لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
A host was infected with malware. During the incident response, Joe, a user, reported that he did not receive any emails with links, but he had been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?
A. The DNS logs
B. The web server logs
C. The SIP traffic logs
D. The SNMP logs
عرض الإجابة
اجابة صحيحة: B
السؤال #2
An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering it the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization's security and customer privacy. Which of the following would be BEST to address the ClO’s concerns?
A. Disallow new hires from using mobile devices for six months
B. Select four devices for the sales department to use in a CYOD model
C. Implement BYOD for the sates department while leveraging the MDM
D. Deploy mobile devices using the COPE methodology
عرض الإجابة
اجابة صحيحة: AB
السؤال #3
A security monitoring company offers a service that alerts its customers if their credit cards have been stolen. Which of the following is the MOST likely source of this information?
A. STIX
B. The dark web
C. TAXI
D. Social media
E. PCI
عرض الإجابة
اجابة صحيحة: B
السؤال #4
A security administrator currently spends a large amount of time on common security tasks, such aa report generation, phishing investigations, and user provisioning and deprovisioning This prevents the administrator from spending time on other security projects. The business does not have the budget to add more staff members. Which of the following should the administrator implement?
A. DAC
B. ABAC
C. SCAP
D. SOAR
عرض الإجابة
اجابة صحيحة: B
السؤال #5
A security analyst is reviewing a new website that will soon be made publicly available. The analyst sees the following in the URL: http://dev-site.comptia.org/home/show.php?sessionID=77276554&loc=us The analyst then sends an internal user a link to the new website for testing purposes, and when the user clicks the link, the analyst is able to browse the website with the following URL: http://dev-site.comptia.org/home/show.php?sessionID=98988475&loc=us Which of the following application attacks is being tes
A. Pass-the-hash
B. Session replay
C. Object deference
D. Cross-site request forgery
عرض الإجابة
اجابة صحيحة: C
السؤال #6
A recent phishing campaign resulted in several compromised user accounts. The security incident response team has been tasked with reducing the manual labor of filtering through all the phishing emails as they arrive and blocking the sender's email address, along with other time-consuming mitigation actions. Which of the following can be configured to streamline those tasks?
A. SOAR playbook
B. MOM policy
C. Firewall rules
D. URL filter
E. SIEM data collection
عرض الإجابة
اجابة صحيحة: C
السؤال #7
A security analyst receives an alert from trie company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security Officer asks the analyst to block the originating source Several days later, another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192 168.3426. Which of the following describes this type of alert?
A. True positive
B. True negative
C. False positive
D. False negative
عرض الإجابة
اجابة صحيحة: B
السؤال #8
A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?
A. The most common set of MDM configurations will become the effective set of enterprise mobile security controls
B. All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to adversaries
C. Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors
D. MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured
عرض الإجابة
اجابة صحيحة: B
السؤال #9
A major political party experienced a server breach. The hacker then publicly posted stolen internal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors?
A. Semi-authorized hackers
B. State actors
C. Script kiddies
D. Advanced persistent threats
عرض الإجابة
اجابة صحيحة: AE
السؤال #10
Which of the following typically uses a combination of human and artificial intelligence to analyze event data and take action without intervention?
A. TTP
B. OSINT
C. SOAR
D. SIEM
عرض الإجابة
اجابة صحيحة: C
السؤال #11
A Chief Information Security Officer (CISO) is concerned about the organization's ability to continue business operation in the event of a prolonged DDoS attack on its local datacenter that consumes database resources. Which of the following will the CISO MOST likely recommend to mitigate this risk?
A. Upgrade the bandwidth available into the datacenter
B. Implement a hot-site failover location
C. Switch to a complete SaaS offering to customers
D. Implement a challenge response test on all end-user queries
عرض الإجابة
اجابة صحيحة: C
السؤال #12
Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?
A. Job rotation policy
B. NDA
C. AUP
D. Separation Of duties policy
عرض الإجابة
اجابة صحيحة: A
السؤال #13
A network engineer created two subnets that will be used for production and development servers. Per security policy, production and development servers must each have a dedicated network that cannot communicate with one another directly. Which of the following should be deployed so that server administrators can access these devices?
A. VLANS
B. Internet proxy servers
C. NIDS
D. Jump servers
عرض الإجابة
اجابة صحيحة: AE
السؤال #14
A security engineer needs to Implement the following requirements: ? All Layer 2 switches should leverage Active Directory tor authentication. ? All Layer 2 switches should use local fallback authentication If Active Directory Is offline. ? All Layer 2 switches are not the same and are manufactured by several vendors. Which of the following actions should the engineer take to meet these requirements? (Select TWO). Implement RADIUS.
A. Configure AAA on the switch with local login as secondary
B. Configure port security on the switch with the secondary login method
C. Implement TACACS+
D. Enable the local firewall on the Active Directory server
E. Implement a DHCP server
عرض الإجابة
اجابة صحيحة: A
السؤال #15
An organization is planning to roll out a new mobile device policy and issue each employee a new laptop, These laptops would access the users' corporate operating system remotely and allow them to use the laptops for purposes outside of their job roles. Which of the following deployment models is being utilized?
A. MDM and application management
B. BYOO and containers
C. COPE and VDI
D. CYOD and VMs
عرض الإجابة
اجابة صحيحة: C
السؤال #16
A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Select TWO).
A. The order of volatility
B. A CRC32 checksum
C. The provenance of the artifacts
D. The vendor's name
E. The date time
F. A warning banner
عرض الإجابة
اجابة صحيحة: B
السؤال #17
A security analyst is tasked with defining the “something you are“ factor of the company’s MFA settings. Which of the following is BEST to use to complete the configuration?
A. Gait analysis
B. Vein
C. Soft token
D. HMAC-based, one-time password
عرض الإجابة
اجابة صحيحة: DEG
السؤال #18
A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransomware attacks. Which of the following would BEST meet the CSO's objectives?
A. Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares
B. Purchase cyber insurance from a reputable provider to reduce expenses during an incident
C. Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks
D. Implement application whitelisting and centralized event-log management, and perform regular testing and validation of full backups
عرض الإجابة
اجابة صحيحة: C
السؤال #19
Which of the following would satisfy three-factor authentication?
A. Password, retina scanner, and NFC card
B. Password, fingerprint scanner, and retina scanner
C. Password, hard token, and NFC card
D. Fingerpnint scanner, hard token, and retina scanner
عرض الإجابة
اجابة صحيحة: B
السؤال #20
A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?
A. Default system configuration
B. Unsecure protocols
C. Lack of vendor support
D. Weak encryption
عرض الإجابة
اجابة صحيحة: B
السؤال #21
The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?
A. install a smart meter on the staff WiFi
B. Place the environmental systems in the same DHCP scope as the staff WiFi
C. Implement Zigbee on the staff WiFi access points
D. Segment the staff WiFi network from the environmental systems network
عرض الإجابة
اجابة صحيحة: D
السؤال #22
A penetration tester is fuzzing an application to identify where the EIP of the stack is located on memory. Which of the following attacks is the penetration tester planning to execute?
A. Race-condition
B. Pass-the-hash
C. Buffer overflow
D. XSS
عرض الإجابة
اجابة صحيحة: D
السؤال #23
hich of the following is the BEST method for ensuring non-repudiation?
A. SSO
B. Digital certificate
C. Token
D. SSH key
عرض الإجابة
اجابة صحيحة: B
السؤال #24
A commercial cyber-threat intelligence organization observes IoCs across a variety of unrelated customers. Prior to releasing specific threat intelligence to other paid subscribers, the organization is MOST likely obligated by contracts to:
A. perform attribution to specific APTs and nation-state actors
B. anonymize any PII that is observed within the IoC data
C. add metadata to track the utilization of threat intelligence reports
D. assist companies with impact assessments based on the observed data
عرض الإجابة
اجابة صحيحة: D
السؤال #25
Which of the following documents provides guidance regarding the recommended deployment of network security systems from the manufacturer?
A. Cloud control matrix
B. Reference architecture
C. NIST RMF
D. CIS Top 20
عرض الإجابة
اجابة صحيحة: C
السؤال #26
A security engi is cor that the gy tor on endpoints ts too heavily dependent on previously defined attacks. The engineer would like a tool to monitor for changes to key Mes and network traffic on the device. Which of the following tools BEST addresses both detection and prevention?
A. NIDS
B. HIPS
C. AV
D. NGFW
عرض الإجابة
اجابة صحيحة: B
السؤال #27
A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)
A. Perform a site survey
B. Deploy an FTK Imager
C. Create a heat map
D. Scan for rogue access points
E. Upgrade the security protocols
عرض الإجابة
اجابة صحيحة: C
السؤال #28
An enterprise has hired an outside security firm lo conduct a penetration test on its network and applications, The enterprise provided the firm with access to a guest account. Which af the following BEST represents the type of testing that is being used?
A. Black-box
B. Red-team
C. Gray-box
D. Bug bounty
E. White-box
عرض الإجابة
اجابة صحيحة: B
السؤال #29
Server administrator want to configure a cloud solution so that computing memory and processor usage is maximized most efficiently acress a number of virtual servers. They also need to avoid potential denial-of-service situations caused by availiability. Which of the following should administrator configure to maximize system availability while efficiently utilizing available computing power?
A. Dynamic resource allocation
B. High availability
C. Segmentation
D. Container security
عرض الإجابة
اجابة صحيحة: A
السؤال #30
A research company discovered that an unauthorized piece of software has been detected on a small number of machines in its lab. The researchers collaborate with other machines using port 445 and on the Internet using port 443. The unauthorized software is starting to be seen on additional machines outside of the lab and is making outbound communications using HTTPS and SMB. The security team has been instructed to resolve the problem as quickly as possible causing minimal disruption to the researchers. Whi
A. Update the host firewalls to block outbound SMB
B. Place the machines with the unapproved software in containment
C. Place the unauthorized application in a blocklist
D. Implement a content filter to block the unauthorized software communication
عرض الإجابة
اجابة صحيحة: B
السؤال #31
Which of the following BEST explains the difference between a data owner and a data custodian?
A. The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the data
B. The data owner is responsible for determining how the data may be used, while the data custodian is responsible for implementing the protection to the data
C. The data owner is responsible for controlling the data, while the data custodian is responsible for maintaining the chain of custody when handling the data
D. The data owner grants the technical permissions for data access, while the data custodian maintains the database access controls to the data
عرض الإجابة
اجابة صحيحة: C
السؤال #32
An attacker has determined the best way to impact operations is to infiltrate third-party software vendors. Which of the following vectors is being exploited?
A. Social media
B. Cloud
C. Supply chain
D. Social engineering
عرض الإجابة
اجابة صحيحة: C
السؤال #33
A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications. Which of the following implementations would be BEST to prevent the issue from reoccurring?
A. CASB
B. SWG
C. Containerization
D. Automated failover
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.