- All Exams Instant Download
Which of the following reconnaissance types is the tester performing?
A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?A . ActiveB . PassiveC . DefensiveD . OffensiveView AnswerAnswer: A Explanation: Active reconnaissance is a type of reconnaissance...
Which of the following security benefits do these actions provide?
A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs. Which of the following security benefits do these actions provide? (Choose two.)A . If a security incident occurs on the device, the correct employee can be notified.B . The security team will be...
Which of the following steps should be taken first?
A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?A . Air gap the system.B . Move the system to a different network segment.C . Create a change control request.D . Apply the patch to the system.View AnswerAnswer: C...
Which of the following would be the best solution?
An engineer needs to find a solution that creates an added layer of security by preventing unauthorized access to internal company resources. Which of the following would be the best solution?A . RDP serverB . Jump serverC . Proxy serverD . HypervisorView AnswerAnswer: B Explanation: = A jump server is...
Which of the following should the hosting provider consider first?
A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?A . Local data protection regulationsB . Risks from hackers residing in other countriesC . Impacts to existing contractual obligationsD . Time zone differences in log correlationView...
Which of the following is the type of data these employees are most likely to use in day-to-day work activities?
Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day-to-day work activities?A . EncryptedB . Intellectual propertyC . CriticalD . Data...
Which of the following should the systems administrator use?
A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems...
Which of the following attacks is most likely occurring?
A security analyst is reviewing the following logs: Which of the following attacks is most likely occurring?A . Password sprayingB . Account forgeryC . Pass-t he-hashD . Brute-forceView AnswerAnswer: A Explanation: Password spraying is a type of brute force attack that tries common passwords across several accounts to find a...
Which of the following methods is most secure?
A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods is most secure?A . Implementing a bastion hostB . Deploying a perimeter networkC . Installing a WAFD . Utilizing single sign-onView AnswerAnswer: A Explanation: A bastion...
Which of the following social engineering techniques are being attempted?
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)A . TyposquattingB . PhishingC . ImpersonationD . VishingE . SmishingF . MisinformationView AnswerAnswer: B E Explanation:...
