- All Exams Instant Download
Which of the following types of security testing is the MOST cost-effective approach used to analyze existing code and identity areas that require patching?
Which of the following types of security testing is the MOST cost-effective approach used to analyze existing code and identity areas that require patching?A . Black boxB . Gray boxC . White boxD . Red teamE . Blue teamView AnswerAnswer: C
Which of the following attacks is used to capture the WPA2 handshake?
Which of the following attacks is used to capture the WPA2 handshake?A . ReplayB . IVC . Evil twinD . DisassociationView AnswerAnswer: A
Which of the following should the security administrator implement?
The Chief Information Security Officer (CISO) at a large company tasks a security administrator to provide additional validation for website customers. Which of the following should the security administrator implement?A . HTTPB . DNSSECC . 802.1XD . Captive portalView AnswerAnswer: D
Which of the following tools will the administrator MOST likely use to confirm the suspicions?
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?A . NmapB . WiresharkC . AutopsyD . DNSEnumView AnswerAnswer: A
Which of the following security concepts is the systems administrator implementing?
A systems administrator has created network file shares for each department with associated security groups for each role within the organization. Which of the following security concepts is the systems administrator implementing?A . Separation of dutiesB . Permission auditingC . Least privilegeD . Standard naming conventionView AnswerAnswer: A
Which of the following would provide a technical control to prevent this activity from occurring?
While reviewing system logs, a security analyst notices that a large number of end users are changing their passwords four times on the day the passwords are set to expire. The analyst suspects they are cycling their passwords to circumvent current password controls. Which of the following would provide a...
Which of the following cloud deployment models BEST fits the agency's needs?
A government agency with sensitive information wants to virtualize its infrastructure. Which of the following cloud deployment models BEST fits the agency's needs?A . PublicB . CommunityC . PrivateD . HybridView AnswerAnswer: B
Which of the following represents the BEST way to configure the accounts?
A systems administrator has been assigned to create accounts for summer interns. The interns are only authorized to be in the facility and operate computers under close supervision. They must also leave the facility at designated times each day. However, the interns can access intern file folders without supervision. Which...
A critical enterprise component whose loss or destruction would significantly impede business operations or have an outsized impact on corporate revenue is known as:
A critical enterprise component whose loss or destruction would significantly impede business operations or have an outsized impact on corporate revenue is known as:A . a single point of failureB . critical system infrastructureC . proprietary information.D . a mission-essential functionView AnswerAnswer: D
Which of the following types of malware is this example of?
A security consultant is analyzing data from a recent compromise. The following data points are documented ✑ Access to data on share drives and certain networked hosts was lost after an employee logged in to an interactive session as a privileged user. ✑ . The data was unreadable by any...
