January 2022

Article

29 Jan

Posted at 12:17h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. A contractor for the German company Siemens recently pled guilty to an attack where he altered software he sold to Siemens so that it would periodically break, requiring the company to hire him to fix it. What term best describes this type of attack? A. Logic Bomb B. RAT C. Worm D. Trojan Horse Correct Answer: A This is an example of a logic bomb, a piece of malicious software that is configured to trigger its payload when some future conditions are met. In this case, the attacker programmed the software to wait until a certain time and then disable itself. A remote access trojan, or RAT, is malware that allows the attacker to access the infected system. There's no discussion of that happening in this situation. In fact, there's no indication that any malware was used in the attack, which tells us that the attack wasn't a regular Trojan horse or a worm either. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

04 Jan

Posted at 17:20h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. During a security assessment, Karen discovers that server cabinets containing sensitive equipment were left unlocked in the data center. What type of control gap has Karen discovered? A. Detective B. Corrective C. Physical D. Compensating Correct Answer: C The use of locks could be described as both a preventive control, because it prevents someone from gaining access to equipment, and as a physical control, because it implements a security policy in the physical world. Of the choices provided, physical is the best answer, as the question does not allow you to select preventive. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

04 Jan

Posted at 17:10h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Yolanda recently sent a request to a company asking them to delete all personal information collected about her, exercising her "right to be forgotten." What law includes this provision? A. General Data Protection Regulation (GDPR) B. Family Educational Rights & Privacy Act (FERPA) C. Health Insurance Portability & Accountability Act (HIPAA) D. Gramm Leach Bliley Act (GLBA) Correct Answer: A The right to be forgotten is a provision of the European Union's General Data Protection Regulation (GDPR). That's just a fact that you need to remember about data privacy laws. The Family Educational Rights and Privacy Act, or FERPA, governs student educational records. The Health Insurance Portability and Accountability Act, HIPAA, governs medical records, and the Gramm Leach Bliley Act, GLBA, governs financial records. None of these other laws contain a right to be forgotten provision. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

In Archive