- All Exams Instant Download
Which of the following BEST indicates that valid credentials were used?
A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?A . The scan results show open ports, protocols, and services exposed on the target hostB . The scan enumerated software versions of installed programsC ....
Which of the following should the CISO read and understand before writing the policies?
A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?A . PCI DSSB . GDPRC . NISTD . ISO 31000View AnswerAnswer: B Explanation: GDPR is...
Which of the following BEST describes the type of attack the analyst is experience?
During an incident response, a security analyst observes the following log entry on the web server. Which of the following BEST describes the type of attack the analyst is experience?A . SQL injectionB . Cross-site scriptingC . Pass-the-hashD . Directory traversalView AnswerAnswer: D
Which of the following would MOST likely show where the malware originated?
A host was infected with malware. During the incident response, Joe, a user, reported that he did not receive any emails with links, but he had been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?A . The DNS logsB . The...
Which of the following BEST describes the attack that was attempted against the forum readers?
An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following: Which of the following BEST describes the attack that was attempted against the forum readers?A . SOU attackB . DLL...
Which of the following attack vectors was MOST likely used in this scenario?
A user contacts the help desk to report the following: ✑ Two days ago, a pop-up browser window prompted the user for a name and password after connecting to the corporate wireless SSID. This had never happened before, but the user entered the information as requested. ✑ The user was...
Which of the following should administrator implement to protect the environment from this malware?
Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the...
Which of the following would be the MOST acceptable?
An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable?A . SEDB . HSMC . DLPD . TPMView AnswerAnswer: A
Which of the following BEST describe this type of attack?
A university with remote campuses, which all use different service providers, loses Internet connectivity across all locations. After a few minutes, Internet and VoIP services are restored, only to go offline again at random intervals, typically within four minutes of services being restored. Outages continue throughout the day, impacting all...
Which of the following describes the ability of code to target a hypervisor from inside
Which of the following describes the ability of code to target a hypervisor from insideA . Fog computingB . VM escapeC . Software-defined networkingD . Image forgeryE . Container breakoutView AnswerAnswer: B Explanation: Virtual machine escape is an exploit in which the attacker runs code on a VM that allows...
