Domain 4.0 Security Operations
Assessment Questions and Answers
100% Accurate
Network security baselines - ANSWER-The IT team of a medium-sized business is
planning to enhance network security. They want to enforce minimum security controls
and configurations across all network devices, including firewalls, routers, and switches.
What should they establish to achieve this objective?
Sanitizing the servers - ANSWER-A tech company is in the process of decommissioning
a fleet of old servers. It wants to ensure that sensitive data stored on these servers is
fully eliminated and is not accessible in the event of unauthorized attempts. What
primary process should the company implement before disposing or repurposing these
servers?
Using MDM solutions to centrally control employees' mobile devices - ANSWER-An
organization has implemented a Bring Your Own Device (BYOD) policy, allowing
employees to use their personal mobile devices for work-related tasks. Aware of the
varying legal ramifications and privacy concerns across different jurisdictions related to
controlling personal devices, the organization seeks to enhance the security of these
devices within the constraints of these legal and privacy issues. Considering this
context, which of the following measures would be the MOST effective way to navigate
these complexities while striving to secure employees' mobile devices under the BYOD
policy?
CVSS - ANSWER-An organization is creating a quick reference guide to assist team
members when addressing common vulnerabilities and exposures across the
enterprise. What does the Forum of Incident Response and Security Teams maintain
that generates metrics of a score from 0 to 10?
It can create, modify, or delete individual user accounts.
It can create, modify, or delete individual users' access rights across IT systems. -
ANSWER-A cyber architect explores various methods to assign needed access for
newly-hired employees or employees who have transitioned to a new role. What are the
benefits associated with user provisioning? (Select the two best options.)
Decrease in network latency - ANSWER-Which of the following options is NOT a
challenge typically encountered while implementing web filtering solutions in an
enterprise?
, Passwordless authentication - ANSWER-The IT department at a medium-sized
company is exploring ways to enhance its authentication methods to improve security.
They want to choose an authentication approach that balances security and user
convenience. Which authentication method eliminates the need for passwords and
provides a secure way of verifying a user's identity based on the device's hardware or
software characteristics?
It refers to the process of removing sensitive information from storage media to prevent
unauthorized access or data breaches.
Something you have - ANSWER-After a breach, an organization implements new
multifactor authentication (MFA) protocols. What MFA philosophy incorporates using a
smart card or key fob to support authentication?
Operating system-specific security logs - ANSWER-A cyber technician pulls logs on the
new Apple iMacs to ensure the company's employees adhere to the policy. What log
can provide the technician with the computer's attempted logins or denial when an
employee attempts to access a file?
Its process uses specialized techniques, such as data wiping, degaussing, or
encryption. - ANSWER-Upon receiving new storage media drives for the department, an
organization asks a software engineer to dispose of the old drives. When considering
the various methods, what processes does sanitization involve? (Select the two best
options.)
Simulation - ANSWER-Following an incident in which a company's incident response
plan (IRP) failed, the response team makes several updates and changes to the IRP.
The CEO wants to test the IRP with a realistic incident using an attacking team, a
defending team, and moderating team, and is not concerned with costs and planning.
Which IRP exercise is the BEST option while meeting the CEO's expectations?
Adjust scanner config based on log review
Use different scanners - ANSWER-A system administrator frequently encounters false
positive vulnerability alerts, which are inaccurately indicating security weaknesses that
do not exist. These false alarms are becoming a significant issue, leading to wasted
resources and potential neglect of real vulnerabilities. To enhance the accuracy of
vulnerability detection and reduce the occurrence of these false positives, what are the
most effective actions the administrator can take? (Select the two best options.)
A: Updated via vulnerability feed
B: Updated via the security content automation protocol
D: Updated via the threat feed - ANSWER-A new system administrator has been
working all morning typing in new vulnerability signatures to ensure the vulnerability
Assessment Questions and Answers
100% Accurate
Network security baselines - ANSWER-The IT team of a medium-sized business is
planning to enhance network security. They want to enforce minimum security controls
and configurations across all network devices, including firewalls, routers, and switches.
What should they establish to achieve this objective?
Sanitizing the servers - ANSWER-A tech company is in the process of decommissioning
a fleet of old servers. It wants to ensure that sensitive data stored on these servers is
fully eliminated and is not accessible in the event of unauthorized attempts. What
primary process should the company implement before disposing or repurposing these
servers?
Using MDM solutions to centrally control employees' mobile devices - ANSWER-An
organization has implemented a Bring Your Own Device (BYOD) policy, allowing
employees to use their personal mobile devices for work-related tasks. Aware of the
varying legal ramifications and privacy concerns across different jurisdictions related to
controlling personal devices, the organization seeks to enhance the security of these
devices within the constraints of these legal and privacy issues. Considering this
context, which of the following measures would be the MOST effective way to navigate
these complexities while striving to secure employees' mobile devices under the BYOD
policy?
CVSS - ANSWER-An organization is creating a quick reference guide to assist team
members when addressing common vulnerabilities and exposures across the
enterprise. What does the Forum of Incident Response and Security Teams maintain
that generates metrics of a score from 0 to 10?
It can create, modify, or delete individual user accounts.
It can create, modify, or delete individual users' access rights across IT systems. -
ANSWER-A cyber architect explores various methods to assign needed access for
newly-hired employees or employees who have transitioned to a new role. What are the
benefits associated with user provisioning? (Select the two best options.)
Decrease in network latency - ANSWER-Which of the following options is NOT a
challenge typically encountered while implementing web filtering solutions in an
enterprise?
, Passwordless authentication - ANSWER-The IT department at a medium-sized
company is exploring ways to enhance its authentication methods to improve security.
They want to choose an authentication approach that balances security and user
convenience. Which authentication method eliminates the need for passwords and
provides a secure way of verifying a user's identity based on the device's hardware or
software characteristics?
It refers to the process of removing sensitive information from storage media to prevent
unauthorized access or data breaches.
Something you have - ANSWER-After a breach, an organization implements new
multifactor authentication (MFA) protocols. What MFA philosophy incorporates using a
smart card or key fob to support authentication?
Operating system-specific security logs - ANSWER-A cyber technician pulls logs on the
new Apple iMacs to ensure the company's employees adhere to the policy. What log
can provide the technician with the computer's attempted logins or denial when an
employee attempts to access a file?
Its process uses specialized techniques, such as data wiping, degaussing, or
encryption. - ANSWER-Upon receiving new storage media drives for the department, an
organization asks a software engineer to dispose of the old drives. When considering
the various methods, what processes does sanitization involve? (Select the two best
options.)
Simulation - ANSWER-Following an incident in which a company's incident response
plan (IRP) failed, the response team makes several updates and changes to the IRP.
The CEO wants to test the IRP with a realistic incident using an attacking team, a
defending team, and moderating team, and is not concerned with costs and planning.
Which IRP exercise is the BEST option while meeting the CEO's expectations?
Adjust scanner config based on log review
Use different scanners - ANSWER-A system administrator frequently encounters false
positive vulnerability alerts, which are inaccurately indicating security weaknesses that
do not exist. These false alarms are becoming a significant issue, leading to wasted
resources and potential neglect of real vulnerabilities. To enhance the accuracy of
vulnerability detection and reduce the occurrence of these false positives, what are the
most effective actions the administrator can take? (Select the two best options.)
A: Updated via vulnerability feed
B: Updated via the security content automation protocol
D: Updated via the threat feed - ANSWER-A new system administrator has been
working all morning typing in new vulnerability signatures to ensure the vulnerability
