- All Exams Instant Download
Which of the following commands could the investigator use to display executing processes in real time?
A security administrator is investigating a compromised host. Which of the following commands could the investigator use to display executing processes in real time?A . psB . topC . niceD . pstreeView AnswerAnswer: B Explanation: Reference: https://www.cyberciti.biz/faq/show-all-running-processes-in-linux/
During a malware-driven distributed denial of service attack, a security researcher found excessive requests to a name server referring to the same domain name and host name encoded in hexadecimal. The malware author used which type of command and control?
During a malware-driven distributed denial of service attack, a security researcher found excessive requests to a name server referring to the same domain name and host name encoded in hexadecimal. The malware author used which type of command and control?A . Internet Relay Chat (IRC)B . Dnscat2C . Custom channelD...
Which of the following tools could the analyst use?
A security analyst is required to collect detailed network traffic on a virtual machine. Which of the following tools could the analyst use?A . nbtstatB . WinDumpC . fportD . netstatView AnswerAnswer: D
Which of the following BEST describes this scenario?
A suspicious script was found on a sensitive research system. Subsequent analysis determined that proprietary data would have been deleted from both the local server and backup media immediately following a specific administrator’s removal from an employee list that is refreshed each evening. Which of the following BEST describes this...
Which of the following commands would stop this attack?
A network security analyst has noticed a flood of Simple Mail Transfer Protocol (SMTP) traffic to internal clients. SMTP traffic should only be allowed to email servers. Which of the following commands would stop this attack? (Choose two.)A . iptables -A INPUT -p tcp Cdport 25 -d x.x.x.x -j ACCEPTB...
Malicious code designed to execute in concurrence with a particular event is BEST defined as which of the following?
Malicious code designed to execute in concurrence with a particular event is BEST defined as which of the following?A . Logic bombB . RootkitC . TrojanD . BackdoorView AnswerAnswer: A Explanation: Reference: https://searchsecurity.techtarget.com/definition/Malware-Glossary
Which of the following could be included in an endpoint security solution?
A cybersecurity expert assigned to be the IT manager of a middle-sized company discovers that there is little endpoint security implementation on the company’s systems. Which of the following could be included in an endpoint security solution? (Choose two.)A . Web proxyB . Network monitoring systemC . Data loss prevention...
Which of the following tools would help mitigate this risk from recurring?
An organization recently suffered a breach due to a human resources administrator emailing employee names and Social Security numbers to a distribution list. Which of the following tools would help mitigate this risk from recurring?A . Data loss prevention (DLP)B . FirewallC . Web proxyD . File integrity monitoringView AnswerAnswer:...
Which of the following steps in the attack process does this activity indicate?
While performing routing maintenance on a Windows Server, a technician notices several unapproved Windows Updates and that remote access software has been installed. The technician suspects that a malicious actor has gained access to the system. Which of the following steps in the attack process does this activity indicate?A ....
Which of the following actions should the administrator take next?
An administrator believes that a system on VLAN 12 is Address Resolution Protocol (ARP) poisoning clients on the network. The administrator attaches a system to VLAN 12 and uses Wireshark to capture traffic. After reviewing the capture file, the administrator finds no evidence of ARP poisoning. Which of the following...
