In a VoIP network, which of the following is the best protocol to protect the signaling traffic for initiating, maintaining, and terminating real-time sessions that include voice, video, and messaging applications?
A. Session Initiation Protocol (SIP)
B. SRTP
C. TLS/SSL
D. MGCP
Which of the following cryptographic operations is least applicable in quantum cryptography?
A. Generate a one-time pad
B. Distribute the encryption key
C. Encrypt the plain text
D. Ensure sufficient entropy for encryption
Quantum computing is the use of quantum phenomena such as superposition and entanglement to perform computation. Which of the following is most vulnerable to quantum computing?
A. Stream cipher
B. Symmetric encryption
C. Public key infrastructure
D. Lattice-based cryptosystem
Which of the following statements about user and entity behavior analytics (UEBA) is not true?
A. UEBA collects live data from various sources, as SIEM does.
B. UEBA analyzes user behavior only, while SIEM monitors network device activities.
C. UEBA detects potential insider threats and compromised accounts.
D. UEBA sends alerts and reduces false positives.
Threat feeds convey a large quantity of data, including Indicators of Compromise (IoCs), pieces of forensic data that identify potentially malicious activities. Security analysts analyze, enrich, and turn them into threat intelligence, and security teams use them to look for persistent threats and recently discovered or zero-day exploits. Which of the following indicators provided by threat feeds provides the most value?
A. Host Artifacts
B. Domain Names
C. Hash Values
D. Tools
Bob is suffering from allegations of sexual harassment by Alice. His company receives the complaint and is considering an investigation to determine if he is responsible. If so, disciplinary action will be taken. As an investigator, which of the following is least likely to happen in the investigation?
A. Dismiss the case
B. Determine powers of investigation
C. Ask for Bob’s legal representation
D. Gather evidence
You are training a machine learning model to support an anomaly-based intrusion detection system (IDS). The model can predict if an IP address is safe or not. Which of the following is the best method or technique to train the model?
A. Regression
B. Classification
C. Clustering
D. Dimensionality Reduction
Alice and Bob work together to develop a log parser using C++. Alice is linking the main program with the modules in object code developed by Bob. The log parser loads all the dependent modules when it starts. Which of the following best describes the role of Bob’s modules?
A. Software Development Kit (SDK)
B. Runtime library
C. Static library
D. Application Programming Interface (API)
An in-house development team in your organization is tasked to develop a new information system. As a software developer, which of the following is the best tool to protect the intellectual property of codes?
A. Compiler
B. Obfuscator
C. Debugger
D. Linker
An in-house development team in your organization is tasked to develop a new information system deployed to a public PaaS to support a new mission. A well-known consulting firm, enlisted in your organizational approved providers and offerings, is contracted to advise cloud services. Some of the tools used by developers are freeware downloaded from the internet. Which of the following acquisition sources is not used in this project?
A. Commercial-off-the-shelf (COTS)
B. Open Source
C. Managed services
D. Third-party