لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
A finance department employee has received a message that appears to have been sent from the Chief Financial Officer (CFO) asking the employee to perform a wife transfer Analysis of the email shows the message came from an external source and is fraudulent. Which of the following would work BEST to improve the likelihood of employees quickly recognizing fraudulent emails?
A. Implementing a sandboxing solution for viewing emails and attachments
B. Limiting email from the finance department to recipients on a pre-approved whitelist
C. Configuring email client settings to display all messages in plaintext when read
D. Adding a banner to incoming messages that identifies the messages as external
عرض الإجابة
اجابة صحيحة: D
السؤال #2
Security analysts review logs on multiple servers on a daily basis. Which of the following implementations will give the best central visibility into the events occurring throughout the corporate environment without logging in to the servers individually?
A. Deploy a database to aggregate the logging
B. Configure the servers to forward logs to a SIEM-
C. Share the log directory on each server to allow local access,
D. Automate the emailing of logs to the analysts
عرض الإجابة
اجابة صحيحة: A
السؤال #3
A systems administrator receives reports of an internet-accessible Linux server that is running very sluggishly. The administrator examines the server, sees a high amount of memory utilization, and suspects a DoS attack related to half-open TCP sessions consuming memory. Which of the following tools would best help to prove whether this server was experiencing this behavior?
A. Nmap
B. TCPDump
C. SIEM
D. EDR
عرض الإجابة
اجابة صحيحة: A
السؤال #4
A security analyst is validating a particular finding that was reported in a web application vulnerability scan to make sure it is not a false positive. The security analyst uses the snippet below: Which of the following vulnerability types is the security analyst validating?
A. Directory traversal
B. XSS
C. XXE
D. SSRF
عرض الإجابة
اجابة صحيحة: D
السؤال #5
A company brings in a consultant to make improvements to its website. After the consultant leaves. a web developer notices unusual activity on the website and submits a suspicious file containing the following code to the security team: Which of the following did the consultant do?
A. Implanted a backdoor
B. Implemented privilege escalation
C. Implemented clickjacking
D. Patched the web server
عرض الإجابة
اجابة صحيحة: A
السؤال #6
A security analyst needs to provide evidence of regular vulnerability scanning on the company's network for an auditing process. Which of the following is an example of a tool that can produce such evidence?
A. OpenVAS
B. Burp Suite
C. Nmap
D. Wireshark
عرض الإجابة
اجابة صحيحة: A
السؤال #7
Which of the following is often used to keep the number of alerts to a manageable level when establishing a process to track and analyze violations?
A. Log retention
B. Log rotation
C. Maximum log size
D. Threshold value
عرض الإجابة
اجابة صحيحة: A
السؤال #8
After a security assessment was done by a third-party consulting firm, the cybersecurity program recommended integrating DLP and CASB to reduce analyst alert fatigue. Which of the following is the best possible outcome that this effort hopes to achieve?
A. SIEM ingestion logs are reduced by 20%
B. Phishing alerts drop by 20%
C. False positive rates drop to 20%
D. The MTTR decreases by 20%
عرض الإجابة
اجابة صحيحة: C
السؤال #9
An analyst is designing a message system for a bank. The analyst wants to include a feature that allows the recipient of a message to prove to a third party that the message came from the sender Which of the following information security goals is the analyst most likely trying to achieve?
A. Non-repudiation
B. Authentication
C. Authorization
D. Integrity
عرض الإجابة
اجابة صحيحة: A
السؤال #10
Which of the following should be updated after a lessons-learned review?
A. Disaster recovery plan
B. Business continuity plan
C. Tabletop exercise
D. Incident response plan
عرض الإجابة
اجابة صحيحة: C
السؤال #11
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?
A. There is an issue with the SSL certificate causinq port 443 to become unavailable for HTTPS access
B. An on-path attack is being performed by someone with internal access that forces users into port 80
C. The web server cannot handle an increasing amount of HTTPS requests so it forwards users to port 80
D. An error was caused by BGP due to new rules applied over the company's internal routers
عرض الإجابة
اجابة صحيحة: A
السؤال #12
A technician identifies a vulnerability on a server and applies a software patch. Which of the following should be the next step in the remediation process?
A. Testing
B. Implementation
C. Validation
D. Rollback
عرض الإجابة
اجابة صحيحة: B
السؤال #13
During a recent site survey. an analyst discovered a rogue wireless access point on the network. Which of the following actions should be taken first to protect the network while preserving evidence?
A. Run a packet sniffer to monitor traffic to and from the access point
B. Connect to the access point and examine its log files
C. Identify who is connected to the access point and attempt to find the attacker
D. Disconnect the access point from the network
عرض الإجابة
اجابة صحيحة: B
السؤال #14
A company is deploying new vulnerability scanning software to assess its systems. The current network is highly segmented, and the networking team wants to minimize the number of unique firewall rules. Which of the following scanning techniques would be most efficient to achieve the objective?
A. Deploy agents on all systems to perform the scans
B. Deploy a central scanner and perform non-credentialed scans
C. Deploy a cloud-based scanner and perform a network scan
D. Deploy a scanner sensor on every segment and perform credentialed scans
عرض الإجابة
اجابة صحيحة: B
السؤال #15
Which of the following would a security analyst most likely use to compare TTPs between different known adversaries of an organization?
A. MITRE ATTACK
B. Cyber Kill Cham
C. OWASP
D. STIXTAXII
عرض الإجابة
اجابة صحيحة: B
السؤال #16
A company is implementing a vulnerability management program and moving from an on- premises environment to a hybrid IaaS cloud environment. Which of the following implications should be considered on the new hybrid environment?
A. The current scanners should be migrated to the cloud
B. Cloud-specific misconfigurations may not be detected by the current scanners
C. Existing vulnerability scanners cannot scan laaS systems
D. Vulnerability scans on cloud environments should be performed from the cloud
عرض الإجابة
اجابة صحيحة: B
السؤال #17
Which of the following makes STIX and OpenloC information readable by both humans and machines?
A. XML
B. URL
C. OVAL
D. TAXII
عرض الإجابة
اجابة صحيحة: B
السؤال #18
A company is in the process of implementing a vulnerability management program, and there are concerns about granting the security team access to sensitive data. Which of the following scanning methods can be implemented to reduce the access to systems while providing the most accurate vulnerability scan results?
A. Credentialed network scanning
B. Passive scanning
C. Agent-based scanning
D. Dynamic scanning
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: