Match the description with the most accurate attack type.- Attacker obtains bank account number and birth date by calling the victim |
|
Match the description with the most accurate attack type.- Attacker modifies a legitimate DNS server to resolve the IP address of a malicious site |
|
Match the description with the most accurate attack type.- Attacker intercepts all communication between a client and a web server |
|
Match the description with the most accurate attack type.- Multiple attackers overwhelm a web server |
|
Match the description with the most accurate attack type.- A virus alert appears in your browser from Microsoft with a phone number to call for support |
|
Select the BEST security control.
(May be more than one.) |
|
Select the BEST security control.
(May be more than one.) |
|
Select the BEST security control.
(May be more than one.) |
|
Select the BEST security control.
(May be more than one.) |
|
| BEST secure network protocol for the description: Accept customer purchases from your primary website | |
| BEST secure network protocol for the description: Synchronize the time across all of your devices | |
| BEST secure network protocol for the description: Access your switch using a CLI terminal screen | |
| BEST secure network protocol for the description: Talk with customers on scheduled conference calls | |
| BEST secure network protocol for the description: Gather metrics from routers at remote sites | |
| Match the appropriate authentication reference: During the login process, your phone receives a text message with a one-time passcode | |
| Match the appropriate authentication reference: You enter your PIN to make a deposit into an ATM | |
| Match the appropriate authentication reference: You must sign a check-in sheet before entering a controlled area | |
| Match the appropriate authentication reference: You can use your fingerprint to unlock the door to the data center | |
| Match the appropriate authentication reference: Your login will not work unless you are connected to the VPN | |
| You’ve hired a third-party to gather information about your company’s servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach? | |
|
Which of these protocols use TLS to provide secure
communication? (Select TWO) |
|
| Which of these threat actors would be MOST likely to attack systems for direct financial gain? | |
| An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices? | |
| Which of the following standards provides information on privacy and managing PII? | |
| Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration? | |
| A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement? | |
An insurance company has created a set of policies to handle data breaches. The security team has been given this set of requirements based on these policies:
|
|
Rodney, a security engineer, is viewing this record from the firewall logs:UTC 04/05/2018 03:09:15809 AV Gateway Alert Which of the following can be observed from this log information?
|
|
| A user connects to a third-party website and receives this message: Your connection is not private. NET::ERR_CERT_INVALID Which of the following attacks would be the MOST likely reason for this message? | |
| Which of the following would be the BEST way to provide a website login using existing credentials from a third-party site? | |
| A system administrator, Daniel, is working on a contract that will specify a minimum required uptime for a set of Internet-facing firewalls. Daniel needs to know how often the firewall hardware is expected to fail between repairs. Which of the following would BEST describe this information? | |
| An attacker calls into a company’s help desk and pretends to be the director of the company’s manufacturing department. The attacker states that they have forgotten their password and they need to have the password reset quickly for an important meeting. What kind of attack would BEST describe this phone call? | |
| A security administrator has been using EAP-FAST wireless authentication since the migration from WEP to WPA2. The companys network team now needs to support additional authentication protocols inside of an encrypted tunnel. Which of the following would meet the network team’s requirements? | |
|
Which of the following would be commonly provided by a CASB? (Select TWO) |
|
| The embedded OS in a company’s time clock appliance is configured to reset the file system and reboot when a file system error occurs. On one of the time clocks, this file system error occurs during the startup process and causes the system to constantly reboot. Which of the following BEST describes this issue? | |
|
A recent audit has found that existing password policies do not include
any restrictions on password attempts, and users are not required to
periodically change their passwords. Which of the following would
correct these policy issues? (Select TWO) |
|
| What kind of security control is associated with a login banner? | |
| A security team has been provided with a non-credentialed vulnerability scan report created by a third-party. Which of the following would they expect to see on this report? | |
| A business manager is documenting a set of steps for processing orders if the primary Internet connection fails. Which of these would BEST describe these steps? | |
| A security administrator is concerned about data exfiltration resulting from the use of malicious phone charging stations. Which of the following would be the BEST way to protect against this threat? | |
| A company would like to protect the data stored on laptops used in the field. Which of the following would be the BEST choice for this requirement? | |
| A file server has a full backup performed each Monday at 1 AM. Incremental backups are performed at 1 AM on Tuesday, Wednesday, Thursday, and Friday. The system administrator needs to perform a full recovery of the file server on Thursday afternoon. How many backup sets would be required to complete the recovery? | |
A company is creating a security policy that will protect all corporate mobile devices:
|
|
| A security engineer runs a monthly vulnerability scan. The scan doesn’t list any vulnerabilities for Windows servers, but a significant vulnerability was announced last week and none of the servers are patched yet. Which of the following best describes this result? | |
|
A security administrator is adding additional authentication controls to the existing infrastructure. Which of the following should be added by the security administrator? (Select TWO) |
|
| A network administrator would like each user to authenticate with their personal username and password when connecting to the company's wireless network. Which of the following should the network administrator configure on the wireless access points? | |
|
A security administrator needs to identify all references to a Javascript
file in the HTML of a web page. Which of the following tools should be
used to view the source of the web page and search through the file for a
specific filename?
(Select TWO) |
|
| A user has assigned individual rights and permissions to a file on their network drive. The user adds three additional individuals to have readonly access to the file. Which of the following would describe this access control model? | |
| A remote user has received a text message requesting login details to the corporate VPN server. Which of the following would BEST describe this message? | |
| A department store policy requires that a floor manager approves each transaction when a gift certificate is used for payment. The security team has found that some of these transactions have been processed without the approval of a manager. Which of the following would provide a separation of duties to enforce this store policy? | |
| Which of the following is true of a rainbow table? (Select TWO) | |
| A server administrator at a bank has noticed a decrease in the number of visitors to the bank's website. Additional research shows that users are being directed to a different IP address than the bank's web server. Which of the following would MOST likely describe this attack? | |
| Which of these cloud deployment models would share resources between a private virtualized data center and externally available cloud services? | |
| A company hires a large number of seasonal employees, and their system access should normally be disabled when the employee leaves the company. The security administrator would like to verify that their systems cannot be accessed by any of the former employees. Which of the following would be the BEST way to provide this verification? | |
| A network administrator has installed a new access point, but only a portion of the wireless devices are able to connect to the network. Other devices can see the access point, but they are not able to connect even when using the correct wireless settings. Which of the following security features was MOST likely enabled? | |
A security administrator has gathered this information:
Proto Recv-Q Send-Q Local Address Foreign Address (state)tcp6 416 0 2601:4c3:4080:82.63976 yv-in-x5e.1e100..https CLOSE_WAITtcp6 0 0 2601:4c3:4080:82.63908 atl14s80-in-x0a..https ESTABLISHEDtcp6 0 0 fe80::4de1:1d4:8.36253 fe80::38b0:a2b1:.1025 ESTABLISHEDtcp6 0 0 fe80::4de1:1d4:8.1024 fe80::38b0:a2b1:.1024 ESTABLISHEDWhich of the following is being used to create this information? |
|
| An attacker has discovered a way to disable a server by sending specially crafted packets from many remote devices to the operating system. When the packet is received, the system crashes and must be rebooted to restore normal operations. Which of the following would BEST describe this attack? | |
| A data breach has occurred in a large insurance company. A security administrator is building new servers and security systems to get all of the financial systems back online. Which part of the incident response process would BEST describe these actions? | |
| A manufacturing company has moved an inventory application from their internal systems to a PaaS service. Which of the following would be the BEST way to manage security policies on this new service? | |
| An organization has identified a significant vulnerability in a firewall that was recently installed for Internet connectivity. The firewall company has stated there are no plans to create a patch for this vulnerability. Which of the following would BEST describe this issue? | |
| A company has decided to perform a disaster recovery exercise during an annual meeting with the IT directors and senior directors. A simulated disaster will be presented, and the participants will discuss the logistics and processes required to resolve the disaster. Which of the following would BEST describe this exercise? | |
| A security administrator needs to identify all computers on the company network infected with a specific malware variant. Which of the following would be the BEST way to identify these systems? | |
| A system administrator has been called to a system that is suspected to have a malware infection. The administrator has removed the device from the network and has disconnected all USB flash drives. Which of these incident response steps is the administrator following? | |
| How can a company ensure that all data on a mobile device is unrecoverable if the device is lost or stolen? | |
| A security administrator is collecting information associated with a ransomware infection on the company's web servers. Which of the following log files would provide information regarding the memory contents of these servers? | |
| Which part of the PC startup process verifies the digital signature of the OS kernel? | |
| Which of these best describes two-factor authentication? | |
| Which of these best describes two-factor authentication? | |
| A manufacturing company would like to track the progress of parts as they are used on an assembly line. Which of the following technologies would be the BEST choice for this task? |