Kinh Nghiệm Hướng dẫn Which of the following could be an example of a malicious insider attack quizlet? 2022
Pro đang tìm kiếm từ khóa Which of the following could be an example of a malicious insider attack quizlet? được Cập Nhật vào lúc : 2022-11-30 11:15:10 . Với phương châm chia sẻ Bí kíp về trong nội dung bài viết một cách Chi Tiết 2022. Nếu sau khi tìm hiểu thêm Post vẫn ko hiểu thì hoàn toàn có thể lại phản hồi ở cuối bài để Tác giả lý giải và hướng dẫn lại nha.
Stealing information.
Exploitation
Nội dung chính Show
- Which of the following could be an example of a malicious insider attack?
- What are insiders quizlet?
- Which of the following is an exploit in which malware allows the virtual OS to interact directly with the hypervisor?
- Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network?
Preparing a computer to perform additional tasks in the attack.
Staging
Crashing systems.
Exploitation
Gathering system hardware information.
Reconnaissance
Penetrating system defenses to gain unauthorized access.
Breaching
Configuring additional rights to do more than breach the system.
Escalating privileges
General attack strategies include the following steps:
> Reconnaissance is
the process of gathering information about an organization, including system hardware information, network configuration, and individual user information.
> A breach is the penetration of system defenses. Breaches are achieved using the information gathered during reconnaissance.
> An escalating privileges attack is one of the primary objectives of an attacker, which can be achieved by configuring additional (escalated) rights to do more than breach the system.
>
Staging is preparing a computer to perform additional tasks in the attack, such as installing software designed to attack other systems.
> An Exploit is used to take advantage of known vulnerabilities in software and systems. Types of exploitation include stealing information, denying services, crashing systems, and modifying information.
Recommended textbook solutions
Anderson’s Business Law and the Legal Environment, Comprehensive Volume
23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene
369 solutions
Human Resource Management
15th EditionJohn David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine
249 solutions
Operations Management: Sustainability and Supply Chain Management
12th
EditionBarry Render, Chuck Munson, Jay Heizer
1,698 solutions
Operations Management
13th EditionWilliam Stevenson
980
solutions
trang chủ
Subjects
Expert solutions
Create
Log in
Sign up
Upgrade to remove ads
Only SGD 41.99/year
Flashcards
Learn
Test
Match
Flashcards
Learn
Test
Match
Terms in this set (90)
You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might be installed while users browse websites, which could compromise your system or pose a confidentiality risk.
Which of the following actions would BEST protect your system?
Run the browser within a virtual environment.
Which of the following is an advantage of a virtual browser?
Protects the host operating system from malicious downloads
Which of the following is an exploit in which malware allows the virtual OS to interact directly with the hypervisor?
Escape
Which of the following devices is computer software, firmware, or hardware that creates and runs virtual machines?
Hypervisor
Which of the following is a technique that disperses a workload between two or more computers or resources to achieve optimal resource utilization, throughput, or response time?
Load balancing
What is isolating a virtual machine from the physical network to allow testing to be performed without impacting the production environment called?
Sandboxing
Which of the following are disadvantages of server virtualization?
A compromised host system might affect multiple servers
Which type of hypervisor runs as
an application on the host machine
Type 2
Which of the following are advantages of virtualization? (Select two.)
Centralize administration
Easy migration of systems to different hardware
Which load balancing method distributes a workload across multiple computers?
Workload
balancing
Which of the following provides the network virtualization solution called XenServer?
Citrix
Which of the following is a network virtualization solution provided by Microsoft?
Hyper-V
What is the limit of virtual machines that can be connected to a virtual
network?
Unlimited
You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating systems’ versions and editions.
Currently, all of your virtual machines used for testing are connected to the production network through the hypervisor’s network interface. However, you are concerned that the latest application you are working on
could adversely impact other network hosts if errors exist in the code.
To prevent issues, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other.
What should you do? (Select two. Both responses are part of the complete solution.)
Connect the virtual network interfaces in the virtual machines to the virtual switch.
Create a new virtual switch configured for
host-only (internal) networking.
Which of the following statements about virtual networks is true? (Select two.)
A virtual network is dependent on the configuration and physical hardware of the host operating system.
Multiple virtual networks can be associated with a single physical network adapter.
Which of the following devices facilitates communication
between different virtual machines by checking data packets before moving them to a destination?
Virtual switch
What is a virtual LAN that runs on top of a physical LAN called?
VAN
Which of the following virtual devices provides packet filtering and monitoring?
VFA
Which of the following is an example of protocol-based network virtualization?
VLAN
Which of the following is used as a secure tunnel to connect two networks?
VPN
Which of the following is an advantage of software-defined networking (SDN)?
More granular
control
Which of the following BEST describes the Application SDN layer?
Communicates with the Control layer through the northbound interface.
Which SDN layer would a load balancer that stops and starts VMs as resource use increases reside on?
Application
Software defined
networking (SDN) uses a controller to manage devices. The controller is able to inventory hardware components on the network, gather network statistics, make routing decisions based on gathered data, and facilitate communication between devices from different vendors. It can also be used to make widespread configuration changes on just one device.
Which of the following best describes an SDN controller?
The SDN controller is software
Drag the software defined networking (SDN) layer on the left to the appropriate function on the right. (Each SDN layer may be used once, more than once, or not all.)
This layer receives its requests from the Application layer.
Control layer – receives its requests from the Application layer, provides the Physical layer with configuration and instructions.
Physical layer – also known as the Infrastructure layer, individual
networking devices use southbound APIs to communicate with the control plane
Application layer – communicates with the Control layer through what is called the northbound interface.
Which of the following does the Application layer use to communicate with the Control layer?
Northbound APIs
Which of the following BEST describes the Physical SDN
layer?
Also known as the Infrastructure layer.
Network engineers have the option of using software to configure and control the network rather than relying on individual static configuration files that are located on each network device.
Which of the following is a relatively new technology that allows network and security professionals to use software to manage, control, and make changes to a
network?
Software-defined networking (SDN)
Which APIs do individual networking devices use to communicate with the control plane from the Physical layer?
Southbound
Which of the following is a disadvantage of software defined networking (SDN)?
SDN standards are still being
developed.
Match each description on the left with the appropriate cloud technology on the right.
Public cloud – provides cloud services to just about anyone
Private cloud – provides cloud services to a single organization
Community cloud – allows cloud services to be shared by several organizations
Hybrid cloud – integrates one cloud service with other cloud services
A group of small local businesses have joined together to share access to a cloud-based payment system.
Which type of cloud is MOST likely being implemented?
Community
Which of the following BEST describes the Platform as a Service (PaaS) cloud computing service model?
PaaS delivers everything a developer needs to build an application on the cloud
infrastructure
Which of the following cloud computing solutions delivers software applications to a client either over the internet or on a local area network?
SaaS
You are the security administrator for your organization. You have implemented a cloud service to provide features such as authentication, anti-malware, intrusion detection, and penetration
testing.
Which cloud service have you most likely implemented?
SECaaS
The IT manager has tasked you with installing new physical machines. These computer systems are barebone systems that simply establish a remote connection to the data center to run the user’s virtualized desktop.
Which type of deployment model is being used?
Thin client
Which of the following are true concerning virtual desktop infrastructure (VDI)? (Select two.)
In the sự kiện of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers.
User desktop environments are centrally hosted on servers instead of on individual desktop systems.
Google Cloud, Amazon Web Services (AWS), and Microsoft Azure are some
of the most widely used cloud storage solutions for enterprises. Which of the following factors prompt companies to take advantage of cloud storage? (Select two.)
Needs to bring costs down
Growing demand for storage
Which of the following cloud storage access services acts as a gatekeeper, extending an organization’s security policies into the cloud storage infrastructure?
A
cloud-access security broker
Cloud storage is a virtual service, so the infrastructure is the responsibility of the storage provider. Access control should be set as a local file system would be, with no need for the provider to have access to the stored data.
You are implementing the following measures to secure your cloud storage:
Verify that security controls are the same as in a physical data center.
Use data classification
policies.
Assign information into categories that determine storage, handling, and access requirements.
Assign information classification based on information sensitivity and criticality.
Which of the following is another security measure you can implement?
Dispose of data when it is no longer needed by using specialized tools.
Which of the following tools allows the user to set security rules for an
instance of an application that interacts with one organization and different security rules for an instance of the application when interacting with another organization?
Instance awareness
What is the system that connects application repositories, systems, and IT environments in a way that allows access and exchange of data over a network by multiple devices and locations called?
Integration
Which of the following methods can cloud providers implement to provide high availability?
Replication
Which formula is used to determine a cloud provider’s availability percentage?
Uptime/uptime + downtime
Which type of firewall operates Layer 7 of the OSI model?
Application
Which of the following can provide the most specific protection and monitoring capabilities?
Cloud-access security broker
What is the on-premises, cloud-based software tool that sits between an organization and a cloud service provider called?
Cloud-access security broker
Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network?
Cloud-based firewall
Which of the following is a network security service that filters malware from user-side internet connections using different techniques?
Secure web gateway
Which
type of firewall protects against packets coming from certain IP addresses?
Packet-filtering
Your organization recently purchased 18 iPad tablets for use by the organization’s management team. These devices have iOS pre-installed on them.
To increase the security of these devices, you want to apply a default set of security-related configuration settings.
What is the BEST approach to take to accomplish
this? (Select two. Each option is part of a complete solution.)
Enroll the devices in a mobile device management (MDM) system.
Configure and apply security policy settings in a mobile device management (MDM) system.
Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to
a vice president in your organization.
For security reasons, all individuals in upper management in your organization have unlisted home phone numbers and addresses. However, security camera footage from the vice president’s home recorded someone rummaging through her garbage cans prior to the attack. The vice president admitted to writing her VPN login credentials on a sticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the
trash and used the credentials to log in to the network.
You’ve reviewed the vice president’s social truyền thông pages. You found pictures of her home posted, but you didn’t notice anything in the photos that would give away her home address. She assured you that her smartphone was never misplaced prior to the attack.
Which security weakness is the MOST likely cause of the security breach?
Geotagging was enabled on her smartphone.
Which of the following mobile device security considerations disables the ability to use the device after a short period of inactivity?
Screen lock
Your organization recently purchased 20 Android tablets for use by the organization’s management team.
To increase the security of these devices, you want to ensure that only specific apps can be installed. Which of the following would you
implement?
App whitelisting
A smartphone was lost the airport. There is no way to recover the device. Which of the following ensures data confidentiality on the device?
Remote wipe
Which of the following is the recommend Intune configuration?
Intune Standalone
Which of the following is a solution that pushes security policies directly to mobile devices over a network connection?
Mobile device management (MDM)
The IT manager has tasked you with configuring Intune. You have enrolled the devices and now need to set up the Intune policies.
Where would you go to set up the Intune policies?
In the Admin portal,
select Policy > Add Policy.
Which of the following Intune portals is used by end users to manage their own account and enroll devices?
Company portal
Your organization recently purchased 20 Android tablets for use by the organization’s management team.
You are using a Windows domain. Which of the following should you use to push security settings to the
devices?
Intune
Which of the following mobile device management (MDM) solutions is hardware-agnostic and supports many different brands of mobile devices?
EMM
Mobile application management (MAM) provides the ability to do which of the following?
Remotely install and uninstall
apps
What is the minimum number of users needed in a Windows Enterprise agreement for Intune to be included?
500
Mobile device management (MDM) provides the ability to do which of the following?
Track the device
Which of the following mobile device management (MDM) solutions allows an
organization to manage all devices, including printers, workstations, and even IoT devices?
UEM
Which of the following is the first phase of the Microsoft Intune application life cycle?
Add
Which of the following app deployment and update methods can be configured to make available to specific users and groups only the apps that
they have rights to access?
App catalog
In which phase of the Microsoft Intune application life cycle would you assign an app to users and/or devices you manage and monitor them on the Azure portal?
Deploy
Which of the following app deployment and update methods allows updates to be uploaded onto Intune where they can be pushed
out to users within 24 hours?
Remote management
Which of the following app deployment and update methods allows an administrator to remove apps and clear all data from a device without affecting the device itself?
Remote management
Which of the following is a policy that defines appropriate and inappropriate usage of company
resources, assets, and communications?
Acceptable use policy (AUP)
Which of the following defines an acceptable use agreement?
An agreement that identifies employees’ rights to use company property, such as internet access and computer equipment, for personal use.
Your organization allows employees to bring their own devices
into work, but management is concerned that a malicious internal user could use a mobile device to conduct an insider attack.
Which of the following should be implemented to help mitigate this threat?
Implement an AUP that specifies where and when mobile devices can be possessed within the organization.
Which of the following could be an example of a malicious insider attack?
A
user uses the built-in microphone to record conversations.
Which device deployment model gives businesses significant control over device security while allowing employees to use their devices to access both corporate and personal data?
COPE
Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on
company-owned tablets. These tablets contain sensitive information. If one of these tablets is lost or stolen, this information could end up in the wrong hands.
The chief information officer wants you to implement a solution that can be used to keep sensitive information from getting into the wrong hands if a device is lost or stolen.
Which of the following should you implement?
A mobile device management (MDM) infrastructure
If a user’s BYOD device (such as a tablet or phone) is infected with malware, that malware can be spread if that user connects to your organization’s network. One way to prevent this sự kiện is to use a Network Access Control (NAC) system.
How does an NAC protect your network from being infected by a BYOD device?
The NAC remediates devices before allowing them to connect to your network.
The
IT manager has tasked you with implementing a solution that ensures that mobile devices are up to date, have anti-malware installed, and have the latest definition updates before being allowed to connect to the network.
Which of the following should you implement?
NAC
Which of the following BEST describes a virtual desktop infrastructure (VDI)?
Provides enhanced security
and better data protection because most of the data processing is provided by servers in the data center rather than on the local device.
Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on their personal tablets.
The chief information officer worries that one of these users might also use their tablet to steal sensitive information from the organization’s network. Your job is to
implement a solution that prevents insiders from accessing sensitive information stored on the organization’s network from their personal devices while still giving them access to the internet.
Which of the following should you implement?
A guest wireless network that is isolated from your organization’s production network
Which of the following is an open-source hardware and software company that designs and
manufactures single-board microcontrollers as well as kits to build digital devices?
Arduino
You manage information systems for a large co-location data center.
Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology that allows them to be managed over an internet connection using a mobile device app.
You are concerned about
the security of these devices. What can you do to increase their security posture? (Select two.)
Verify that your network’s existing security infrastructure is working properly
Install the latest firmware updates from the device manufacturer
You manage the information systems for a large manufacturing firm.
Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to
manage your organization’s automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an internet connection.
You are concerned about the security of these devices. What can you do to increase their security posture? (Select two.)
Install the latest firmware updates from the device manufacturer
Verify that your network’s existing security infrastructure is working
properly
Which of the following serves real-time applications without buffer delays?
RTOS
Which of the following devices are special computer systems that gather, analyze, and manage automated factory equipment?
SCADA
You notice that a growing number of devices, such as
environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections.
Which of the following labels applies to this growing ecosystem of smart devices?
Internet of Things (IoT)
Which Amazon device can be used to control smart devices (such as lights) throughout a home using voice
commands?
Echo
Which of the following do Raspberry Pi systems make use of?
SoC
Which of the following lets you make phone calls over a packet-switched network?
VolP
Why do attackers prefer to conduct distributed network attacks in static
environments? (Select two.)
Devices are typically more difficult to monitor than traditional network devices.
Devices tend to employ much weaker security than traditional network devices.
Students also viewed
lab 9.8.7
10 terms
Ch22 Sec Pro
80 terms
9.3.4
10 terms
9.6.7
10 terms
Sets found in the same thư mục
Chapter 11
70 terms
Chapter 10
40 terms
Ch8 Wireless Overview
30 terms
Ch22 Sec Pro
80 terms
Other sets by this creator
All Chapters
817 terms
All Chapters
2 terms
Chapter 14
30 terms
Chapter 13
30 terms
Other Quizlet sets
Sports Psychology exam 2
26 terms
ECON 102 MODULE 9
22 terms
The First Thanksgiving
11 terms
A&P Chapter 5
28 terms
Which of the following could be an example of a malicious insider attack?
Malicious insider threat examples
A recently fired employee selling sensitive information to a competitor. A disgruntled employee exposing trade secrets to the public. An employee that deletes important records and information to breach compliance regulation.
What are insiders quizlet?
Insiders. Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.
Which of the following is an exploit in which malware allows the virtual OS to interact directly with the hypervisor?
Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. Such an exploit could give the attacker access to the host operating system and all other virtual machines (VMs) running on that host.
Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network?
Firewall defined
A firewall is a security device — computer hardware or software — that can help protect your network by filtering traffic and blocking outsiders from gaining unauthorized access to the private data on your computer.
Tải thêm tài liệu liên quan đến nội dung bài viết Which of the following could be an example of a malicious insider attack quizlet?
Reply
5
0
Chia sẻ
Share Link Tải Which of the following could be an example of a malicious insider attack quizlet? miễn phí
Bạn vừa tìm hiểu thêm Post Với Một số hướng dẫn một cách rõ ràng hơn về Clip Which of the following could be an example of a malicious insider attack quizlet? tiên tiến và phát triển nhất và Share Link Down Which of the following could be an example of a malicious insider attack quizlet? Free.
Hỏi đáp vướng mắc về Which of the following could be an example of a malicious insider attack quizlet?
Nếu sau khi đọc nội dung bài viết Which of the following could be an example of a malicious insider attack quizlet? vẫn chưa hiểu thì hoàn toàn có thể lại Comment ở cuối bài để Tác giả lý giải và hướng dẫn lại nha
#malicious #insider #attack #quizlet