- All Exams Instant Download
Which of the following would be the best way to locate this issue?
During an audit, several customer order forms were found to contain inconsistencies between the actual price of an item and the amount charged to the customer. Further investigation narrowed the cause of the issue to manipulation of the public-facing web form used by customers to order products. Which of the...
Which of the following commands will best accomplish the analyst's objectives?
A security analyst wants to capture large amounts of network data that will be analyzed at a later time. The packet capture does not need to be in a format that is readable by humans, since it will be put into a binary file called "packetCapture." The capture must be...
Which of the following types of media are most volatile and should be preserved?
A digital forensics investigator works from duplicate images to preserve the integrity of the original evidence. Which of the following types of media are most volatile and should be preserved? (Select two).A . Memory cacheB . Registry fileC . SSD storageD . Temporary filesystemsE . Packet decodingF . Swap volumeView...
Which of the following is the user attempting to do based on the log entries?
A security analyst notices the following proxy log entries: Which of the following is the user attempting to do based on the log entries?A . Use a DoS attack on external hosts.B . Exfiltrate data.C . Scan the network.D . Relay email.View AnswerAnswer: D Explanation: Scanning the network is what the...
Which of the following existing technical controls should a security analyst recommend to best meet all the requirements?
A Chief Information Officer wants to implement a BYOD strategy for all company laptops and mobile phones. The Chief Information Security Officer is concerned with ensuring all devices are patched and running some sort of protection against malicious software. Which of the following existing technical controls should a security analyst...
Which of the following describes what the analyst has noticed?
An analyst notices there is an internal device sending HTTPS traffic with additional characters in the header to a known-malicious IP in another country. Which of the following describes what the analyst has noticed?A . BeaconingB . Cross-site scriptingC . Buffer overflowD . PHP traversalView AnswerAnswer: A Explanation:
Which of the following systems should be prioritized for patching first?
An analyst is reviewing a vulnerability report for a server environment with the following entries: Which of the following systems should be prioritized for patching first?A . 10.101.27.98B . 54.73.225.17C . 54.74.110.26D . 54.74.110.228View AnswerAnswer: D Explanation: The system that should be prioritized for patching first is 54.74.110.228, as it...
Which of the following most accurately describes the result of the scan?
The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attemptB . The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...
Which of the following is the best option to protect the data on the remote users' laptops?
An organization supports a large number of remote users. Which of the following is the best option to protect the data on the remote users' laptops? A. Require the use of VPNs. B. Require employees to sign an NDA. C. Implement a DLP solution. D. Use whole disk encryption.View AnswerAnswer:...
Which of the following has the user become?
A user downloads software that contains malware onto a computer that eventually infects numerous other systems. Which of the following has the user become?A . HacklivistB . Advanced persistent threatC . Insider threatD . Script kiddieView AnswerAnswer: C Explanation: The user has become an insider threat by downloading software that...
