When trying to log onto a company’s new ticketing system, some employees receive the following message: Access denied: too many concurrent sessions. The ticketing system was recently installed on a small VM with only the recommended hardware specifications. Which of the following is the MOST likely cause for this error message?

When trying to log onto a company’s new ticketing system, some employees receive the following message: Access denied: too many concurrent sessions. The ticketing system was recently installed on a small VM with only the recommended hardware specifications. Which of the following is the MOST likely cause for this error...

March 19, 2019 No Comments READ MORE +

Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select two.)

Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select two.)A . Rainbow table attacks greatly reduce compute cycles at attack time.B . Rainbow tables must include precomputed hashes.C . Rainbow table attacks do not require access to hashed passwords.D . Rainbow table attacks...

March 16, 2019 No Comments READ MORE +

Next, the teams want to re-enable the network shares. Which of the following BEST describes this phase of the incident response process?

Multiple employees receive an email with a malicious attachment that begins to encrypt their hard drives and mapped shares on their devices when it is opened. The network and security teams perform the following actions: Next, the teams want to re-enable the network shares. Which of the following BEST describes...

March 8, 2019 No Comments READ MORE +

A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?

A penetration tester is crawling a target website that is available to the public. Which of the following represents the actions the penetration tester is performing?A . URL hijackingB . ReconnaissanceC . White box testingD . Escalation of privilegeView AnswerAnswer: A

February 27, 2019 No Comments READ MORE +

Given the above information, which of the following processes was MOST likely exploited via a remote buffer overflow attack?

A systems administrator is reviewing the following information from a compromised server: Given the above information, which of the following processes was MOST likely exploited via a remote buffer overflow attack?A . ApacheB . LSASSC . MySQLD . TFTPView AnswerAnswer: A

February 26, 2019 No Comments READ MORE +

Which of the following implements two-factor authentication?

Which of the following implements two-factor authentication?A . A phone system requiring a PIN to make a callB . At ATM requiring a credit card and PINC . A computer requiring username and passwordD . A datacenter mantrap requiring fingerprint and iris scanView AnswerAnswer: B

February 26, 2019 No Comments READ MORE +

A security analyst is hardening a server with the directory services role installed. The analyst must ensure LDAP traffic cannot be monitored or sniffed and maintains compatibility with LDAP clients. Which of the following should the analyst implement to meet these requirements? (Select two.)

A security analyst is hardening a server with the directory services role installed. The analyst must ensure LDAP traffic cannot be monitored or sniffed and maintains compatibility with LDAP clients. Which of the following should the analyst implement to meet these requirements? (Select two.) A. Generate an X.509-compliant certificate that...

February 20, 2019 No Comments READ MORE +

Which of the following threat actors is MOST likely to steal a company’s proprietary information to gain a market edge and reduce time to market?

Which of the following threat actors is MOST likely to steal a company’s proprietary information to gain a market edge and reduce time to market?A . CompetitorB . HacktivistC . InsiderD . Organized crime.View AnswerAnswer: A

February 13, 2019 No Comments READ MORE +

Given this output, which of the following can be concluded?

A security analyst is reviewing the following output from an IPS: Given this output, which of the following can be concluded? (Select two.)A . The source IP of the attack is coming from 250.19.18.22.B . The source IP of the attack is coming from 250.19.18.71.C . The attacker sent a...

February 9, 2019 No Comments READ MORE +

An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?

An organization is using a tool to perform a source code review. Which of the following describes the case in which the tool incorrectly identifies the vulnerability?A . False negativeB . True negativeC . False positiveD . True positiveView AnswerAnswer: C

February 9, 2019 No Comments READ MORE +