- All Exams Instant Download
Which security principle is violated by running all processes as root or administrator?
Which security principle is violated by running all processes as root or administrator?A . principle of least privilegeB . role-based access controlC . separation of dutiesD . trusted computing baseView AnswerAnswer: A
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?A . syslog messagesB . full packet captureC . NetFlowD . firewall event logsView AnswerAnswer: C
In which Linux log file is this output found?
Refer to the exhibit. In which Linux log file is this output found?A . /var/log/authorization.logB . /var/log/dmesgC . var/log/var.logD . /var/log/auth.logView AnswerAnswer: D
What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?
What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?A . least privilegeB . need to knowC . integrity validationD . due diligenceView AnswerAnswer: A
How does certificate authority impact a security system?
How does certificate authority impact a security system?A . It authenticates client identity when requesting SSL certificateB . It validates domain identity of a SSL certificateC . It authenticates domain identity when requesting SSL certificateD . It validates client identity when communicating with the serverView AnswerAnswer: B
Which kind of attack method is depicted in this string?
Refer to the exhibit. Which kind of attack method is depicted in this string?A . cross-site scriptingB . man-in-the-middleC . SQL injectionD . denial of serviceView AnswerAnswer: A
Which category classifies the intrusion?
A user received a malicious attachment but did not run it. Which category classifies the intrusion?A . weaponizationB . reconnaissanceC . installationD . deliveryView AnswerAnswer: D
What is the function of a command and control server?
What is the function of a command and control server?A . It enumerates open ports on a network deviceB . It drops secondary payload into malwareC . It is used to regain control of the network after a compromiseD . It sends instruction to a compromised systemView AnswerAnswer: D
What is a purpose of a vulnerability management framework?
What is a purpose of a vulnerability management framework?A . identifies, removes, and mitigates system vulnerabilitiesB . detects and removes vulnerabilities in source codeC . conducts vulnerability scans on the networkD . manages a list of reported vulnerabilitiesView AnswerAnswer: A
Which filter allows an engineer to filter traffic in Wireshark to further analyze the PCAP file by only showing the traffic for LAN 10.11.x.x, between workstations and servers without the Internet?
Which filter allows an engineer to filter traffic in Wireshark to further analyze the PCAP file by only showing the traffic for LAN 10.11.x.x, between workstations and servers without the Internet?A . src=10.11.0.0/16 and dst=10.11.0.0/16B . ip.src==10.11.0.0/16 and ip.dst==10.11.0.0/16C . ip.src=10.11.0.0/16 and ip.dst=10.11.0.0/16D . src==10.11.0.0/16 and dst==10.11.0.0/16View AnswerAnswer: B
