Uncategorized

23 Feb

Posted at 15:14h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Carla recently designed an authentication system for a sensitive application. Users are prompted to enter a password and are granted access if they are located in the office and know the correct password. What combination of authentication factor and attribute is she using? A. Something You Know & Something You Are B. Something You Are & Somewhere You Are C. Something You Know & Somewhere You Are D. Someone You Know & Somewhere You Are Correct Answer: C The use of a password is the classic example of a "something you know" authentication factor. Carla is supplementing this with a requirement that users be located in the office, which adds a "somewhere you are" attribute. That leads us to our correct answer, something you know and somewhere you are. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

29 Jan

Posted at 12:51h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Alan Is Conducting A Penetration Test And Gains Access To An Application Server. During His Attack, He Creates A New Administrative Account On The Server That He Can Use To Access The System Through Its Standard User Interface. What Testing Goal Is Alan Hoping To Achieve With This Action?A. Pivoting B. Cleanup C. Lateral Movement D. Persistence Correct Answer: D Alan is providing himself with a way to access the system at a later date through alternative channels. This is an example of persistence, allowing his access to the system to remain intact even if the original vulnerability he exploited is later patched. Pivoting and lateral movement are techniques where the attacker gains access to one system and then uses that access to gain access to other systems. That’s not what’s happening here. Finally, cleanup occurs when the attacker removes traces of their presence from the network. That hasn’t yet happened in this scenario.   Interested in more practice test questions?   Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

04 Jan

Posted at 17:20h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. During a security assessment, Karen discovers that server cabinets containing sensitive equipment were left unlocked in the data center. What type of control gap has Karen discovered? A. Detective B. Corrective C. Physical D. Compensating Correct Answer: C The use of locks could be described as both a preventive control, because it prevents someone from gaining access to equipment, and as a physical control, because it implements a security policy in the physical world. Of the choices provided, physical is the best answer, as the question does not allow you to select preventive. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...