- All Exams Instant Download
Which of the following tools will the security administrator use to conduct this inventory MOST efficiently?
A security administrator needs to conduct a full inventory of all encryption protocols and cipher suites. Which of the following tools will the security administrator use to conduct this inventory MOST efficiently?A . tcpdumpB . Protocol analyzerC . NetstatD . NmapView AnswerAnswer: D
Which of the following caused the incident?
The Chief Executive Officer (CEO) received an email from the Chief Financial Ofcer (CFO), asking the CEO to send nancial details. The CEO thought it was strange that the CFO would ask for the nancial details via email. The email address was correct in the "From “section of the email....
Which of the following would be BEST to improve the incident response process?
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following...
Which of the following vulnerabilities is the MOST likely cause of this data breach?
Condential corporate data was recently stolen by an attacker who exploited data transport protections. Which of the following vulnerabilities is the MOST likely cause of this data breach?A . Resource exhaustion on the VPN concentratorsB . Weak SSL cipher strengthC . Improper input handling on the FTP siteD . Race...
Which of the following adjustments would be the MOST appropriate for the service account?
A security analyst is reviewing the password policy for a service account that is used for a critical network service. The password policy for this account is as follows: Enforce password history: Three passwords remembered Maximum password age: 30 days Minimum password age: Zero days Complexity requirements: At least one...
In which of the following steps should technicians connect domain controllers to the net-work and begin authenticating users again?
A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the net-work and begin authenticating users again?A . PreparationB . IdentificationC . ContainmentD . EradicationE . RecoveryF . Lessons...
During certain vulnerability scanning scenarios, It is possible for the target system to react in unexpected ways.
During certain vulnerability scanning scenarios, It is possible for the target system to react in unexpected ways. This type of scenario is MOST commonly known as:A . intrusive testing.B . a butter overflow.C . a race conditionD . active reconnaissance.View AnswerAnswer: D
Which of the following types of attacks occurred?
Joe a new employee, discovered a thumb drive with the company's logo on it while walking in the parking lot Joe was curious as to the contents of the drive and placed it into his work computer. Shortly after accessing the contents, he noticed the machine was running slower, started...
Which of the following BEST describes the feature being configured by the technician?
A technician is installing a new SIEM and is configuring the system to count the number of times an event occurs at a specific logical location before the system takes action. Which of the following BEST describes the feature being configured by the technician?A . CorrelationB . AggregationC . Event...
Which of the following cloud models is used to share resources and information with business partners and like businesses without allowing everyone else access?
Which of the following cloud models is used to share resources and information with business partners and like businesses without allowing everyone else access?A . PublicB . HybridC . CommunityD . PrivateView AnswerAnswer: C
