لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
An organization was alerted to a possible compromise after its proprietary data was found for sale on the Internet. An analyst is reviewing the logs from the next- generation UTM in an attempt to find evidence of this breach. Given the following output: Which of the following should be the focus of the investigation?
A. webserver
B. sftp
C. 83hht23
D. ftps
عرض الإجابة
اجابة صحيحة: A
السؤال #2
An organization developed a comprehensive incident response policy. Executive management approved the policy and its associated procedures. Which of the following activities would be MOST beneficial to evaluate personnel’s familiarity with incident response procedures?
A. A simulated breach scenario involving the incident response team
B. Completion of annual information security awareness training by all employees
C. Tabletop activities involving business continuity team members
D. Completion of lessons-learned documentation by the computer security incident response team
E. External and internal penetration testing by a third party
عرض الإجابة
اجابة صحيحة: A
السؤال #3
An analyst is working with a network engineer to resolve a vulnerability that was found in a piece of legacy hardware, which is critical to the operation of the organization's production line. The legacy hardware does not have third-party support, and the OEM manufacturer of the controller is no longer in operation. The analyst documents the activities and verifies these actions prevent remote exploitation of the vulnerability. Which of the following would be the MOST appropriate to remediate the controller
A. Segment the network to constrain access to administrative interfaces
B. Replace the equipment that has third-party support
C. Remove the legacy hardware from the network
D. Install an IDS on the network between the switch and the legacy equipment
عرض الإجابة
اجابة صحيحة: B
السؤال #4
A network attack that is exploiting a vulnerability in the SNMP is detected. Which of the following should the cybersecurity analyst do FIRST?
A. Apply the required patches to remediate the vulnerability
B. Escalate the incident to senior management for guidance
C. Disable all privileged user accounts on the network
D. Temporarily block the attacking IP address
عرض الإجابة
اجابة صحيحة: D
السؤال #5
Which of the following sources would a security analyst rely on to provide relevant and timely threat information concerning the financial services industry?
A. Information sharing and analysis membership
B. Open-source intelligence, such as social media and blogs
C. Real-time and automated firewall rules subscriptions
D. Common vulnerability and exposure bulletins
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Bootloader malware was recently discovered on several company workstations. All the workstations run Windows and are current models with UEFI capability. Which of the following UEFI settings is the MOST likely cause of the infections?
A. Compatibility mode
B. Secure boot mode
C. Native mode
D. Fast boot mode
عرض الإجابة
اجابة صحيحة: A
السؤال #7
A security analyst is conducting a post-incident log analysis to determine which indicators can be used to detect further occurrences of a data exfiltration incident. The analyst determines backups were not performed during this time and reviews the following: Which of the following should the analyst review to find out how the data was exfilltrated?
A. Monday's logs
B. Tuesday's logs
C. Wednesday's logs
D. Thursday's logs
عرض الإجابة
اجابة صحيحة: D
السؤال #8
A security team is implementing a new vulnerability management program in an environment that has a historically poor security posture. The team is aware of issues patch management in the environment and expects a large number of findings. Which of the following would be the MOST efficient way to increase the security posture of the organization in the shortest amount of time?
A. Create an SLA stating that remediation actions must occur within 30 days of discovery for all levels of vulnerabilities
B. Incorporate prioritization levels into the remediation process and address critical findings first
C. Create classification criteria for data residing on different servers and provide remediation only for servers housing sensitive data
D. Implement a change control policy that allows the security team to quickly deploy patches in the production environment to reduce the risk of any vulnerabilities found
عرض الإجابة
اجابة صحيحة: B
السؤال #9
The help desk provided a security analyst with a screenshot of a user's desktop: For which of the following is aircrack-ng being used?
A. Wireless access point discovery
B. Rainbow attack
C. Brute-force attack
D. PCAP data collection
عرض الإجابة
اجابة صحيحة: B
السؤال #10
An organisation is assessing risks so it can prioritize its mitigation actions. Following are the risks and their probability and impact: Which of the following is the order of priority for risk mitigation from highest to lowest?
A. A, B, C, D
B. A, D, B, C
C. B, C, A, D
D. C, B, D, A
E. D, A, C, B
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Which of me following BEST articulates the benefit of leveraging SCAP in an organization's cybersecurity analysis toolset?
A. It automatically performs remedial configuration changes lo enterprise security services
B. It enables standard checklist and vulnerability analysis expressions for automaton
C. It establishes a continuous integration environment for software development operations
D. It provides validation of suspected system vulnerabilities through workflow orchestration
عرض الإجابة
اجابة صحيحة: C
السؤال #12
As a proactive threat-hunting technique, hunters must develop situational cases based on likely attack scenarios derived from the available threat intelligence information. After forming the basis of the scenario, which of the following may the threat hunter construct to establish a framework for threat assessment?
A. Critical asset list
B. Threat vector
C. Attack profile
D. Hypothesis
عرض الإجابة
اجابة صحيحة: B
السؤال #13
The Chief Information Officer (CIO) of a large healthcare institution is concerned about all machines having direct access to sensitive patient information. Which of the following should the security analyst implement to BEST mitigate the risk of sensitive data exposure?
A. A cloud access service broker system
B. NAC to ensure minimum standards are met
C. MFA on all workstations
D. Network segmentation
عرض الإجابة
اجابة صحيحة: A
السؤال #14
Which of the following MOST accurately describes an HSM?
A. An HSM is a low-cost solution for encryption
B. An HSM can be networked based or a removable USB
C. An HSM is slower at encrypting than software
D. An HSM is explicitly used for MFA
عرض الإجابة
اجابة صحيحة: D
السؤال #15
In system hardening, which of the following types of vulnerability scans would work BEST to verify the scanned device meets security policies?
A. SCAP
B. Burp Suite
C. OWASP ZAP
D. Unauthenticated
عرض الإجابة
اجابة صحيحة: B
السؤال #16
A security analyst needs to assess the web server versions on a list of hosts to determine which are running a vulnerable version of the software and output that list into an XML file named webserverlist.xml. The host list is provided in a file named webserverlist.txt. Which of the following Nmap commands would BEST accomplish this goal?
A. nmap -iL webserverlist
B. nmap -iL webserverlist
C. nmap -iL webserverlist
D. nmap --takefile webserverlist
عرض الإجابة
اجابة صحيحة: D
السؤال #17
A small marketing firm uses many SaaS applications that hold sensitive information The firm has discovered terminated employees are retaining access to systems for many weeks after their end date. Which of the following would BEST resolve the issue of lingering access?
A. Configure federated authentication with SSO on cloud provider systems
B. Perform weekly manual reviews on system access to uncover any issues
C. Implement MFA on cloud-based systems
D. Set up a privileged access management tool that can fully manage privileged account access
عرض الإجابة
اجابة صحيحة: B
السؤال #18
Following a recent security breach, a company decides to investigate account usage to ensure privileged accounts are only being utilized during typical business hours. During the investigation, a security analyst determines an account was consistently utilized in the middle of the night. Which of the following actions should the analyst take NEXT?
A. Initiate the incident response plan
B. Disable the privileged account
C. Report the discrepancy to human resources
D. Review the activity with the user
عرض الإجابة
اجابة صحيحة: B
السؤال #19
A security technician is testing a solution that will prevent outside entities from spoofing the company's email domain, which is comptiA.org. The testing is successful, and the security technician is prepared to fully implement the solution. Which of the following actions should the technician take to accomplish this task?
A. Add TXT @ "v=spf1 mx include:_spf
B. Add TXT @ "v=spf1 mx include:_spf
C. Add TXT @ "v=spf1 mx include:_spf
D. Add TXT @ "v=spf1 mx include:_spf
عرض الإجابة
اجابة صحيحة: D
السؤال #20
A development team signed a contract that requires access to an on-premises physical server. Access must be restricted to authorized users only and cannot be connected to the Internet. Which of the following solutions would meet this requirement?
A. Establish a hosted SSO
B. Implement a CASB
C. Virtualize the server
D. Air gap the server
عرض الإجابة
اجابة صحيحة: A
السؤال #21
A company's modem response team is handling a threat that was identified on the network Security analysts have as at remote sites. Which of the following is the MOST appropriate next step in the incident response plan?
A. Quarantine the web server
B. Deploy virtual firewalls
C. Capture a forensic image of the memory and disk
D. Enable web server containerization
عرض الإجابة
اجابة صحيحة: A
السؤال #22
While preparing of an audit of information security controls in the environment an analyst outlines a framework control that has the following requirements: ? All sensitive data must be classified ? All sensitive data must be purged on a quarterly basis ? Certificates of disposal must remain on file for at least three years This framework control is MOST likely classified as:
A. prescriptive
B. risk-based
C. preventive
D. corrective
عرض الإجابة
اجابة صحيحة: B
السؤال #23
A security analyst at a technology solutions firm has uncovered the same vulnerabilities on a vulnerability scan for a long period of time. The vulnerabilities are on systems that are dedicated to the firm's largest client. Which of the following is MOST likely inhibiting the remediation efforts?
A. The parties have an MOU between them that could prevent shutting down the systems
B. There is a potential disruption of the vendor-client relationship
C. Patches for the vulnerabilities have not been fully tested by the software vendor
D. There is an SLA with the client that allows very little downtime
عرض الإجابة
اجابة صحيحة: A
السؤال #24
Which of the following technologies can be used to store digital certificates and is typically used in high-security implementations where integrity is paramount?
A. HSM
B. eFuse
C. UEFI
D. Self-encrypting drive
عرض الإجابة
اجابة صحيحة: D
السؤال #25
A company wants to establish a threat-hunting team. Which of the following BEST describes the rationale for integration intelligence into hunt operations?
A. It enables the team to prioritize the focus area and tactics within the company’s environment
B. It provide critically analyses for key enterprise servers and services
C. It allow analysis to receive updates on newly discovered software vulnerabilities
D. It supports rapid response and recovery during and followed an incident
عرض الإجابة
اجابة صحيحة: B
السؤال #26
A security administrator needs to create an IDS rule to alert on FTP login attempts by root. Which of the following rules is the BEST solution?
A. Option A
B. Option B
C. Option C
D. Option D
عرض الإجابة
اجابة صحيحة: D
السؤال #27
A security architect is reviewing the options for performing input validation on incoming web form submissions. Which of the following should the architect as the MOST secure and manageable option?
A. Client-side whitelisting
B. Server-side whitelisting
C. Server-side blacklisting
D. Client-side blacklisting
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: