You are currently viewing cybersecurity linkedin assessment answers
cybersecurity linkedin assessment answers_theanswershome

cybersecurity linkedin assessment answers

1. SQL injection inserts a code fragment that makes a database statement universally true, like _______.

  • SELECT * FROM users WHERE username = ” OR 1=1–‘
  • SELECT * FROM users WHERE username = ” OR 1!=1–‘
  • SELECT * FROM users WHERE username = ” AND 1=1–‘
  • SELECT * FROM users WHERE username = ” AND 11=1–‘

2. You have just conducted a port scan of a network. There is no well- known port active. How do you find a webserver running on a host, which uses a random port number?

  • Switch to another network scanning tool. Resort to more resource-intensive probing, like launching random attacks to all open ports.
  • Give up on the current target network and move on to the next one.
  • Turn on additional options in your network scanning tool to further investigate the details (type and version) of applications running on the rest of the active ports.
  • Turn on the stealth mode in your network scanning tool. Check whether you missed any other active ports associated with web servers.

3. You have just identified and mitigated an active malware attack on a user's computer, in which command and control was established. What is the next step in the process?

  • Reporting
  • Lessons Learned
  • Recovery
  • Eradication / Remediation

4. Sharing account credentials violates the _____ aspect of access control.

  • identification
  • accounting
  • authentication
  • authorization

5. Two competing online retailers process credit card transactions for customers in countries on every continent. One organization is based in the United States. The other is based in the Netherlands. With which regulation must both companies comply while ensuring the security of these transactions?

  • Payment Card Industry Data Security Standard (PCI DSS)
  • Federal Information Security Management Act (FISMA)
  • International Organization for Standardization and International Electrotechnical Commission (ISO/IC 27018)
  • General Data Protection Regulation (GDPR)

6. You are responsible for managing security of your organization's public cloud infrastructure. You need to implement security to protect the data and applications running in a variety of laaS and PaS services, including a new Kubernetes cluster. What type of solution is best suited to this requirement?

  • Cloud Security Posture Management (CSPM)
  • Cloud Access Security Brokers (CASBs)
  • Intrusion Detection and Prevention System (IDPS)
  • Cloud Workload Protection Platforms (CWPP)

7. What is the term for the policies and technologies implemented to protect, limit, monitor, audit, and govern identities with access to sensitive data and resources?

  • least privilege
  • privileged account management (PAM)
  • authentication and authorization
  • identity and access management (IAM)

8. Which action is most likely to simplify security staff training, improve integration between security components, and reduce risk to the business? (Choose the best answer.)

  • adopting a “defense-in-depth” approach to security
  • adopting a “best-of-breed” approach to security
  • adopting a “trust but verify” approach to security
  • adopting a “best-in-suite” approach to security

9. Site-to-site VPN provides access from one network address space (192.168.0.0/24) to another network address space

  • 192.168.0.1/24
  • 10.10.0.0/24
  • 192.168.0.2/24
  • 192.168.0.3/24

10. Which type of application can intercept sensitive information such as passwords on a network segment?

  • log server
  • network scanner
  • protocol analyzer
  • firewall

11. During a penetration test, you find a file containing hashed passwords for the system you are attempting to breach. Which type of attack is most likely to succeed in accessing the hashed passwords in a reasonable amount of time?

  • password spray attack
  • rainbow table attack
  • brute force attack
  • pass-the-hash attack

12. Which list correctly describes risk management techniques?

  • risk acceptance, risk mitigation, risk containment, and risk qualification
  • risk avoidance, risk transference, risk containment, and risk quantification
  • risk avoidance, risk mitigation, risk containment, and risk acceptance
  • risk avoidance, risk transference, risk mitigation, and risk acceptance

13. An attacker has discovered that they can deduce a sensitive piece of confidential information by analyzing multiple pieces of less sensitive public data. What type of security issue exists?

  • cross-origin resource sharing
  • aggregation
  • inference
  • SQL injection

14. What is the difference between DRP and BCP?

  • BCP is part of DRP.
  • DRP is part of BCP.
  • BCP works to keep a business up and running despite a disaster. DRP works to restore the original business capabilities.
  • DRP works to keep a business up and running despite a disaster. BCP works to restore the original business capabilities.

15. You have configured the audit settings in your organization's cloud services in the event of a security incident. What type of security control is an audit trail?

  • directive control
  • preventive control
  • corrective control
  • detective control

Leave a Reply