Which of the following social-engineering techniques is the attacker using?
The Chief Financial Officer (CFO) of an insurance company received an email from Ann, the company’s Chief Executive Officer (CEO), requesting a transfer of $10,000 to an account. The email states Ann is on vacation and has lost her purse, containing cash and credit cards . Which of the following...
Which of the following is MOST likely occurring?
While checking logs, a security engineer notices a number of end users suddenly downloading files with the .tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on...
Which of the following technologies should the IT manager use when implementing MFA?
A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be non-disruptive and user friendly . Which of the following technologies should the IT manager use when implementing MFA?A . One-time passwordsB . Email tokensC . Push notificationsD . Hardware authenticationView AnswerAnswer:...
Which of the following would be MOST suitable for training the developers'?
A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers . Which of the following would be MOST suitable for training the developers'?A . A capture-the-flag competitionB . A phishing simulationC ....
Which of the following would BEST protect the company from data exfiltration via removable media?
A company has drafted an insider-threat policy that prohibits the use of external storage devices . Which of the following would BEST protect the company from data exfiltration via removable media?A . Monitoring large data transfer transactions in the firewall logsB . Developing mandatory training to educate employees about the...
Which of the following would be BEST to solve this issue?
A network engineer notices the VPN concentrator overloaded and crashes on days when there are a lot of remote workers. Senior management has placed greater importance on the availability of VPN resources for the remote workers than the security of the end users’ traffic . Which of the following would...
Which of the following social-engineering techniques was used in this case?
A user recent an SMS on a mobile phone that asked for bank delays . Which of the following social-engineering techniques was used in this case?A . SPIMB . VishingC . Spear phishingD . SmishingView AnswerAnswer: D
Which of the following BEST describes the type of attack the analyst is experience?
During an incident response, a security analyst observes the following log entry on the web server. Which of the following BEST describes the type of attack the analyst is experience?A . SQL injectionB . Cross-site scriptingC . Pass-the-hashD . Directory traversalView AnswerAnswer: D
Which of the following RAID configurations should the administration use?
A security administrator needs to create a RAID configuration that is focused on high read speeds and fault tolerance. It is unlikely that multiple drivers will fail simultaneously . Which of the following RAID configurations should the administration use?A . RA1D 0B . RAID1C . RAID 5D . RAID 10View...
Which of the following solutions would meet the requirements?
An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include: ✑ Check-in/checkout of credentials ✑ The ability to use but not know the password ✑ Automated password changes ✑ Logging of access to credentials Which of the following solutions would meet...