Which two compliance frameworks require that data be encrypted when it is transmitted over a public network? (Choose two.)
A.
PCI
B.
GLBA
C.
HIPAA
D.
SOX
E.
COBIT
PCI
HIPAA
What is the function of a command and control server?
A.
It enumerates open ports on a network device
B.
It drops secondary payload into malware
C.
It is used to regain control of the network after a compromise
D.
It sends instruction to a compromised system
It sends instruction to a compromised system
What is the practice of giving an employee access to only the resources needed to accomplish their job?
A.
principle of least privilege
B.
organizational separation
C.
separation of duties
D.
need to know principle
principle of least privilege
An analyst received an alert on their desktop computer showing that an attack was successful on the host.
After investigating, the analyst discovered that no mitigation action occurred during the attack. What is the
reason for this discrepancy?
A.
The computer has a HIPS installed on it.
B.
The computer has a NIPS installed on it.
C.
The computer has a HIDS installed on it.
D.
The computer has a NIDS installed on it.
The computer has a HIDS installed on it.
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?
A.
integrity
B.
confidentiality
C.
availability
D.
scope
integrity
How is attacking a vulnerability categorized?
A.
action on objectives
B.
delivery
C.
exploitation
D.
insta
exploitation
A security specialist notices 100 HTTP GET and POST requests for multiple pages on the web servers. The agent in the requests contains PHP code that, if executed, creates and
writes to a new PHP file on the webserver. Which event category is described?
A.
reconnaissance
B.
action on objectives
C.
installation
D.
exploitation
installation
Which type of attack occurs when an attacker is successful in eavesdropping on a
conversation between two
IP phones?
A.
known-plaintext
B.
replay
C.
dictionary
D.
man-in-the-middle
man-in-the-middle
What does cyber attribution identity in an investigation?
A.
cause of an attack
B.
exploit of an attack
C.
vulnerabilities exploited
D.
threat actors of an attack
threat actors of an attack
What is the difference between the ACK flag and the RST flag in the NetFlow log session?
A.
The RST flag confirms the beginning of the TCP connection, and the ACK flag responds
when the data for the payload is complete
B.
BT
C.
The RST flag confirms the receipt of the prior segment, and the ACK flag allows for the spontaneous termination of a connection
D.
The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection
The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection
You have identified a malicious file in a sandbox analysis tool. Which piece of file
information from the analysis
is needed to search for additional downloads of this file by other hosts?
A.
file name
B.
file hash value
C.
file type
D.
file size
file hash value
What is the practice of giving employees only those permissions necessary to perform their specific role within an organization?
A.
least privilege
B.
need to know
C.
integrity validation
D.
due diligence
least privilege
| Page 4 out of 16 Pages |
| Previous |