- All Exams Instant Download
Which obfuscation technique is the attacker using?
An analyst is investigating a host in the network that appears to be communicating to a command and control server on the Internet. After collecting this packet capture, the analyst cannot determine the technique and payload used for the communication. Which obfuscation technique is the attacker using?A . Base64 encodingB...
Which command will accomplish this goal?
An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap. Which command will accomplish this goal?A . nmap --top-ports 192.168.1.0/24B . nmap CsP 192.168.1.0/24C . nmap -sL 192.168.1.0/24D . nmap -sV 192.168.1.0/24View AnswerAnswer: B Explanation: The -sP option...
Which action prevents buffer overflow attacks?
Which action prevents buffer overflow attacks?A . variable randomizationB . using web based applicationsC . input sanitizationD . using a Linux operating systemView AnswerAnswer: C Explanation: Input sanitization involves cleaning up user input before processing it, ensuring that it does not contain malicious code intended for buffer overflow attacks or...
What are two social engineering techniques? (Choose two.)
What are two social engineering techniques? (Choose two.)A . privilege escalationB . DDoS attackC . phishingD . man-in-the-middleE . pharmingView AnswerAnswer: C, E Explanation: Social engineering techniques often involve manipulating individuals into divulging confidential information or performing actions that compromise security. Phishing involves sending fraudulent messages (often emails) that appear...
What is occurring in this network?
Refer to the exhibit. What is occurring in this network?A . ARP cache poisoningB . DNS cache poisoningC . MAC address table overflowD . MAC flooding attackView AnswerAnswer: D Explanation: The exhibit shows a network diagram with a switch, a router, and two hosts. The switch has a MAC address...
What is the difference between an attack vector and attack surface?
What is the difference between an attack vector and attack surface?A . An attack surface identifies vulnerabilities that require user input or validation; and an attack vector identifies vulnerabilities that are independent of user actions.B . An attack vector identifies components that can be exploited, and an attack surface identifies...
Which two pieces of information from the analysis report are needed to investigate the callouts?
An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection. Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)A . signaturesB . host IP addressesC ....
What information is depicted?
Refer to the exhibit. What information is depicted?A . IIS dataB . NetFlow dataC . network discovery eventD . IPS event dataView AnswerAnswer: B
What type of information did the malicious insider attempt to obtain?
An engineer is investigating a case of the unauthorized usage of the “Tcpdump” tool. The analysis revealed that a malicious insider attempted to sniff traffic on a specific interface. What type of information did the malicious insider attempt to obtain?A . tagged protocols being used on the networkB . all...
Which two features of Cisco Application Visibility and Control should the engineer use to accomplish this goal?
An engineer needs to have visibility on TCP bandwidth usage, response time, and latency, combined with deep packet inspection to identify unknown software by its network traffic flow. Which two features of Cisco Application Visibility and Control should the engineer use to accomplish this goal? (Choose two.)A . management and...
