Business > EXAM > Cyber security Analyst Quiz FedVTE 40 Questions with Verified Answers,100% CORRECT (All)

Cyber security Analyst Quiz FedVTE 40 Questions with Verified Answers,100% CORRECT

Document Content and Description Below

Cyber security Analyst Quiz FedVTE 40 Questions with Verified Answers Which of the following is a common environmental reconnaissance task that is performed to help gain insight on how an organiz... ation's networked systems are connected, or mapping the network? - CORRECT ANSWER Topology Discovery If an unexpected issue occurred during an application installation on a Windows system, which of the following event log categories would be best to reference for troubleshooting? - CORRECT ANSWER Not System or Security. Maybe Setup The federal version of certification and accreditation guidance that applies to departments and agencies within the Department of Defense is: - CORRECT ANSWER DIACAP Which security mechanism can social engineering help bypass? - CORRECT ANSWER A. Intrusion Detection Systems B. Firewalls C. Domain Security Policies (No) D. All of the Above E. None of the Above Which type of intrusion detection may terminate processes or redirect traffic upon detection of a possible intrusion? - CORRECT ANSWER Active Which of the following is a potential consequence of not limiting or protecting communications during an incident? - CORRECT ANSWER All of the Above (Customer confidence may be negatively impacted, Competitors may recognize weakness or advantage, Media may include information not intended for release) Which one of the following can be managed through group policies (GPO)? - CORRECT ANSWER All the Above (Authentication settings, Software installation and update, IPsec connections) What is used to record the order in which evidence was handled, by whom, and the nature of the evidence handling? - CORRECT ANSWER Chain of custody The procedure of developing controls as vulnerabilities are discovered to keep them from being exploited is known as: - CORRECT ANSWER A. Change Control Management B. Compensating Control Development C. Vulnerability Control Patch D. Remediation Control Development (No) Which of the following are Windows event severity levels: - CORRECT ANSWER error, warning, information Which of the following intrusion detection systems uses statistical analysis to detect intrusions? - CORRECT ANSWER Anomaly Which one of the following is a use for Network Flow Data? - CORRECT ANSWER All of the Above (Attack identification and attribution such as DoS detection, Traffic engineering such as a host analysis, Accounting to cross verify other sources) Which of the following is an attacker most likely to use to attempt to view packets containing data in clear text? - CORRECT ANSWER Wireshark Packets from a computer outside the network are being dropped on the way to a computer inside the network. Which of the following would be MOST useful to determine the cause of this? - CORRECT ANSWER Firewall log Using the Common Vulnerability Scoring System, CVSS, which of the following indicators would be the most critical or severe finding? - CORRECT ANSWER 10 Which of the following is used for moving traffic within individual VLANs? - CORRECT ANSWER VLAN Access Maps The IP address and MAC address of a rogue device within the local network might best be revealed by which of the following logs? - CORRECT ANSWER DHCP logs Which type of analysis method combines machine learning algorithms and statistical analyses to identify deviations from normal baseline user, system, or network activities? - CORRECT ANSWER User and Entity Behavior Analytics A high tolerance for risk requires higher, more frequent, vulnerability scanning. - CORRECT ANSWER False At what layer of the TCP/IP model do devices such as ATM, switches, and bridges operate, as well as protocols PPP and ARP? - CORRECT ANSWER Data-link Which of the following describes when the claimed identity of a user is validated? - CORRECT ANSWER Authentication Which of the following is an example of the security mitigation technique of changing roles every couple of months? - CORRECT ANSWER Job rotation Which layer of the TCP/IP model is equivalent to the Session, Presentation, and Application layers of the OSI model? - CORRECT ANSWER Application Which of the following are the six steps of an incident response plan? A. Detect, Respond, Report, Recover, Remediate, Review B. Discover, Review, Respond, Recover, Rectify, Report C. Detect, Respond, Remediate, Recover, Review, Report D. Detect, Respond, Report, Recover, Remediate, Review - CORRECT ANSWER Not A or C The Open Web Application Security Project publishes the OWASP Top 10, which summarizes feedback from the community in order to compile the Top 10 application vulnerabilities, including the associated risks, impacts, and mitigations for each. What is the main reason a developer wouldn't solely rely on this guidance? - CORRECT ANSWER An organization's prioritized threat may not be withing the top 10 When the number of virtual machines on a network reaches a point where it's too much for an administrator to effectively manage, is known as: A. VM Sprawl B. VM Escape C. VM Gorge D. VM Discourse - CORRECT ANSWER VM Sprawl Which of the following define requirements to support a policy? A. Procedures B. Standards C. Guidance D. Practices - CORRECT ANSWER Standards Ideally, a forensics workstation: A. is isolated to prevent contaminating B. has support for removable storage devices C. is not used for day-to-day operations D. All of the above E. None of the above - CORRECT ANSWER All of the Above Network flows are difficult to track large amounts of traffic with and cannot view a consolidated picture of what is happening on your network. A. True B. False - CORRECT ANSWER False Which of the following is NOT a best practice for securing wireless environments? A. Broadcasting the access point SSID using proper network name only B. Using protocols such as WPA2 or WPA3 to authenticate users C. Implementing 802.1x port security D. Managing access by device MAC address - CORRECT ANSWER Broadcasting the access point SSID using proper network name only Which of the following scan types allows executable operations on a host, and generally takes longer to run? A. Agent scan B. Non-credentialed scan C. Credentialed scan D. Domain host scan - CORRECT ANSWER Credentialed scan The amount of risk that an organization can accept and still achieve business objectives is its: A. Risk appetite B. Risk deterrence C. Risk avoidance D. Risk indicator - CORRECT ANSWER Risk appetite Which of the activity would NOT be considered passive footprinting? A. Scan the range of IP addresses found in the target's DNS database B. Look through the trash to find out any information that might have been discarded C. Perform multiple searches through a search engine D. Search on a financial site such as Yahoo Financial - CORRECT ANSWER Not A When implementing a vulnerability management process, which of the following is the logical order of activities? A. Establish scan frequency, configure scan tools, remediation, requirements identification B. Requirements identification, configure scan tools, establish scan frequency, remediation C. Establish scan frequency, requirements identification, configure scan tools, remediation D. Requirements identification, establish scan frequency, configure scan tools, remediation - CORRECT ANSWER Requirements identification, establish scan frequency, configure scan tools, remediation The requirements identified for a vulnerability management process many times drive the vulnerability scanning frequency. A. True B. False - CORRECT ANSWER True Which of the following vulnerability scan methods uses push technology and is dependent on network connectivity? A. Credential B. Server-based C. Agent-based D. Discover - CORRECT ANSWER Server-based To test and confirm security settings and configurations in a networked environment, and find any further vulnerabilities and details on how they may be leveraged in an attack, which of the following cyber tool types would be most useful? A. Discovery B. Exploit C. Forensic D. Recovery - CORRECT ANSWER Exploit Tools like Encase and FTK can be used for imaging, mounting, and analyzing hard drives. What category of cyber tools would they be considered? A. Exploit B. Forensic C. Backup D. Recovery - CORRECT ANSWER Forensic Which of the following would NOT typically be part of an incident response plan? A. Outline restoration of normal operations B. Determine party at fault for the adverse event C. Describe fast and efficient responses D. Strategies to limit damage to an acceptable level - CORRECT ANSWER Not D [Show More]

Last updated: 8 months ago

Preview 1 out of 6 pages

Add to cart

Instant download


Buy this document to get the full access instantly

Instant Download Access after purchase

Add to cart

Instant download

Also available in bundle (1)

ALL FedVTE Exams (20 Sets) Questions with Verified Answers 100% CORRECT

FedVTE Cyber Risk Management for Technicians Questions with Answers,Cyber security Analyst Quiz FedVTE 40 Questions with Verified Answers,FedVTE Windows Operating System Security 50 Questions with Ver...

By Nolan19 8 months ago



Reviews( 0 )


Add to cart

Instant download

Can't find what you want? Try our AI powered Search



Document information

Connected school, study & course

About the document

Uploaded On

Oct 10, 2023

Number of pages


Written in



Member since 2 years

10 Documents Sold

Additional information

This document has been written for:


Oct 10, 2023





Recommended For You

Get more on EXAM »
What is Browsegrades

In Browsegrades, a student can earn by offering help to other student. Students can help other students with materials by upploading their notes and earn money.

We are here to help

We're available through e-mail, Twitter, Facebook, and live chat.
 Questions? Leave a message!

Follow us on

Copyright © Browsegrades · High quality services·