May 2023

Article

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Jessica believes that a server in her organization was compromised by an attacker. Which one of the following endpoint security platforms would provide the most visibility into activity on that device? A. HIPS B. Microsoft Configuration Manager C. EDR D. MDM Correct Answer: C If the organization uses host intrusion prevention systems (HIPS) or Microsoft Configuration Manager , those technologies may provide useful information during the investigation but they do not provide the comprehensive tracking found in an EDR platform.Endpoint detection and response (EDR) platforms are designed specifically to track all activity that occurs on a device for use in forensic analysis and security operations, making it our correct answer. A server would generally not be regulated by a mobile device management (MDM) solution.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following approaches attaches an OCSP validation message to the digital certificate sent to users by a website? A. Certificate Chaining B. Certificate Pinning C. Certificate Stapling D. Certificate Attachment Correct Answer: C Certificate chaining is used to delegate authority to subordinate certificate authorities. So, that is not the correct answer. Certificate pinning is a technique used to prevent changes in the valid certificate for a domain, which is another incorrect answer. Certificate stapling attaches an OCSP validation to the digital certificate, making it our correct answer. Certificate stapling also saves the client and server the time of repeatedly querying the OCSP server for certificate validity. That last choice, certificate attachment, is just a made-up term and it’s not a valid technique.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following cryptographic algorithms does not depend upon the prime factorization problem? A. RSA B. GPG C. ECC D. PGP Correct Answer: C The prime factorization problem forms the basis for most public key cryptographic algorithms, including RSA, PGP, and GPG. So, that eliminates all three of those – RSA, PGP, and GPG – as the answer. The elliptic curve cryptosystem (ECC) does not depend upon the prime factorization problem. The security of ECC depends upon the difficulty of finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point. That makes it our correct answer!   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...