- All Exams Instant Download
Which of the following describes the ability of code to target a hypervisor from inside
Which of the following describes the ability of code to target a hypervisor from insideA . Fog computingB . VM escapeC . Software-defined networkingD . Image forgeryE . Container breakoutView AnswerAnswer: B Explanation: Virtual machine escape is an exploit in which the attacker runs code on a VM that allows...
Which of the following would be MOST suitable for training the developers'?
A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?A . A capture-the-flag competitionB . A phishing simulationC . Physical...
Which of the following would BEST help the team ensure the application is ready to be released to production?
The IT department’s on-site developer has been with the team for many years. Each time an application is released, the security team is able to identify multiple vulnerabilities. Which of the following would BEST help the team ensure the application is ready to be released to production?A . Limit the...
Which of the following security practices would have addressed the issue?
A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?A . A non-disclosure agreementB . Least privilegeC...
Which of the following is MOST likely occurring?
While checking logs, a security engineer notices a number of end users suddenly downloading files with the .tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on...
Which of the following is the purpose of a risk register?
Which of the following is the purpose of a risk register?A . To define the level or risk using probability and likelihoodB . To register the risk with the required regulatory agenciesC . To identify the risk, the risk owner, and the risk measuresD . To formally log the type...
Which of the following should the IT administrator do FIRST after recovery?
A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do...
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?A . DLPB . HIDSC . EDRD . NIPSView AnswerAnswer: C
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?A . The document is a honeyfile and is meant to attract the attention of a cyberintruder.B . The document is a backup...
Which of the following would MOST likely allow the company to find the cause?
A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet. Which of the following would MOST likely allow the company to find the cause?A . ChecksumsB . WatermarksC . Oder of volatilityD . A log analysisE...
