CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. A centralized tool for organizing security events and managing their response and resolution is known as:
A) Wireshark
B) SIEM
C) HIPS
D) Syslog
2. A security analyst has determined that the user interface on an embedded device is vulnerable to common SQL injections. The device is unable to be replaced, andthe software cannot be upgraded. Which of the following should the security analyst recommend to add additional security to this device?
A) The security analyst should recommend this device be placed behind a WAF.
B) The security analyst should recommend an IDS be placed on the network segment.
C) The security analyst should recommend this device regularly export the web logs to a SIEM system.
D) The security analyst should recommend this device be included in regular vulnerability scans.
3. A security operations team was alerted to abnormal DNS activity coming from a users machine. The team performed a forensic investigation and discovered a hosthad been compromised. Malicious code was using DNS as a tunnel to extract data from the client machine, which had been leaked and transferred to an unsecurepublic Internet site. Which of the following BEST describes the attack?
A) Cache poisoning
B) Phishing
C) Pharming
D) Data exfiltration
4. A security administrator determines several months after the first instance that a local privileged user has been routinely logging into a server interactively as rootand browsing the Internet. The administrator determines this by performing an annual review of the security logs on that server. For which of the following securityarchitecture areas should the administrator recommend review and modification? (Select TWO).(Select 2answers)
A) Encryption
B) Software assurance
C) Password complexity
D) Network isolation and separation
E) Log aggregation and analysis
F) Acceptable use policies
5. A security analysts company uses RADIUS to support a remote sales staff of more than 700 people. The Chief Information Security Officer (CISO) asked to haveIPSec using ESP and 3DES enabled to ensure the confidentiality of the communication as per RFC 3162. After the implementation was complete, many salesusers reported latency issues and other performance issues when attempting to connect remotely. Which of the following is occurring?
A) The device running RADIUS lacks sufficient RAM and processing power to handle ESP implementation.
B) The IPSec implementation has significantly increased the amount of bandwidth needed.
C) RFC 3162 is known to cause significant performance problems.
D) The implementation should have used AES instead of 3DES.
A) Wireshark
B) SIEM
C) HIPS
D) Syslog
2. A security analyst has determined that the user interface on an embedded device is vulnerable to common SQL injections. The device is unable to be replaced, andthe software cannot be upgraded. Which of the following should the security analyst recommend to add additional security to this device?
A) The security analyst should recommend this device be placed behind a WAF.
B) The security analyst should recommend an IDS be placed on the network segment.
C) The security analyst should recommend this device regularly export the web logs to a SIEM system.
D) The security analyst should recommend this device be included in regular vulnerability scans.
3. A security operations team was alerted to abnormal DNS activity coming from a users machine. The team performed a forensic investigation and discovered a hosthad been compromised. Malicious code was using DNS as a tunnel to extract data from the client machine, which had been leaked and transferred to an unsecurepublic Internet site. Which of the following BEST describes the attack?
A) Cache poisoning
B) Phishing
C) Pharming
D) Data exfiltration
4. A security administrator determines several months after the first instance that a local privileged user has been routinely logging into a server interactively as rootand browsing the Internet. The administrator determines this by performing an annual review of the security logs on that server. For which of the following securityarchitecture areas should the administrator recommend review and modification? (Select TWO).(Select 2answers)
A) Encryption
B) Software assurance
C) Password complexity
D) Network isolation and separation
E) Log aggregation and analysis
F) Acceptable use policies
5. A security analysts company uses RADIUS to support a remote sales staff of more than 700 people. The Chief Information Security Officer (CISO) asked to haveIPSec using ESP and 3DES enabled to ensure the confidentiality of the communication as per RFC 3162. After the implementation was complete, many salesusers reported latency issues and other performance issues when attempting to connect remotely. Which of the following is occurring?
A) The device running RADIUS lacks sufficient RAM and processing power to handle ESP implementation.
B) The IPSec implementation has significantly increased the amount of bandwidth needed.
C) RFC 3162 is known to cause significant performance problems.
D) The implementation should have used AES instead of 3DES.
1. Right Answer: B
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: E,F
Explanation:
5. Right Answer: A
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: E,F
Explanation:
5. Right Answer: A
Explanation:
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
