- All Exams Instant Download
Which of the following may be occurring?
File integrity monitoring states the following files have been changed without a written request or approved change. The following change has been made: chmod 777 CRv /usr Which of the following may be occurring?A . The ownership pf /usr has been changed to the current user.B . Administrative functions have...
Which of the following documents should include these details?
A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities . Which of the following documents should include these details?A . Acceptable use policyB . Service level agreementC . Rules of engagementD . Memorandum of understandingE . Master service agreementView AnswerAnswer:...
Which of the following items should be in the report?
A cybersecurity analyst is completing an organization’s vulnerability report and wants it to reflect assets accurately . Which of the following items should be in the report?A . Processor utilizationB . Virtual hostsC . Organizational governanceD . Log dispositionE . Asset isolationView AnswerAnswer: B
Which of the following software development best practices would have helped prevent this issue?
External users are reporting that a web application is slow and frequently times out when attempting to submit information . Which of the following software development best practices would have helped prevent this issue?A . Stress testingB . Regression testingC . Input validationD . FuzzingView AnswerAnswer: A
Which of the following represent the reasoning behind careful selection of the timelines and time-of-day boundaries for an authorized penetration test? (Select TWO).
Which of the following represent the reasoning behind careful selection of the timelines and time-of-day boundaries for an authorized penetration test? (Select TWO).A . To schedule personnel resources required for test activitiesB . To determine frequency of team communication and reportingC . To mitigate unintended impacts to operationsD . To...
Which of the following would be the BEST action for the cybersecurity analyst to perform?
A cybersecurity analyst has received a report that multiple systems are experiencing slowness as a result of a DDoS attack . Which of the following would be the BEST action for the cybersecurity analyst to perform?A . Continue monitoring critical systems.B . Shut down all server interfaces.C . Inform management...
Which of the following describes the meaning of these results?
A vulnerability scan has returned the following information: Which of the following describes the meaning of these results?A . There is an unknown bug in a Lotus server with no Bugtraq IC . Connecting to the host using a null session allows enumeration of share names.D . Trend Micro has...
Which of the following protocols needs to be denied?
A network technician is concerned that an attacker is attempting to penetrate the network, and wants to set a rule on the firewall to prevent the attacker from learning which IP addresses are valid on the network . Which of the following protocols needs to be denied?A . TCPB ....
Which of the following is the BEST response?
A security audit revealed that port 389 has been used instead of 636 when connecting to LDAP for the authentication of users. The remediation recommended by the audit was to switch the port to 636 wherever technically possible . Which of the following is the BEST response?A . Correct the...
Which of the following principles describes how a security analyst should communicate during an incident?
Which of the following principles describes how a security analyst should communicate during an incident?A . The communication should be limited to trusted parties only.B . The communication should be limited to security staff only.C . The communication should come from law enforcement.D . The communication should be limited to...
