. A type of vulnerability in which systems are allowed to grow without being properly documented with network diagrams is referred to as ____ ____. B. system sprawl 29. A. Virtual servers exhibit lower performance than physical servers. B. Virtual servers are less expensive than physical servers. C. Virtual servers are easier to manage, backup, and restore then physical servers. D. Virtual servers are more scalable with much less downtime for upgrades as compared to physical servers. A. architecture weakness B. system sprawl C. weak configuration D. resource exhaustion 24. Vulnerabilities that are not reported by a vulnerability scanner are referred to as ___ ___. A. false negatives A. false negatives B. false positives C. true positives D. true negatives 25. Which of the following actors are most likely to execute an advanced persistent threat (APT) attack? 30. C. nation states Which of the following concepts is depicted by the act of only providing network users with the access needed to perform their job functions? 31. A. least privilege A. least privilege B. permission auditing and review C. usage auditing and review D. account maintenance 27. Which of the following cyptographic protocols uses AES block cipher and is the IEEE standard for wireless network security? Which of the following is a development model based on manufacturing design in which each development phases is completed before moving to the next development phase? A. waterfall B. agile C. extreme programming D. scrum A. Kerberos C. WPA2 A. NIST Which of the following is the term used to denote the process of combining related items to reduce communication steps? D. stapling A. pinning B. chaining C. binding D. stapling 33. A. waterfall Which of the following is an example of a non-regulatory framework? A. NIST B. HIPAA C. FISMA D. SOX 32. A. WEP B. CCMP C. WPA2 D. WPA 28. Which of the following is a network authentication protocol that is built around a key distribution center consisting of an authentication server and a ticketgranting server? A. Virtual servers exhibit lower performance than physical servers. A. Kerberos B. LDAP C. TACACS+ D. SAML A. organized crime B. script kiddies C. nation states D. hacktivists 26. Which of the following is a generally a disadvantage of virtual servers (versus physical servers)? Which of the following is triggered when a company receives a litigation hold request from another entity? A. Chain of custody B. acquisition hold C. duty of custody D. legal hold D. legal hold 34. Which of the following is used to manage or store encryption keys? A. Self-Encrypting Disk (SED) B. Trusted Platform Module (TPM) C. Hardware Security Module (HSM) D. Unified Extensible Firmware Interface (UEFI) 35. Which of the following pieces of malware is typically hidden in a picture or video? C. Hardware Security Module (HSM) B. stegomalware A. rootkits B. stegomalware C. ransomware D. spyware 36. Which of the following protocols provides cryptographic protection for emails? A. S/MIME A. S/MIME B. SSH C. LDAPS D. DNS 37. Which of the following records networks users and their respective permitted actions on the network? C. access control list A. firewall rule B. packet filter C. access control list D. proxy server 38. Which of the following systems are designed to detect and prevent threats against host intrusions? D. HIPS A. NIDS B. NIPS C. HIDS D. HIPS 39. Which of the following terms can be defined as "movement from a lower-level account to an account that enables rootlevel activity?" A. persistence B. pivoting C. escalation of privilege D. reconnaissance C. escalation of privilege 40. Which of the following tools are used to identify specific system data for destruction? A. data sanitization tools B. steganography tools C. honeypots D. backup utilities A. data sanitization tools