December 2022

Article

19 Dec

Posted at 16:59h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Harry believes that an employee of his organization launched a privilege escalation attack to gain root access on one of the organization's database servers. The employee does have an authorized user account on the server. What log file would be most likely to contain relevant information? A. Database Application Log B. Firewall Log C. Operating System Log D. IDS Log Correct Answer: C A privilege escalation attack takes place against the operating system and information relevant to this attack is most likely found in the operating system logs. It is unlikely that the database application itself would be involved, so that application's logs would not likely contain relevant information. The user has authorized access to the system, so the firewall and IDS logs would simply show that authorized access taking place.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

19 Dec

Posted at 16:55h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Kevin would like to restrict users from accessing a list of prohibited websites while connected to his network. Which one of the following controls would best achieve his objective? A. URL Filter B. IP Address Block C. DLP Solution D. IPS Solution Correct Answer: A IP-based restrictions are unreliable because sites may change IP addresses or use multiple IP addresses, making it difficult to maintain a current block list. Data loss prevention (DLP) systems do not filter web traffic.The best way to restrict website traffic is through the use of URL and content filtering. It is possible to use an intrusion prevention system (IPS) to filter web traffic, but this is not as simple and reliable as a dedicated URL/content filtering solution.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

19 Dec

Posted at 16:49h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following industry standards describes a standard approach for setting up an information security management system? A. CIS B. ISO 27002 C. OWASP D. ISO 27001 Correct Answer: D ISO 27001 describes a standard approach for setting up an information security management system, making it our correct answer here. While ISO 27002 goes into more detail on the specifics of information security controls, which is not what we are looking for. The Center for Internet Security (CIS) produces a set of configuration benchmarks used to securely configure operating systems, applications, and devices, which is an incorrect answer. The Open Web Application Security Project (OWASP) provides advice and tools focused on web application security, another incorrect answer here.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

In Archive