Correct Answer:

Capturing login names and passwords for websites is correct. The user was capturing network data as it passed over the network, most likely looking for user logins and passwords that were unprotected and sent in clear text.

Incorrect Answers:

Attacking the primary router with a flood of ping requests is incorrect. This is an example of a denial-of-service (DoS) attack.

Spoofing the organization’s domain name is incorrect. This is an example of spoofing, or pretending to be an official domain, and not an on-path attack.

Domain kiting is incorrect. Domain kiting refers to exploiting flaws in the domain registration system.

Correct Answer:

You didn’t apply an OS patch to resolve the issue is correct. Keep your operating system up to date with the latest software updates or patches. If a security flaw is discovered, the OS vendor will release a patch as quickly as possible to resolve the issue.

Incorrect Answers:

You upgraded to the latest major version of the OS when it is released is incorrect. Even after a major upgrade, patches must still be applied when vulnerabilities are discovered.

You didn’t use your firewall to block port access to the exploit is incorrect. The underlying flaw still exists and could be exploited by bypassing the firewall.

You didn’t update the web application software to resolve the issue is incorrect. The security issue is with the operating system of the server, not the web application.

Correct Answer:

MTTR is correct. The mean time to repair (MTTR) is the average length of time from the moment a device or service fails until it is repaired. For a failed server part, your service vendor may state that they can provide a new replacement part within 4 hours, but in other cases, this could be 24 to 48 hours.

Incorrect Answers:

MTBF is incorrect. The mean time between failures (MTBF) is the average length of time a specific device is expected to work until it fails.

RTO is incorrect. The recovery time objective (RTO) is the maximum amount of time that is considered tolerable for a service or certain business function to be unavailable.

RPO is incorrect. The recovery point objective (RPO) is the maximum acceptable amount of lost data as a result of an outage or disaster.

Correct Answer:

HIPAA is correct. The Health Insurance Portability and Accountability Act (HIPAA) is a set of compliance regulations for the protection of confidential patient data in the medical, healthcare, and health insurance industries.

Incorrect Answers:

GDPR is incorrect. The General Data Protection Regulation (GDPR) is a European Union regulation that governs data protection and privacy for individuals residing in the EU.

Sarbanes-Oxley is incorrect. The Sarbanes–Oxley Act (SOX) deal with financial data.

PCI DSS is incorrect. The Payment Card Industry Data Security Standard (PCI DSS) is a standard that applies to companies that process payment card information.

Correct Answer:

Open relay on SMTP port 25 is correct. If you allow Simple Mail Transfer Protocol (SMTP) relay on port 25, any mail client outside of your network can send mail through your server, and this is often exploited by spammers.

Incorrect Answer:

Using insecure versions of POP and IMAP for retrieving messages is incorrect. The Post Office Protocol (POP) and the Internet Message Access Protocol (IMAP) are used for retrieving, not sending, mail.

Out-of-date anti-spam signatures is incorrect. Anti-spam software is used to control incoming spam and will not prevent spam due to an open SMTP relay.

Using TLS for SMTP connections is incorrect. Transport Layer Security (TLS), if enabled, can be initiated by the sender or receiver to start an encrypted message delivery and will not prevent spam.

Correct Answer:

PGP is correct. Pretty Good Privacy (PGP) provides a low-cost or open-source alternative for allowing users to encrypt their e-mail messages. Technically, neither PGP nor web of trust is Public Key Infrastructure (PKI), since it is all peer-to-peer certificate trust and management, versus a centralized certificate authority (CA).

Incorrect Answers:

HTTPS is incorrect. Hypertext Transfer Protocol Secure (HTTPS) provides encryption for web communications.

POP/IMAP is incorrect. Post Office Protocol (POP) and Internet Message Access Protocol (IMAP) are mail client access protocols that are not encrypted.

WPA3 is incorrect. Wi-Fi Protected Access version 3 (WPA3) provides encryption for wireless networks.

Correct Answer:

Power conditioner is correct. A power conditioner helps provide consistent and clean power.

Incorrect Answers:

Elevated cable trays is incorrect. Elevated cable trays are used to keep network cabling off the ground, where they can be tripped over and pulled out of their connections.

Hot and cold aisles is incorrect. Hot and cold aisles create a constant flow of air circulation to prevent buildup of heat emanating from the back of the equipment racks and allow cool air to flow into the front of the equipment racks.

Humidity controls is incorrect. Humidity controls, while important, do not help with air flow issues in a server room.

Correct Answer:

Anti-malware signature files are out of date is correct. If the anti-malware signatures are out of date, the malware may have been a very new piece of malware that is resolved in a recent signature update that was not installed on the laptop.

Incorrect Answers:

The network firewall is disabled is incorrect. The firewall prevents network attacks and will not prevent malware.

Scheduled anti-malware scans are disabled is incorrect. Even a scheduled scan will not detect the malware if there is no signature for it.

Malware was downloaded from the Internet is incorrect. The downloaded malware may still be detected if the most recent signature update for the anti-malware scanner is installed.

Correct Answer:

Risk likelihood and impact is correct. The likelihood and impact of the risk has direct bearing on how much you want to budget for appropriate security controls to prevent the risk from occurring.

Incorrect Answers:

Residual risk, threat of natural disasters, and qualitative costs are incorrect. Although determining the residual risk, the threat of natural disasters, and the qualitative costs of a risk occurring are important, determining the likelihood and impact of the risk more accurately identifies the actual costs of a solution.

Correct Answer:

Content filter is correct. A content filter can scan outbound messages for patterns that match credit numbers, and then block or quarantine these messages to prevent them from being sent outside of the company’s network.

Incorrect Answers:

Anti-spam filter is incorrect. An anti-spam filter is used to prevent incoming e-mail spam messages.

Caching proxy server is incorrect. A caching proxy server is used to store web data locally for quick retrieval.

Firewall is incorrect. A firewall is used to control inbound and outbound network traffic.