EMT Practice Test

1. Question Content...


Question List

Question1: Delta IT solutions suffered a substantial data loss translating into a huge monetary loss for them. While investigation, the network admin analyzed all the packets and traffic transmitted across the network and identified that some user, within the organization, had leaked the dat a. Which of the following devices could have helped the network admin reach this conclusion?

Question2: Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an _______ for legal advice to defend them against this allegation.

Question3: Michael decides to view the-----------------to track employee actions on the organization's network.

Question4: Which of the following systems includes an independent NAS Head and multiple storage arrays?

Question5: What command is used to terminate certain processes in an Ubuntu system?

Question6: In Public Key Infrastructure (PKI), which authority is responsible for issuing and verifying the certificates?

Question7: Justine has been tasked by her supervisor to ensure that the company's physical security is on the same level as their logical security measures. She installs video cameras at all entrances and exits and installs badge access points for all doors. The last item she wants to install is a method to prevent unauthorized people piggybacking employees. What should she install to prevent piggybacking?

Question8: Identity the correct order for a successful black hat operation.

Question9: James is a network administrator working at a student loan company in Minnesot a. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company schools, and lenders is carried out through emails. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, James wants to utilize email encryption. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt emails. What should James use?

Question10: Larry is responsible for the company's network consisting of 300 workstations and 25 servers. After using a hosted email service for a year, the company wants to control the email internally. Larry likes this idea because it will give him more control over the email. Larry wants to purchase a server for email but does not want the server to be on the internal network due to the potential to cause security risks. He decides to place the server outside of the company's internal firewall. There is another firewall connected directly to the Internet that will protect traffic from accessing the email server. The server will be placed between the two firewalls. What logical area is Larry putting the new email server into?

Question11: Identify the Password Attack Technique in which the adversary attacks cryptographic hash functions based on the probability, that if a hashing process is used for creating a key, then the same is used for other keys?

Question12: Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker group was able to get into the network and modify files hosted on the company's website. After searching through the firewall and server logs, no one could find how the attackers were able to get in. He decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts administrators when a critical file is altered. What tool could Simon and his administrators implement to accomplish this?

Question13: The network admin decides to assign a class B IP address to a host in the network. Identify which of the following addresses fall within a class B IP address range.

Question14: Lyle is the IT director for a medium-sized food service supply company in Nebrask a. Lyle's company employs over 300 workers, half of which use computers. He recently came back from a security training seminar on logical security. He now wants to ensure his company is as secure as possible. Lyle has many network nodes and workstation nodes across the network. He does not have much time for implementing a network-wide solution. He is primarily concerned about preventing any external attacks on the network by using a solution that can drop packets if they are found to be malicious. Lyle also wants this solution to be easy to implement and be network-wide. What type of solution would be best for Lyle?

Question15: Which phase of vulnerability management deals with the actions taken for correcting the discovered vulnerability?

Question16: Timothy works as a network administrator in a multinational organization. He decides to implement a dedicated network for sharing storage resources. He uses a_______as it seperates the storage units from the servers and the user network.

Question17: How is a "risk" represented?

Question18: Paul is a network security technician working on a contract for a laptop manufacturing company in Chicago. He has focused primarily on securing network devices, firewalls, and traffic traversing in and out of the network. He just finished setting up a server a gateway between the internal private network and the outside public network. This server will act as a proxy, limited amount of services, and will filter packets. What is this type of server called?

Question19: Maximus Tech Is a multinational company that uses Cisco ASA Firewalls for their systems. Jason is the one of the members of the team that checks the logs at Maximus Tech. As a part of his job. he is going through me logs and he came across a firewall log that looks like this:
May 06 2018 21:27:27 asa 1: % ASA -6-11008: User enable_16' executed the 'configure term' command Based on the security level mentioned in the log, what did Jason understand about the description of this message?

Question20: Albert works as a Windows system administrator at an MNC. He uses PowerShell logging to identify any suspicious scripting activity across the network. He wants to record pipeline execution details as PowerShell executes, including variable initialization and command invocations. Which PowerShell logging component records pipeline execution details as PowerShell executes?

Question21: Mark is monitoring the network traffic on his organization's network. He wants to detect a TCP and UDP ping sweep on his network. Which type of filter will be used to detect this on the network?

Question22: Will is working as a Network Administrator. Management wants to maintain a backup of all the company data as soon as it starts operations. They decided to use a RAID backup storage technology for their data backup plan. To implement the RAID data backup storage, Will sets up a pair of RAID disks so that all the data written to one disk is copied automatically to the other disk as well. This maintains an additional copy of the dat a.
Which RAID level is used here?

Question23: Which antenna's characteristic refer to the calculation of radiated in a particular direction. It is generally the ratio of radiation intensity in a given direction to the average radiation intensity?

Question24: Match the following NIST security life cycle components with their activities:

Question25: A network is setup using an IP address range of 0.0.0.0 to 127.255.255.255. The network has a default subnet mask of 255.0.0.0. What IP address class is the network range a part of?

Question26: Geon Solutions INC., had only 10 employees when it started. But as business grew, the organization had to increase the amount of staff. The network administrator is finding it difficult to accommodate an increasing number of employees in the existing network topology. So the organization is planning to implement a new topology where it will be easy to accommodate an increasing number of employees. Which network topology will help the administrator solve the problem of needing to add new employees and expand?

Question27: Kyle, a front office executive, suspects that a Trojan has infected his computer. What should be his first course of action to deal with the incident?

Question28: Which of the following network security protocols protects from sniffing attacks by encrypting entire communication between the clients and server including user passwords?

Question29: You are monitoring your network traffic with the Wireshark utility and noticed that your network is experiencing a large amount of traffic from certain region. You suspect a DoS incident on the network.
What will be your first reaction as a first responder?

Question30: John is a network administrator and is monitoring his network traffic with the help of Wireshark. He suspects that someone from outside is making a TCP OS fingerprinting attempt on his organization's network. Which of the following Wireshark filter(s) will he use to locate the TCP OS fingerprinting attempt?

Question31: _______________ is a structured and continuous process which integrates information security and risk management activities into the system development life cycle (SDLC).

Question32: Which encryption algorithm is used by WPA3 encryption?

Question33: Which of the following is an example of Indicators of Attack?

Question34: Patrick wants to change the file permission of a file with permission value 755 to 744. He used a Linux command chmod [permission Value] [File Name] to make these changes. What will be the change in the file access?

Question35: Michelle is a network security administrator working in an MNC company. She wants to set a resource limit for CPU in a container. Which command-line allows Michelle to limit a container to 2 CPUs?

Question36: Which of the following provides the target for designing DR and BC solutions?

Question37: How does Windows' in-built security component, AppLocker, whitelist applications?

Question38: The GMT enterprise is working on their internet and web usage policies. GMT would like to control internet bandwidth consumption by employees. Which group of policies would this belong to?

Question39: Chris is a senior network administrator. Chris wants to measure the Key Risk Indicator (KRI) to assess the organization. Why is Chris calculating the KRI for his organization? It helps Chris to:

Question40: Identify the password cracking attempt involving precomputed hash values stored as plaintext and using these to crack the password.

Question41: Bryson is the IT manager and sole IT employee working for a federal agency in Californi a. The agency was just given a grant and was able to hire on 30 more employees for a new extended project. Because of this, Bryson has hired on two more IT employees to train up and work. Both of his new hires are straight out of college and do not have any practical IT experience. Bryson has spent the last two weeks teaching the new employees the basics of computers, networking, troubleshooting techniques etc. To see how these two new hires are doing, he asks them at what layer of the OSI model do Network Interface Cards (NIC) work on. What should the new employees answer?

Question42: Eric is receiving complaints from employees that their systems are very slow and experiencing odd issues including restarting automatically and frequent system hangs. Upon investigating, he is convinced the systems are infected with a virus that forces systems to shut down automatically after period of time. What type of security incident are the employees a victim of?

Question43: Which of the following information security standards defines security policies, technologies and ongoing processes for organizations that handle cardholder information for debit, credit, prepaid, epurse, ATM, and POS cards?

Question44: Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?

Question45: The IR team and the network administrator have successfully handled a malware incident on the network. The team is now preparing countermeasure guideline to avoid a future occurrence of the malware incident.
Which of the following countermeasure(s) should be added to deal with future malware incidents? (Select all that apply)

Question46: The company has implemented a backup plan. James is working as a network administrator for the company and is taking full backups of the data every time a backup is initiated. Alex who is a senior security manager talks to him about using a differential backup instead and asks him to implement this once a full backup of the data is completed. What is/are the reason(s) Alex is suggesting that James use a differential backup?
(Select all that apply)

Question47: An insider in Hexagon, a leading IT company in USA, was testing a packet crafting tool. This tool generated a lot of malformed TCP/IP packets which crashed the main server's operating system leading to restricting the employees' accesses. Which attack did the insider use in the above situation?

Question48: Who is an IR custodian?

Question49: Which of the following things need to be identified during attack surface visualization?

Question50: Which type of modulation technique is used in local area wireless networks (LAWNs)?

Question51: Docker provides Platforms-a-Service (PaaS) through __________ and deliver*; containerized software packages

Question52: Sam, a network administrator is using Wireshark to monitor the network traffic of the organization. He wants to detect TCP packets with no flag set to check for a specific attack attempt. Which filter will he use to view the traffic?

Question53: Daniel is giving training on designing and implementing a security policy in the organization. He is explaining the hierarchy of the security policy which demonstrates how policies are drafted, designed and implemented.
What is the correct hierarchy for a security policy implementation?

Question54: Sophie has been working as a Windows network administrator at an MNC over the past 7 years. She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie to do so?

Question55: Which of the following Layers of IoT Architecture provides dashboards to monitor, analyze, and implement proactive decisions?

Question56: Under which of the following acts can an international financial institution be prosecuted if it fails to maintain the privacy of its customer's information?

Question57: Which of the following technologies can be used to leverage zero-trust model security?

Question58: Who acts as an intermediary to provide connectivity and transport services between cloud consumers and providers?

Question59: In what type of IoT communication model do devices interact with each other through the internet, primarily using protocols such as ZigBee, Z-Wave, or Bluetooth?

Question60: An IT company has just been hit with a severe external security breach. To enhance the company's security posture, the network admin has decided to first block all the services and then individually enable only the necessary services. What is such an Internet access policy called?

Question61: How is the chip-level security of an IoT device achieved?

Question62: Which of the following examines Recovery Point Objectives (RPOs) and Recovery Time Objectives (RTOs) for a disaster recovery strategy?

Question63: What is the correct order of activities that a IDS is supposed to attempt in order to detect an intrusion?

Question64: Nancy is working as a network administrator for a small company. Management wants to implement a RAID storage for their organization. They want to use the appropriate RAID level for their backup plan that will satisfy the following requirements: 1. It has a parity check to store all the information about the data in multiple drives 2. Help reconstruct the data during downtime. 3. Process the data at a good speed. 4. Should not be expensive. The management team asks Nancy to research and suggest the appropriate RAID level that best suits their requirements. What RAID level will she suggest?

Question65: What represents the ability of an organization to respond under emergency in order to minimize the damage to its brand name, business operation, and profit?

Question66: Which among the following filter is used to detect a SYN/FIN attack?

Question67: Which of the following can be used to suppress fire from Class K sources?

Question68: Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system?

Question69: Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?

Question70: Disaster Recovery is a _________.

Question71: An organization needs to adhere to the______________rules for safeguarding and protecting the electronically stored health information of employees.

Question72: Management wants to calculate the risk factor for their organization. Kevin, a network administrator in the organization knows how to calculate the risk factor. Certain parameters are required before calculating risk factor. What are they? (Select all that apply) Risk factor =.............X...............X...........

Question73: Andrew would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?

Question74: What is the name of the authority that verifies the certificate authority in digital certificates?

Question75: A network designer needs to submit a proposal for a company, which has just published a web portal for its clients on the internet. Such a server needs to be isolated from the internal network, placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with three interfaces, one for the internet network, another for the DMZ server farm and another for the internal network. What kind of topology will the designer propose?

Question76: Which of the following incident handling stage removes the root cause of the incident?

Question77: Which of the following types of information can be obtained through network sniffing? (Select all that apply)

Question78: How can organizations obtain information about threats through human intelligence?

Question79: Which of the following helps in viewing account activity and events for supported services made by AWS?

Question80: John has been working a* a network administrator at an IT company. He wants to prevent misuse of accounts by unauthorized users. He wants to ensure that no accounts have empty passwords. Which of the following commands does John use to list all the accounts with an empty password?

Question81: Daniel works as a network administrator in an Information Security company. He has just deployed an IDS in his organization's network and wants to calculate the false positive rate for his implementation. Which of the following formulae can he use to so?

Question82: Jorge has developed a core program for a mobile application and saved it locally on his system. The next day, when he tried to access the file to work on it further, he found it missing from his system.
Upon investigation, it was discovered that someone got into his system since he had not changed his login credentials, and that they were the ones that were given to him by the admin when he had joined the organization. Which of the following network security vulnerabilities can be attributed to Jorge's situation?

Question83: Which of the following best describes the Log Normalization process?

Question84: In ______ method, event logs are arranged in the form of a circular buffer.

Question85: Which of the following DDoS attacks overloads a service by sending inundate packets?

Question86: Which subdirectory in /var/log directory stores information related to Apache web server?

Question87: Individuals in the organization using system resources against acceptable usage policies indicates which of the following security incident:

Question88: A local bank wants to protect their cardholder dat
a. Which standard should the bark comply with in order to ensure security of this data?

Question89: Who offers formal experienced testimony in court?

Question90: Hacktivists are threat actors, who can be described as -------------------

Question91: An employee of a medical service company clicked a malicious link in an email sent by an attacker. Suddenly, employees of the company are not able to access billing information or client record as it is encrypted. The attacker asked the company to pay money for gaining access to their dat a. Which type of malware attack is described above?

Question92: Who oversees all the incident response activities in an organization and is responsible for all actions of the IR team and IR function?

Question93: Rick has implemented several firewalls and IDS systems across his enterprise network. What should he do to effectively correlate all incidents that pass through these security controls?

Question94: Which command is used to change the permissions of a file or directory?

Question95: Which authorization lets users access a requested resource on behalf of others?

Question96: You are an IT security consultant working on a contract for a large manufacturing company to audit their entire network. After performing all the tests and building your report, you present a number of recommendations to the company and what they should implement to become more secure. One recommendation is to install a network-based device that notifies IT employees whenever malicious or questionable traffic is found. From your talks with the company, you know that they do not want a device that actually drops traffic completely, they only want notification. What type of device are you suggesting?

Question97: If Myron, head of network defense at Cyberdyne, wants to change the default password policy settings on the company's Linux systems, which directory should he access?

Question98: Tom works as a network administrator in a multinational organization having branches across North America and Europe. Tom wants to implement a storage technology that can provide centralized data storage and provide free data backup on the server. He should be able to perform data backup and recovery more efficiently with the selected technology. Which of the following storage technologies best suits Tom's requirements?

Question99: The CEO of Max Rager wants to send a confidential message regarding the new formula for its coveted soft drink, SuperMax, to its manufacturer in Texas. However, he fears the message could be altered in transit. How can he prevent this incident from happening and what element of the message ensures the success of this method?

Question100: The security network team is trying to implement a firewall capable of operating only in the session layer, monitoring the TCP inter-packet link protocol to determine when a requested session is legitimate or not. Using the type of firewall,they could be able to intercept the communication, making the external network see that the firewall is the source, and facing the user, who responds from the outside is the firewall itself. They are just limiting a requirements previous listed, because they have already have a packet filtering firewall and they must add a cheap solution that meets the objective. What kind of firewall would you recommend?

Question101: Richard has been working as a Linux system administrator at an MNC. He wants to maintain a productive and secure environment by improving the performance of the systems through Linux patch management. Richard is using Ubuntu and wants to patch the Linux systems manually. Which among the following command installs updates (new ones) for Debun based Linux OSes?

Question102: A company has the right to monitor the activities of their employees on different information systems according to the _______policy.

Question103: Which of the following Wireshark filters allows an administrator to detect SYN/FIN DDoS attempt on the network?

Question104: Which of the following is not part of the recommended first response steps for network defenders?

Question105: Which of the following statement holds true in terms of containers?

Question106: Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic. What type of scan is Cindy attempting here?

Question107: Which of the following is consumed into SIEM solutions to take control of chaos, gain in-depth knowledge of threats, eliminate false positives, and implement proactive intelligence-driven defense?

Question108: You are using Wireshark to monitor your network traffic and you see a lot of packages with FIN, PUSH and URG flags activated; what can you infer about this behavior?

Question109: Which of the following interfaces uses hot plugging technique to replace computer components without the need to shut down the system?

Question110: Jeanne is working as a network administrator in an IT company. She wants to control/limit container access to CPU, memory, swap, block IO (rates), network. Which Linux kernel feature allows Jeanne to manage, restrict, and audit groups of the process?

Question111: Which biometric technique authenticates people by analyzing the layer of blood vessels at the back of their eyes?

Question112: What is Azure Key Vault?

Question113: David, a network and system admin, encrypted all the files in a Windows system that supports NTFS file system using Encrypted File Systems (EFS). He then backed up the same files into another Windows system that supports FAT file system. Later, he found that the backup files were not encrypted. What could be the reason for this?

Question114: Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an ______for legal advice to defend them against this allegation.

Question115: An administrator wants to monitor and inspect large amounts of traffic and detect unauthorized attempts from inside the organization, with the help of an IDS. They are not able to recognize the exact location to deploy the IDS sensor. Can you help him spot the location where the IDS sensor should be placed?

Question116: Frank installed Wireshark at all ingress points in the network. Looking at the logs he notices an odd packet source. The odd source has an address of 1080:0:FF:0:8:800:200C:4171 and is using port 21. What does this source address signify?

Question117: James wants to implement certain control measures to prevent denial-of-service attacks against the organization. Which of the following control measures can help James?

Question118: Identify the network topology where each computer acts as a repeater and the data passes from one computer to the other in a single direction until it reaches the destination.

Question119: Which of the following filters can be used to detect UDP scan attempts using Wireshark?

Question120: An organization's web server was recently compromised triggering its admin team into action to defend the network. The admin team wants to place the web server in such a way that, even if it is attacked, the other network resources will be unavailable to the attacker. Moreover, the network monitoring will easily detect the future attacks. How can the admin team implement this plan?

Question121: Which among the following is used to limit the number of cmdlets or administrative privileges of administrator, user, or service accounts?

Question122: Kelly is taking backups of the organization's dat
a. Currently, he is taking backups of only those files which are created or modified after the last backup. What type of backup is Kelly using?

Question123: Which of the following NIST incident category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit?

Question124: On which layer of the OSI model does the packet filtering firewalls work?

Question125: Which of the following data security technology can ensure information protection by obscuring specific areas of information?

Question126: Which of the following is a best practice for wireless network security?

Question127: In _______ mechanism, the system or application sends log records either on the local disk or over the network.

Question128: Management decides to implement a risk management system to reduce and maintain the organization's risk at an acceptable level. Which of the following is the correct order in the risk management phase?

Question129: Which of the following Wireshark filters can a network administrator use to view the packets without any flags set in order to detect TCP Null Scan attempts?

Question130: Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden's organization.

Question131: Which of the following security models enable strict identity verification for every user or device attempting to access the network resources?
1. Zero-trust network model
2. Castle-and-Moat model

Question132: John is a senior network security administrator working at a multinational company. He wants to block specific syscalls from being used by container binaries. Which Linux kernel feature restricts actions within the container?

Question133: Martin is a professional hacker. He is performing reconnaissance on an organization to hack a few target systems. As a part of this method, he needs to determine what hosts are available on the network, what services those hosts are offering, what operating systems they are running, what type of packet filters/firewalls, etc. To obtain such information, Martin decided to use automated tools.
Which of the following tool must be employed by Martin?

Question134: Identify the firewall technology that monitors the TCP handshake between the packets to determine whether a requested session is legitimate.

Question135: As a network administrator, you have implemented WPA2 encryption in your corporate wireless network. The WPA2's _________integrity check mechanism provides security against a replay attack

Question136: Which scan attempt can penetrate through a router and a firewall that filter incoming packets with particular flags set and is not supported by Windows?

Question137: John wants to implement a packet filtering firewall in his organization's network. What TCP/IP layer does a packet filtering firewall work on?

Question138: Which firewall can a network administrator use for better bandwidth management, deep packet inspection, and Hateful inspection?

Question139: You want to increase your network security implementing a technology that only allows certain MAC addresses in specific ports in the switches; which one of the above is the best choice?

Question140: You are responsible for network functions and logical security throughout the corporation. Your company has over 250 servers running Windows Server 2012, 5000 workstations running Windows 10, and 200 mobile users working from laptops on Windows 8. Last week 10 of your company's laptops were stolen from a salesman, while at a conference in Barcelon a. These laptops contained proprietary company information. While doing a damage assessment, a news story leaks about a blog post containing information about the stolen laptops and the sensitive information. What built-in Windows feature could you have implemented to protect the sensitive information on these laptops?

Question141: Identify the network topology in which the network devices are connected such that every device has a point-to-point link to all the other devices.

Question142: What defines the maximum time period an organization is willing to lose data during a major IT outage event?

Question143: Jason has set a firewall policy that allows only a specific list of network services and denies everything else. This strategy is known as a ____________.

Question144: Which of the following is NOT an AWS Shared Responsibility Model devised by AWS?

Question145: A network administrator is monitoring the network traffic with Wireshark. Which of the following filters will she use to view the packets moving without setting a flag to detect TCP Null Scan attempts?

Question146: Identify the type of event that is recorded when an application driver loads successfully in Windows.

Question147: Which RAID level does not provide data redundancy?

Question148: Jason works as a System Administrator for www.company.com Inc. The company has a Windows based network. Sam, an employee of the company, accidentally changes some of the applications and system settings. He complains to Jason that his system is not working properly. To troubleshoot the problem, Jason diagnoses the internals of his computer and observes that some changes have been made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the following utilities can Jason use to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

Question149: Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. What is the last step he should list?

Question150: You are tasked to perform black hat vulnerability assessment for a client. You received official written permission to work with: company site, forum, Linux server with LAMP, where this site is hosted.
Which vulnerability assessment tool should you consider using?

Question151: Consider a scenario consisting of a tree network. The root Node N is connected to two man nodes N1 and N2. N1 is connected to N11 and N12. N2 is connected to N21 and N22. What will happen if any one of the main nodes fail?

Question152: James is working as a Network Administrator in a reputed company situated in Californi a. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep attack. Which of the following Wireshark filters will he use?

Question153: Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?

Question154: An attacker has access to password hashes of a Windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?

Question155: Which of following are benefits of using loT devices in loT-enabled environments? I. loT device car be connected anytime M. loT device can be connected at any place ill. loT devices connected to anything

Question156: During the recovery process, RTO and RPO should be the main parameters of your disaster recovery plan. What does RPO refer to?

Question157: John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of implementing?

Question158: An IDS or IDPS can be deployed in two modes. Which deployment mode allows the IDS to both detect and stop malicious traffic?

Question159: What is composite signature-based analysis?

Question160: Which of the following type of UPS is used to supply power above 10kVA and provides an ideal electric output presentation, and its constant wear on the power components reduces the dependability?

Question161: Identify the correct statements regarding a DMZ zone:

Question162: To provide optimum security while enabling safe/necessary services, blocking known dangerous services, and making employees accountable for their online activity, what Internet Access policy would Brian, the network administrator, have to choose?

Question163: In MacOS, how can the user implement disk encryption?

Question164: How is the chip-level security of an loT device achieved?

Question165: An US-based organization decided to implement a RAID storage technology for their data backup plan. John wants to setup a RAID level that require a minimum of six drives but will meet high fault tolerance and with a high speed for the data read and write operations. What RAID level is John considering to meet this requirement?

Question166: Which type of attack is used to hack an IoT device and direct large amounts of network traffic toward a web server, resulting in overloading the server with connections and preventing any new connections?

Question167: Identify the minimum number of drives required to setup RAID level 5.

Question168: Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which of the following script execution policy setting this?

Question169: Which type of firewall consists of three interfaces and allows further subdivision of the systems based on specific security objectives of the organization?

Question170: Identify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware.