- All Exams Instant Download
Which of the following tactics would an attacker MOST likely use in this scenario?
Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?A . Watering-hole attackB . Credential harvestingC . Hybrid warfareD . PharmingView AnswerAnswer: A
Which of the following mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?
A large industrial system's smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs the company's security manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following mitigations would be...
Which of the following access control schemes would be BEST for the company to implement?
A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels. Which of the following access control schemes would be BEST for the company to implement?A . DiscretionaryB . Rule-basedC . Role-basedD . MandatoryView AnswerAnswer: D
Which of the following ISO standards is certified for privacy?
Which of the following ISO standards is certified for privacy?A . ISO 9001B . ISO 27002C . ISO 27701D . ISO 31000View AnswerAnswer: C Explanation: ISO 27701 also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data...
Which of the following is the router experiencing?
A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output: Which of the following is the router experiencing?A . DDoS attackB...
Which of the following security practices would have addressed the issue?
A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?A . A non-disclosure agreementB . Least privilegeC...
In which of the following incident response phases is the security engineer currently operating?
In the middle of a cybersecurity, a security engineer removes the infected devices from the network and lock down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?A . IdentificationB . PreparationC . EradictionD . RecoveryE . ContainmentView AnswerAnswer: E
Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop?
A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports. Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)A . Trusted Platform ModuleB . A host-based firewallC...
Which of the following would be MOST suitable for training the developers'?
A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?A . A capture-the-flag competitionB . A phishing simulationC . Physical...
Which of the following would work BEST to help identify potential vulnerabilities?
An organization is concerned that is hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?A . Hping3 Cs comptia, org Cp 80B . Nc -1 Cv comptia, org Cp 80C . nmp comptia, org...
