- All Exams Instant Download
Which of the following can block an attack at Layer 7?
A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Select TWO).A . HIDS B. NIPS C. HSM D. WAF E. NAC F. NIDS G. Stateless firewallView AnswerAnswer: D,F Explanation: A...
Which of the following would be the BEST control for the company to require from prospective vendors?
A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a third-party identity provider to help mitigate these attacks. Which of the following would be the BEST control for the company to require from prospective vendors?A ....
Which of the following is the security analyst MOST likely observing?
While reviewing pcap data, a network security analyst is able to locate plaintext usernames and passwords being sent from workstations to network witches. Which of the following is the security analyst MOST likely observing?A . SNMP traps B. A Telnet session C. An SSH connection D. SFTP trafficView AnswerAnswer: B...
Which of the following is the researcher MOST likely using?
A security researcher is using an adversary's infrastructure and TTPs and creating a named group to track those targeted. Which of the following is the researcher MOST likely using? A. The Cyber Kill Chain B. The incident response process C. The Diamond Model of Intrusion Analysis D. MITRE ATT&CKView AnswerAnswer:...
Which of the following solutions should the engineer implement FIRST?
A security engineer is hardening existing solutions to reduce application vulnerabilities. Which of the following solutions should the engineer implement FIRST? (Select TWO)A . Auto-update B. HTTP headers C. Secure cookies D. Third-party updates E. Full disk encryption F. Sandboxing G. Hardware encryptionView AnswerAnswer: A,F Explanation: Auto-update can help keep...
Which of the following BEST explains this type of attack?
A security analyst was deploying a new website and found a connection attempting to authenticate on the site's portal. While Investigating. The incident, the analyst identified the following Input in the username field: Which of the following BEST explains this type of attack?A . DLL injection to hijack administrator services...
Which of the following BEST describes the purpose of this device?
After a WiFi scan of a local office was conducted, an unknown wireless signal was identified Upon investigation, an unknown Raspberry Pi device was found connected to an Ethernet port using a single connection. Which of the following BEST describes the purpose of this device?A . loT sensor B. Evil...
Which of the following cryptographic techniques would BEST meet the requirement?
A financial institution would like to store its customer data in a cloud but still allow the data to be accessed and manipulated while encrypted. Doing so would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concerned...
Which of the following TCP ports should be blocked for all external inbound connections to the DMZ as a workaround to protect the servers?
A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned tf servers in the company's DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the...
Which of the following should the organization implement?
An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. Which of the following should the organization implement?A . SIEM B. SOAR C. EDR D. CASBView AnswerAnswer: B Explanation: Security Orchestration, Automation, and Response (SOAR) should be implemented...
