PBQ 1 of 6 · Security Architecture — Firewall Configuration
Configure Perimeter Firewall Access Control Rules
You are the security administrator for Meridian Financial. The perimeter firewall must be configured to enforce the following security policy. Using the ACL rule builder below, configure exactly five rules in the correct top-down processing order. Firewall rules are evaluated from Rule 1 downward and stop at the first match.
Security Policy Requirements
A
Allow inbound HTTPS (443) and HTTP (80) traffic from any source to the public web server at 10.10.10.80.
B
Allow SSH (22) access only from the admin subnet 192.168.100.0/24 to any internal host. No other source should be permitted SSH.
C
Allow outbound DNS (UDP 53) queries from the internal network 10.0.0.0/8 to the public resolver 8.8.8.8.
D
Block all Telnet (23) traffic from any source to any destination — Telnet is prohibited organization-wide.
E
Implement an implicit deny-all as the final rule — any traffic not explicitly permitted above must be dropped.
| Rule | Action | Protocol | Source | Destination | Port / Service |
|---|
Rule-by-Rule Explanation
PBQ 2 of 6 · Threats, Attacks & Vulnerabilities — Attack Classification
Classify Each Attack or Threat into the Correct Category
A security awareness team is building a training module. Drag each attack or threat type from the bank below into the correct category column. Each item belongs to exactly one category.
🖱 Drag items from the bank into the correct category. Drag an item back to the bank to remove it from a column.
Item Bank
Correct Classifications
PBQ 3 of 6 · Security Operations — Incident Response
Arrange the Incident Response Phases in the Correct Order
A SOC analyst is reviewing the incident response procedure for a newly discovered ransomware infection. They must follow the CompTIA SY0-701 Incident Response lifecycle precisely. Drag all seven phases from the bank into the numbered positions in the correct sequence.
🖱 Drag phases from the Phase Bank into the numbered slots (1 = first action). Drag back to bank to remove.
Phase Bank
IR Sequence (1 = First Phase)
Correct IR Sequence & Rationale
PBQ 4 of 6 · Security Operations — Log Analysis & Threat Hunting
Investigate a Security Incident Using Authentication Log Analysis
The SIEM has flagged unusual authentication activity on server prod-web-01 (10.10.5.50). You have been granted shell access to investigate. Using the terminal below:
- Identify the type of attack occurring against this server.
- Identify the attacker's source IP address.
- Determine whether the attacker achieved successful access.
- Identify what action the attacker performed after gaining access.
- Recommend immediate mitigation steps.
💡 Available commands:
cat auth.log, grep <pattern>, tail -n <num> auth.log, wc -l auth.log, show summary, recommend, helpConnected to prod-web-01. Authentication log loaded.
Type 'help' for available commands, 'cat auth.log' to view logs.
analyst@prod-web-01:~$
Investigation Summary & Explanation
PBQ 5 of 6 · Cryptography & PKI — Algorithm Identification
Match Each Cryptographic Algorithm to Its Correct Description
A security architect is reviewing the cryptographic standards used across the organization's infrastructure. Drag each algorithm or protocol from the bank on the left to the description on the right that best defines its type, purpose, and key characteristics.
🖱 Each algorithm is used exactly once. Drag back to the bank to remove from a slot.
Algorithm Bank
Descriptions
Correct Matches & Explanations
PBQ 6 of 6 · Risk Management — Quantitative Analysis & Response Strategies
Calculate ALE and Match Risk Response Strategies to Scenarios
A risk analyst at Nexcore Solutions is performing an annual quantitative risk assessment. Complete Part A by calculating the Annual Loss Expectancy (ALE) for each risk scenario, then complete Part B by dragging each risk scenario to the correct risk response strategy.
Part A — ALE Calculation · Formula: ALE = SLE × ARO
📐 Enter dollar values in the ALE column. Accepted formats: $32000 / 32,000 / $32,000. SLE = Single Loss Expectancy · ARO = Annualized Rate of Occurrence.
| Risk Scenario | SLE | ARO | ALE (Your Answer) |
|---|
Part B — Risk Response Strategy Matching
🖱 Drag each risk scenario card from the bank into the correct response strategy zone below.
Scenario Bank
Explanations