لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Which technology on a host is used to isolate a running application from other applications?
A. sandbox
B. application allow list
C. application block list
D. host-based firewall
عرض الإجابة
اجابة صحيحة: C
السؤال #2
During which phase of the forensic process are tools and techniques used to extract information from the collected data?
A. investigation
B. examination
C. reporting
D. collection
عرض الإجابة
اجابة صحيحة: B
السؤال #3
An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap. Which command will accomplish this goal?
A. nmap --top-ports 192
B. nmap –sP 192
C. nmap -sL 192
D. nmap -sV 192
عرض الإجابة
اجابة صحيحة: A
السؤال #4
What should an engineer use to aid the trusted exchange of public keys between user tom0411976943 and dan1968754032?
A. central key management server
B. web of trust
C. trusted certificate authorities
D. registration authority data
عرض الإجابة
اجابة صحيحة: CE
السؤال #5
During the analysis of a suspicious scanning activity incident, an analyst discovered multiple local TCP connection events Which technology provided these logs?
A. antivirus
B. proxy
C. IDS/IPS
D. firewall
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Drag and drop the elements from the left into the correct order for incident handling on the right.
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: B
السؤال #7
Which security monitoring data type requires the largest storage space?
A. transaction data
B. statistical data
C. session data
D. full packet capture
عرض الإجابة
اجابة صحيحة: A
السؤال #8
At a company party a guest asks questions about the company’s user account format and password complexity. How is this type of conversation classified?
A. Phishing attack
B. Password Revelation Strategy
C. Piggybacking
D. Social Engineering
عرض الإجابة
اجابة صحيحة: C
السؤال #9
The security team has detected an ongoing spam campaign targeting the organization. The team's approach is to push back the cyber kill chain and mitigate ongoing incidents. At which phase of the cyber kill chain should the security team mitigate this type of attack?
A. actions
B. delivery
C. reconnaissance
D. installation
عرض الإجابة
اجابة صحيحة: D
السؤال #10
A company receptionist received a threatening call referencing stealing assets and did not take any action assuming it was a social engineering attempt. Within 48 hours, multiple assets were breached, affecting the confidentiality of sensitive information. What is the threat actor in this incident?
A. company assets that are threatened
B. customer assets that are threatened
C. perpetrators of the attack
D. victims of the attack
عرض الإجابة
اجابة صحيحة: D
السؤال #11
What describes the impact of false-positive alerts compared to false-negative alerts?
A. A false negative is alerting for an XSS attac
B. An engineer investigates the alert and discovers that an XSS attack happened A false positive is when an XSS attack happens and no alert is raised
C. A false negative is a legitimate attack triggering a brute-force aler
D. An engineer investigates the alert and finds out someone intended to break into the system A false positive is when no alert and no attack is occurring
E. A false positive is an event alerting for a brute-force attack An engineer investigates the alert and discovers that a legitimate user entered the wrong credential several times A false negative is when a threat actor tries to brute-force attack a system and no alert is raised
F. A false positive is an event alerting for an SQL injection attack An engineer investigates the alert and discovers that an attack attempt was blocked by IPS A false negative is when the attack gets detected but succeeds and results in a breach
عرض الإجابة
اجابة صحيحة: A
السؤال #12
Which technology prevents end-device to end-device IP traceability?
A. encryption
B. load balancing
C. NAT/PAT
D. tunneling
عرض الإجابة
اجابة صحيحة: D
السؤال #13
How is NetFlow different from traffic mirroring?
A. NetFlow collects metadata and traffic mirroring clones data
B. Traffic mirroring impacts switch performance and NetFlow does not
C. Traffic mirroring costs less to operate than NetFlow
D. NetFlow generates more data than traffic mirroring
عرض الإجابة
اجابة صحيحة: C
السؤال #14
What is occurring?
A. ARP flood
B. DNS amplification
C. ARP poisoning
D. DNS tunneling
عرض الإجابة
اجابة صحيحة: C
السؤال #15
Which utility blocks a host portscan?
A. HIDS
B. sandboxing
C. host-based firewall
D. antimalware
عرض الإجابة
اجابة صحيحة: A
السؤال #16
How does a certificate authority impact security?
A. It validates client identity when communicating with the server
B. It authenticates client identity when requesting an SSL certificate
C. It authenticates domain identity when requesting an SSL certificate
D. It validates the domain identity of the SSL certificate
عرض الإجابة
اجابة صحيحة: D
السؤال #17
A security engineer notices confidential data being exfiltrated to a domain "Ranso4134-mware31-895" address that is attributed to a known advanced persistent threat group The engineer discovers that the activity is part of a real attack and not a network misconfiguration. Which category does this event fall under as defined in the Cyber Kill Chain?
A. reconnaissance
B. delivery
C. action on objectives
D. weaponization
عرض الإجابة
اجابة صحيحة: C
السؤال #18
What is the difference between deep packet inspection and stateful inspection?
A. Deep packet inspection gives insights up to Layer 7, and stateful inspection gives insights only up to Layer 4
B. Deep packet inspection is more secure due to its complex signatures, and stateful inspection requires less human intervention
C. Stateful inspection is more secure due to its complex signatures, and deep packet inspection requires less human intervention
D. Stateful inspection verifies data at the transport layer and deep packet inspection verifies data at the application layer
عرض الإجابة
اجابة صحيحة: B
السؤال #19
What is the impact of encryption?
A. Confidentiality of the data is kept secure and permissions are validated
B. Data is accessible and available to permitted individuals
C. Data is unaltered and its integrity is preserved
D. Data is secure and unreadable without decrypting it
عرض الإجابة
اجابة صحيحة: B
السؤال #20
Which tool provides a full packet capture from network traffic?
A. Nagios
B. CAINE
C. Hydra
D. Wireshark
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.