Domain 4.0 Security Operations Exam
100% Correct!!
A company has added several new assets and software to its system and is meeting to
review its risk matrix. It wants to ensure risk management efforts focus on vulnerabilities
most likely impacting its operations significantly. What is this commonly referred to as?
A. Prioritization
B. Risk tolerance
C. Classification
D. Environmental variables - ANSWERSA. Prioritization
An organization needs to improve mobile device security by implementing internet
access restrictions. The organization needs a solution that provides granular control
over traffic and ensures policy enforcement for devices when they are away from the
corporate network. Which of the following is most closely associated with ensuring
mobile devices remain in compliance with these requirements?
A. Reputation-based filtering
B. Centralized web filtering
C. Manual URL blocking
D. Agent-based filtering - ANSWERSD. Agent-based filtering
Employees in a large corporate office use devices that support Bluetooth and Wi-Fi.
What security risk is most closely associated with the use of these technologies?
A. Unauthorized access and data interception
B. Physical damage to devices
C. Incompatibility with devices
D. Lack of connectivity - ANSWERSA. Unauthorized access and data interception
What benefit does certification offer within the context of secure disposal and
decommissioning of assets?
A. It establishes policies and practices governing the storage and preservation of
information within the organization.
B. It provides documentation and verification of the data sanitization or destruction
process.
C. It influences legal, regulatory, and operational requirements.
D. It ensures that organizations maintain compliance with relevant regulations and
minimize breach risks. - ANSWERSB. It provides documentation and verification of the
data sanitization or destruction process.
,An auditor performs a compliance scan based on the security content automation
protocol (SCAP). Which of the following elements represents best practice configuration
checklists and rules?
A. Security content automation protocol
B. Open Vulnerability and Assessment Language
C. Extensible configuration checklist description format
D. Simple Network Management Protocol - ANSWERSC. Extensible configuration
checklist description format
A system administrator is reviewing practices designed to directly remediate software
vulnerabilities. What practice is the system administrator reviewing?
A. Compensating controls
B. Segmentation
C. Patching
D. Exceptions and exemptions - ANSWERSC. Patching
A system administrator is assessing the broader context of the company's IT security
posture in light of recent expansions in both workstations and servers. This assessment
includes understanding the impact of various external and internal factors on the
organization's IT infrastructure. Aside from the organization's IT infrastructure itself,
what are two other significant factors that should be considered in this assessment?
(Select the two best options.)
A. External threat landscape
B. Regulatory/compliance environment
C. Prioritization
D. Risk tolerance - ANSWERSA. External threat landscape
B. Regulatory/compliance environment
What significant challenge should a technician be aware of that can arise from the
complexity of automation and orchestration when implementing it within their team's
workspace?
A. It can impact multiple areas of the organization, causing widespread problems.
B. Poorly planned strategies can make systems difficult to maintain.
C. It can result in poorly documented code, leading to instability and increased costs.
D. It can quickly erode if they do not continue the needed patches and updates. -
ANSWERSB. Poorly planned strategies can make systems difficult to maintain.
An organization's IT security team is researching a method to isolate potentially
compromised applications while they run to prevent the scope of damage associated
with their exploitation. Which of the following approaches is best suited to this objective?
, A. Sandboxing
B. Firewall
C. Antivirus software
D. Intrusion detection system (IDS) - ANSWERSA. Sandboxing
The IT team at a medium-sized company is upgrading its wireless network security to
protect sensitive data and ensure secure communication between devices. They have
decided to implement Wi-Fi Protected Access 3 (WPA3). What is the primary purpose of
implementing WPA3 on the company's wireless network?
A. To ensure seamless compatibility with legacy wireless devices
B. To increase the wireless network's speed and performance
C. To enhance wireless network security with the latest encryption standards
D. To provide additional administrative features for network management -
ANSWERSC. To enhance wireless network security with the latest encryption standards
As a digital forensics analyst, you've been tasked with investigating a suspected data
breach in your organization. You need to collect evidence from various compromised
digital devices. Proper procedures are crucial to ensure that the evidence is admissible
in court. Which step is MOST critical when beginning the collection of digital evidence to
ensure its admissibility in court?
A. Making a copy of all data on the device
B. Analyzing the contents of volatile memory
C. Documenting the scene and creating a chain of custody form
D. Interviewing individuals who had access to the devices - ANSWERSC. Documenting
the scene and creating a chain of custody form
A digital forensic analyst at a healthcare company investigates a case involving a recent
data breach. In evaluating the available data sources to assist in the investigation, what
application protocol and event-logging format enables different appliances and software
applications to transmit logs or event records to a central server?
A. Dashboard
B. Endpoint log
C. Application Log
D. Syslog - ANSWERSD. Syslog
The CEO of a large defense contractor wants to validate that the organization's
cybersecurity protections can effectively identify and defend against attacks by known
threat actor groups. Which type of exercise is the BEST option to satisfy the CEO's
requirements?
A. Training
B. Walkthrough
C. Tabletop exercise
100% Correct!!
A company has added several new assets and software to its system and is meeting to
review its risk matrix. It wants to ensure risk management efforts focus on vulnerabilities
most likely impacting its operations significantly. What is this commonly referred to as?
A. Prioritization
B. Risk tolerance
C. Classification
D. Environmental variables - ANSWERSA. Prioritization
An organization needs to improve mobile device security by implementing internet
access restrictions. The organization needs a solution that provides granular control
over traffic and ensures policy enforcement for devices when they are away from the
corporate network. Which of the following is most closely associated with ensuring
mobile devices remain in compliance with these requirements?
A. Reputation-based filtering
B. Centralized web filtering
C. Manual URL blocking
D. Agent-based filtering - ANSWERSD. Agent-based filtering
Employees in a large corporate office use devices that support Bluetooth and Wi-Fi.
What security risk is most closely associated with the use of these technologies?
A. Unauthorized access and data interception
B. Physical damage to devices
C. Incompatibility with devices
D. Lack of connectivity - ANSWERSA. Unauthorized access and data interception
What benefit does certification offer within the context of secure disposal and
decommissioning of assets?
A. It establishes policies and practices governing the storage and preservation of
information within the organization.
B. It provides documentation and verification of the data sanitization or destruction
process.
C. It influences legal, regulatory, and operational requirements.
D. It ensures that organizations maintain compliance with relevant regulations and
minimize breach risks. - ANSWERSB. It provides documentation and verification of the
data sanitization or destruction process.
,An auditor performs a compliance scan based on the security content automation
protocol (SCAP). Which of the following elements represents best practice configuration
checklists and rules?
A. Security content automation protocol
B. Open Vulnerability and Assessment Language
C. Extensible configuration checklist description format
D. Simple Network Management Protocol - ANSWERSC. Extensible configuration
checklist description format
A system administrator is reviewing practices designed to directly remediate software
vulnerabilities. What practice is the system administrator reviewing?
A. Compensating controls
B. Segmentation
C. Patching
D. Exceptions and exemptions - ANSWERSC. Patching
A system administrator is assessing the broader context of the company's IT security
posture in light of recent expansions in both workstations and servers. This assessment
includes understanding the impact of various external and internal factors on the
organization's IT infrastructure. Aside from the organization's IT infrastructure itself,
what are two other significant factors that should be considered in this assessment?
(Select the two best options.)
A. External threat landscape
B. Regulatory/compliance environment
C. Prioritization
D. Risk tolerance - ANSWERSA. External threat landscape
B. Regulatory/compliance environment
What significant challenge should a technician be aware of that can arise from the
complexity of automation and orchestration when implementing it within their team's
workspace?
A. It can impact multiple areas of the organization, causing widespread problems.
B. Poorly planned strategies can make systems difficult to maintain.
C. It can result in poorly documented code, leading to instability and increased costs.
D. It can quickly erode if they do not continue the needed patches and updates. -
ANSWERSB. Poorly planned strategies can make systems difficult to maintain.
An organization's IT security team is researching a method to isolate potentially
compromised applications while they run to prevent the scope of damage associated
with their exploitation. Which of the following approaches is best suited to this objective?
, A. Sandboxing
B. Firewall
C. Antivirus software
D. Intrusion detection system (IDS) - ANSWERSA. Sandboxing
The IT team at a medium-sized company is upgrading its wireless network security to
protect sensitive data and ensure secure communication between devices. They have
decided to implement Wi-Fi Protected Access 3 (WPA3). What is the primary purpose of
implementing WPA3 on the company's wireless network?
A. To ensure seamless compatibility with legacy wireless devices
B. To increase the wireless network's speed and performance
C. To enhance wireless network security with the latest encryption standards
D. To provide additional administrative features for network management -
ANSWERSC. To enhance wireless network security with the latest encryption standards
As a digital forensics analyst, you've been tasked with investigating a suspected data
breach in your organization. You need to collect evidence from various compromised
digital devices. Proper procedures are crucial to ensure that the evidence is admissible
in court. Which step is MOST critical when beginning the collection of digital evidence to
ensure its admissibility in court?
A. Making a copy of all data on the device
B. Analyzing the contents of volatile memory
C. Documenting the scene and creating a chain of custody form
D. Interviewing individuals who had access to the devices - ANSWERSC. Documenting
the scene and creating a chain of custody form
A digital forensic analyst at a healthcare company investigates a case involving a recent
data breach. In evaluating the available data sources to assist in the investigation, what
application protocol and event-logging format enables different appliances and software
applications to transmit logs or event records to a central server?
A. Dashboard
B. Endpoint log
C. Application Log
D. Syslog - ANSWERSD. Syslog
The CEO of a large defense contractor wants to validate that the organization's
cybersecurity protections can effectively identify and defend against attacks by known
threat actor groups. Which type of exercise is the BEST option to satisfy the CEO's
requirements?
A. Training
B. Walkthrough
C. Tabletop exercise
