Which security principle requires more than one person is required to perform a critical task?

1. A. least privilege
2. B. need to know
3. C. separation of duties
4. D. due diligence

Correct Answer: C

What is a purpose of a vulnerability management framework?

1. A. identifies, removes, and mitigates system vulnerabilities
2. B. detects and removes vulnerabilities in source code
3. C. conducts vulnerability scans on the network
4. D. manages a list of reported vulnerabilities

Correct Answer: A

A security engineer notices confidential data being exfiltrated to a domain "Ranso4134-mware31-895" address that is attributed to a known advanced persistent threat group The engineer discovers that the activity is part of a real attack and not a network misconfiguration. Which category does this event fall under as defined in the Cyber Kill Chain?

1. A. reconnaissance
2. B. delivery
3. C. action on objectives
4. D. weaponization

Correct Answer: C

An employee reports that someone has logged into their system and made unapproved changes, files are out of order, and several documents have been placed in the recycle bin. The security specialist reviewed the system logs, found nothing suspicious, and was not able to determine what occurred. The software is up to date; there are no alerts from antivirus and no failed login attempts. What is causing the lack of data visibility needed to detect the attack?

1. A. The threat actor used a dictionary-based password attack to obtain credentials.
2. B. The threat actor gained access to the system by known credentials.
3. C. The threat actor used the teardrop technique to confuse and crash login services.
4. D. The threat actor used an unknown vulnerability of the operating system that went undetected.

Correct Answer: C

Which technology prevents end-device to end-device IP traceability?

1. A. encryption
2. B. load balancing
3. C. NAT/PAT
4. D. tunneling

Correct Answer: C