CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
1. Management is concerned with administrator access from outside the network to a key server in the company. Specifically, firewall rules allow access to the serverfrom anywhere in the company. Which of the following would be an effective solution?
A) Honeypot
B) Server hardening
C) Jump box
D) Anti-malware
2. The help desk informed a security analyst of a trend that is beginning to develop regarding a suspicious email that has been reported by multiple users. The analysthas determined the email includes an attachment named invoice.zip that contains the following files:Locky.jsxerty.inixerty.libFurther analysis indicates that when the .zip file is opened, it is installing a new version of ransomware on the devices. Which of the following should be done FIRSTto prevent data on the company NAS from being encrypted by infected devices?
A) Email employees instructing them not to open the invoice attachment.
B) Disable access to the company VPN.
C) Add the URL included in the .js file to the companys web proxy filter.
D) Set permissions on file shares to read-only.
3. During a routine review of firewall logs, an analyst identified that an IP address from the organizations server subnet had been connecting during nighttime hours toa foreign IP address, and had been sending between 150 and 500 megabytes of data each time. This had been going on for approximately one week, and theaffected server was taken offline for forensic review. Which of the following is MOST likely to drive up the incidents impact assessment?
A) Forensic review of the server required fall-back on a less efficient service.
B) The local root password for the affected server was compromised.
C) IP addresses and other network-related configurations were exfiltrated.
D) PII of company employees and customers was exfiltrated.
E) Raw financial information about the company was accessed.
4. A security analyst wants to scan the network for active hosts. Which of the following host characteristics help to differentiate between a virtual and physical host?
A) Host IPs
B) Gateway settings
C) DNS routing tables
D) Reserved MACs
5. A security analyst is performing a review of Active Directory and discovers two new user accounts in the accounting department. Neither of the users has elevatedpermissions, but accounts in the group are given access to the companys sensitive financial management application by default. Which of the following is theBEST course of action?
A) Monitor the outbound traffic from the application for signs of data exfiltration
B) Remove the accounts access privileges to the sensitive application
C) Follow the incident response plan for the introduction of new accounts
D) Disable the user accounts
E) Confirm the accounts are valid and ensure role-based permissions are appropriate
A) Honeypot
B) Server hardening
C) Jump box
D) Anti-malware
2. The help desk informed a security analyst of a trend that is beginning to develop regarding a suspicious email that has been reported by multiple users. The analysthas determined the email includes an attachment named invoice.zip that contains the following files:Locky.jsxerty.inixerty.libFurther analysis indicates that when the .zip file is opened, it is installing a new version of ransomware on the devices. Which of the following should be done FIRSTto prevent data on the company NAS from being encrypted by infected devices?
A) Email employees instructing them not to open the invoice attachment.
B) Disable access to the company VPN.
C) Add the URL included in the .js file to the companys web proxy filter.
D) Set permissions on file shares to read-only.
3. During a routine review of firewall logs, an analyst identified that an IP address from the organizations server subnet had been connecting during nighttime hours toa foreign IP address, and had been sending between 150 and 500 megabytes of data each time. This had been going on for approximately one week, and theaffected server was taken offline for forensic review. Which of the following is MOST likely to drive up the incidents impact assessment?
A) Forensic review of the server required fall-back on a less efficient service.
B) The local root password for the affected server was compromised.
C) IP addresses and other network-related configurations were exfiltrated.
D) PII of company employees and customers was exfiltrated.
E) Raw financial information about the company was accessed.
4. A security analyst wants to scan the network for active hosts. Which of the following host characteristics help to differentiate between a virtual and physical host?
A) Host IPs
B) Gateway settings
C) DNS routing tables
D) Reserved MACs
5. A security analyst is performing a review of Active Directory and discovers two new user accounts in the accounting department. Neither of the users has elevatedpermissions, but accounts in the group are given access to the companys sensitive financial management application by default. Which of the following is theBEST course of action?
A) Monitor the outbound traffic from the application for signs of data exfiltration
B) Remove the accounts access privileges to the sensitive application
C) Follow the incident response plan for the introduction of new accounts
D) Disable the user accounts
E) Confirm the accounts are valid and ensure role-based permissions are appropriate
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: E
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: D
Explanation:
5. Right Answer: E
Explanation:
0 Comments
Leave a comment
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
