- All Exams Instant Download
Which of the following solutions would BEST meet these requirements?
A company that has been breached multiple times is looking to protect cardholder data. The previous undetected attacks all mimicked normal administrative-type behavior. The company must deploy a host solution to meet the following requirements: ✑ Detect administrative actions ✑ Block unwanted MD5 hashes ✑ Provide alerts ✑ Stop exfiltration...
Which of the following tools should the engineer load onto the device being designed?
A security engineer has been hired to design a device that will enable the exfiltration of data from within a well-defended network perimeter during an authorized test. The device must bypass all firewalls and NIDS in place, as well as allow for the upload of commands from a centralized command...
Which of the following tools might the security administrator use to perform further security assessment of this issue?
A developer emails the following output to a security administrator for review: Which of the following tools might the security administrator use to perform further security assessment of this issue?A . Port scannerB . Vulnerability scannerC . FuzzerD . HTTP interceptorView AnswerAnswer: D
Which of the following should be included in the auditor’s report based on the above findings?
A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when...
Which of the following tools would allow the analyst to confirm if data exfiltration is occuring?
A security analyst who is concerned about sensitive data exfiltration reviews the following: Which of the following tools would allow the analyst to confirm if data exfiltration is occuring?A . Port scannerB . SCAP toolC . File integrity monitorD . Protocol analyzerView AnswerAnswer: D
Using the table above, which of the following would be the BEST business-driven choice among five possible solutions?
After investigating virus outbreaks that have cost the company $1000 per incident, the company’s Chief Information Security Officer (CISO) has been researching new antivirus software solutions to use and be fully supported for the next two years. The CISO has narrowed down the potential solutions to four candidates that meet...
GET / script/login.php?
A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output: TCP 80 open TCP 443 open TCP 1434 filtered The penetration tester then used a different tool to make the following requests: GET /...
Of which of the following is this snippet an example?
Given the following code snippet: Of which of the following is this snippet an example?A . Data execution preventionB . Buffer overflowC . Failure to use standard librariesD . Improper filed usageE . Input validationView AnswerAnswer: D
Which of the following practices should the prosecutor’s forensics team have used to ensure the suspect’s data would be admissible as evidence?
During a criminal investigation, the prosecutor submitted the original hard drive from the suspect’s computer as evidence. The defense objected during the trial proceedings, and the evidence was rejected . Which of the following practices should the prosecutor’s forensics team have used to ensure the suspect’s data would be admissible...
Which of the following MOST likely caused the data leak?
An agency has implemented a data retention policy that requires tagging data according to type before storing it in the data repository. The policy requires all business emails be automatically deleted after two years. During an open records investigation, information was found on an employee’s work computer concerning a conversation...
