لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Which metric is used to capture the level of access needed to launch a successful attack?
A. privileges required
B. user interaction
C. attack complexity
D. attack vector
عرض الإجابة
اجابة صحيحة: B
السؤال #2
What is a benefit of agent-based protection when compared to agentless protection?
A. It lowers maintenance costs
B. It provides a centralized platform
C. It collects and detects all traffic locally
D. It manages numerous devices simultaneously
عرض الإجابة
اجابة صحيحة: B
السؤال #3
Which type of data consists of connection level, application-specific records generated from network traffic?
A. transaction data
B. location data
C. statistical data
D. alert data
عرض الإجابة
اجابة صحيحة: C
السؤال #4
What are two differences in how tampered and untampered disk images affect a security incident? (Choose two.)
A. Untampered images are used in the security investigation process
B. Tampered images are used in the security investigation process
C. The image is tampered if the stored hash and the computed hash match
D. Tampered images are used in the incident recovery process
E. The image is untampered if the stored hash and the computed hash match
عرض الإجابة
اجابة صحيحة: C
السؤال #5
You have identified a malicious file in a sandbox analysis tool. Which piece of file information from the analysis is needed to search for additional downloads of this file by other hosts?
A. file name
B. file hash value
C. file type
D. file size
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Drag and drop the access control models from the left onto the correct descriptions on the right.
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: D
السؤال #7
What is the difference between the ACK flag and the RST flag in the NetFlow log session?
A. The RST flag confirms the beginning of the TCP connection, and the ACK flag responds when the data for the payload is complete
B. The ACK flag confirms the beginning of the TCP connection, and the RST flag responds when the data for the payload is complete
C. The RST flag confirms the receipt of the prior segment, and the ACK flag allows for the spontaneous termination of a connection
D. The ACK flag confirms the receipt of the prior segment, and the RST flag allows for the spontaneous termination of a connection
عرض الإجابة
اجابة صحيحة: D
السؤال #8
Which type of log is displayed?
A. proxy
B. NetFlow
C. IDS
D. sys
عرض الإجابة
اجابة صحيحة: C
السؤال #9
What is a difference between inline traffic interrogation and traffic mirroring?
A. Inline inspection acts on the original traffic data flow
B. Traffic mirroring passes live traffic to a tool for blocking
C. Traffic mirroring inspects live traffic for analysis and mitigation
D. Inline traffic copies packets for analysis and security
عرض الإجابة
اجابة صحيحة: B
السؤال #10
Drag and drop the security concept on the left onto the example of that concept on the right.
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: D
السؤال #11
In which Linux log file is this output found?
A. /var/log/authorization
B. /var/log/dmesg
C. var/log/var
D. /var/log/auth
عرض الإجابة
اجابة صحيحة: AB
السؤال #12
Which incidence response step includes identifying all hosts affected by an attack'?
A. post-incident activity
B. detection and analysis
C. containment eradication and recovery
D. preparation
عرض الإجابة
اجابة صحيحة: A
السؤال #13
An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection. Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)
A. signatures
B. host IP addresses
C. file size
D. dropped files
E. domain names
عرض الإجابة
اجابة صحيحة: BE
السؤال #14
Which event artifact is used to identify HTTP GET requests for a specific file?
A. destination IP address
B. URI
C. HTTP status code
D. TCP ACK
عرض الإجابة
اجابة صحيحة: C
السؤال #15
A security expert is working on a copy of the evidence, an ISO file that is saved in CDFS format. Which type of evidence is this file?
A. CD data copy prepared in Windows
B. CD data copy prepared in Mac-based system
C. CD data copy prepared in Linux system
D. CD data copy prepared in Android-based system
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.