Practice Test Questions

22 Jul

Posted at 14:42h in Practice Test Questions by

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Which one of the following device types is most susceptible to a pass-the-hash attack?   A. Windows server B. Network firewall C. VPN concentrator D. Hardware security module   Correct Answer: A   Pass-the-hash attacks exploit a vulnerability in the NTLM authentication protocol, used by Windows systems. The attack is not possible against non-Windows systems.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....

07 Jul

Posted at 14:05h in Practice Test Questions by

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Harold is designing an access control system that will require the concurrence of two system administrators to gain emergency access to a root password. What security principle is he most directly enforcing?   A. Least privilege B. Separation of duties C. Security through obscurity D. Two-person control. Correct Answer: D Systems that require two individuals to concur before performing a single action follow the principle of two-person control. There is no indication in the question that the control also enforces separation of duties or least privilege. There is also no indication that the mechanism relies upon the dangerous practice of security through obscurity.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....

29 Jun

Posted at 18:14h in Practice Test Questions by

Preparing for your next security certification exam?  After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, or SSCP certification to receive new questions each week.  You'll also receive free access to my customized study strategies.   Noah is a cybersecurity analyst for a mid-sized business. He is working with the user of a machine that is exhibiting suspicious behavior. The anomalous activity began immediately after the user downloaded and installed software from the Internet and Noah suspects that it contained malware hidden inside of its advertised functionality. What term best describes the malware in this situation?   A. Trojan horse B. Virus C. Worm D. Logic bomb   Correct Answer: A   From the description provided, we have sufficient information to identify this as a Trojan horse. Trojans are a type of malware that disguise themselves as a benign application, such as a game, but then carry a malicious payload.   Would you like to receive free practice test questions on a weekly basis? Sign up for the free CertMike study groups for the CISSP, Security+, SSCP, or CySA+ exam....