Each question will have 1 or more correct answers

1. Which of the following methods can reduce an organization's cybersecurity attack surface?

Turn off unnecessary services on servers in your infrastructure.

Implement an intrusion detection/prevention system.

Ensure that you have security audit logs stored in a secure system.

Reduce the number of servers in your infrastructure.

2. Which are examples of the Least Privilege principle?

Requiring separate usernames & passwords for high-level administrative access to systems.

Granting domain admin rights to the server team, but not to the network engineering team.

Granting the access management team rights to add and remove people from groups, but not the ability to create new users or delete log data.

Granting network administrators full access to network systems, but no access to storage or logging systems.

3. Which are examples of authorization?

Evaluating SSO attributes of a user as they are logging into a web app.

Verifying active directory group membership when a user is accessing a file share.

Providing a token that can be used to access systems after a username and password have been verified.

Verifying that a username and password combination is correct.

4. Which of the following are true about hash functions?

Hash functions should distribute source data unevenly across the hash key space.

Hash functions can be used to validate that data has not been altered.

The text strings that hash functions output are always shorter than the original text put into the hash functions.

All data strings generated by a hash function have the same length.

5. Which of the following are required for secure public-key cryptography?

A random number to act as a generator.

A private key.

A 1-way mathematical function.

A public key.