July 2023

Article

21 Jul

Posted at 13:51h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Naomi is installing a new endpoint detection and response (EDR) solution for her organization. What category of control is she installing? A. Technical B. Operational C. Managerial D. Detective Correct Answer: A There are three categories of security control: technical, operational, and managerial. Technical controls enforce CIA in the digital space. Naomi is installing an EDR system that uses technology to detect and respond to security incidents. Therefore, the EDR system is best described as a technical control. Operational controls include the processes that we put in place to manage technology in a secure manner. So this is not the correct answer. Managerial controls are procedural mechanisms that focus on the mechanics of the risk management process. So this is not the correct answer either. Security controls also come in types such as: preventive, detective, corrective, deterrent, physical, and compensating controls. We are looking for control categories, not control types. So detective is another incorrect answer. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

21 Jul

Posted at 13:48h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following security controls provides the best defense against tailgating? A. Air Gaps B. Biometrics C. Turnstiles D. Access Control Vestibule Correct Answer: D Tailgating attacks occur when an unauthorized individual slips into a facility behind an authorized user who opens the door. Air gaps are not sufficient on their own as someone can easily catch up with an authorized person as the door is opened. So this is not the correct answer. With biometrics, once one person has authenticated, another person can still slip in following the authorized person. So this is not the correct answer. Turnstiles may help with tailgating attacks, but an attacker could jump over the turnstile, making it not as effective. So this is not the best answer option either. Access control vestibules are isolation areas where one person completes the authentication process and accesses the facility before a second person can enter the vestibule. This is the correct answer.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

21 Jul

Posted at 13:46h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Paula is configuring her organization's firewall to support the secure remote retrieval of email using the IMAPS protocol. What port should she allow? A. TCP Port 993 B. TCP Port 143 C. UDP Port 993 D. UDP Port 143 Correct Answer: A IMAP is a connection-oriented protocol that uses TCP. UDP is not used with IMAPS or IMAP so we can eliminate both of those UDP options. TCP port 143 is used by the unencrypted and insecure version of the IMAP protocol, so we can rule that out as well. The secure version of IMAP, IMAPS, uses TCP port 993, so that’s our correct answer.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

In Archive