SANS SEC530 Complete Questions And Answers With Verified Updates
2 views 0 purchase
Course
SANS SEC530
Institution
SANS SEC530
SANS SEC530 Complete Questions And Answers With Verified Updates
Which of the following is a recommended USB keyboard mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D)...
SANS SEC530 Complete Questions And Answers With
Verified Updates
Which of the following is a recommended USB keyboard mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D) Restrict USB devices with approved user accounts. ANS C) Block the USB devices
physically.
Which of the following Cisco IOS commands is used to shut the port down automatically when the
maximum number of MAC addresses is exceeded?
A) switchport port-security violation shutdown
B) switchport port-security limit rate source-mac-shutdown
C) switchport port-security violation auto-shutdown
D) switchport port-security mac-exceed-port-shutdown ANS A) switchport port-security
violation shutdown
What is a common failing associated with focusing only on compliance-drive security?
A) Compliance-driven security tends to focus only on hardening internal systems.
B) Compliance-driven security tends to focus only on hardening the perimeter.
C) Compliance-driven security tends to be costly in terms of solutions and resources.
D) Compliance-driven security tends to fail in the face of a persistent adversary. ANS D)
Compliance-driven security tends to fail in the face of a persistent adversary.
Which of the following is described by Lockheed Martin as a countermeasure action to the Kill
Chain?
,A) Disrupt
B) Prevent
C) React
D) Remove ANS A) Disrupt
What is an easy to implement and effective control an organization can leverage to make pivoting
more difficult for an attacker?
A) WPA2
B) P2P patching
C) Private VLAN
D) VPN ANS C) Private VLAN
Which type of private VLAN ports may only communicate with promiscuous ports?
A) Isolated
B) Promiscuous
C) Network
D) Community ANS A) Isolated
Which of the following wireless standards supports up to 1300 Mbps?
A) 802.11b
B) 802.11ac
C) 802.11n
D) 802.11w ANS B) 802.11ac
In which phase of the security architecture design lifecycle is threat modeling and attack surface
analysis conducted?
,A) Scan
B) Discover and Assess
C) Plan
D) Design ANS C) Plan
Which of the following is the best practice to mitigate against the Cisco Discovery Protocol (CDP)
information leakage attack?
A) Disable the CDP unless expressly required.
B) No mitigations are needed since CDP is secure by default.
C) Schedule the CDP patch regularly.
D) Enable the SECDP feature in the CDP to secure the CDP. ANS A) Disable the CDP unless
expressly required.
Which of the following prevents physical access to the network when plugging in an unauthorized
device?
A) MAC address filtering
B) Packet filtering firewall
C) Background checks
D) Two-factor authentication ANS A) MAC address filtering
What would be one of the first steps for a security architect when building or redesigning a security
architecture to secure an organization?
A) Remove unnecessary egress traffic
B) Perform a perimeter pen test
C) Deploy patches to external systems
D) Identify critical assets ANS D) Identify critical assets
, Which of the following is a method of detecting a BYOAP problem on a network?
A) Multiple VPN connections from the internal network.
B) Multiple URL requests from the same source IP.
C) Multiple SSIDs in the area.
D) Multiple user agent strings from the same IP address. ANS D) Multiple user agent strings
from the same IP address.
What could be implemented to mitigate the risk of one client pivoting to another on the same
network?
A) Host-based antipivot
B) Next-gen antivirus
C) NAC controls
D) Private VLANs ANS D) Private VLANs
What is the term used for when the red team is working together with the blue team through
simulation of specific threat scenarios?
A) Purple teaming
B) Black-hat teaming
C) Defensive teaming
D) Multi-front teaming ANS A) Purple teaming
When discussing Prevention (P), Detection (D), and Response (R) in a time-based security model,
which of the following must be true to achieve a possible effective security?
A) P<D+R
B) P=D+R
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Labtech. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.99. You're not tied to anything after your purchase.
