- All Exams Instant Download
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible without a specific key, certificate, or password?A . fragmentationB . pivotingC . encryptionD . stenographyView AnswerAnswer: C Explanation: Encryption allows the user to make the data incomprehensible without a specific key, certificate, or password....
Why is encryption challenging to security monitoring?
Why is encryption challenging to security monitoring?A . Encryption analysis is used by attackers to monitor VPN tunnels.B . Encryption is used by threat actors as a method of evasion and obfuscation.C . Encryption introduces additional processing requirements by the CPU.D . Encryption introduces larger packet sizes to analyze and...
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?A . integrityB . confidentialityC . availabilityD . scopeView AnswerAnswer: A Explanation: Integrity is a metric in CVSS that measures the impact of a vulnerability on the trustworthiness...
Which two components reduce the attack surface on an endpoint? (Choose two.)
Which two components reduce the attack surface on an endpoint? (Choose two.)A . secure bootB . load balancingC . increased audit log levelsD . restricting USB portsE . full packet captures at the endpointView AnswerAnswer: A, D Explanation: Secure boot and restricting USB ports are two components that can reduce...
What is the potential threat identified in this Stealthwatch dashboard?
Refer to the exhibit. What is the potential threat identified in this Stealthwatch dashboard?A . A policy violation is active for host 10.10.101.24.B . A host on the network is sending a DDoS attack to another inside host.C . There are two active data exfiltration alerts.D . A policy violation...
Which type of web server attack is represented?
Refer to the exhibit. This request was sent to a web application server driven by a database. Which type of web server attack is represented?A . parameter manipulationB . heap memory corruptionC . command injectionD . blind SQL injectionView AnswerAnswer: D
What is the state of this file?
Refer to the exhibit. An engineer is analyzing this Cuckoo Sandbox report for a PDF file that has been downloaded from an email. What is the state of this file?A . The file has an embedded executable and was matched by PEiD threat signatures for further analysis.B . The file...
Drag and drop the technology on the left onto the data type the technology provides on the right
DRAG DROP Drag and drop the technology on the left onto the data type the technology provides on the right. View AnswerAnswer:
What is the threat agent in this situation?
A network engineer discovers that a foreign government hacked one of the defense contractors in their home country and stole intellectual property. What is the threat agent in this situation?A . the intellectual property that was stolenB . the defense contractor who stored the intellectual propertyC . the method used...
How does an SSL certificate impact security between the client and the server?
How does an SSL certificate impact security between the client and the server?A . by enabling an authenticated channel between the client and the serverB . by creating an integrated channel between the client and the serverC . by enabling an authorized channel between the client and the serverD ....
