- All Exams Instant Download
Who is ultimately responsible for approving methods and controls that will reduce any potential risk to an organization?
Who is ultimately responsible for approving methods and controls that will reduce any potential risk to an organization?A . Senior ManagementB . Data OwnerC . Data CustodianD . Security AuditorView AnswerAnswer: D
Network administrators are often hesitant to patch the operating systems on CISCO router and switch operating systems, due to the possibility of causing network instability, mainly because of which of the following?
Network administrators are often hesitant to patch the operating systems on CISCO router and switch operating systems, due to the possibility of causing network instability, mainly because of which of the following?A . Having to rebuild all ACLsB . Having to replace the kernelC . Having to re-IP the deviceD...
Why would the pass action be used in a Snort configuration file?
Why would the pass action be used in a Snort configuration file?A . The pass action simplifies some filtering by specifying what to ignore.B . The pass action passes the packet onto further rules for immediate analysis.C . The pass action serves as a placeholder in the snort configuration file...
When an IDS system looks for a pattern indicating a known worm, what type of detection method is it using?
When an IDS system looks for a pattern indicating a known worm, what type of detection method is it using?A . Signature-basedB . Anomaly-basedC . StatisticalD . MonitoredView AnswerAnswer: A
If a Cisco router is configured with the “service config” configuration statement, which of the following tools could be used by an attacker to apply a new router configuration?
If a Cisco router is configured with the “service config” configuration statement, which of the following tools could be used by an attacker to apply a new router configuration?A . TFTPDB . HydraC . EttercapD . YersiniaView AnswerAnswer: A
Which type of media should the IR team be handling as they seek to understand the root cause of an incident?
Which type of media should the IR team be handling as they seek to understand the root cause of an incident?A . Restored media from full backup of the infected hostB . Media from the infected host, copied to the dedicated IR hostC . Original media from the infected hostD...
Which technique is Michael most likely to engage to implement the malicious code?
Michael, a software engineer, added a module to a banking customer’s code. The new module deposits small amounts of money into his personal bank account. Michael has access to edit the code, but only code reviewers have the ability to commit modules to production. The code reviewers have a backlog...
When identifying malware, what is a key difference between a Worm and a Bot?
When identifying malware, what is a key difference between a Worm and a Bot?A . A Worm gets instructions from an external control channel like an IRC server.B . A Worm, unlike a Bot, is installed silently as an add-on to a legitimate program.C . A Bot, unlike a Worm,...
Which command tool can be used to change the read-only or hidden setting of the file in the screenshot?
Which command tool can be used to change the read-only or hidden setting of the file in the screenshot? A . attribB . typeC . tasklistD . dirView AnswerAnswer: A Explanation: attrib Cr or +r will remove or add the read only attribute from a file.
A company estimates a loss of $2,374 per hour in sales if their website goes down. Their webserver hosting site’s documented downtime was 7 hours each quarter over the last two years. Using the information, what can the analyst determine?
A company estimates a loss of $2,374 per hour in sales if their website goes down. Their webserver hosting site’s documented downtime was 7 hours each quarter over the last two years. Using the information, what can the analyst determine?A . Annualized loss expectancyB . CVSS risk scoreC . Total...
