لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
What is the potential threat identified in this Stealthwatch dashboard?
A. Host 10
B. Host 152
C. Traffic to 152
D. Host 10
عرض الإجابة
اجابة صحيحة: A
السؤال #2
What is occurring in this network traffic?
A. high rate of SYN packets being sent from a multiple source towards a single destination IP
B. high rate of SYN packets being sent from a single source IP towards multiple destination IPs
C. flood of ACK packets coming from a single source IP to multiple destination IPs
D. flood of SYN packets coming from a single source IP to a single destination IP
عرض الإجابة
اجابة صحيحة: A
السؤال #3
What makes HTTPS traffic difficult to monitor?
A. SSL interception
B. packet header size
C. signature detection time
D. encryption
عرض الإجابة
اجابة صحيحة: C
السؤال #4
Which evasion technique is indicated when an intrusion detection system begins receiving an abnormally high volume of scanning from numerous sources?
A. resource exhaustion
B. tunneling
C. traffic fragmentation
D. timing attack
عرض الإجابة
اجابة صحيحة: C
السؤال #5
What does cyber attribution identify in an investigation?
A. exploit of an attack
B. threat actors of an attack
C. vulnerabilities exploited
D. cause of an attack
عرض الإجابة
اجابة صحيحة: D
السؤال #6
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
A. CSIRT
B. PSIRT
C. public affairs
D. management
عرض الإجابة
اجابة صحيحة: A
السؤال #7
An engineer receives a security alert that traffic with a known TOR exit node has occurred on the network. What is the impact of this traffic?
A. ransomware communicating after infection
B. users downloading copyrighted content
C. data exfiltration
D. user circumvention of the firewall
عرض الإجابة
اجابة صحيحة: A
السؤال #8
How is NetFlow different than traffic mirroring?
A. NetFlow collects metadata and traffic mirroring clones data
B. Traffic mirroring impacts switch performance and NetFlow does not
C. Traffic mirroring costs less to operate than NetFlow
D. NetFlow generates more data than traffic mirroring
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Which list identifies the information that the client sends to the server in the negotiation phase of the TLS handshake?
A. ClientStart, ClientKeyExchange, cipher-suites it supports, and suggested compression methods
B. ClientStart, TLS versions it supports, cipher-suites it supports, and suggested compression methods
C. ClientHello, TLS versions it supports, cipher-suites it supports, and suggested compression methods
D. ClientHello, ClientKeyExchange, cipher-suites it supports, and suggested compression methods
عرض الإجابة
اجابة صحيحة: D
السؤال #10
Which two elements of the incident response process are stated in NIST Special Publication 800-61 r2? (Choose two.)
A. detection and analysis
B. post-incident activity
C. vulnerability management
D. risk assessment
E. vulnerability scoring
عرض الإجابة
اجابة صحيحة: BE
السؤال #11
Which kind of attack method is depicted in this string?
A. cross-site scripting
B. man-in-the-middle
C. SQL injection
D. denial of service
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number?
A. integrity
B. confidentiality
C. availability
D. scope
عرض الإجابة
اجابة صحيحة: B
السؤال #13
An investigator is examining a copy of an ISO file that is stored in CDFS format. What type of evidence is this file?
A. data from a CD copied using Mac-based system
B. data from a CD copied using Linux system
C. data from a DVD copied using Windows system
D. data from a CD copied using Windows
عرض الإجابة
اجابة صحيحة: D
السؤال #14
An analyst is exploring the functionality of different operating systems. What is a feature of Windows Management Instrumentation that must be considered when deciding on an operating system?
A. queries Linux devices that have Microsoft Services for Linux installed
B. deploys Windows Operating Systems in an automated fashion
C. is an efficient tool for working with Active Directory
D. has a Common Information Model, which describes installed hardware and software
عرض الإجابة
اجابة صحيحة: B
السؤال #15
How is attacking a vulnerability categorized?
A. action on objectives
B. delivery
C. exploitation
D. installation
عرض الإجابة
اجابة صحيحة: AD
السؤال #16
What is the difference between an attack vector and attack surface?
A. An attack surface identifies vulnerabilities that require user input or validation; and an attack vectoridentifies vulnerabilities that are independent of user actions
B. An attack vector identifies components that can be exploited; and an attack surface identifies the potential path an attack can take to penetrate the network
C. An attack surface recognizes which network parts are vulnerable to an attack; and an attack vector identifies which attacks are possible with these vulnerabilities
D. An attack vector identifies the potential outcomes of an attack; and an attack surface launches an attack using several methods against the identified vulnerabilities
عرض الإجابة
اجابة صحيحة: A
السؤال #17
Which step in the incident response process researches an attacking host through logs in a SIEM?
A. detection and analysis
B. preparation
C. eradication
D. containment
عرض الإجابة
اجابة صحيحة: D
السؤال #18
What should a security analyst consider when comparing inline traffic interrogation with traffic tapping to determine which approach to use in the network?
A. Tapping interrogation replicates signals to a separate port for analyzing traffic
B. Tapping interrogations detect and block malicious traffic
C. Inline interrogation enables viewing a copy of traffic to ensure traffic is in compliance with security policies
D. Inline interrogation detects malicious traffic but does not block the traffic
عرض الإجابة
اجابة صحيحة: A
السؤال #19
Which two elements are used for profiling a network? (Choose two.)
A. session duration
B. total throughput
C. running processes
D. listening ports
E. OS fingerprint
عرض الإجابة
اجابة صحيحة: C
السؤال #20
Which data format is the most efficient to build a baseline of traffic seen over an extended period of time?
A. syslog messages
B. full packet capture
C. NetFlow
D. firewall event logs
عرض الإجابة
اجابة صحيحة: C
السؤال #21
What is the difference between a threat and a risk?
A. Threat represents a potential danger that could take advantage of a weakness in a system
B. Risk represents the known and identified loss or danger in the system
C. Risk represents the nonintentional interaction with uncertainty in the system
D. Threat represents a state of being exposed to an attack or a compromise either physically or logically
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.