Question 41
A security incident occurred with the potential of impacting business services. Who performs the attack?
A. threat actor
B. malware author
C. direct competitor
D. bug bounty hunter
Question 42
How does a certificate authority impact security?
A. It authenticates domain identity when requesting an SSL certificate.
B. It validates client identity when communicating with the server.
C. It authenticates client identity when requesting an SSL certificate.
D. It validates the domain identity of the SSL certificate.
Question 43
Which data type is necessary to get information about source/destination ports?
A. statistical data
B. session data
C. alert data
D. connectivity data
Question 44
Which event is a vishing attack?
A. obtaining disposed documents from an organization
B. using a vulnerability scanner on a corporate network
C. impersonating a tech support agent during a phone call
D. setting up a rogue access point near a public hotspot
Question 45
DRAG DROP - Drag and drop the security concept from the left onto the example of that concept on the right. Select and Place:
Question 46
What is a difference between SIEM and SOAR?
A. SIEM predicts and prevents security alerts, while SOAR checks attack patterns and applies the mitigation.
B. SIEM's primary function is to collect and detect anomalies, while SOAR is more focused on security operations automation and response.
C. SOAR's primary function is to collect and detect anomalies, while SIEM is more focused on security operations automation and response.
D. SOAR predicts and prevents security alerts, while SIEM checks attack patterns and applies the mitigation.
Question 47
What is vulnerability management?
A. A process to identify and remediate existing weaknesses.
B. A process to recover from service interruptions and restore business-critical applications.
C. A security practice of performing actions rather than acknowledging the threats.
D. A security practice focused on clarifying and narrowing intrusion points.
Question 48
What is a difference between signature-based and behavior-based detection?
A. Signature-based identifies behaviors that may be linked to attacks, while behavior-based has a predefined set of rules to match before an alert.
B. Behavior-based identifies behaviors that may be linked to attacks, while signature-based has a predefined set of rules to match before an alert.
C. Behavior-based uses a known vulnerability database, while signature-based intelligently summarizes existing data.
D. Signature-based uses a known vulnerability database, while behavior-based intelligently summarizes existing data.
Question 49
When communicating via TLS, the client initiates the handshake to the server and the server responds back with its certificate for identification. Which information is available on the server certificate?
A. server name, trusted subordinate CA, and private key
B. trusted subordinate CA, public key, and cipher suites
C. trusted CA name, cipher suites, and private key
D. server name, trusted CA, and public key
Question 50
How does an SSL certificate impact security between the client and the server?
A. by enabling an authenticated channel between the client and the server
B. by creating an integrated channel between the client and the server
C. by enabling an authorized channel between the client and the server
D. by creating an encrypted channel between the client and the server
