Cybersecurity Analyst (FedVTE) Practice Quiz 2022 with complete solution
3 views 0 purchase
Course
FedVTE
Institution
FedVTE
Cybersecurity Analyst (FedVTE) Practice Quiz 2022 with complete solution
Which of the following is a common environmental reconnaissance task that is performed to help gain insight on how an organization's networked systems are connected, or mapping the network?
Topology Discovery
If an unexpe...
Cybersecurity Analyst (FedVTE) Practice Quiz 2022 with
complete solution
Which of the following is a common environmental reconnaissance task that is
performed to help gain insight on how an organization's networked systems are
connected, or mapping the network?
Topology Discovery
If an unexpected issue occurred during an application installation on a Windows
system, which of the following event log categories would be best to reference
for troubleshooting?
Not System or Security. Maybe Setup
The federal version of certification and accreditation guidance that applies to
departments and agencies within the Department of Defense is:
DIACAP
Which security mechanism can social engineering help bypass?
A. Intrusion Detection Systems
B. Firewalls
C. Domain Security Policies (No)
D. All of the Above
E. None of the Above
Which type of intrusion detection may terminate processes or redirect traffic
upon detection of a possible intrusion?
Active
Which of the following is a potential consequence of not limiting or protecting
communications during an incident?
All of the Above (Customer confidence may be negatively impacted, Competitors may
recognize weakness or advantage, Media may include information not intended for
release)
Which one of the following can be managed through group policies (GPO)?
All the Above (Authentication settings, Software installation and update, IPsec
connections)
What is used to record the order in which evidence was handled, by whom, and
the nature of the evidence handling?
Chain of custody
The procedure of developing controls as vulnerabilities are discovered to keep
them from being exploited is known as:
A. Change Control Management
B. Compensating Control Development
C. Vulnerability Control Patch
D. Remediation Control Development (No)
Which of the following are Windows event severity levels:
error, warning, information
Which of the following intrusion detection systems uses statistical analysis to
detect intrusions?
Anomaly
, Which one of the following is a use for Network Flow Data?
All of the Above (Attack identification and attribution such as DoS detection, Traffic
engineering such as a host analysis, Accounting to cross verify other sources)
Which of the following is an attacker most likely to use to attempt to view packets
containing data in clear text?
Wireshark
Packets from a computer outside the network are being dropped on the way to a
computer inside the network. Which of the following would be MOST useful to
determine the cause of this?
Firewall log
Using the Common Vulnerability Scoring System, CVSS, which of the following
indicators would be the most critical or severe finding?
10
Which of the following is used for moving traffic within individual VLANs?
VLAN Access Maps
The IP address and MAC address of a rogue device within the local network might
best be revealed by which of the following logs?
DHCP logs
Which type of analysis method combines machine learning algorithms and
statistical analyses to identify deviations from normal baseline user, system, or
network activities?
User and Entity Behavior Analytics
A high tolerance for risk requires higher, more frequent, vulnerability scanning.
False
At what layer of the TCP/IP model do devices such as ATM, switches, and bridges
operate, as well as protocols PPP and ARP?
Data-link
Which of the following describes when the claimed identity of a user is validated?
Authentication
Which of the following is an example of the security mitigation technique of
changing roles every couple of months?
Job rotation
Which layer of the TCP/IP model is equivalent to the Session, Presentation, and
Application layers of the OSI model?
Application
Which of the following are the six steps of an incident response plan?
A. Detect, Respond, Report, Recover, Remediate, Review
B. Discover, Review, Respond, Recover, Rectify, Report
C. Detect, Respond, Remediate, Recover, Review, Report
D. Detect, Respond, Report, Recover, Remediate, Review
Not A or C
The Open Web Application Security Project publishes the OWASP Top 10, which
summarizes feedback from the community in order to compile the Top 10
application vulnerabilities, including the associated risks, impacts, and
mitigations for each. What is the main reason a developer wouldn't solely rely on
this guidance?
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller LECTMAGGY. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.49. You're not tied to anything after your purchase.