You must be logged in to view this content.
Security+ (SY0-601) Test Your Readiness (75 Questions)
Quiz Summary
0 of 395 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Results
0 of 395 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
- SY0-601 Ch 10 0%
- SY0-601 Ch 11 0%
- SY0-601 Ch 2 0%
- SY0-601 Ch 3 0%
- SY0-601 Ch 4 0%
- SY0-601 Ch 5 0%
- SY0-601 Ch 6 0%
- SY0-601 Ch 7 0%
- SY0-601 Ch 8 0%
- SY0-601 Ch 9 0%
- SY0-601 Chapter 2 0%
A passing score is 90%.
Don’t take this quiz on the same day. It encourages your brain to memorize the questions and answers.
Take this quiz after a day or a couple of days. Your score on the next days is a much better gauge of your understanding.
Remember, all the questions have explanations explaining why the correct answers are correct and why the incorrect answers are incorrect. Understanding the explanations will help ensure you’re prepared for the live exam. The explanation also shows the course or courses where you can get more detailed information on the topic. Click “View Questions” to see the explanations.
Congrats. You’ve passed the quiz.
Ensure you are using all the materials in this package, most importantly all the quizzes. It will help you track your progress and be ready for the live exam.
Remember, all the questions have explanations explaining why the correct answers are correct and why the incorrect answers are incorrect. Understanding the explanations will help ensure you’re prepared for the live exam. The explanation also shows the course or courses where you can get more detailed information on the topic. Click “View Questions” to see the explanations.
Pos. | Name | Entered on | Points | Result |
---|---|---|---|---|
Table is loading | ||||
No data available | ||||
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
- 223
- 224
- 225
- 226
- 227
- 228
- 229
- 230
- 231
- 232
- 233
- 234
- 235
- 236
- 237
- 238
- 239
- 240
- 241
- 242
- 243
- 244
- 245
- 246
- 247
- 248
- 249
- 250
- 251
- 252
- 253
- 254
- 255
- 256
- 257
- 258
- 259
- 260
- 261
- 262
- 263
- 264
- 265
- 266
- 267
- 268
- 269
- 270
- 271
- 272
- 273
- 274
- 275
- 276
- 277
- 278
- 279
- 280
- 281
- 282
- 283
- 284
- 285
- 286
- 287
- 288
- 289
- 290
- 291
- 292
- 293
- 294
- 295
- 296
- 297
- 298
- 299
- 300
- 301
- 302
- 303
- 304
- 305
- 306
- 307
- 308
- 309
- 310
- 311
- 312
- 313
- 314
- 315
- 316
- 317
- 318
- 319
- 320
- 321
- 322
- 323
- 324
- 325
- 326
- 327
- 328
- 329
- 330
- 331
- 332
- 333
- 334
- 335
- 336
- 337
- 338
- 339
- 340
- 341
- 342
- 343
- 344
- 345
- 346
- 347
- 348
- 349
- 350
- 351
- 352
- 353
- 354
- 355
- 356
- 357
- 358
- 359
- 360
- 361
- 362
- 363
- 364
- 365
- 366
- 367
- 368
- 369
- 370
- 371
- 372
- 373
- 374
- 375
- 376
- 377
- 378
- 379
- 380
- 381
- 382
- 383
- 384
- 385
- 386
- 387
- 388
- 389
- 390
- 391
- 392
- 393
- 394
- 395
- Current
- Review
- Answered
- Correct
- Incorrect
- Question 1 of 395
1. Question
Employees in the Springfield Emergency Management department reported receiving a similar suspicious email. The email included a malicious link, but the employees recently completed training on malicious threats and none of them clicked on the link. Security investigators determined the link was malicious and would have downloaded ransomware if anyone clicked the link. Which of the following BEST describes the email?
CorrectIncorrect - Question 2 of 395
2. Question
Homer is complaining that his system began acting erratically after he visited the comptia.org web site. After checking the proxy server logs, you determine that he was visiting the comptai.org web site and this web site downloaded suspicious files to his computer. Which of the following is the MOST likely explanation for this activity?
CorrectIncorrect - Question 3 of 395
3. Question
An organization’s security policy requires employees to place all discarded paper documents in containers for temporary storage. These papers are later burned in an incinerator. Which of the following attacks are these actions MOST likely trying to prevent?
CorrectIncorrect - Question 4 of 395
4. Question
Lisa is a database administrator and received a phone call from someone identifying himself as a technician working with a known hardware vendor. He said he’s calling customers to inform them of a problem with database servers they’ve sold, but he said the problem only affects servers running a specific operating system version. He asks Lisa what operating system versions the company is running on their database servers. Which of the following choices is the BEST response from Lisa?
CorrectIncorrect - Question 5 of 395
5. Question
Homer has been looking for the newest version of a popular smartphone. However, he can’t find it in stock anywhere. Today, he received an email advertising the smartphone. After clicking the link, his system was infected with malware. Which of the following principles is the email sender employing?
CorrectIncorrect - Question 6 of 395
6. Question
A security administrator at a shopping mall discovered two wireless cameras pointing at an automatic teller machine. These cameras were not installed by mall personnel and are not authorized. What is the MOST likely goal of these cameras?
CorrectIncorrect - Question 7 of 395
7. Question
Marge reports that she keeps receiving unwanted emails inviting her to respond to surveys. What does this describe?
CorrectIncorrect - Question 8 of 395
8. Question
Bart’s supervisor told him to clean his desk to comply with the organization’s clean desk space policy. While doing so, he threw several papers containing PII into the recycle bin. Which type of attack can exploit this action?
CorrectIncorrect - Question 9 of 395
9. Question
Bart is in a break area outside the office. He told Lisa that he forgot his badge inside and asked Lisa to let him follow her when she goes back inside. Which of the following does this describe?
CorrectIncorrect - Question 10 of 395
10. Question
Lisa is a database administrator. She received a phone call from someone identifying himself as a representative from a known hardware vendor. He said he’s calling customers to inform them of a problem with database servers they’ve sold, but he said the problem only affects servers running a specific operating system version. He asks Lisa what operating system versions the company is running on their database servers. Which of the following BEST describes the tactic used by the caller in this scenario?
CorrectIncorrect - Question 11 of 395
11. Question
Your organization’s CFO recently received an email indicating the organization is being sued. More, the email names her specifically as a defendant in the lawsuit. It includes an attachment described as a subpoena and encourages her to open for more information. Which of the following BEST describes the social engineering principle used by the sender in this scenario?
CorrectIncorrect - Question 12 of 395
12. Question
A man in a maintenance uniform walked up to your organization’s receptionist desk. He said he was called by the CIO and asked to fix an issue with the phones and needed access to the wiring closet. The receptionist asked the man to show his building access badge and then she verified that he was on the list of approved personnel to access this secure area. What type of attack will the checks performed by the receptionist prevent?
CorrectIncorrect - Question 13 of 395
13. Question
Homer received a text message on his smart phone that appeared to come from Google. It indicated a problem with his account, said it will send him a verification code, and encouraged him to reply to the text with the code. It also stated that his account would be permanently locked if he didn’t provide the code. Which of the following BEST describes this activity?
CorrectIncorrect - Question 14 of 395
14. Question
Your SIEM system sent an alert related to many failed logins. Reviewing the logs, you notice login failures for about 100 different accounts. The logs then show the same accounts indicate login failures starting about three hours after the first login failure. Which of the following BEST describes this activity?
CorrectIncorrect - Question 15 of 395
15. Question
Dr. Bob installed code designed to run if he ever lost his job as a sidekick on a television show. The code will create a new account with credentials that only he knows three days after his original account is deleted. Which type of account does this code create?
CorrectIncorrect - Question 16 of 395
16. Question
Dr. Terwilliger installed code designed to enable his account automatically if he ever lost his job as a sidekick on a television show. The code is designed to reenable his account three days after it is disabled. Which of the following does this describe?
CorrectIncorrect - Question 17 of 395
17. Question
You are reviewing security controls and their usefulness. You notice that account lockout policies are in place. Which of the following attacks will these policies thwart? (Select TWO.)
CorrectIncorrect - Question 18 of 395
18. Question
Lisa completed an antivirus scan on a server and detected a Trojan. She removed the Trojan but was concerned that unauthorized personnel might still be able to access data on the server and decided to check the server further. Of the following choices, what is she MOST likely looking for on this server?
CorrectIncorrect - Question 19 of 395
19. Question
Employees at the Marvin Monroe Memorial Hospital are unable to access any computer data. Instead, they occasionally see a message indicating that attackers encrypted all the data and it would remain encrypted until the attackers received a hefty sum as payment. Which of the following BEST describes this attack?
CorrectIncorrect - Question 20 of 395
20. Question
After Bart logged onto his computer, he was unable to access any data. Instead, his screen displayed a message indicating that unless he made a payment, his hard drive would be formatted, and he’d permanently lose access to his data. What does this indicate?
CorrectIncorrect - Question 21 of 395
21. Question
Security administrators recently discovered suspicious activity within your network. After investigating the activity, they discovered malicious traffic from outside your network connecting to a server within your network. They determined that a malicious threat actor used this connection to install malware on the server and the malware is collecting data and sending it out of the network. Which of the following BEST describes the type of malware used by the threat actor?
CorrectIncorrect - Question 22 of 395
22. Question
Your SIEM system alerted on potential malicious activity from a system in your network. After investigating the alert, you determine it was generated after it detected suspicious activity generated through a PowerShell script. Additionally, you verified that the system is sending traffic to and from an unknown IP address in the Internet. Which of the following is the BEST description of this threat?
CorrectIncorrect - Question 23 of 395
23. Question
Bart downloaded and installed the nmap security scanner from https://passsecurityplus.com. After completing the install, he noticed that his browser’s home page and default search engine was changed. What is the MOST likely cause of the activity?
CorrectIncorrect - Question 24 of 395
24. Question
Homer complained of abnormal activity on his workstation. After investigating, an administer discovered his workstation is connecting to systems outside the organization’s internal network using uncommon ports. The administrator discovered the workstation is also running several hidden processes. Which of the following choices BEST describe this activity?
CorrectIncorrect - Question 25 of 395
25. Question
While reviewing logs on a web server hosted by your organization you notice multiple logon failures to an FTP account but they’re only happening about once every 30 minutes. You also see that the same password is being tried against the SSH account right after the FTP account logon failure. What BEST describes what is happening?
CorrectIncorrect - Question 26 of 395
26. Question
Maggie was on the programming team that developed an application used by your Human Resources department. Personnel use this application to store and manage employee data. Maggie programmed in the ability to access this application with a username and password that only she knows, so that she can perform remote maintenance on the application if necessary. Which of the following does this describe?
CorrectIncorrect - Question 27 of 395
27. Question
Recently, malware on a computer at the Monty Burns Casino destroyed several important files after it detected that Homer was no longer employed at the casino. Which of the following BEST identifies this malware?
CorrectIncorrect - Question 28 of 395
28. Question
Logs on a web server show that it is receiving a significant number of SYN packets from multiple sources on the Internet, but it isn’t receiving the corresponding ACK packets. Of the following choices, what is the MOST likely source of these packets?
CorrectIncorrect - Question 29 of 395
29. Question
An attacker has captured a database filled with hashes of randomly generated passwords. Which of the following attacks is MOST likely to crack the largest number of passwords in this database in the shortest amount of time?
CorrectIncorrect - Question 30 of 395
30. Question
While reviewing logs for a web application, a security analyst notices that it has crashed several times reporting a memory error. Shortly after it crashes, the logs show malicious code that isn’t part of a known application. Which of the following is MOST likely occurring?
CorrectIncorrect - Question 31 of 395
31. Question
Going through logs, you notice a suspicious script that includes phrases such as cn=SQL1, dc=gcga, dc=com. You suspect that it is part of an injection attack. Which of the following BEST identifies the type of injection attack this could be?
CorrectIncorrect - Question 32 of 395
32. Question
Web developers are implementing error handling in a database application accessed by a web server. Which of the following would be the BEST way to implement this?
CorrectIncorrect - Question 33 of 395
33. Question
Some protocols include sequence numbers and timestamps. Which of the following attacks are thwarted by using these components?
CorrectIncorrect - Question 34 of 395
34. Question
You are examining logs generated by an online web application. You notice that the following phrase is appearing in several queries
‘ or ‘1’=’1’ —
Which of the following is the MOST likely explanation for this?CorrectIncorrect - Question 35 of 395
35. Question
An application on one of your database servers has crashed several times recently. Examining detailed debugging logs, you discover that just prior to crashing, the database application is receiving a long series of x90 characters. What is MOST likely occurring?
CorrectIncorrect - Question 36 of 395
36. Question
You’re reviewing the logs for a web server and see several suspicious entries. You suspect that an attacker is attempting to write more data into a web application’s memory than it can handle. What does this describe?
CorrectIncorrect - Question 37 of 395
37. Question
Hacker Harry has an account on a website that he uses when posting comments. When he visits, he enters his username and password to log on and the site displays his username with any comments he makes. Today, he noticed that he could enter JavaScript code as part of his username. After entering the code, other users experienced unexpected results when hovering over his username. What does this describe?
CorrectIncorrect - Question 38 of 395
38. Question
Management recently mandated that computer monitors must be positioned so that they cannot be viewed from outside any windows. Additionally, users are directed to place screen filters over their monitors. What is the purpose of this policy?
CorrectIncorrect - Question 39 of 395
39. Question
Attackers recently sent some malicious emails to the CFO within your organization. These emails have forged From blocks and look like they are coming from the CEO of the organization. They include a PDF file that is described as an unpaid invoice. However, the PDF is infected with malware. Which of the following BEST describes the attack type in this scenario?
CorrectIncorrect - Question 40 of 395
40. Question
Users are complaining about intermittent connectivity with a web server. After examining the logs, you identify a large volume of connection attempts from public IP addresses. You realize these connection attempts are overloading the server, preventing it from responding to other connections. Which of the following is MOST likely occurring?
CorrectIncorrect - Question 41 of 395
41. Question
A coffee shop recently stopped broadcasting the SSID (coffeewifi) for their wireless network. Instead, paying customers can view it on their receipt and use it to connect to the coffee shop’s wireless network. Today, Lisa turned on her laptop computer and saw the SSID coffewifi and connected to it. Which of the following is the MOST likely reason why?
CorrectIncorrect - Question 42 of 395
42. Question
Mobile users in your network report that they frequently lose connectivity with the wireless network on some days, but on other days they don’t have any problems. You suspect this is due to an attack. Which of the following is MOST likely an attack that could cause this problem?
CorrectIncorrect - Question 43 of 395
43. Question
Your SIEM sent an alert after detecting the following script was run on a system within your network.
invoke-command {
$a = net localgroup administrators |
where {$_ -AND $_ -notmatch “command completed”} |
select -skip 4 }
What BEST describes this script?CorrectIncorrect - Question 44 of 395
44. Question
An IDS has sent multiple alerts in response to increased traffic. Upon investigation, you realize it is due to a spike in network traffic from several sources. Assuming this is malicious, which of the following is the MOST likely explanation?
CorrectIncorrect - Question 45 of 395
45. Question
The Marvin Monroe Memorial Hospital recently suffered a serious attack preventing employees from accessing any computer data. The attackers scattered ReadMe files throughout the network that appeared on user screens. They indicated that the attackers encrypted all the data and it would remain encrypted until the attackers received a hefty sum as payment. Which of the following identifies the MOST likely threat actor in this attack?
CorrectIncorrect - Question 46 of 395
46. Question
A tech company recently discovered an attack on its organization, resulting in a significant data breach of customer data. After investigating the attack, they realized it was very sophisticated and likely originated from a foreign country. Which of the following identifies the MOST likely threat actor in this attack?
CorrectIncorrect - Question 47 of 395
47. Question
Bart recently launched an attack on a company web site using scripts he found on the Internet. Which of the following BEST describes Bart as a threat actor?
CorrectIncorrect - Question 48 of 395
48. Question
An attacker purchased an exploit on the Internet. He then used it to modify the price of an item in an online shopping cart when during checkout. Which of the following BEST describes this attacker?
CorrectIncorrect - Question 49 of 395
49. Question
An attacker recently attacked a web server hosted by your company. After investigating the attack, security professionals determined that the attacker used a previously unknown application exploit. Which of the following BEST identifies this attack?
CorrectIncorrect - Question 50 of 395
50. Question
Homer recently received a phishing email with a malicious attachment. He was curious so he opened it to see what it was. It installed malware on his system, and quickly spread to other systems in the network. Security investigators discovered that the malware exploited a vulnerability that wasn’t previously known by any trusted sources. Which of the following BEST describes this attack?
CorrectIncorrect - Question 51 of 395
51. Question
Your organization hosts an e-commerce web site used to sell digital products. You are tasked with evaluating all the elements used to support this web site. What are you performing?
CorrectIncorrect - Question 52 of 395
52. Question
Attackers recently exploited vulnerabilities in a web server hosted by your organization. Management has tasked administrators with checking the server and eliminating any weak configurations on it. Which of the following will meet this goal?
CorrectIncorrect - Question 53 of 395
53. Question
Gil Gunderson, a salesperson in your organization, received an email on his work computer that included a malicious link. After clicking the link, his computer was infected with malware. The malware was not detected by antivirus software installed on his computer, the organization’s email server, or the organization’s UTM appliance. After infecting his computer, the malware then searched the network and encrypted data in all the network shares that Gil could access. Which of the following BEST describes how this occurred?
CorrectIncorrect - Question 54 of 395
54. Question
A SQL database server was recently attacked. Cybersecurity investigators discovered the attack was self-propagating through the network. When it found the database server, it used well-known credentials to access the database. Which of the following would be the BEST action to prevent this from occurring again?
CorrectIncorrect - Question 55 of 395
55. Question
You want to identify all the services running on a server in your network. Which of the following tools is the BEST choice to meet this goal?
CorrectIncorrect - Question 56 of 395
56. Question
Your organization hired a cybersecurity expert to perform a security assessment. After running a vulnerability scan, she sees the following error on a web server:
– Host IP 192.168.1.10 OS Apache httpd 2.433 Vulnerable to mod_auth exploitHowever, she verified that the mod_auth module has not been installed or enabled on the server. Which of the following BEST explains this scenario?
CorrectIncorrect - Question 57 of 395
57. Question
Lisa periodically runs vulnerability scans on the organization’s network. Lately, she has been receiving many false positives. Which of the following actions can help reduce the false positives?
CorrectIncorrect - Question 58 of 395
58. Question
Developers in your organization routinely use automated tools to identify vulnerabilities in source code. These tools occasionally identify vulnerabilities that do not exist. What does this describe?
CorrectIncorrect - Question 59 of 395
59. Question
You performed a vulnerability scan on a web application server and the scan reported that the server is missing some patches. However, after inspecting the server, you realize that the patches are for a protocol that you removed from the server. Which of the following is the BEST explanation for this disparity?
CorrectIncorrect - Question 60 of 395
60. Question
You suspect that a database server used by a web application is not up-to-date with current patches. Which of the following is the BEST action to take to verify the server has up-to-date patches?
CorrectIncorrect - Question 61 of 395
61. Question
Lisa is evaluating a web application hosted on a web server. She needs to identify potential misconfigurations and other risks on the server and the tool she uses must be non-intrusive. Which of the following is the BEST choice to meet her needs?
CorrectIncorrect - Question 62 of 395
62. Question
You recently completed a vulnerability scan on a database server. The scan didn’t report any issues. However, you know that it is missing a patch. The patch wasn’t applied because it causes problems with the database application. Which of the following BEST describes this?
CorrectIncorrect - Question 63 of 395
63. Question
You recently completed a vulnerability scan on your network. It reported that several servers are missing key operating system patches. However, after checking the servers, you’ve verified that the servers have these patches installed. Which of the following BEST describes this?
CorrectIncorrect - Question 64 of 395
64. Question
Ziffcorp is developing a new technology that they expect to become a huge success when it’s released. The CIO is concerned about someone stealing their company secrets related to this technology. Which of the following will help the CIO identify potential dangers related to the loss of this technology?
CorrectIncorrect - Question 65 of 395
65. Question
Which of the following elements are used as part of threat hunting? (Choose two.)
CorrectIncorrect - Question 66 of 395
66. Question
Security professionals are performing a penetration test on your network. After compromising a server, they use the compromised server to launch additional attacks within the network. Which of the following BEST describes this activity?
CorrectIncorrect - Question 67 of 395
67. Question
Your organization has hired outside penetration testers to identify internal network vulnerabilities. After successfully exploiting vulnerabilities in a single computer, the testers attempt to access other systems within the network. Which of the following BEST describes their current actions?
CorrectIncorrect - Question 68 of 395
68. Question
Your organization has a legacy server running a mission critical application. The application is not compatible with current operating system patches, so management has decided to let it remain unpatched. However, management wants to know if attackers can infiltrate the network, by first exploiting vulnerabilities on this server. Which of the following is the MOST appropriate action?
CorrectIncorrect - Question 69 of 395
69. Question
Your organization outsourced development of a software module to modify the functionality of an existing proprietary application. The developer completed the module and is now testing it with the entire application. What type of testing is the developer performing?
CorrectIncorrect - Question 70 of 395
70. Question
Bart, a database administrator in your organization, told you about recent attacks on the network and how they have been disrupting services and network connectivity. In response, he said he has been using Nmap to run vulnerability scans and identify vulnerabilities. Which of the following is wrong with this scenario?
CorrectIncorrect - Question 71 of 395
71. Question
Lisa has been hired as a penetration tester by your organization to test the security of a web server. She decides to start by footprinting the server. Which of the following tools will BEST help her in this phase?
CorrectIncorrect - Question 72 of 395
72. Question
The IT department at your organization recently created an isolated test network that mimics the DMZ. They then hired an outside company to perform a simulated cyber-attack on this isolated test network as part of a testing campaign. Which of the following BEST describes the role of personnel from the outside company?
CorrectIncorrect - Question 73 of 395
73. Question
Your organization regularly performs training in the form of a game mimicking an exercise. One team oversees the exercise, sets the rules, and identifies the rules of engagement. Another team uses known TTPs to exploit vulnerabilities within the rules of engagement. You are on a team dedicated to defending resources. Which of the following BEST describes your role?
CorrectIncorrect - Question 74 of 395
74. Question
Your IT department includes a subgroup of employees dedicated to cybersecurity testing. Each member of this group has knowledge of known TTPs and how to use them. Additionally, each member of this group has knowledge of security controls that would be implemented to protect network resources. Which of the following BEST describes members of this team?
CorrectIncorrect - Question 75 of 395
75. Question
Bart was in a coffee shop going through emails and messages on his smartphone. He then started receiving several text messages promoting a political party and encouraging him to visit websites. After he left the coffee shop, he didn’t receive any more messages. What does this describe?
CorrectIncorrect - Question 76 of 395
76. Question
A network administrator routinely tests the network looking for vulnerabilities. He recently discovered a new access point set to open. After connecting to it, he found he was able to access network resources. What is the BEST explanation of this device?
CorrectIncorrect - Question 77 of 395
77. Question
The Ninth National Bank of Springfield is considering an alternate location as part of its continuity of operations plan. It wants to identify a site resiliency solution that provides the shortest recovery time. Which of the following is the BEST choice?
CorrectIncorrect - Question 78 of 395
78. Question
Bart needs to send an email to his supervisor with an attachment that includes sensitive information. He wants to maintain the confidentiality of this information. Which of the following choices is the BEST choice to meet his needs?
CorrectIncorrect - Question 79 of 395
79. Question
As an administrator, you receive an antivirus alert from a server in your network indicating one of the files has a hash of known malware. The file was pushed to the server from the organization’s patch management system and is scheduled to be applied to the server early the next morning. The antivirus software indicates that the file and hash of the malware on the server is:
• File: gcga_upgrade.exe
• Hash: bd64571e26035d95e5e9232b4aff b915
Checking the logs of the patch management system you see the following information:
**Status Update Name Hash**
Pushed gcga_upgrade.exe b815571e26035d95e5e9232b4aff48db
Which of the following indicates what MOST likely occurred?CorrectIncorrect - Question 80 of 395
80. Question
As a security administrator, you receive an antivirus alert from a server in your network indicating one of the files has a hash of known malware. The file was pushed to the server from the organization’s patch management system and is scheduled to be applied to the server early the next morning. The antivirus software indicates that the file and hash of the malware is:
• File: gcga_upgrade.exe
• Hash: 518b571e26035d95e5e9232b4affbd84
Checking the logs of the patch management system you see the following information:
**Status Update Name Hash**
Pushed gcga_upgrade.exe 518b571e26035d95e5e9232b4affbd84
Which of the following indicates what MOST likely occurred?CorrectIncorrect - Question 81 of 395
81. Question
Your organization hosts an e-commerce web site using a back-end database. The database stores product data and customer data, including credit card numbers. Which of the following is the BEST way to protect the credit card data?
CorrectIncorrect - Question 82 of 395
82. Question
Network administrators are considering adding an HSM to a server in your network. What functions will this add to the server?
CorrectIncorrect - Question 83 of 395
83. Question
Your organization plans to implement desktops via the cloud. Each desktop will include an operating system and a core group of applications needed by employees and the desktops will be managed by the cloud provider. Employees will be able to access these desktops from anywhere that has Internet access and from almost any device. Which of the following BEST identifies this service?
CorrectIncorrect - Question 84 of 395
84. Question
Maggie, the new CTO at your organization, wants to reduce costs by utilizing more cloud services. She has directed the use of a cloud service instead of purchasing all the hardware and software needed for an upcoming project. She also wants to ensure that the cloud provider maintains all the required hardware and software. Which of the following BEST describes the cloud computing service model that will meet these requirements?
CorrectIncorrect - Question 85 of 395
85. Question
The Springfield Nuclear Power Plant has created and maintains an online application used to teach the basics of nuclear physics. Only students and teachers in the Springfield Elementary School can access this application via the cloud. What type of cloud service model is this?
CorrectIncorrect - Question 86 of 395
86. Question
The Springfield school system stores some data in the cloud using its own resources. The Shelbyville Nuclear Power Plant also stores some data in the cloud using its own resources. Later, the two organizations decide to share some data in both clouds for educational purposes. Which of the following BEST describes the cloud created by these two organizations?
CorrectIncorrect - Question 87 of 395
87. Question
IT auditors have found several unmanaged VMs in a network. They discovered that these were created by administrators for testing but weren’t removed after testing was completed. Which of the following should be implemented to prevent this in the future?
CorrectIncorrect - Question 88 of 395
88. Question
Database administrators have created a database used by a web application. However, testing shows that application queries against the database take a significant amount of time. Which of the following actions is MOST likely to improve the overall performance of the database?
CorrectIncorrect - Question 89 of 395
89. Question
Your organization hosts an e-commerce web server. The server randomly experiences a high volume of sales and usage from mid-November to the end of December, causing spikes in resource usage. These spikes have resulted in outages during the past year. Which of the following should be implemented to prevent these outages?
CorrectIncorrect - Question 90 of 395
90. Question
Your organization hosts an e-commerce web server selling digital products. The server randomly experiences a high volume of sales and usage which causes spikes in resource usage. These spikes occasionally take the server down. Which of the following should be implemented to prevent these outages?
CorrectIncorrect - Question 91 of 395
91. Question
Several developers in your organization are working on a software development project. Recently, Bart made an unauthorized change to the code that effectively broke several modules. Unfortunately, there isn’t any record of who made the change or details of the change. Management wants to ensure it is easy to identify who makes any changes in the future. Which of the following provides the BEST solution for this need?
CorrectIncorrect - Question 92 of 395
92. Question
A web developer is adding input validation techniques to a web site application. Which of the following should the developer implement during this process?
CorrectIncorrect - Question 93 of 395
93. Question
Looking at logs for an online web application, you see that someone has entered the following phrase into several queries:
‘ or ‘1’=’1’ —
Which of the following provides the BEST protection against this attack?CorrectIncorrect - Question 94 of 395
94. Question
Network administrators have identified what appears to be malicious traffic coming from an internal computer, but only when no one is logged on to the computer. You suspect the system is infected with malware. It periodically runs an application that attempts to run hping3 via remote websites. After comparing the computer with a list of applications from the master image, they verify this application is likely the problem. What allowed them to make this determination?
CorrectIncorrect - Question 95 of 395
95. Question
Management within your organization has decided to implement a biometric solution for authentication into the data center. They have stated that the biometric system needs to be highly accurate. Which of the following provides the BEST indication of accuracy with a biometric system?
CorrectIncorrect - Question 96 of 395
96. Question
Management within your organization wants to add 2FA security for users working from home. Additionally, management wants to ensure that 2FA passwords expire after 30 seconds. Which of the following choices BEST meets this requirement?
CorrectIncorrect - Question 97 of 395
97. Question
Your organization recently updated an online application that employees use to log on when working from home. Employees enter their username and password into the application from their smartphone and the application logs their location using GPS. Which type of authentication is being used?
CorrectIncorrect - Question 98 of 395
98. Question
The Marvin Monroe Memorial Hospital was recently sued after removing a kidney from the wrong patient. Hospital executives want to implement a method that will reduce medical errors related to misidentifying patients. They want to ensure medical personnel can identify a patient even if the patient is unconscious. Which of the following would be the BEST solution?
CorrectIncorrect - Question 99 of 395
99. Question
IT administrators created a VPN for employees to use while working from home. The VPN is configured to provide AAA services. Which of the following would be presented to the AAA system for identification?
CorrectIncorrect - Question 100 of 395
100. Question
You are comparing different types of authentication. Of the following choices, which one uses multifactor authentication?
CorrectIncorrect - Question 101 of 395
101. Question
Your organization’s backup policy for a file server dictates that the amount of time needed to restore backups should be minimized. Which of the following backup plans would BEST meet this need?
CorrectIncorrect - Question 102 of 395
102. Question
Management within your organization wants to increase data availability by adding redundancy to a database server. Unfortunately, they have a limited budget. Which of the following is the BEST choice to meet this requirement?
CorrectIncorrect - Question 103 of 395
103. Question
Your organization hosts e-commerce servers within the DMZ. These servers are attracting a significant increase in buyers recently, and this increased traffic has occasionally overloaded the servers, causing a temporary loss in service. You need to identify a network design that will increase the availability of web-faced applications hosted on these servers. Which of the following choices provides the BEST solution?
CorrectIncorrect - Question 104 of 395
104. Question
Your database backup strategy includes full backups performed on Saturdays at 12:01 a.m. and differential backups performed daily at 12:01 a.m. If the database fails on Thursday afternoon, how many backups are required to restore it?
CorrectIncorrect - Question 105 of 395
105. Question
Administrators at your organization want to increase cybersecurity resilience of key servers by adding fault tolerance capabilities. However, they have a limited budget. Which of the following is the BEST choice to meet these needs?
CorrectIncorrect - Question 106 of 395
106. Question
Your organization hosts an e-commerce web site that has been receiving a significant increase in traffic. The CPU is handling the load, but the server is unable to process the bandwidth consistently. Which of the following is the BEST choice to solve this problem?
CorrectIncorrect - Question 107 of 395
107. Question
Your organization hosts several databases on two servers. Management wants to increase the redundancy of data storage for these servers. Which of the following is the BEST choice to meet this requirement?
CorrectIncorrect - Question 108 of 395
108. Question
The backup policy for a database server states that the amount of time needed to perform backups should be minimized. Which of the following backup plans would BEST meet this need?
CorrectIncorrect - Question 109 of 395
109. Question
Compu-Global-Hyper-Mega-Net hosts a web site selling digital products. Marketing personnel have launched several successful sales. The server has been overwhelmed, resulting in slow responses from the server, and lost sales. Management wants to implement a solution that will provide cybersecurity resilience. Which of the following is the BEST choice?
CorrectIncorrect - Question 110 of 395
110. Question
Fileserver1 hosts several files accessed by users in your organization and it’s important that they can always access these files. Management wants to implement a solution to increase cybersecurity resilience. Which of the following is the LOWEST cost solution to meet this requirement?
CorrectIncorrect - Question 111 of 395
111. Question
Lisa needs to deploy a NAS server to store backups, but she has a limited budget. Which of the following is the BEST choice?
CorrectIncorrect - Question 112 of 395
112. Question
Engineers at your organization want to use embedded systems to monitor sensors in the processing plant. They can’t find any off the shelf products to meet their needs so they decide to purchase hardware that they can program. Management has given its approval but wants to limit the amount of work needed to deploy them and insists that they can be updated if needed. Which of the following will BEST meet this need?
CorrectIncorrect - Question 113 of 395
113. Question
A security professional needs to identify a physical security control that will identify individuals before allowing them to enter a secure area. Additionally, it should only allow a single person to enter at a time. Which of the following is the BEST solution?
CorrectIncorrect - Question 114 of 395
114. Question
You need to secure access to a data center. Which of the following choices provides the BEST physical security to meet this need? (Select THREE.)
CorrectIncorrect - Question 115 of 395
115. Question
Your company wants to control access to a restricted area of the building by adding an additional physical security control that includes facial recognition. Which of the following provides the BEST solution?
CorrectIncorrect - Question 116 of 395
116. Question
The Springfield Nuclear Power plant has several stand-alone computers used for monitoring. Employees log onto these computers using a local account to verify proper operation of various processes. The CIO of the organization has mandated that these computers cannot be connected to the organization’s network or have access to the Internet. Which of the following would BEST meet this requirement?
CorrectIncorrect - Question 117 of 395
117. Question
Your local library is planning to purchase new laptops that patrons can use for Internet research. However, management is concerned about possible theft. Which of the following is the BEST choice to prevent theft of these laptops?
CorrectIncorrect - Question 118 of 395
118. Question
Your organization recently landed a contract with the federal government. Developers are fine tuning an application that will process sensitive data. The contract mandates that all computers using this application must be isolated. Which of the following would BEST meet this need?
CorrectIncorrect - Question 119 of 395
119. Question
Your organization is planning to expand its cloud-based services offered to the public. In preparation, they expanded the datacenter space. It currently has one row of racks for servers, but they plan to add at least one more row of racks for servers. Engineers calculated the power and HVAC requirements and said the best way to reduce utility costs is by ensuring the two server rows are faced in the opposite direction. What is primary reason for this configuration?
CorrectIncorrect - Question 120 of 395
120. Question
Thieves recently rammed a truck through the entrance of one of your organization’s buildings in the middle of the night. They then proceeded to steal a significant amount of IT equipment. Which of the following choices can prevent this from happening again?
CorrectIncorrect - Question 121 of 395
121. Question
After performing a security audit, a security professional reported an increase in the number of tailgating violations into a secure data center. Which of the following can prevent this?
CorrectIncorrect - Question 122 of 395
122. Question
Management within your organization wants to create a small network used by executives only. They want to ensure that this network is completely isolated from the main network. Which of the following choices BEST meets this need?
CorrectIncorrect - Question 123 of 395
123. Question
Employees access the data center by entering a cipher code at the door. However, everyone uses the same code, so it does not identify individuals. After a recent security incident, management has decided to implement a key card system that will identify individuals who enter and exit this secure area. However, the installation might take six months or longer. Which of the following choices can the organization install immediately to identify individuals who enter or exit the secure area?
CorrectIncorrect - Question 124 of 395
124. Question
An online application requires users to log on with their email address and a password. The application encrypts the passwords in a hashed format. Which of the following can be added to decrease the likelihood that attackers can discover these passwords?
CorrectIncorrect - Question 125 of 395
125. Question
What is the primary difference between a block cipher and a stream cipher?
CorrectIncorrect - Question 126 of 395
126. Question
GCGA, a software development company, occasionally updates its software with major updates and minor patches. Administrators load these updates to the company web site along with a hash associated with each update. Which of the following BEST describes the purpose of the hash?
CorrectIncorrect - Question 127 of 395
127. Question
Your organization maintains a data center to store data. Management has decided to move a large amount of financial data into cloud storage to reduce costs with the data center. This data is regularly accessed and sometimes manipulated by employees, customers, and vendors around the world. Management has mandated that the data always needs to be encrypted while in the cloud. Which of the following is the BEST choice to meet these requirements?
CorrectIncorrect - Question 128 of 395
128. Question
Management has mandated the use of digital signatures by all personnel within your organization. Which of the following use cases does this support?
CorrectIncorrect - Question 129 of 395
129. Question
Lisa needs to transmit PII via email and she wants to maintain its confidentiality. Which of the following choices is the BEST solution?
CorrectIncorrect - Question 130 of 395
130. Question
An application requires users to log on with passwords. The application developers want to store the passwords in such a way that it will thwart rainbow table attacks. Which of the following is the BEST solution?
CorrectIncorrect - Question 131 of 395
131. Question
Your organization recently updated the security policy and mandated that emails sent between upper-level executives must be checked to ensure they arrive without any changes. The IT department is tasked with implementing technical controls to meet this need. Which security goal does this policy address?
CorrectIncorrect - Question 132 of 395
132. Question
Management within your organization has defined a use case to support confidentiality of data stored in a database. Which of the following solutions will BEST meet this need?
CorrectIncorrect - Question 133 of 395
133. Question
A DLP system detected confidential data being sent out via email from Bart’s account. However, he denied sending the email. Management wants to implement a method that would prevent Bart from denying accountability in the future. Which of the following are they trying to enforce?
CorrectIncorrect - Question 134 of 395
134. Question
Your organization recently updated the security policy and mandated that emails sent between upper-level executives must be encrypted to prevent any unauthorized disclosure. Which security goal does this policy address?
CorrectIncorrect - Question 135 of 395
135. Question
Lisa and Bart need to exchange emails over the Internet using a nonsecure channel. These emails need to provide non-repudiation. They decide to use certificates on each of their computers. What would they use to sign their emails?
CorrectIncorrect - Question 136 of 395
136. Question
Your organization recently updated the security policy and mandated that emails sent by all upper-level executives include a digital signature. Which security goal does this policy address?
CorrectIncorrect - Question 137 of 395
137. Question
Tony hid several plaintext documents within an image file. He then sent the image file to Louie. Which of the following BEST describes the purpose of his actions?
CorrectIncorrect - Question 138 of 395
138. Question
Apu manages network devices in his store and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, he creates hashes for these files and compares them with hashes he created on the same files the previous week. Which of the following use case is he MOST likely supporting?
CorrectIncorrect - Question 139 of 395
139. Question
Bart recently sent out confidential data via email to potential competitors. Management suspects he did so accidentally, but Bart denied sending the data. Management wants to implement a method that would prevent Bart from denying accountability in the future. Which of the following are they trying to enforce?
CorrectIncorrect - Question 140 of 395
140. Question
An organization requested bids for a contract and asked companies to submit their bids via email. After winning the bid, Bizzfad realized it couldn’t meet the requirements of the contract. Bizzfad instead stated that it never submitted the bid. Which of the following would provide proof to the organization that Bizzfad did submit the bid, if it was used?
CorrectIncorrect - Question 141 of 395
141. Question
Employees in your organization recently received an email that appeared to come from your organization’s CEO. The email mentioned that IT personnel were troubleshooting an authentication issue and needed employees to reply to the email with their credentials. Several employees responded with their credentials. This was a phishing campaign created for user training and it spoofed the CEOs email. Executives want to ensure that employees have proof that any emails that appear to be coming from the executives, did come from them. Which of the following should be implemented?
CorrectIncorrect - Question 142 of 395
142. Question
Users in your organization sign their emails with digital signatures. Which of the following provides integrity for these digital signatures?
CorrectIncorrect - Question 143 of 395
143. Question
A developer is creating an application that will encrypt and decrypt data on mobile devices. These devices don’t have a lot of processing power. Which of the following cryptographic methods has the LEAST overhead and can provide encryption for these mobile devices?
CorrectIncorrect - Question 144 of 395
144. Question
You are tasked with enabling NTP on some servers within your organization’s DMZ. Which of the following use cases are you MOST likely supporting with this action?
CorrectIncorrect - Question 145 of 395
145. Question
Your organization’s security policy requires that confidential data transferred over the internal network must be encrypted. Which of the following protocols would BEST meet this requirement?
CorrectIncorrect - Question 146 of 395
146. Question
Your organization wants to increase security for VoIP and video teleconferencing applications used within the network. Which of the following protocols will BEST support this goal?
CorrectIncorrect - Question 147 of 395
147. Question
Maggie needs to collect network device configuration information and network statistics from devices on the network. She wants to protect the confidentiality of credentials used to connect to these devices. Which of the following protocols would BEST meet this need?
CorrectIncorrect - Question 148 of 395
148. Question
An outside consultant performed an audit of the Municipal House of Pancakes network. She identified a legacy protocol being used to access browser-based interfaces on switches and routers within the network. She recommended replacing the legacy protocol with a secure protocol to access these network devices using the same interface. Which of the following protocols should be implemented?
CorrectIncorrect - Question 149 of 395
149. Question
Your organization plans to deploy a server in the DMZ that will perform the following functions:
• Identify mail servers
• Provide data integrity
• Prevent poisoning attacks
• Respond to requests for A and AAAA records
Which of the following will BEST meet these requirements?CorrectIncorrect - Question 150 of 395
150. Question
Administrators are configuring a server within your organization’s DMZ. This server will have the following capabilities when it is fully configured:
• It will use RRSIG.
• It will perform authenticated requests for A records.
• It will perform authenticated requests for AAAA records.
What BEST identifies the capabilities of this server?CorrectIncorrect - Question 151 of 395
151. Question
Network administrators manage network devices remotely. However, a recent security audit discovered they are using a protocol that allows them to send credentials over the network in cleartext. Which of the following methods should be adopted to eliminate this vulnerability?
CorrectIncorrect - Question 152 of 395
152. Question
Lisa is responsible for managing and monitoring network devices, such as routers and switches, in your network. Which of the following protocols is she MOST likely to use?
CorrectIncorrect - Question 153 of 395
153. Question
Your organization is preparing to deploy a web-based application, which will accept user input. Which of the following will BEST test the reliability of this application to maintain availability and data integrity?
CorrectIncorrect - Question 154 of 395
154. Question
Your organization has a segmented network used to process highly classified material. Management wants to prevent users from copying documents to USB flash drives from any computer in this network. Which of the following can be used to meet this goal?
CorrectIncorrect - Question 155 of 395
155. Question
Your company hosts an e-commerce site that sells renewable subscriptions for services. Customers can choose to automatically renew their subscription monthly or annually. However, management doesn’t want to store customer credit card information on any system managed by the company. Which of the following can be used instead?
CorrectIncorrect - Question 156 of 395
156. Question
Managers within your organization want to implement a secure boot process for some key computers. During the boot process, each computer should send data to a remote system to check the computer’s configuration. Which of the following will meet this goal?
CorrectIncorrect - Question 157 of 395
157. Question
The Bizzfad organization develops and sells software. Occasionally they update the software to fix security vulnerabilities and/or add additional features. However, before releasing these updates to customers, they test it in different environments. Which of the following solutions provides the BEST method to test the updates?
CorrectIncorrect - Question 158 of 395
158. Question
Developers in the YCDA organization have created an application that users can download and install on their computers. Management wants to provide users with a reliable method of verifying that the application has not been modified after it was released by YCDA. Which of the following methods provides the BEST solution?
CorrectIncorrect - Question 159 of 395
159. Question
Your organization hosts a web application selling digital products. Customers can also post comments related to their purchases. Management suspects attackers are looking for vulnerabilities that they can exploit. Which of the following will BEST test the cybersecurity resilience of this application?
CorrectIncorrect - Question 160 of 395
160. Question
Your organization recently experienced a significant data breach. After an investigation, cybersecurity professionals found that the initial attack originated from an internally developed application. Normally users can only access the application by logging on. However, the application allowed the attacker access to the application without requiring the attacker to log on. Which of the following would have the BEST chance of preventing this attack?
CorrectIncorrect - Question 161 of 395
161. Question
Bart recently hooked up a switch incorrectly causing a switching loop problem, which took down part of an organization’s network. Management wants to implement a solution that will prevent this from occurring in the future. Which of the following is the BEST choice to meet this need?
CorrectIncorrect - Question 162 of 395
162. Question
Several servers in your organization’s DMZ were recently attacked. After analyzing the logs, you discover that many of these attacks used TCP, but the packets were not part of an established TCP session. Which of the following devices would provide the BEST solution to prevent these attacks in the future?
CorrectIncorrect - Question 163 of 395
163. Question
Your organization recently implemented two servers in an active/passive load balancing configuration. What security goal does this support?
CorrectIncorrect - Question 164 of 395
164. Question
Your organization wants to combine some of the security controls used to control incoming and outgoing network traffic. At a minimum, the solution should include stateless inspection, malware inspection, and a content filter. Which of the following BEST meets this goal?
CorrectIncorrect - Question 165 of 395
165. Question
You are preparing to deploy a heuristic-based detection system to monitor network activity. Which of the following would you create first?
CorrectIncorrect - Question 166 of 395
166. Question
Your organization is allowing more employees to work from home, and they want to upgrade their VPN. Management wants to ensure that after a VPN client connects to the VPN server, all traffic from the VPN client is encrypted. Which of the following would BEST meet this goal?
CorrectIncorrect - Question 167 of 395
167. Question
You have added another router in your network. This router provides a path to a limited access network which isn’t advertised. However, a network administrator needs to access this network regularly. Which of the following could he do to configure his computer to access this limited network?
CorrectIncorrect - Question 168 of 395
168. Question
A large city is using a SCADA system to manage a water treatment plant. City managers have asked IT personnel to implement security controls to reduce the risk of cybersecurity attacks against ICSs controlled by the SCADA system. Which of the following security controls would be MOST relevant to protect this system?
CorrectIncorrect - Question 169 of 395
169. Question
Flancrest Enterprises recently set up a web site utilizing several web servers in a web farm. The web servers access back-end databases on two servers, DB1 and DB2. During normal operation, each web server accesses DB1 for product data and DB2 for customer data. However, both DB1 and DB2 maintain an up-to-date copy of both databases that they can host at any time. Which of the following BEST describes the configuration of the database servers?
CorrectIncorrect - Question 170 of 395
170. Question
A HIDS reported a vulnerability on a system based on a known attack. After researching the alert from the HIDS, you identify the recommended solution and begin applying it. What type of HIDS is in use?
CorrectIncorrect - Question 171 of 395
171. Question
Lenny noticed a significant number of logon failures for administrator accounts on the organization’s public web site. After investigating it further, he notices that most of these attempts are from IP addresses assigned to foreign countries. He wants to implement a solution that will detect and prevent similar attacks. Which of the following is the BEST choice?
CorrectIncorrect - Question 172 of 395
172. Question
An organization is hosting a VPN that employees are using while working from home. Management wants to ensure that all VPN clients are using up-to-date operating systems and antivirus software. Which of the following would BEST meet this need?
CorrectIncorrect - Question 173 of 395
173. Question
Your organization hosts a web server accessed from employees within the network, and via the Internet. Management wants to increase its security. You are tasked with separating all web-facing traffic from internal network traffic. Which of the following provides the BEST solution?
CorrectIncorrect - Question 174 of 395
174. Question
Management within your organization wants employees to be able to access internal network resources from remote locations, including from their home. Which of the following is the BEST choice to meet this need?
CorrectIncorrect - Question 175 of 395
175. Question
Which of the following devices would MOST likely have the following entries used to define its operation?
permit IP any any eq 80
permit IP any any eq 443
deny IP any anyCorrectIncorrect - Question 176 of 395
176. Question
Developers recently configured a new service on a server called GCGA1. GCGA1 is in a DMZ and accessed by employees in the internal network, and by others via the Internet. Network administrators modified firewall rules to access the service. Testing shows the service works when accessed from internal systems. However, it does not work when accessed from the Internet. Which of the following is MOST likely configured incorrectly?
CorrectIncorrect - Question 177 of 395
177. Question
Bart incorrectly wired a switch in your organization’s network. It effectively disabled the switch as though it was a victim of a denial-of-service attack. Which of the following should be done to prevent this situation in the future?
CorrectIncorrect - Question 178 of 395
178. Question
Attackers have recently launched several attacks against servers in your organization’s DMZ. You are tasked with identifying a solution that will have the best chance at preventing these attacks in the future. Which of the following is the BEST choice?
CorrectIncorrect - Question 179 of 395
179. Question
Your organization recently implemented a BYOD policy. However, management wants to ensure that mobile devices meet minimum standards for security before they can access any network resources. Which of the following would the NAC MOST likely use?
CorrectIncorrect - Question 180 of 395
180. Question
Your organization plans to implement a connection between the main site and a remote office giving remote employees on-demand access to resources at headquarters. The chief information officer (CIO) wants to use the Internet for this connection. Which of the following solutions will BEST support this requirement?
CorrectIncorrect - Question 181 of 395
181. Question
Administrators are designing a site-to-site VPN between offices in two different cities. Management mandated the use of certificates for mutual authentication. Additionally, they want to ensure that internal IP addresses are not revealed. Which of the following choices BEST meets these requirements?
CorrectIncorrect - Question 182 of 395
182. Question
Your organization is planning to deploy a new e-commerce web site. Management anticipates heavy processing requirements for a back-end application used by the web site. The current design will use one web server and multiple application servers. Additionally, when a user begins a session, they will connect to an application server and remain connected to the same application server for the entire session. Which of the following BEST describes the configuration of the application servers?
CorrectIncorrect - Question 183 of 395
183. Question
Administrators are deploying a new Linux server in the DMZ. After it is installed, they want to manage it from their desktop computers located within the organization’s private network. Which of the following would be the BEST choice to meet this need?
CorrectIncorrect - Question 184 of 395
184. Question
Your organization has several switches in use throughout the internal network. Management wants to implement a security control to prevent unauthorized access to these switches within the network. Which of the following choices would BEST meet this need?
CorrectIncorrect - Question 185 of 395
185. Question
Your organization has a dedicated classroom used for teaching computer topics. Students include internal employees and visiting guests. Security administrators recently discovered that students were unplugging the network cable from some classroom computers and plugging the network cable into their laptop computers, giving them access to network resources. Which of the following is the BEST solution to prevent this activity?
CorrectIncorrect - Question 186 of 395
186. Question
Your organization is planning to upgrade the wireless network used by employees. It will provide encrypted authentication of wireless users over TLS. Which of the following protocols are they MOST likely implementing?
CorrectIncorrect - Question 187 of 395
187. Question
You are assisting a small business owner in setting up a public wireless hot spot for her customers. She wants to allow customers to access the hot spot without entering a password. Which of the following is MOST appropriate for this hot spot?
CorrectIncorrect - Question 188 of 395
188. Question
Your organization is planning to implement a wireless network using WPA2 Enterprise. Of the following choices, what is required?
CorrectIncorrect - Question 189 of 395
189. Question
Management at the Goody New Shoes retail chain decided to allow employees to connect to the internal network using their personal mobile devices. However, the organization is having problems with these devices including the following:
• Employees do not keep their devices updated.
• There is no standardization among the devices.
• The organization doesn’t have adequate control over the devices.
Management wants to implement a mobile device deployment model to overcome these problems, while still allowing employees to use their own devices. Which of the following is the BEST choice?CorrectIncorrect - Question 190 of 395
190. Question
Personnel should be able to run the Bizz Fadd app from their mobile devices. However, certain features should only be operational when users are within the company’s property. When user’s leave the property, access to these features should be blocked. Which of the following answers provides the BEST solution to meet this goal?
CorrectIncorrect - Question 191 of 395
191. Question
Bart is showing Wendell a new app that he downloaded from a third party onto his iPhone. Wendell has the same model of smartphone, but when he searches for the app, he is unable to find it. Of the following choices, what is the MOST likely explanation for this?
CorrectIncorrect - Question 192 of 395
192. Question
Bart is showing Wendell a new app that he downloaded from a third party onto his smartphone. Wendell has the same model of smartphone, but when he searches for the app on the official app store, he is unable to find it. Of the following choices, what is the MOST likely explanation for this?
CorrectIncorrect - Question 193 of 395
193. Question
Your organization is planning to implement a CYOD deployment model. You’re asked to provide input for the new policy. Which of the following concepts are appropriate for this policy?
CorrectIncorrect - Question 194 of 395
194. Question
Management within your company wants to implement a method that will authorize employee access to the network based on several elements. These elements include the employee’s identity, their location, the time of day, and the type of device used by the employee. Which of the following will BEST meet this need?
CorrectIncorrect - Question 195 of 395
195. Question
Your organization has implemented a CYOD security policy. The policy mandates the use of security controls to protect the devices, and any data on them, if they are lost or stolen. Which of the following would BEST meet this goal?
CorrectIncorrect - Question 196 of 395
196. Question
Management at your organization wants to add a cloud-based service to filter all traffic going to or from the Internet from internal clients. At a minimum, the solution should include URL filtering, DLP protection, and malware detection and filtering. Which of the following will BEST meet these requirements?
CorrectIncorrect - Question 197 of 395
197. Question
Your organization has been using more cloud resources and Lisa, the CIO, is concerned about security. She wants to add a service that is logically placed between the organization’s network and the cloud provider. This service will be able to monitor all network traffic and ensure that data sent to the cloud for storage is encrypted. Which of the following will BEST meet these requirements?
CorrectIncorrect - Question 198 of 395
198. Question
Lisa is reviewing an organization’s account management processes. She wants to ensure that security log entries accurately report the identity of personnel taking specific actions. Which of the following steps would BEST meet this requirement?
CorrectIncorrect - Question 199 of 395
199. Question
A recent security audit discovered several apparently dormant user accounts. Although users could log on to the accounts, no one had logged on to them for more than 60 days. You later discovered that these accounts are for contractors who work approximately one week every quarter. Which of the following is the BEST response to this situation?
CorrectIncorrect - Question 200 of 395
200. Question
You need to provide a junior administrator with appropriate credentials to rebuild a domain controller after it suffers a catastrophic failure. Of the following choices, what type of account would BEST meet this need?
CorrectIncorrect - Question 201 of 395
201. Question
Artie has been working at Ziffcorp as an accountant. However, after a disagreement with his boss, he decides to leave the company and gives a two-week notice. He has a user account allowing him to access network resources. Which of the following is the MOST appropriate step to take?
CorrectIncorrect - Question 202 of 395
202. Question
Your organization’s security policy states that administrators should follow the principle of least privilege. Which of the following tools can ensure that administrators are following the policy?
CorrectIncorrect - Question 203 of 395
203. Question
Developers are planning to develop an application using role-based access control. Which of the following would they MOST likely include in their planning?
CorrectIncorrect - Question 204 of 395
204. Question
Your organization is implementing an SDN. Management wants to use an access control model that controls access based on attributes. Which of the following is the BEST solution?
CorrectIncorrect - Question 205 of 395
205. Question
Benjamin, Doug and Gary need to design an access control system for their University’s network.
The access control system needs to protect data based on the following matrix.Note that this matrix only represents a subset of the overall requirements. Which of the following models will they implement?
CorrectIncorrect - Question 206 of 395
206. Question
Web developers in your organization are creating a web application that will interact with other applications running on the Internet. They want their application to receive user credentials from an app running on a trusted partner’s web domain. Which of the following is the BEST choice to meet this need?
CorrectIncorrect - Question 207 of 395
207. Question
An administrator is implementing a network from scratch for a medical office. The owners want to have strong authentication and authorization to protect the privacy of data on all internal systems. They also want regular employees to use only a single username and password for all network access. Which of the following is the BEST choice to meet these needs?
CorrectIncorrect - Question 208 of 395
208. Question
The Mapple organization is creating a help-desk team to assist employees with account issues. Members of this team need to create and modify user accounts and occasionally reset user passwords. Which of the following is the BEST way to accomplish this goal?
CorrectIncorrect - Question 209 of 395
209. Question
You administer access control for users in your organization. Some departments have a high employee turnover, so you want to simplify account administration. Which of the following is the BEST choice?
CorrectIncorrect - Question 210 of 395
210. Question
An administrator needs to grant users access to different shares on file servers based on their job functions. Which of the following access control models would BEST meet this need?
CorrectIncorrect - Question 211 of 395
211. Question
Your organization has implemented a system that stores user credentials in a central database. Users log on once with their credentials. They can then access other systems in the organization without logging on again. Which of the following does this describe?
CorrectIncorrect - Question 212 of 395
212. Question
Administrators have noticed a significant amount of OCSP traffic sent to an intermediate CA. They want to reduce this traffic. Which of the following is the BEST choice to meet this need?
CorrectIncorrect - Question 213 of 395
213. Question
An organization hosts several web servers in a web farm used for e-commerce. Due to recent attacks, management is concerned that attackers might try to redirect web site traffic, allowing the attackers to impersonate their e-commerce site. Which of the following methods will address this issue?
CorrectIncorrect - Question 214 of 395
214. Question
Users within an organization frequently access public web servers using HTTPS. Management wants to ensure that users can verify that certificates are valid even if the public CAs are temporarily unavailable. Which of the following should be implemented to meet this need?
CorrectIncorrect - Question 215 of 395
215. Question
A company is hosting an e-commerce site that uses certificates for HTTPS. Management wants to ensure that users can verify the validity of these certificates even if elements of the Internet suffer an extended outage. Which of the following provides the BEST solution?
CorrectIncorrect - Question 216 of 395
216. Question
Lisa and Bart need to exchange emails over the Internet using an unsecured channel. These emails need to provide non-repudiation. They decide to use certificates on each of their computers. What would they use to sign their certificates?
CorrectIncorrect - Question 217 of 395
217. Question
You are configuring a web server that will be used by salespeople via the Internet. Data transferred to and from the server needs to be encrypted so you are tasked with requesting a certificate for the server. Which of the following would you MOST likely use to request the certificate?
CorrectIncorrect - Question 218 of 395
218. Question
Your organization hosts an internal web site used only by employees. The web site uses a certificate issued by a private CA and the network downloads a CRL from the CA once a week. However, after a recent compromise, security administrators want to use a real-time alternative to the CRL. Which of the following will BEST meet this need?
CorrectIncorrect - Question 219 of 395
219. Question
An administrator is installing a certificate with a private key on a server. Which of the following certificate types is he MOST likely installing?
CorrectIncorrect - Question 220 of 395
220. Question
Users have recently been receiving errors from a web site indicating that the web site’s certificate is revoked. Which of the following includes a list of certificates that have been revoked?
CorrectIncorrect - Question 221 of 395
221. Question
You are tasked with getting prices for certificates. You need to find a source that will provide a certificate that can be used for multiple domains that have different names. Which of the following certificates is the BEST choice?
CorrectIncorrect - Question 222 of 395
222. Question
Your organization recently lost access to some decryption keys resulting in the loss of some encrypted data. The Chief Information Officer (CIO) mandated the creation of a key escrow. Which of the following cryptographic keys are MOST likely to be stored in key escrow?
CorrectIncorrect - Question 223 of 395
223. Question
You have configured a firewall in your network to block ICMP traffic. You want to verify that it is working as expected. Which of the following commands would you use?
CorrectIncorrect - Question 224 of 395
224. Question
You are writing a script that will perform backups on a Linux system and you plan to schedule the script to run after midnight daily. You want to ensure that the script records when the backup starts and when the backup ends. Which of the following is the BEST choice to meet this requirement?
CorrectIncorrect - Question 225 of 395
225. Question
You are using a Linux computer to monitor network traffic. After connecting your computer to the mirror port of a switch, you started logging software on the computer. However, you discover that the only traffic being collected is traffic to or from the Linux computer. You want to collect all traffic going through the switch. Which of the following actions should you take?
CorrectIncorrect - Question 226 of 395
226. Question
You want to verify that the syslog file is being rotated successfully on a Linux system. Which of the following commands is the BEST choice to use?
CorrectIncorrect - Question 227 of 395
227. Question
Lisa is manually searching through a large log file on a Linux system looking for indications of a brute force attack. Which of the following commands will automate this process for her?
CorrectIncorrect - Question 228 of 395
228. Question
A server in your network’s DMZ was recently attacked. The firewall logs show that the server was attacked from an external IP address with the following socket: 72.52.230.233:6789. You want to see if the connection is still active. Which of the following tools would be BEST to use?
CorrectIncorrect - Question 229 of 395
229. Question
Homer is not able to access any network resources from his Linux-based computer. Which of the following commands would he use to view the network configuration of his system?
CorrectIncorrect - Question 230 of 395
230. Question
You suspect that attackers have been performing a password spraying attack against a Linux server. Which of the following would be the BEST method of confirming your suspicions?
CorrectIncorrect - Question 231 of 395
231. Question
You are troubleshooting an issue with the ycda application hosted on a Linux system. You suspect that the issue is caused when performing a specific function. You execute the function and see a generic error message. You now want to view the detailed error logged in the messages file. Which of the following commands would be the BEST choice to use?
CorrectIncorrect - Question 232 of 395
232. Question
A forensic expert is preparing to analyze a hard drive. Which of the following should the expert do FIRST?
CorrectIncorrect - Question 233 of 395
233. Question
You suspect that traffic in your network is being rerouted to an unauthorized router within your network. Which of the following command-line tools would help you narrow down the problem?
CorrectIncorrect - Question 234 of 395
234. Question
Homer is complaining that he frequently has trouble accessing files on a server in the network. You determine the server’s IP address is 172.16.17.11 but ping doesn’t show any problem. You decide to use pathping and see the following results:
Which of the following is the MOST likely problem?
CorrectIncorrect - Question 235 of 395
235. Question
You suspect that a Linux computer is establishing connections with a remote server on the Internet without any user interaction. You want to verify this by viewing a summary of protocol statistics on a Linux system. Which of the following commands would you use?
CorrectIncorrect - Question 236 of 395
236. Question
A penetration tester has been hired to perform an assessment on the greatadministrator.com site. He used the nslookup command to perform some reconnaissance and received the following output:
C:\>nslookup -querytype=mx greatadministrator.com
Server: UnKnown
Address: 192.168.1.1
Non-authoritative answer:
gcgapremium.com MX preference = 20, mail exchanger = mx1.emailsrvr.com
gcgapremium.com MX preference = 90, mail exchanger = mx2.emailsrvr.comOf the following choices, what BEST describes this output?
CorrectIncorrect - Question 237 of 395
237. Question
You are trying to determine what information attackers can gain about your organization using network reconnaissance methods via the Internet. Using a public wireless hotspot, you issue the following command:
nslookup -querytype=mx gcgapremium.comYou then see these results:
Server: UnKnown
Address: 10.0.0.1
Non-authoritative answer:
gcgapremium.com MX preference = 90, mail exchanger = mx1.emailsrvr.com
gcgapremium.com MX preference = 20, mail exchanger = mx2.emailsrvr.comWhat does this tell you?
CorrectIncorrect - Question 238 of 395
238. Question
You suspect that an attacker has been sending specially crafted TCP packets to a server trying to exploit a vulnerability. You decide to capture TCP packets being sent to this server for later analysis and you want to use a command-line tool to do so. Which of the following tools will BEST meet your need?
CorrectIncorrect - Question 239 of 395
239. Question
Your organization recently purchased and deployed an IDS within the network. Security administrators want to verify it will detect a syn stealth scan. Which of the following tools will BEST meet your need?
CorrectIncorrect - Question 240 of 395
240. Question
Security administrators have isolated a Linux server after a successful attack. A forensic analyst is tasked with creating an image of the hard drive of this system for analysis. Which of the following will the analyst MOST likely use to create the image?
CorrectIncorrect - Question 241 of 395
241. Question
You need to reboot a database server. Before doing so, you need to verify it doesn’t have any active network connections. Which of the following commands will BEST meet your needs?
CorrectIncorrect - Question 242 of 395
242. Question
Maggie needs access to the project.doc file available on a Linux server. Lisa, a system administrator responsible for this server, sees the following permissions for the file:
rwx rw- —
What should Lisa use to grant Maggie read access to the file?CorrectIncorrect - Question 243 of 395
243. Question
Dolph wants to perform a port scan on the greatadministrator.com server. However, he doesn’t want the scans to reveal his IP address. Which of the following would be the BEST to meet his needs?
CorrectIncorrect - Question 244 of 395
244. Question
Lisa is performing a penetration test and is trying to get a listing of all the DNS records in the getcertifiedgetahead.com domain. Of the following choices, which one is the BEST choice?
CorrectIncorrect - Question 245 of 395
245. Question
You are tasked with performing a vulnerability assessment within your network. Management has asked you to find a free tool that can automate the vulnerability scans and provide detailed reports. Of the following choices, which is MOST likely to meet your needs?
CorrectIncorrect - Question 246 of 395
246. Question
You’re a member of a penetration team that has just been hired to perform testing against an organization. You are tasked with gathering as much information as you can from public sources. Which of the following tools would be the BEST to automate this process?
CorrectIncorrect - Question 247 of 395
247. Question
A penetration tester is trying to identify which ports are open on a server within an organization’s DMZ. Which of the following tools would be the BEST to use?
CorrectIncorrect - Question 248 of 395
248. Question
You’re troubleshooting a connectivity issue with a server that has an IP address of 192.168.1.10 from your Linux system. The server does not respond to the ping command, but you suspect that a router is blocking the ping traffic. Of the following choices, what could you use to check to see if the server if up and responding to traffic?
CorrectIncorrect - Question 249 of 395
249. Question
You suspect that a computer in your network is connecting to a remote computer without any user interaction. You want to verify this and identify the remote computer. Additionally, you want to identify how this connection is being initiated. Which of the following will BEST meet this need?
CorrectIncorrect - Question 250 of 395
250. Question
Lisa is installing an application named gcga.exe on a Linux server. The documentation indicates that the application should be installed with the following permissions:
• The owner of the application should have read, write, and execute permissions.
• The owner group of the application should have read and execute permissions.
• All other users should not have any permissions for the application.
Which of the following commands should be used to meet these requirements?CorrectIncorrect - Question 251 of 395
251. Question
Homer reported suspicious activity on his computer. After investigating, you verify that his computer is infected with malware. Which of the following steps should you take NEXT?
CorrectIncorrect - Question 252 of 395
252. Question
Your organization recently developed an incident response policy and is beginning to implement an incident response plan. Which of the following items is the FIRST step in an incident response process?
CorrectIncorrect - Question 253 of 395
253. Question
Your organization recently suffered a costly malware attack. Management wants to take steps to prevent damage from malware in the future. Which of the following phases of common incident response procedures is the BEST phase to address this?
CorrectIncorrect - Question 254 of 395
254. Question
Waylon reported suspicious activity on his computer. After investigating, you verify that his computer is infected with malware. Which of the following steps should you take NEXT?
CorrectIncorrect - Question 255 of 395
255. Question
A help-desk professional has begun to receive several calls from employees related to malware. Using common incident response procedures, which of the following should be her FIRST response to these calls?
CorrectIncorrect - Question 256 of 395
256. Question
An incident response team is following typical incident response procedures. Which of the following phases is the BEST choice for analyzing an incident with a goal of identifying steps to prevent a reoccurrence of the incident?
CorrectIncorrect - Question 257 of 395
257. Question
A SIEM sent an alert after correlating the following log events:
22:10:05 10.10.80.5:49154 > 192.168.1.15:21
22:10:05 10.10.80.5:49154 > 192.168.1.15:20
22:10:05 10.10.80.5:49154 > 192.168.1.15:25
22:10:05 10.10.80.5:49154 > 192.168.1.15:23What is the MOST likely the cause of this alert?
CorrectIncorrect - Question 258 of 395
258. Question
You need to implement a method to monitor all the network traffic going through a router to and from several network servers. Which of the following is the BEST choice to meet this need?
CorrectIncorrect - Question 259 of 395
259. Question
Your organization manages a high-speed data center used to provide cloud-based data storage for multiple customers. Management wants to implement a method to collect a sample of network traffic going in and out of the data center. Which of the following is the BEST choice to meet this need?
CorrectIncorrect - Question 260 of 395
260. Question
You suspect servers in your DMZ are being attacked from an Internet-based attacker. You want to view IPv4 packet data reaching these servers from the Internet. Which of the following would be the BEST choice to meet this need?
CorrectIncorrect - Question 261 of 395
261. Question
Your network includes dozens of servers. Administrators in your organization are having problems aggregating and correlating the logs from these servers. Which of the following provides the BEST solution for these problems?
CorrectIncorrect - Question 262 of 395
262. Question
A network administrator suspects an ongoing attack on a web server. She needs to identify the type of traffic sent from a specific IP address and inspect the packet flags. Which of the following is the BEST tool to meet this need?
CorrectIncorrect - Question 263 of 395
263. Question
You are troubleshooting issues between two servers on your network and need to analyze the network traffic. Of the following choices, what is the BEST tool to capture and analyze this traffic?
CorrectIncorrect - Question 264 of 395
264. Question
Your organization hosts a large data center. Security administrators need a way to collect and aggregate logs from servers in the data center for routine security monitoring. Which of the following choices BEST meets this need?
CorrectIncorrect - Question 265 of 395
265. Question
Your organization wants to ensure that employees do not install any unauthorized software on their computers. Which of the following is the BEST choice to prevent this?
CorrectIncorrect - Question 266 of 395
266. Question
Security administrators have been responding to an increasing number of incident alerts making it harder for them to respond to each in a timely manner. Management wants to implement a solution that will automate the response of some of these incidents without requiring real-time involvement of security administrators. Which of the following will BEST meet this need?
CorrectIncorrect - Question 267 of 395
267. Question
Your organization continues to receive a high volume of phishing emails. Many emails have potentially malicious attachments or URLs. Currently, security administrators investigate each of these individually by opening attachments or visiting the URLs from within a sandbox environment. However, management wants to automate these investigations. Which of the following choices will BEST meet this need?
CorrectIncorrect - Question 268 of 395
268. Question
You are tasked with providing training related to acquisition of digital forensic evidence. Part of the training covers the order of volatility. Which of the following is the LEAST volatile?
CorrectIncorrect - Question 269 of 395
269. Question
After a recent cybersecurity incident resulting in a significant loss, your organization decided to create a security policy for incident response. Which of the following choices is the BEST choice to include in the policy when an incident requires confiscation of a physical asset?
CorrectIncorrect - Question 270 of 395
270. Question
Security personnel confiscated a Bart’s workstation after a security incident. Administrators removed the hard drive for forensic analysis but were called away to troubleshoot an outage before capturing an image of the drive. They left it unattended for several hours before returning to begin their analysis. Later, legal personnel stated that the analysis results would not be admissible in a court of law. What is the MOST likely reason for the lack of admissibility?
CorrectIncorrect - Question 271 of 395
271. Question
Homer called the helpdesk complaining his computer is giving random errors. Cybersecurity professionals suspect his system is infected with malware and decide to use digital forensics methods to acquire data on his system. Which of the following should be collected before turning the system off? (Choose TWO.)
CorrectIncorrect - Question 272 of 395
272. Question
A forensics analyst was told of a suspected attack on a Virginia-based web server from IP address 72.52.230.233 at 01:23:45 GMT. However, after investigating the logs, he doesn’t see any traffic from that IP at that time. Which of the following is the MOST likely reason why the analyst was unable to identify the traffic?
CorrectIncorrect - Question 273 of 395
273. Question
After a recent incident, a forensic analyst was given several hard drives to analyze. Which of the following actions should she take FIRST?
CorrectIncorrect - Question 274 of 395
274. Question
You are tasked with improving the overall security for several servers in your data center. Which of the following are preventative controls that will assist with this goal? (Choose TWO.)
CorrectIncorrect - Question 275 of 395
275. Question
Employees currently login with their username and a password but management wants to increase login security by implementing smart cards. However, the IT department anticipates it will take a long time to purchase the necessary equipment and issue smart cards for everyone. You need to identify a solution that will provide comparable security until the smart cards are implemented. Which of the following is a compensating control that will meet these needs?
CorrectIncorrect - Question 276 of 395
276. Question
Your organization houses a server room and management wants to increase the server room security. You are tasked with identifying some deterrent controls that can be implemented to protect it. Which of the following choices would BEST meet this objective?
CorrectIncorrect - Question 277 of 395
277. Question
Maggie works in the security section of the IT department. Her primary responsibilities are to monitor security logs, analyze trends reported by the SIEM, and to validate alerts. Which of the following choices BEST identifies the primary security control she’s implementing?
CorrectIncorrect - Question 278 of 395
278. Question
The Leftorium plans to begin selling products online. They want to accept and process credit card payments. Which of the following provides guidelines they should follow to help reduce credit card fraud?
CorrectIncorrect - Question 279 of 395
279. Question
Your organization is planning to launch an e-commerce web site. Management is concerned about the risks related to the supply chain and how these risks may impact the web site after it goes live. Which of the following provides guidelines that could be implemented to reduce supply chain risks?
CorrectIncorrect - Question 280 of 395
280. Question
Which of the following documents regulates the protection of personal data for residents of the European Union?
CorrectIncorrect - Question 281 of 395
281. Question
Your organization recently purchased a new hardware-based firewall to be used in the DMZ. Which of the following references will provide administrators with the MOST appropriate instructions to install the firewall?
CorrectIncorrect - Question 282 of 395
282. Question
Management within your organization wants to ensure that users understand the rules of behavior when they access the organization’s computer systems and networks. Which of the following BEST describes what they would implement to meet this requirement?
CorrectIncorrect - Question 283 of 395
283. Question
Your organization recently updated the security policy. One of the changes requires that the duties of network administrators and application developers must be separated. Which of the following is the MOST likely result of implementing this policy?
CorrectIncorrect - Question 284 of 395
284. Question
Apu has worked as a network administrator for several years within your organization. Over time, he has been tasked with performing several jobs, including database administration and application development. Security personnel are concerned that his level of access represents a serious risk. Which of the following is the BEST solution to reduce this risk?
CorrectIncorrect - Question 285 of 395
285. Question
Management recently decided to upgrade the organization’s security policy. Among other items, they want to implement a policy that will reduce the risk of personnel within the organization colluding to embezzle company funds. Which of the following is the BEST choice to meet this need?
CorrectIncorrect - Question 286 of 395
286. Question
Lisa has been tasked with reviewing security policies related to data loss. Which of the following is MOST closely related to data loss?
CorrectIncorrect - Question 287 of 395
287. Question
A security auditor discovered that several employees in the Accounting department can print and sign checks. In her final report, she recommended restricting the number of people who can print checks and the number of people who can sign them. She also recommended that no one should be authorized to both print and sign checks. Which security policy does this describe?
CorrectIncorrect - Question 288 of 395
288. Question
Your organization recently implemented a security policy requiring that all endpoint computing devices have a unique identifier to simplify asset inventories. Administrators implemented this on servers, desktop PCs, and laptops with an RFID system. However, they haven’t found a reliable method to tag corporate owned smartphones and tablet devices. Which of the following choices would be the BEST alternative?
CorrectIncorrect - Question 289 of 395
289. Question
Bart recently resigned and left your organization. Later, IT personnel determined that he deleted several files and folders on a server share after he left the organization. Further, they determined that he did so during the weekend while the organization was closed. Which of the following account management practices would have prevented his actions?
CorrectIncorrect - Question 290 of 395
290. Question
Your organization has hired outside consultants to evaluate forensic processes used by internal security specialists. The consultants are evaluating the tools and processes used for digital forensics with the goal of identifying any variations that may exist. Which of the following BEST describes what these consultants are performing?
CorrectIncorrect - Question 291 of 395
291. Question
Security experts want to reduce risks associated with updating critical operating systems. Which of the following will BEST meet this goal?
CorrectIncorrect - Question 292 of 395
292. Question
Your organization includes a software development division within the IT department. One developer writes and maintains applications for the Sales and Marketing departments. A second developer writes and maintains applications for the Payroll department. Once a year, they switch roles for at least a month. What is the purpose of this practice?
CorrectIncorrect - Question 293 of 395
293. Question
Lisa needs to update the operating system on several switches used within the network. Assuming the organization is following industry best practices, what should she do FIRST?
CorrectIncorrect - Question 294 of 395
294. Question
Lisa is a training instructor and she maintains a training lab with 16 computers. She has enough rights and permissions on these machines so that she can configure them as needed for classes. However, she does not have the rights to add them to the organization’s domain. Which of the following choices BEST describes the reasoning for this?
CorrectIncorrect - Question 295 of 395
295. Question
Investigations have shown that several recent security incidents originated after employees responded inappropriately to malicious emails. The IT department has sent out multiple emails describing what to do with these emails, but employees continue to respond inappropriately. The Chief Information Officer has directed the human resources department to find and implement a solution that will increase user awareness and reduce these incidents. Which of the following would be the BEST solution?
CorrectIncorrect - Question 296 of 395
296. Question
Social engineers have launched several successful email-based attacks against your organization resulting in several data leaks. Which of the following would be MOST effective at reducing the success of these attacks?
CorrectIncorrect - Question 297 of 395
297. Question
A recent attack on your organization’s network resulted in the encryption of a significant amount of data. Later, an attacker demanded that your organization pay a large sum of money to decrypt the data. Security investigators later determined that this was the result of a new employee within your company clicking on a malicious link that he received in an email. Which of the following BEST describes the vulnerability in this scenario?
CorrectIncorrect - Question 298 of 395
298. Question
Your organization is involved in a lawsuit and a judge issued a court order requiring your organization to keep all emails from the last three years. Your data retention policy states that email should only be maintained from the last 12 months. After investigating, administrators realize that backups contain email from the last three years. What should they do with these backups?
CorrectIncorrect - Question 299 of 395
299. Question
The BizzFad company decides to partner with Costington’s to bid on a contract. Management in both companies realize that they need to share proprietary data. However, they want to ensure that distribution of this data is limited within each of the companies. Which of the following will BEST meet this need?
CorrectIncorrect - Question 300 of 395
300. Question
Maggie is performing a risk assessment for an organization. She identifies the loss for the previous year due to a specific risk as $5,000. What does this represent?
CorrectIncorrect - Question 301 of 395
301. Question
A server within your organization has suffered six hardware failures in the past year. IT management personnel have valued the server at $4,000. Each failure resulted in a 10 percent loss. What is the ALE?
CorrectIncorrect - Question 302 of 395
302. Question
After a recent attack causing a data breach, an executive is analyzing the financial losses. She determined that the attack is likely to result in losses of at least $1 million. She wants to ensure that this information is documented for future planning purposes. In which of the following is she MOST likely to document it?
CorrectIncorrect - Question 303 of 395
303. Question
A project manager is reviewing a business impact analysis. It indicates that a key website can tolerate a maximum of three hours of downtime. Administrators have identified several systems that require redundancy additions to meet this maximum downtime requirement. Of the following choices, what term refers to the maximum of three hours of downtime?
CorrectIncorrect - Question 304 of 395
304. Question
The new chief technology officer (CTO) at your organization wants to ensure that critical business systems are protected from isolated outages. Which of the following would let her know how often these systems will experience outages?
CorrectIncorrect - Question 305 of 395
305. Question
Maggie is performing a risk assessment on a database server. While doing so, she created a document showing all the known risks to this server, along with the risk score for each risk. What is the name of this document?
CorrectIncorrect - Question 306 of 395
306. Question
Marge is updating the business impact analysis (BIA) for your organization. She needs to document the time needed to return a database server to an operational state after a failure. Which of the following terms would she use?
CorrectIncorrect - Question 307 of 395
307. Question
Your organization hired a security consultant to create a BIA. She is trying to identify processes that can potentially cause losses in revenue if they stop functioning. Which of the following BEST describes what she is identifying?
CorrectIncorrect - Question 308 of 395
308. Question
Martin is performing a risk assessment. He is trying to identify the number of times a specific type of incident occurred in the previous year. Which of the following BEST identifies this?
CorrectIncorrect - Question 309 of 395
309. Question
Lisa needs to calculate the ALE for a group of servers used in the network. During the past two years, five of the servers failed. The hardware cost to repair or replace each server was $4,000 and the downtime of each resulted in additional losses of $3,000 for each outage. What is the ALE?
CorrectIncorrect - Question 310 of 395
310. Question
You are helping a risk management team update the business impact analysis for your organization. For one system, the plan requires an RTO of five hours and an RPO of one day. Which of the following would meet this requirement?
CorrectIncorrect - Question 311 of 395
311. Question
A security analyst is creating a document that includes the expected monetary loss from a major outage. She is calculating the potential impact on life, property, finances, and the organization’s reputation. Which of the following documents is she MOST likely creating?
CorrectIncorrect - Question 312 of 395
312. Question
You are performing a qualitative risk assessment and you need to calculate the average expected loss of an incident. Which of the following value combinations would you MOST likely use?
CorrectIncorrect - Question 313 of 395
313. Question
A healthcare organization manages several hospitals and medical facilities within a state, and they have treated thousands of patients that have suffered from a recent viral outbreak. Doctors from another state are performing studies of this virus and would like to access the information that the healthcare organization has amassed. Management has authorized the release of this information but has mandated that the data cannot reveal any personal information about patients. Which of the following methods will BEST meet these requirements?
CorrectIncorrect - Question 314 of 395
314. Question
An urban hospital has recently treated hundreds of patients after a viral outbreak. Researchers trying to learn more about the virus have asked the hospital for information on treatment methods they used and their outcomes. The hospital management has asked the IT department to remove all personal information about patients before releasing this data. Which of the following methods will BEST meet these requirements?
CorrectIncorrect - Question 315 of 395
315. Question
An outside security organization has been hired to perform security audits. Management stated that they want to know of any vulnerabilities they discover. However, management has asked for two versions of the report. One will be given to upper-level management only and will identify employees by name so that management can follow up if necessary. The second report will be available to more managers and will identify employees with a fake name. Which of the following is the BEST choice to meet these requirements?
CorrectIncorrect - Question 316 of 395
316. Question
Your organization is updating the data policy and management wants to ensure that employees get training on their responsibilities based on their role. Which of the following BEST describes the responsibilities of data owners and indicates what training they need?
CorrectIncorrect - Question 317 of 395
317. Question
Organizations that conduct business in the EU must have a position within the organization that can act as an independent advocate for the proper care and use of customer information. Which of the following BEST identifies this position?
CorrectIncorrect - Question 318 of 395
318. Question
You are tasked with implementing an authentication method that doesn’t use a memorized secret. Which of the following is the BEST choice to implement this?
CorrectIncorrect - Question 319 of 395
319. Question
You want to give a user the ability to run sudo commands on a Linux system without entering a password. The user’s username is lisa. Which of the following commands would you use from the Linux terminal?
CorrectIncorrect - Question 320 of 395
320. Question
Match the items on the left by dragging and dropping each of the sort elements into an empty box on the right.
All sort elements must be used.
Sort elements
- Authenticator app
- Fingerprint
- PIN
- IP Address
- Passwordless
- Biometrics
- Something you know
- Somewhere you are
CorrectIncorrect - Question 321 of 395
321. Question
Match the attack on the left with the appropriate preventative or remedial action.
Drag and drop the preventative or remedial actions listed as sort elements to the matching attack.
Sort elements
- Use DDoS protection
- Implement 2FA with push notification
- Disable remote access services
- Change the default password
- Perform a code review
- A botnet attacking a web server with multiple SYN packets
- A keylogger installed on an executive's computer
- An attack that establishes a connection on a user's computer with a RAT
- An attack on a SQL server using well-known credentials, and then self-propagating through the network
- An employee embeds code in an internally developed application providing a backdoor that bypasses normal logon processes.
CorrectIncorrect - Question 322 of 395
322. Question
Match the following SOC report types with their description.
Drag and drop the SOC report descriptions (listed as sort elements) to the matching SOC report types.
Sort elements
- This is a detailed report covering financial and auditable controls for an organization. Organizations that process financial data, such as a payroll company, may need to provide this to customers.
- A report covering financial and auditable controls active on a specific date.
- A report covering financial and auditable controls active during a date range.
- A report covering organization controls such as those related to security, availability, confidentiality, processing integrity, and privacy. Cloud service providers may provide this to prospective customers.
- A report covering organizational controls active on a specific date.
- A report covering organizational controls active during a date range.
- A generalized report that may be available to the public. It lacks sensitive data and is typically shorter than other SOC documents.
- SOC 1
- SOC 1 Type 1
- SOC 1 Type 2
- SOC 2
- SOC 2 Type 1
- SOC 2 Type 2
- SOC 3
CorrectIncorrect - Question 323 of 395
323. Question
Match the attack descriptions on the left with the attack it describes.
Drag and drop the attacks listed as sort elements to the matching attack description.
Sort elements
- Botnet
- RAT
- Worm
- Backdoor
- Keylogger
- An attacker sends SYN packets from multiple sources to a server in a DMZ.
- An attacker establishes a connection with a user's computer from the Internet allowing him to run remote commands.
- An attack compromises a database server and then uses self-propagating software to access other hosts in the network.
- A developer creates hidden access in an internally developed application that allows him to bypass the normal login process.
- An attacker uses hardware to monitor user's input activity and collect credentials.
CorrectIncorrect - Question 324 of 395
324. Question
Identify the attack based on the attack method and the target of the attack.
Sort elements
- Whaling
- Hoax
- Vishing
- Spam
- Attack: Attacker gains access to confidential organizational data.
Target: Executives in your organization - Attack: Website includes a link to fake AV software
Target: Any Internet user - Attack: Attacker collecting credit card data via the phone.
Target: Individuals that answer the phone - Attack: Attacker sends unwanted emails to individuals that have not subscribed to a list or have opted out of receiving these emails.
Target: Anyone with an email address
CorrectIncorrect - Question 325 of 395
325. Question
Match the descriptions on the left with code or scripting type.
Drag and drop the code or scripting type listed as sort elements to the matching description.
Sort elements
- PowerShell
- Bash
- Visual Basic for Applications
- Python
- Uses verb-noun cmdlets
- Executed at the Linux terminal
- Embedded into Microsoft Office applications
- A sophisticated language that includes multiple libraries written in C
CorrectIncorrect - Question 326 of 395
326. Question
You get an alert from your SIEM system indicating someone logged into the idsadmin account. An IDS system in your network uses this account. After receiving the alert, you check the IDS logs and see the following entries:
Which of the following best describes what happened?
CorrectIncorrect - Question 327 of 395
327. Question
Your organization is planning to expand the data center to support more systems. Management wants the plan to focus on resiliency and uptime. Which of the following methods would best support these goals? (Select TWO.)
CorrectIncorrect - Question 328 of 395
328. Question
An administrator recently installed an IDS to help reduce the impact of security incidents. Which of the following best identifies the control type of an IDS?
CorrectIncorrect - Question 329 of 395
329. Question
Which of the following is an example of a detective control?
CorrectIncorrect - Question 330 of 395
330. Question
After reading about increased ransomware attacks against the health sector, hospital administrators want to enhance organizational resilience against these attacks. Which of the following could IT personnel implement to support this goal?
CorrectIncorrect - Question 331 of 395
331. Question
A SIEM system is sending several alerts indicating malware has infected several employee computers. After examining the border firewall and NIDS logs, IT personnel cannot identify malicious traffic entering the network from the Internet. Additionally, they discover that all of these employees attended a trade show during the past two days. Which of the following is the MOST likely source of this malware?
CorrectIncorrect - Question 332 of 395
332. Question
During a vulnerability scan, you discover some new systems in the network. After investigating this, you verify that these systems aren’t authorized because someone installed them without going through a standard approval process. What does this describe?
CorrectIncorrect - Question 333 of 395
333. Question
The IT department recently learned that the software development department installed several servers. Developers installed them to bypass network security controls while they are developing and testing applications. What does this describe?
CorrectIncorrect - Question 334 of 395
334. Question
Your organization’s Chief Information Officer (CIO) is updating the security policy, and he wants to clarify the roles and responsibilities of data controllers and data processors. Which of the following documents is MOST likely to include this information?
CorrectIncorrect - Question 335 of 395
335. Question
Lisa is updating the organization’s security policy. She wants to make sure that it addresses international standards for data privacy and standards. Which of the following documents should she reference while writing these topics?
CorrectIncorrect - Question 336 of 395
336. Question
Which of the following best describes the role of a data owner as defined in the GDPR?
CorrectIncorrect - Question 337 of 395
337. Question
Lisa uses a Linux system to regularly connect to a remote server named gcga with a secure ssh connection. However, the ssh account has a complex password, and she wants to avoid using it without sacrificing security. Which of the following commands would she use as a FIRST step when creating a passwordless login with the remote system?
CorrectIncorrect - Question 338 of 395
338. Question
Maggie regularly connects to a remote server named gcga using Secure Shell (ssh) from her Linux system. However, she has trouble remembering the password, and she wants to avoid using it without sacrificing security. She creates a cryptographic key pair to use instead. Which of the following commands is the BEST choice to use after creating the key pair?
CorrectIncorrect - Question 339 of 395
339. Question
Management has recently learned that some administrators have been using telnet instead of SSH to connect to remote servers. They complain that the alternative method requires them to use excessively complex passwords, and unless they write them down, they can’t remember them. Lisa needs to implement a secure passwordless method of connecting to a remote server named gcga1 using Secure Shell (SSH).
Select the appropriate commands and place them in the correct order (Steps 1 through 3) to enable this solution and verify it works.
All commands are not used.
Sort elements
- ssh-keygen -t rsa
- ssh-copy-id ~/.ssh/id_rsa.pub lisa@gcga1
- ssh root@gcga1
- chmod 600 ~/.ssh/id_dsa
- ssh-keygen -t dsa
- chmod 777 ~/.ssh/id_rsa
- chmod 644 ~/.ssh/id_dsa
- chmod 777 ~/.ssh/id_dsa
- telnet root@gcga1
- ssh-copy-id ~/.ssh/id_rsa lisa@gcga1
- Step 1
- Step 2
- Step 3
CorrectIncorrect - Question 340 of 395
340. Question
Maggie is a sales representative for a software company. While in a coffee shop, she uses her laptop to connect to the public WiFi, check her work emails, and upload details of a recent sale. Which of the following would she use to prevent other devices on the public network from accessing her laptop? (Choose the BEST two choices.)
CorrectIncorrect - Question 341 of 395
341. Question
Which of the following describes the proper format of log entries for Linux systems?
CorrectIncorrect - Question 342 of 395
342. Question
Which of the following is a cryptographic algorithm that will create a fixed-length output from a data file but cannot be used to recreate the original data file?
CorrectIncorrect - Question 343 of 395
343. Question
An employee turned off his computer by pressing the power button prior to being fired. A forensic analyst wants to identify what applications the user was running and what files were open before he turned off his computer. Which of the following is the BEST choice to meet these goals?
CorrectIncorrect - Question 344 of 395
344. Question
Your organization wants to identify biometric methods used for identification. The requirements are:
• Collect the data passively
• Bypass a formal enrollment process
• Avoid obvious methods that let the subject know data is being collected
Which of the following biometric methods BEST meet these requirements? (Select two.)CorrectIncorrect - Question 345 of 395
345. Question
Users regularly log on with a username and password. However, management wants to add a second authentication factor for any users that launch the gcga application. The method needs to be user-friendly and non-disruptive. Which of the following will BEST meet these requirements?
CorrectIncorrect - Question 346 of 395
346. Question
Users normally log on using a smart card, a username, and a password. Management wants administrators to use a third factor of authentication. Which of the following will meet this need?
CorrectIncorrect - Question 347 of 395
347. Question
Lisa wants to implement a secure authentication system on a website. However, instead of collecting and storing user passwords, she wants to use a third-party system. Which of the following is the BEST choice to meet this goal?
CorrectIncorrect - Question 348 of 395
348. Question
Management wants to increase security for any users accessing the network with a VPN. They plan to implement a method that will require users to install an application on their smartphones. This application will generate a key that they’ll have to enter in addition to their username and password. What is the BEST description of this added authentication method?
CorrectIncorrect - Question 349 of 395
349. Question
An administrator regularly connects to a server using SSH without any problems. Today, he sees a message similar to the following graphic when he connects to the server.
Which of the following is the MOST likely reason for this message?
CorrectIncorrect - Question 350 of 395
350. Question
A security analyst recently completed a BIA and defined the maximum acceptable outage time for a critical system. What does this identify?
CorrectIncorrect - Question 351 of 395
351. Question
A small business owner has asked you for advice. She wants to improve the company’s security posture, but she doesn’t have any security staff. Which of the following is the BEST solution to meet her needs?
CorrectIncorrect - Question 352 of 395
352. Question
Before personnel can enter a secure area, they must first place their smartphones in one of several conductive metal lockboxes. The company implemented this policy because management is concerned about risks related to intellectual property. Which of the following represents the GREATEST risk to intellectual property that this policy will mitigate?
CorrectIncorrect - Question 353 of 395
353. Question
Your organization’s network looks like the following graphic and you’ve been asked to verify that Firewall 1 has the correct settings.
All firewalls should enforce the following requirements:
• Use only secure protocols for remote management
• Block cleartext web traffic
The following graphic shows the current rules configured in Firewall 1.You’re asked to verify the rules are configured correctly. Which rule, if any, should be changed to ensure Firewall 1 meets the stated requirements?
CorrectIncorrect - Question 354 of 395
354. Question
Your organization’s network looks like the following graphic and you’ve been asked to verify that Firewall 2 has the correct settings.
All firewalls should enforce the following requirements:
• Use only secure protocols for remote management
• Block cleartext web traffic
The following graphic shows the current rules configured in Firewall 2.
Which rule, if any, should be changed in Firewall 2?CorrectIncorrect - Question 355 of 395
355. Question
Your organization has added a hot site as shown in the following graphic.
All firewalls should enforce the following requirements:
• Use only secure protocols for remote management
• Block cleartext web traffic
Users in the hot site are unable to access websites in the Internet. The following graphic shows the current rules configured in Firewall 3.
You’re asked to verify the rules are configured correctly. Which rule, if any, should be changed in Firewall 3?CorrectIncorrect - Question 356 of 395
356. Question
Your organization hires students during the summer for temporary help. They need access to network resources, but only during working hours. Management has stressed that it is critically important to safeguard trade secrets and other confidential information. Which of the following account management concepts would be MOST important to meet these goals?
CorrectIncorrect - Question 357 of 395
357. Question
The Chief Information Officer (CIO) at your organization suspects someone is entering the data center after normal working hours and stealing sensitive data. Which of the following actions can prevent this?
CorrectIncorrect - Question 358 of 395
358. Question
Your organization has created a web application that will go live after testing is complete. An application tester sees the following URL: https://gcgapremium.com/info.php?sessionID=10123&acct=homer.
The tester resends the following URL to the website: https://gcgapremium.com/info.php?sessionID=32101&acct=homer. Which of the following attacks is the tester checking?
CorrectIncorrect - Question 359 of 395
359. Question
Security personnel are investigating a recent incident. While doing so, they want to protect critical systems and maintain business operations. Which of the following incident response steps does this describe?
CorrectIncorrect - Question 360 of 395
360. Question
After a recent attack, security investigators discovered that attackers logged on with an administrator account. They recommend implementing a solution that will thwart this type of attack in the future. The solution must support the following requirements:
• Allow authorized users to access the administrator account without knowing the password
• Allow authorized users to check out the credentials when needed
• Log each time the credentials are used
• Automatically change the passwordWhich of the following answers would meet these requirements?
CorrectIncorrect - Question 361 of 395
361. Question
Homer, the Chief Financial Officer (CFO) of a bank, received an email from Lisa, the company’s Chief Executive Officer (CEO). Lisa states she is on vacation and lost her purse, containing all her cash and credit cards. She asks Homer to transfer $5,000 to her account. Which of the following best identifies this attack?
CorrectIncorrect - Question 362 of 395
362. Question
Homer received an email letting him know he won the lottery. To claim the prize, he needs to confirm his identity by providing his name, phone number, address, and birth date. The email states he’ll receive the prize after providing this information. What does this describe?
CorrectIncorrect - Question 363 of 395
363. Question
Some network appliances monitoring incoming data have recently started sending alerts on potentially malicious files. You discover that these are PE32 files with the tar.gz extension, and they are being downloaded to several user systems. After investigating further, you discover these users previously opened an email with an infected MHT file. Which of the following answers best describes this scenario?
CorrectIncorrect - Question 364 of 395
364. Question
Lisa has scheduled quarterly meetings with department leaders to discuss how they would respond to various scenarios such as natural disasters or cyberattacks. During the meetings, she presents a scenario and asks attendees to indicate their responses. Also, during the meetings, she injects variations on the scenario similar to what may happen during a live event and encourages attendees to discuss their responses. What does this describe?
CorrectIncorrect - Question 365 of 395
365. Question
Cybersecurity experts in your organization are creating a detailed plan identifying how to recover critical systems if these systems suffer a complete loss. What type of plan are they MOST likely creating?
CorrectIncorrect - Question 366 of 395
366. Question
You need to add disk redundancy for a critical server in your organization’s screened subnet. Management wants to ensure it supports two-drive failure. Which of the following is the BEST solution for this requirement?
CorrectIncorrect - Question 367 of 395
367. Question
Your organization needs to create a design for a high-security network for a U.S. government contract. The network should not be accessible by your organization’s existing networks or the Internet. Which of the following options will BEST meet this need?
CorrectIncorrect - Question 368 of 395
368. Question
Maggie suspects that a server may be running unnecessary services. Which of the following tools is the BEST choice to identify the services running on the server?
CorrectIncorrect - Question 369 of 395
369. Question
You are reviewing a report created after a recent vulnerability scan. However, it isn’t clear if the scan was run as a credentialed scan or a non-credentialed scan. Which of the following would give you the BEST indication that the scan was a credentialed scan?
CorrectIncorrect - Question 370 of 395
370. Question
An external security auditor recently completed a security assessment. He discovered that a system has a vulnerability that two previous security assessments detected. Which of the following BEST explains this?
CorrectIncorrect - Question 371 of 395
371. Question
Lisa recently received a security advisory. She’s using it to review logs and looking for activity mentioned in the security advisory. Which of the following BEST describes what she is doing?
CorrectIncorrect - Question 372 of 395
372. Question
Your organization is setting up an e-commerce site to sell products online. Management wants to ensure the website can accept credit cards for payment. Which of the following standards are they MOST likely to follow?
CorrectIncorrect - Question 373 of 395
373. Question
Which of the following BEST describes the purpose of a risk register?
CorrectIncorrect - Question 374 of 395
374. Question
You are running a vulnerability scanner with an access level that gives it the best chance of detecting vulnerabilities. Which of the following BEST describes the type of scan you are running?
CorrectIncorrect - Question 375 of 395
375. Question
While investigating performance issues on a web server, you verified that the CPU usage was about 10 percent five minutes ago. However, it now shows that CPU usage has been averaging over 98 percent for the last two minutes. Which of the following BEST describes what this web server is experiencing?
CorrectIncorrect - Question 376 of 395
376. Question
An organization recently updated its security policy outlining how to handle sensitive data. It includes the following requirements:
• Digital copies of PII must be encrypted
• Printed copies of PII must be stored in a locked container
• Digital copies of PHI must be encrypted and inventoried quarterly
• Printed copies of PHI must be placed in a locked container and inventoried quarterly
• Locked containers must be approved and designated for document storage, and employees must report any violations to the chief information officer (CIO).
While searching for coffee in the kitchen, Homer unlocks a cabinet and discovers a list of customer names and phone numbers. Which of the following identifies the BEST action Homer should take to comply with the updated security policy?CorrectIncorrect - Question 377 of 395
377. Question
Homer complains that his system started acting erratically today. You discover that malware infected his system but you discover he didn’t open any email during the day. He mentions that he has been browsing the Internet all day though. Which of the following could you check to see where the malware MOST likely originated?
Correct