لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
A company's application development has been outsourced to a third-party development team. Based on the SLA. The development team must follow industry best practices for secure coding. Which of the following is the BEST way to verify this agreement?
A. Input validation
B. Security regression testing
C. Application fuzzing
D. User acceptance testing
E. Stress testing
عرض الإجابة
اجابة صحيحة: C
السؤال #2
Which of the following session management techniques will help to prevent a session identifier from being stolen via an XSS attack?
A. Ensuring the session identifier length is sufficient
B. Creating proper session identifier entropy
C. Applying a secure attribute on session cookies
D. Utilizing transport layer encryption on all requests
E. Implementing session cookies with the HttpOnly flag
عرض الإجابة
اجابة صحيحة: C
السؤال #3
An analyst wants to identify hosts that are connecting to the external FTP servers and what, if any, passwords are being used. Which of the following commands should the analyst use?
A. tcpdump –X dst port 21
B. ftp ftp
C. nmap –o ftp
D. telnet ftp
عرض الإجابة
اجابة صحيحة: CE
السؤال #4
A company wants to reduce the cost of deploying servers to support increased network growth. The company is currently unable to keep up with the demand, so it wants to outsource the infrastructure to a cloud-based solution. Which of the following is the GREATEST threat for the company to consider when outsourcing its infrastructure?
A. The cloud service provider is unable to provide sufficient logging and monitoring
B. The cloud service provider is unable to issue sufficient documentation for configurations
C. The cloud service provider conducts a system backup each weekend and once a week during peak business times
D. The cloud service provider has an SLA for system uptime that is lower than 99 9%
عرض الإجابة
اجابة صحيحة: D
السؤال #5
A Chief Executive Officer (CEO) is concerned about the company’s intellectual property being leaked to competitors. The security team performed an extensive review but did not find any indication of an outside breach. The data sets are currently encrypted using the Triple Data Encryption Algorithm. Which of the following courses of action is appropriate?
A. Limit all access to the sensitive data based on geographic access requirements with strict role-based access controls
B. Enable data masking and reencrypt the data sets using AES-256
C. Ensure the data is correctly classified and labeled, and that DLP rules are appropriate to prevent disclosure
D. Use data tokenization on sensitive fields, reencrypt the data sets using AES-256, and then create an MD5 hash
عرض الإجابة
اجابة صحيحة: C
السؤال #6
A security administrator needs to provide access from partners to an Isolated laboratory network inside an organization that meets the following requirements: ? The partners' PCs must not connect directly to the laboratory network. ? The tools the partners need to access while on the laboratory network must be available to all partners ? The partners must be able to run analyses on the laboratory network, which may take hours to complete Which of the following capabilities will MOST likely meet the security
A. Deployment of a jump box to allow access to the laboratory network and use of VDI in persistent mode to provide the necessary tools for analysis
B. Deployment of a firewall to allow access to the laboratory network and use of VDI in non-persistent mode to provide the necessary tools tor analysis
C. Deployment of a firewall to allow access to the laboratory network and use of VDI In persistent mode to provide the necessary tools for analysis
D. Deployment of a jump box to allow access to the Laboratory network and use of VDI in non-persistent mode to provide the necessary tools for analysis
عرض الإجابة
اجابة صحيحة: B
السؤال #7
A security analyst needs to identify possible threats to a complex system a client is developing. Which of the following methodologies would BEST address this task?
A. Open Source Security Information Management (OSSIM)
B. Software Assurance Maturity Model (SAMM)
C. Open Web Application Security Project (OWASP)
D. Spoofing, Tamperin
E. Repudiation, Information disclosur
F. Denial of service, Elevation of privileges (STRIDE)
عرض الإجابة
اجابة صحيحة: A
السؤال #8
Which of the following technologies can be used to store digital certificates and is typically used in highsecurity implementations where integrity is paramount?
A. HSM
B. eFuse
C. UEFI
D. Self-encrypting drive
عرض الإجابة
اجابة صحيحة: D
السؤال #9
A security analyst recently used Arachni to perform a vulnerability assessment of a newly developed web application. The analyst is concerned about the following output: Which of the following is the MOST likely reason for this vulnerability?
A. The developer set input validation protection on the specific field of search
B. The developer did not set proper cross-site scripting protections in the header
C. The developer did not implement default protections in the web application build
D. The developer did not set proper cross-site request forgery protections
عرض الإجابة
اجابة صحيحة: D
السؤال #10
A security analyst is deploying a new application in the environment. The application needs to be integrated with several existing applications that contain SPI Pnor to the deployment, the analyst should conduct:
A. a tabletop exercise
B. a business impact analysis
C. a PCI assessment
D. an application stress test
عرض الإجابة
اجابة صحيحة: A
السؤال #11
A security analyst is handling an incident in which ransomware has encrypted the disks of several company workstations. Which of the following would work BEST to prevent this type of Incident in the future?
A. Implement a UTM instead of a stateful firewall and enable gateway antivirus
B. Back up the workstations to facilitate recovery and create a gold Image
C. Establish a ransomware awareness program and implement secure and verifiable backups
D. Virtualize all the endpoints with dairy snapshots of the virtual machines
عرض الإجابة
اجابة صحيحة: C
السؤال #12
A company has alerted planning the implemented a vulnerability management procedure. However, to security maturity level is low, so there are some prerequisites to complete before risk calculation and prioritization. Which of the following should be completed FIRST?
A. A business Impact analysis
B. A system assessment
C. Communication of the risk factors
D. A risk identification process
عرض الإجابة
اجابة صحيحة: D
السؤال #13
A company's security administrator needs to automate several security processes related to testing for the existence of changes within the environment Conditionally other processes will need to be created based on input from prior processes Which of the following is the BEST method for accomplishing this task?
A. Machine learning and process monitoring
B. API integration and data enrichment
C. Workflow orchestration and scripting
D. Continuous integration and configuration management
عرض الإجابة
اجابة صحيحة: D
السؤال #14
During an incident investigation, a security analyst acquired a malicious file that was used as a backdoor but was not detected by the antivirus application. After performing a reverse-engineering procedure, the analyst found that part of the code was obfuscated to avoid signature detection. Which of the following types of instructions should the analyst use to understand how the malware was obfuscated and to help deobfuscate it?
A. MOV
B. ADD
C. XOR
D. SUB
E. MOVL
عرض الإجابة
اجابة صحيحة: A
السؤال #15
A consultant evaluating multiple threat intelligence leads to assess potential risks for a client. Which of the following is the BEST approach for the consultant to consider when modeling the client's attack surface?
A. Ask for external scans from industry peers, look at the open ports, and compare Information with the client
B. Discuss potential tools the client can purchase lo reduce the livelihood of an attack
C. Look at attacks against similar industry peers and assess the probability of the same attacks happening
D. Meet with the senior management team to determine if funding is available for recommended solutions
عرض الإجابة
اجابة صحيحة: D
السؤال #16
An organization supports a large number of remote users. Which of the following is the BEST option to protect the data on the remote users1 laptops?
A. Use whole disk encryption
B. Require the use of VPNs
C. Require employees to sign an NDA
D. implement a DLP solution
عرض الإجابة
اجابة صحيحة: D
السؤال #17
A company is experiencing a malware attack within its network. A security engineer notices many of the impacted assets are connecting outbound to a number of remote destinations and exfiltrating data. The security engineer also see that deployed, up-to-date antivirus signatures are ineffective. Which of the following is the BEST approach to prevent any impact to the company from similar attacks in the future?
A. IDS signatures
B. Data loss prevention
C. Port security
D. Sinkholing
عرض الإجابة
اجابة صحيحة: C
السؤال #18
A security analyst received a series of antivirus alerts from a workstation segment, and users reported ransomware messages. During lessons- learned activities, the analyst determines the antivirus was able to alert to abnormal behavior but did not stop this newest variant of ransomware. Which of the following actions should be taken to BEST mitigate the effects of this type of threat in the future?
A. Enabling application blacklisting
B. Enabling sandboxing technology
C. Purchasing cyber insurance
D. Installing a firewall between the workstations and Internet
عرض الإجابة
اجابة صحيحة: D
السؤال #19
A security analyst is reviewing a suspected phishing campaign that has targeted an organisation. The organization has enabled a few email security technologies in the last year: however, the analyst believes the security features are not working. The analyst runs the following command: > dig domain._domainkey.comptia.orq TXT Which of the following email protection technologies is the analyst MOST likely validating?
A. SPF
B. DNSSEC
C. DMARC
D. DKIM
عرض الإجابة
اجابة صحيحة: A
السؤال #20
A security analyst is looking at the headers of a few emails that appear to be targeting all users at an organization: Which of the following technologies would MOST likely be used to prevent this phishing attempt?
A. DNSSEC
B. DMARC
C. STP
D. S/IMAP
عرض الإجابة
اجابة صحيحة: A
السؤال #21
A security analyst receives an alert to expect increased and highly advanced cyberattacks originating from a foreign country that recently had sanctions implemented. Which of the following describes the type of threat actors that should concern the security analyst?
A. Hacktivist
B. Organized crime
C. Insider threat
D. Nation-state
عرض الإجابة
اجابة صحيحة: B
السؤال #22
A security analyst needs to determine the best method for securing access to a top-secret datacenter Along with an access card and PIN code, which of the following additional authentication methods would be BEST to enhance the datacenter's security?
A. Physical key
B. Retinal scan
C. Passphrase
D. Fingerprint
عرض الإجابة
اجابة صحيحة: C
السؤال #23
A company’s change management team has asked a security analyst to review a potential change to the email server before it is released into production. The analyst reviews the following change request: Which of the following is the MOST likely reason for the change?
A. To reject email from servers that are not listed in the SPF record
B. To reject email from email addresses that are not digitally signed
C. To accept email to the company’s domain
D. To reject email from users who are not authenticated to the network
عرض الإجابة
اجابة صحيحة: D
السؤال #24
The Chief Information Security Officer (CISO) of a large financial institution is seeking a solution that will block a predetermined set of data points from being transferred or downloaded by employees. The CISO also wants to track the data assets by name, type, content, or data profile. Which of the following BEST describes what the CIS wants to purchase?
A. Asset tagging
B. SIEM
C. File integrity monitor
D. DLP
عرض الإجابة
اجابة صحيحة: A
السؤال #25
An analyst is reviewing the output from some recent network enumeration activities. The following entry relates to a target on the network: Based on the above output, which Of the following tools or techniques is MOST likely being used?
A. Web application firewall
B. Port triggering
C. Intrusion prevention system
D. Port isolation
E. Port address translation
عرض الإجابة
اجابة صحيحة: C
السؤال #26
A security analyst is performing a Diamond Model analysis of an incident the company had last quarter. A potential benefit of this activity is that it can identify:
A. detection and prevention capabilities to improve
B. which systems were exploited more frequently
C. possible evidence that is missing during forensic analysis
D. which analysts require more training
E. the time spent by analysts on each of the incidents
عرض الإجابة
اجابة صحيحة: C
السؤال #27
An organization is focused on restructuring its data governance programs and an analyst has been Tasked with surveying sensitive data within the organization. Which of the following is the MOST accurate method for the security analyst to complete this assignment?
A. Perform an enterprise-wide discovery scan
B. Consult with an internal data custodian
C. Review enterprise-wide asset Inventory
D. Create a survey and distribute it to data owners
عرض الإجابة
اجابة صحيحة: B
السؤال #28
A company uses an FTP server to support its critical business functions The FTP server is configured as follows: ? The FTP service is running with (he data duectory configured in /opt/ftp/data. ? The FTP server hosts employees' home aVectories in /home ? Employees may store sensitive information in their home directories An loC revealed that an FTP director/ traversal attack resulted in sensitive data loss Which of the following should a server administrator implement to reduce the risk of current and futur
A. Implement file-level encryption of sensitive files
B. Reconfigure the FTP server to support FTPS
C. Run the FTP server n a chroot environment
D. Upgrade the FTP server to the latest version
عرض الإجابة
اجابة صحيحة: C
السؤال #29
Which of the following BEST describes the primary role ol a risk assessment as it relates to compliance with risk-based frameworks?
A. It demonstrates the organization's mitigation of risks associated with internal threats
B. It serves as the basis for control selection
C. It prescribes technical control requirements
D. It is an input to the business impact assessment
عرض الإجابة
اجابة صحيحة: A
السؤال #30
As part of an Intelligence feed, a security analyst receives a report from a third-party trusted source. Within the report are several detrains and reputational information that suggest the company's employees may be targeted for a phishing campaign. Which of the following configuration changes would be the MOST appropriate for Mergence gathering?
A. Update the whitelist
B. Develop a malware signature
C. Sinkhole the domains
D. Update the Blacklist
عرض الإجابة
اجابة صحيحة: D
السؤال #31
A host is spamming the network unintentionally. Which of the following control types should be used to address this situation?
A. Operational
B. Corrective
C. Managerial
D. Technical
عرض الإجابة
اجابة صحيحة: D
السؤال #32
Due to a rise m cyberattackers seeking PHI, a healthcare company that collects highly sensitive data from millions of customers is deploying a solution that will ensure the customers' data is protected by the organization internally and externally Which of the following countermeasures can BEST prevent the loss of customers' sensitive data?
A. Implement privileged access management
B. Implement a risk management process
C. Implement multifactor authentication
D. Add more security resources to the environment
عرض الإجابة
اجابة صحيحة: B
السؤال #33
A cybersecurity analyst is investigating a potential incident affecting multiple systems on a company's internal network. Although there is a negligible impact to performance, the following symptom present on each of the affected systems: ? Existence of a new and unexpected svchost exe process ? Persistent, outbound TCP/IP connections to an unknown external host with routine keep-alives transferred ? DNS query logs showing successful name resolution for an Internet-resident dynamic DNS domain If this situat
A. The affected hosts may participate in a coordinated DDoS attack upon command
B. An adversary may leverage the affected hosts to reconfigure the company's router ACLs
C. Key files on the affected hosts may become encrypted and require ransom payment for unlock
D. The adversary may attempt to perform a man-in-the-middle attack
عرض الإجابة
اجابة صحيحة: C
السؤال #34
An organization wants to mitigate against risks associated with network reconnaissance. ICMP is already blocked at the firewall; however, a penetration testing team has been able to perform reconnaissance against the organization’s network and identify active hosts. An analyst sees the following output from a packet capture: Which of the following phrases from the output provides information on how the testing team is successfully getting around the ICMP firewall rule?
A. flags=RA indicates the testing team is using a Christmas tree attack
B. ttl=64 indicates the testing team is setting the time to live below the firewall’s threshold
C. 0 data bytes indicates the testing team is crafting empty ICMP packets
D. NO FLAGS are set indicates the testing team is using hping
عرض الإجابة
اجابة صحيحة: A
السؤال #35
After examine a header and footer file, a security analyst begins reconstructing files by scanning the raw data bytes of a hard disk and rebuilding them. Which of the following techniques is the analyst using?
A. Header analysis
B. File carving
C. Metadata analysis
D. Data recovery
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.