WGU C795 OA Prep 1 Questions and Answers

Document Content and Description Below

A chief information officer (CIO) recently read an article involving a similar company that was hit with ransomware due to ineffective patch-management practices. The CIO tasks a security profession... al with gathering metrics on the effectiveness of the company's patch-management program to avoid a similar incident. Which method enables the security professional to gather current, accurate metrics? a. Review authenticated vulnerability scan reports b. Review reports from Windows Update c. Review patch history on nonproduction systems d. Review patch tickets in the change control system,a A combined mail server and calendaring server environment contains no secure sockets layer (SSL) certificate. Which security principle of the CIA triad is affected by the lack of an SSL certificate? a. Confidentiality b. Integrity c. Authentication d. Availability,a A company develops a business continuity plan in addition to an emergency communication plan. What should be included in the company's emergency communication plan? Choose 2 answers. a. Alternate means of contact b. Backup people for each role c. The best time to call each person d. Employee's phone service providers,a, b A company does not have a disaster recovery plan (DRP) and suffers a multiday power outage. Which provisioning should the company perform to provide stable power for a long period of time? a. Purchase generators b. Purchase additional servers c. Create a RAID array d. Create a failover cluster,a A company has identified a massive security breach in its healthcare records department. Over 50% of customers' personally identifiable information (PII) has been stolen. The customers are aware of the breach, and the company is taking actions to protect customer assets through the personal security policy, which addresses PII data. Which preventive measure should the company pursue to protect against future attacks? a. Require cognitive passwords b. Employ password tokens c. Use network-based and host-based firewalls d. Install auditing tools,c A company has signed a contract with a third-party vendor to use the vendor's inventory management system hosted in a cloud. For convenience, the vendor set up the application to use Lightweight Directory Access Protocol (LDAP) queries but did not enable secure LDAP queries or implement a secure sockets layer (SSL) on the application's web server. The vendor does not have the ability to secure the system, and company management insists on using the application. Which defense-in-depth practices should the company implement to minimize the likelihood of an account compromise due to insecure setup by the vendor? a. Location-based access control and multifactor authentication b. Intrusion prevention system (IPS) and honeypot systems c. Antivirus and intrusion detection system (IDS) d. Password hashing and authentication encryption,a A company has user credentials compromised through a phishing attack. Which defense-in-depth practice will reduce the likelihood of misuse of the user's credentials? a. Configure firewall rules b. Deploy multifactor authentication c. Deploy RADIUS authentication d. Configure encryption protocols,b A company hires several contractors each year to augment its IT workforce. The contractors are granted access to the internal corporate network, but they are not provided laptops containing the corporate image. Instead, they are required to bring their own equipment. Which defense-in-depth practice should be required for contractor laptops to ensure that contractors do not connect infected laptops to the internal corporate network? a. Enable command-line audit logging on contractor laptops b. Configure devices to not autorun content c. Configure antimalware scanning of removable devices d. Ensure antimalware software and signatures are updated,d A company is concerned about loss of data on removable media when media are lost or stolen. Which standard should this company implement on all flash drives? a. Maximum password age b. Encryption c. Awareness training d. Layer 2 tunneling protocol,b A company is concerned about securing its corporate network, including its wireless network, to limit security risks. Which defense-in-depth practice represents an application of least privilege? a. Implement mutual multifactor authentication b. Configure Wi-Fi-Protected Access for encrypted communication c. Disable wireless access to users who do not need it d. Implement an intrusion detection system,c A company is concerned about unauthorized network traffic. Which procedure should the company implement to block FTP traffic? a. Install a packet filter b. Update the DNS c. Filter ports 20 and 21 at the firewall d. Decrease the network bandwidth,c A company is concerned about unauthorized programs being used on network devices. Which defense-in-depth strategy would help eliminate unauthorized software on network devices? a. Develop an acceptable use policy and update all network device firmware b. Use application controls tools and update AppLocker group policies c. Limit administrative access to devices and create DHCP scope options d. Upgrade to a 64-bit operating system and install an antimalware application,b A company is concerned about unneeded network protocols being available on the network. Which two defense-in-depth practices should the company implement to detect whether FTP is being used? Choose 2 answers. a. Install BIOS firmware updates b. Perform automated packet scanning c. Implement application firewalls d. Physically segment the network,b, c A company is concerned that disgruntled employees are sending sensitive data to its competitors. Which defense-in-depth practices assist a company in identifying an insider threat? a. Data loss prevention (DLP) and audit logs b. Antivirus and intrusions detection systems (IDS) c. Data loss prevention (DLP) and instusion detection systems (IDS) d. Antivirus and audit logs,a A company is hit with a number of ransomware attacks. These attacks are causing a significant amount of downtime and data loss since users with access to sensitive company documents are being targeted. These attacks have prompted management to invest in new technical controls to prevent ransomware. Which defense-in-depth practices should this company implement? a. Password resets and a log review b. Mandatory vacation and job rotation c. Spam filtering and anti-malware d. Encryption and an internal firewall,c A company is implementing a defense-in-depth approach that includes capturing audit logs. The audit logs need to be written in a manner that provides integrity. Which defense-in-depth strategy should be applied? a. Write the data to a write-once, read-many (WORM) drive b. Write the data to an encrypted hard drive c. Write the data to an encrypted flash drive d. Write the data to an SD card and store the SD card in a safe,a A company is moving its database backups from an off-site location to an alternate processing site warehouse using bulk transfers. Which type of database recovery is this company employing? a. Electronic vaulting b. Remote jounailing c. Remote mirroring d. Mutual assistance,a A company is terminating several employees with high levels of access. The company wants to protect itself from possible disgruntled employees who could become potential insider threats. Which defense-in-depth practices should be applied? a. Account revocation and conducting a vulnerability assessment b. Account revocation and conducting a full backup of critical data c. A mandatory 90-day password change and conducting a full backup of critical data d. A mandatory 90-day password change and conducting a vulnerability assessment,a A company needs to improve its ability to detect and investigate rogue WAPs. Which defense-in-depth practice should be used? a. Configure a captive portal to request information b. Configure MAC address filtering to control access c. Install a wireless IDS to monitor irregular behavior d. Install a stateful firewall to block network connections,c A company notices that someone keeps trying to access its system using different passwords and usernames. What can help mitigate the success of this attack? a. Require a CAPTCHA b. Block the IP address of the user c. Use the user sessions after authentication d. Use cookie authentication,a A company performs a data audit on its critical information every six months. Company policy states that the audit cannot be conducted by the same employee within a two-year time frame. Which principle is this company following? a. Job rotation b. Two person control c. Least privilege d. Need to know,a A company presents team members with a disaster recovery scenario, asks members to develop an appropriate response, and then tests some of the technical responses without shutting down operations at the primary site. Which type of disaster recovery test is being performed? a. Read-through b. Structured walk-through c. Simulation d. Full-interruption,c A company relies exclusively on a system for critical functions. An audit is performed, and the report notes that there is no log review performed on the system. Management has been tasked with selecting the appropriate person to perform the log reviews in order to correct the deficiency. Which role is responsible for reviewing and auditing logs in order to detect any malicious behavior? a. Security Administrator b. System user c. Database administrator d. Senior management,a A company wants to monitor the inbound and outbound flow of packets and not the content. Which defense-in-depth strategy should be implemented? a. The organization should use egress filtering on the network. b. Traffic and trend analyses should be installed on the router. c. The administrator should configure network data loss prevention. d. RADIUS authentication should be used on the bastion host.,b A company wants to prevent cybercriminals from gaining easy access into its email server. The company wants to know which user is accessing which resources and to prevent hackers from easily gaining access to the server. Which defense-in-depth strategy should be used? a. Authenticate users and devices and log events within the network b. Deploy VLANs for traffic separation and coarse-grained security c. Place encryption throughout the network to ensure privacy d. Use stateful firewall technology at the port level and log firewall activity,a A company wants to reduce the risk of an employee with internal knowledge committing an act of sabotage once that employee is no longer with the company. Which control should the company implement to mitigate this risk? a. Deploy an intrusion detection system b. Monitor email for blackmail attempts c. Perform annual employee credit checks d. Enable an access termination procedure,d A company's business operations are disrupted due to a flash flood. Which consequences to business continuity should be addressed in the disaster recovery plan? a. Evaluation of risk from possible flood damage b. Identify essential personnel and decision makers c. Provide flood-response training to the disaster recovery team d. Provision additional backup power sources,a A company's database administrator requires access to a database server to perform maintenance. The director of information technology will provide the database administrator access to the database server but will not provide the database administrator access to all the data within the server's database. Which defense-in-depth practice enhances the company's need-to-know data access strategy? a. Using compartmented mode systems and least privilege b. Using compartmented mode systems and two-person control c. Using dedicated mode systems and least privilege d. Using dedicated mode systems and two-person control,a A company's main asset is a physical working prototype stored in the research and development department. The prototype is not currently connected to the company's network. Which privileged user activity should be monitored? a. Accessing camera logs b. Adding accounts to the administrator group c. Running scripts in PowerShell d. Disabling host firewall,a A company's main asset is its client list stored in the company database, which is accessible to only specific users. The client list contains Health Insurance Portability and Accountability Act (HIPAA) protected data. Which user activity should be monitored? [Show More]

Last updated: 1 year ago

Preview 1 out of 11 pages