Package deal
Federal Virtual Training Environment (FedVTE) Bundle Set
Federal Virtual Training Environment (FedVTE) Bundle Set
[Show more]Federal Virtual Training Environment (FedVTE) Bundle Set
[Show more]Which of the following families of controls belong to the technical class of controls? CORRECT ANSWER Identification and Authentication 
 
Which of the following is a management strategy for addressing risk? CORRECT ANSWER Accept 
 
Cyber risk management solutions are typically done through which ca...
Preview 2 out of 5 pages
Add to cartWhich of the following families of controls belong to the technical class of controls? CORRECT ANSWER Identification and Authentication 
 
Which of the following is a management strategy for addressing risk? CORRECT ANSWER Accept 
 
Cyber risk management solutions are typically done through which ca...
Which of the following alternative operating systems is focused mostly on greater security in the event of a compromise by preventing propagation? CORRECT ANSWER Qubes 
 
Which of the following might a malicious actor attempt to exploit in a social engineering attack? CORRECT ANSWER All of the above...
Preview 1 out of 3 pages
Add to cartWhich of the following alternative operating systems is focused mostly on greater security in the event of a compromise by preventing propagation? CORRECT ANSWER Qubes 
 
Which of the following might a malicious actor attempt to exploit in a social engineering attack? CORRECT ANSWER All of the above...
Which attribute constitutes the ability to identify and/or audit a user and his/her actions? CORRECT ANSWER Accountability 
 
Which security standards commonly supplements the use of an Internet Key Exchange (IKE)? CORRECT ANSWER IPSEC 
 
Which detail concerning risk analysis would you present to le...
Preview 1 out of 2 pages
Add to cartWhich attribute constitutes the ability to identify and/or audit a user and his/her actions? CORRECT ANSWER Accountability 
 
Which security standards commonly supplements the use of an Internet Key Exchange (IKE)? CORRECT ANSWER IPSEC 
 
Which detail concerning risk analysis would you present to le...
What are passive footprints? CORRECT ANSWER Data unintentionally left behind during typical internet activities 
 
If an investigator in New York state wants to document 2:15 PM on May 31, 2017, how would that moment in time be notated according the ISO 8601 directive? (New York is in the Eastern Ti...
Preview 1 out of 4 pages
Add to cartWhat are passive footprints? CORRECT ANSWER Data unintentionally left behind during typical internet activities 
 
If an investigator in New York state wants to document 2:15 PM on May 31, 2017, how would that moment in time be notated according the ISO 8601 directive? (New York is in the Eastern Ti...
Which of the following can be determined by capturing and analyzing network traffic? 
 
 
 
A. Intent of Insider Threat actors and logs of their activity 
 
B. Communication and connections between hosts 
 
C. Open files and Registry handles on individual hosts 
 
D. Firewall and Intrusion Detection...
Preview 2 out of 9 pages
Add to cartWhich of the following can be determined by capturing and analyzing network traffic? 
 
 
 
A. Intent of Insider Threat actors and logs of their activity 
 
B. Communication and connections between hosts 
 
C. Open files and Registry handles on individual hosts 
 
D. Firewall and Intrusion Detection...
The authorization decision document conveys the final security authorization decision from the authorizing official to the information system owner. The authorization decision document contains all of the following information except? 
A. Authorization decision 
 
 B. Terms and conditions for the ...
Preview 2 out of 12 pages
Add to cartThe authorization decision document conveys the final security authorization decision from the authorizing official to the information system owner. The authorization decision document contains all of the following information except? 
A. Authorization decision 
 
 B. Terms and conditions for the ...
An insurance plan is what type of mitigation strategy? CORRECT ANSWER Transfer Risk 
 
Which of the following is not a reason why a backdoor may exist? CORRECT ANSWER Attempts to interfere with the ability of a provider to keep services available 
 
What is the act of hiding messages in existing dat...
Preview 1 out of 2 pages
Add to cartAn insurance plan is what type of mitigation strategy? CORRECT ANSWER Transfer Risk 
 
Which of the following is not a reason why a backdoor may exist? CORRECT ANSWER Attempts to interfere with the ability of a provider to keep services available 
 
What is the act of hiding messages in existing dat...
In order to automate host characteristic monitoring you can compare baselines and snapshots with syslog. CORRECT ANSWER False 
 
The following should be taken into account when accepting the residual risk inherent in the project. CORRECT ANSWER All of the above 
 
What is the high water mark for an ...
Preview 1 out of 3 pages
Add to cartIn order to automate host characteristic monitoring you can compare baselines and snapshots with syslog. CORRECT ANSWER False 
 
The following should be taken into account when accepting the residual risk inherent in the project. CORRECT ANSWER All of the above 
 
What is the high water mark for an ...
A. White Hat 
 
B. Black Hat 
 
C. Red Hat 
 
D. Gray Hat CORRECT ANSWER D. Gray Hat 
 
During which step of Microsoft recommended Update Management Process would an update be tested? 
 
 
A. Assess 
 
B. Identify 
 
C. Evaluate and Plan 
 
D. Deploy CORRECT ANSWER C. Evaluate and Plan 
 
Which exec...
Preview 2 out of 12 pages
Add to cartA. White Hat 
 
B. Black Hat 
 
C. Red Hat 
 
D. Gray Hat CORRECT ANSWER D. Gray Hat 
 
During which step of Microsoft recommended Update Management Process would an update be tested? 
 
 
A. Assess 
 
B. Identify 
 
C. Evaluate and Plan 
 
D. Deploy CORRECT ANSWER C. Evaluate and Plan 
 
Which exec...
What program could you use on a Linux system to securely copy files to a Linux host running the SSH server daemon? CORRECT ANSWER SCP 
 
Single user mode in Linux is a security risk if a malicious actor has physical access to the host CORRECT ANSWER True 
 
srm is a tool used to securely delete file...
Preview 1 out of 4 pages
Add to cartWhat program could you use on a Linux system to securely copy files to a Linux host running the SSH server daemon? CORRECT ANSWER SCP 
 
Single user mode in Linux is a security risk if a malicious actor has physical access to the host CORRECT ANSWER True 
 
srm is a tool used to securely delete file...
A flaw in an online sporting goods website allows customers to purchase multiple quantities of goods and only be charged the single quantity price. To improve the site, management is demanding that the ecommerce application be tested to insure this flaw is corrected. Which of the following is the BE...
Preview 2 out of 9 pages
Add to cartA flaw in an online sporting goods website allows customers to purchase multiple quantities of goods and only be charged the single quantity price. To improve the site, management is demanding that the ecommerce application be tested to insure this flaw is corrected. Which of the following is the BE...
Topology Discovery - Answer Which of the following is a common environmental reconnaissance task that is performed to help gain insight on how an organization's networked systems are connected, or mapping the network? 
 
Not System or Security. Maybe Setup - Answer If an unexpected issue occu...
Preview 2 out of 8 pages
Add to cartTopology Discovery - Answer Which of the following is a common environmental reconnaissance task that is performed to help gain insight on how an organization's networked systems are connected, or mapping the network? 
 
Not System or Security. Maybe Setup - Answer If an unexpected issue occu...
1x sold
The acronym VPN stands for: - Answer Virtual Private Network 
 
Executives are responsible for managing and overseeing enterprise risk management. - Answer True 
 
The internal audit department is investigating a possible accounting breach. One of the auditors is sent to interview the following ...
Preview 2 out of 5 pages
Add to cartThe acronym VPN stands for: - Answer Virtual Private Network 
 
Executives are responsible for managing and overseeing enterprise risk management. - Answer True 
 
The internal audit department is investigating a possible accounting breach. One of the auditors is sent to interview the following ...
Which of the following should risk assessments be based upon as a best practice? 
 
A quantitative measurement of risk and impact and asset value 
An absolute measurement of threats 
A qualitative measurement of risk and impact 
A survey of annual loss and potential threats and asset value - Answer ...
Preview 3 out of 20 pages
Add to cartWhich of the following should risk assessments be based upon as a best practice? 
 
A quantitative measurement of risk and impact and asset value 
An absolute measurement of threats 
A qualitative measurement of risk and impact 
A survey of annual loss and potential threats and asset value - Answer ...
Which value in the PowerShell "execution policy" allows loading of all configuration files and scripts? - Answer Unrestricted 
 
Which Active Directory Certificate Service (AD CS) server role allows routers and other network devices that do not have a domain account to obtain certificates? - Ans...
Preview 2 out of 6 pages
Add to cartWhich value in the PowerShell "execution policy" allows loading of all configuration files and scripts? - Answer Unrestricted 
 
Which Active Directory Certificate Service (AD CS) server role allows routers and other network devices that do not have a domain account to obtain certificates? - Ans...
In Apple's mobile operating system, iOS, architecture, which layer helps in developing the visual appearance of an app? - Answer CoCoa 
 
Which of the following would be the best choice to use as a container for packing and transporting a mobile device that is collected for analysis? - Answer A...
Preview 1 out of 4 pages
Add to cartIn Apple's mobile operating system, iOS, architecture, which layer helps in developing the visual appearance of an app? - Answer CoCoa 
 
Which of the following would be the best choice to use as a container for packing and transporting a mobile device that is collected for analysis? - Answer A...
1x sold
Ensuring that several individuals are able to perform a specific function in order to have oversight and eliminate single points of failure, is which of the following Operations Security principles? - Answer C. Rotation of duties 
 
A standard ACL: - Answer C. Identifies the source network to be...
Preview 1 out of 4 pages
Add to cartEnsuring that several individuals are able to perform a specific function in order to have oversight and eliminate single points of failure, is which of the following Operations Security principles? - Answer C. Rotation of duties 
 
A standard ACL: - Answer C. Identifies the source network to be...
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Stuvia is a marketplace, so you are not buying this document from us, but from seller cracker. Stuvia facilitates payment to the seller.
No, you only buy these notes for $30.99. You're not tied to anything after your purchase.
4.6 stars on Google & Trustpilot (+1000 reviews)
76799 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now