Question 101
A DBA reports that several production server hard drives were wiped over the weekend. The DBA also reports that several Linux servers were unavailable due to system files being deleted unexpectedly. A security analyst verified that software was configured to delete data deliberately from those servers. No backdoors to any servers were found. Which of the following attacks was MOST likely used to cause the data loss?
A. Logic bomb
B. Ransomware
C. Fileless virus
D. Remote access Trojans
E. Rootkit
Question 102
Digital signatures use asymmetric encryption. This means the message is encrypted with:
A. the sender's private key and decrypted with the sender's public key.
B. the sender's public key and decrypted with the sender's private key.
C. the sender's private key and decrypted with the recipient's public key.
D. the sender's public key and decrypted with the recipient's private key.
Question 103
A security engineer was assigned to implement a solution to prevent attackers from gaining access by pretending to be authorized users. Which of the following technologies meets the requirement?
A. SSO
B. IDS
C. MFA
D. TPM
Question 104
The Chief Information Security Officer (CISO) has requested that a third-party vendor provide supporting documents that show proper controls are in place to protect customer data. Which of the following would be BEST for the third-party vendor to provide to the CISO?
A. GDPR compliance attestation
B. Cloud Security Alliance materials
C. SOC 2 Type 2 report
D. NIST RMF workbooks
Question 105
Which of the following is assured when a user signs an email using a private key?
A. Non-repudiation
B. Confidentiality
C. Availability
D. Authentication
Question 106
A systems administrator is troubleshooting a server's connection to an internal web server. The administrator needs to determine the correct ports to use. Which of the following tools BEST shows which ports on the web server are in a listening state?
A. ipconfig
B. ssh
C. ping
D. netstat
Question 107
Which of the following BEST reduces the security risks introduced when running systems that have expired vendor support and lack an immediate replacement?
A. Implement proper network access restrictions.
B. Initiate a bug bounty program.
C. Classify the system as shadow IT.
D. Increase the frequency of vulnerability scans.
Question 108
Due to unexpected circumstances, an IT company must vacate its main office, forcing all operations to alternate, off-site locations. Which of the following will the company MOST likely reference for guidance during this change?
A. The business continuity plan
B. The retention policy
C. The disaster recovery plan
D. The incident response plan
Question 109
While reviewing an alert that shows a malicious request on one web application, a cybersecurity analyst is alerted to a subsequent token reuse moments later on a different service using the same single sign-on method. Which of the following would BEST detect a malicious actor?
A. Utilizing SIEM correlation engines
B. Deploying Netflow at the network border
C. Disabling session tokens for all sites
D. Deploying a WAF for the web server
Question 110
Two organizations plan to collaborate on the evaluation of new SIEM solutions for their respective companies. A combined effort from both organizations' SOC teams would speed up the effort.
Which of the following can be written to document this agreement?
A. MOU
B. ISA
C. SLA
D. NDA
