MoreExam
1. Question Content...
EXPLANATION
Answer: X - EXPLANATION Content.
Question1:
Question2:
Question3:
Question4:
Question5: A recent audit uncovered a key finding regarding the use of a specific encryption standard in a web application that is used to communicate with business customers. Due to the technical limitations of its customers the company is unable to upgrade the encryption standard. Which of the following types of controls should be used to reduce the risk created by this scenario?
Question6:
Question7: A nuclear plant was the victim of a recent attack, and all the networks were air gapped. A subsequent investigation revealed a worm as the source of the issue. Which of the following BEST explains what happened?
Question8:
Question9: A Chief Security Officer (CSO) is concerned about the amount of PII that is stored locally on each salesperson's laptop. The sales department has a higher-than-average rate of lost equipment. Which of the following recommendations would BEST address the CSO's concern?
Question10: A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?
Question11: Which of the following policies would help an organization identify and mitigate potential single points of failure in the company's IT/security operations?
Question12: The manager who is responsible for a data set has asked a security engineer to apply encryption to the data on a hard disk. The security engineer is an example of a:
Question13: In the middle of a cybersecurity, a security engineer removes the infected devices from the network and lock down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?
Question14: A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?
Question15:
Question16:
Question17:
Question18: A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message, ''Special privileges assigned to new login.'' Several of these messages did not have a valid logon associated with the user before these privileges were assigned.Which of the following attacks is MOST likely being detected?
Question19:
Question20: A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and get a five-minute pcap to analyze. The analyst observes the following output:Which of the following attacks does the analyst MOST likely see in this packet capture?
Question21: A user recent an SMS on a mobile phone that asked for bank delays. Which of the following social-engineering techniques was used in this case?
Question22:
Question23: Local guidelines require that all information systems meet a minimum-security baseline to be compliant.Which of the following can security administrators use to assess their system configurations against the baseline?
Question24: Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?
Question25:
Question26:
Question27: A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?
Question28:
Question29:
Question30:
Question31:
Question32: A symmetric encryption algorithm Is BEST suited for:
Question33: An attacker is exploiting a vulnerability that does not have a patch available. Which of the following is the attacker exploiting?
Question34: A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?
Question35:
Question36: A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?
Question37: An organization is developing a plan in the event of a complete loss of critical systems and data. Which of the following plans is the organization MOST likely developing?
Question38: An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following:Which of the following BEST describes the attack that was attempted against the forum readers?
Question39: While checking logs, a security engineer notices a number of end users suddenly downloading files with the.tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on an external email containing an infected MHT file with an href link a week prior. Which of the following is MOST likely occurring?
Question40: Which of the following would be BEST to establish between organizations to define the responsibilities of each party outline the key deliverables and include monetary penalties for breaches to manage third-party risk?
Question41: An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance's vulnerable state?
Question42:
Question43:
Question44: A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server's listening ports. Which of the following tools can BEST accomplish this talk?
Question45:
Question46:
Question47:
Question48:
Question49:
Question50: Which of the following BEST explains the difference between a data owner and a data custodian?
Question51: A security analyst is reviewing logs on a server and observes the following output:Which of the following is the security analyst observing?
Question52:
Question53:
Question54:
Question55: A security administrator suspects an employee has been emailing proprietary information to a competitor.Company policy requires the administrator to capture an exact copy of the employee's hard disk. Which of the following should the administrator use?
Question56:
Question57:
Question58:
Question59:
Question60:
Question61:
Question62:
Question63: Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?
Question64: A forensics investigator is examining a number of unauthorized payments the were reported on the company's website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:Which of the following will the forensics investigator MOST likely determine has occurred?
Question65: During an incident response, a security analyst observes the following log entry on the web server.Which of the following BEST describes the type of attack the analyst is experience?
Question66: Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms?
Question67:
Question68:
Question69: A cybersecurity manager has scheduled biannual meetings with the IT team and department leaders to discuss how they would respond to hypothetical cyberattacks. During these meetings, the manager presents a scenario and injects additional information throughout the session to replicate what might occur in a dynamic cybersecurity event involving the company, its facilities, its data, and its staff. Which of the following describes what the manager is doing?
Question70:
Question71:
Question72: A security analyst is investigation an incident that was first reported as an issue connecting to network shares and the internet, While reviewing logs and tool output, the analyst sees the following:Which of the following attacks has occurred?
Question73:
Question74: A security engineer needs to enhance MFA access to sensitive areas in a building. A key card and fingerprint scan are already in use. Which of the following would add another factor of authentication?
Question75:
Question76: To reduce costs and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would BEST meet the needs of the organization?
Question77:
Question78: The IT department's on-site developer has been with the team for many years. Each time an application is released, the security team is able to identify multiple vulnerabilities. Which of the following would BEST help the team ensure the application is ready to be released to production?
Question79: A network engineer needs to create a plan for upgrading the wireless infrastructure in a large office Priority must be given to areas that are currently experiencing latency and connection issues. Which of the following would be the BEST resource for determining the order of priority?