لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
What is a difference between signature-based and behavior-based detection?
A. Signature-based identifies behaviors that may be linked to attacks, while behavior-based has a predefined set of rules to match before an alert
B. Behavior-based identifies behaviors that may be linked to attacks, while signature-based has a predefined set of rules to match before an alert
C. Behavior-based uses a known vulnerability database, while signature-based intelligently summarizes existing data
D. Signature-based uses a known vulnerability database, while behavior-based intelligently summarizes existing data
عرض الإجابة
اجابة صحيحة: D
السؤال #2
What is threat hunting?
A. Managing a vulnerability assessment report to mitigate potential threats
B. Focusing on proactively detecting possible signs of intrusion and compromise
C. Pursuing competitors and adversaries to infiltrate their system to acquire intelligence data
D. Attempting to deliberately disrupt servers by altering their availability
عرض الإجابة
اجابة صحيحة: A
السؤال #3
An engineer is analyzing a recent breach where confidential documents were altered and stolen by the receptionist Further analysis shows that the threat actor connected an externa USB device to bypass security restrictions and steal data The engineer could not find an external USB device Which piece of information must an engineer use for attribution in an investigation?
A. list of security restrictions and privileges boundaries bypassed
B. external USB device
C. receptionist and the actions performed
D. stolen data and its criticality assessment
عرض الإجابة
اجابة صحيحة: C
السؤال #4
What is the potential threat identified in this Stealthwatch dashboard?
A. A policy violation is active for host 10
B. A host on the network is sending a DDoS attack to another inside host
C. There are two active data exfiltration alerts
D. A policy violation is active for host 10
عرض الإجابة
اجابة صحيحة: B
السؤال #5
What is the difference between deep packet inspection and stateful inspection?
A. Deep packet inspection is more secure than stateful inspection on Layer 4
B. Stateful inspection verifies contents at Layer 4 and deep packet inspection verifies connection at Layer 7
C. Stateful inspection is more secure than deep packet inspection on Layer 7
D. Deep packet inspection allows visibility on Layer 7 and stateful inspection allows visibility on Layer 4
عرض الإجابة
اجابة صحيحة: D
السؤال #6
An engineer needs to have visibility on TCP bandwidth usage, response time, and latency, combined with deep packet inspection to identify unknown software by its network traffic flow. Which two features of Cisco Application Visibility and Control should the engineer use to accomplish this goal? (Choose two.)
A. management and reporting
B. traffic filtering
C. adaptive AVC
D. metrics collection and exporting
E. application recognition
عرض الإجابة
اجابة صحيحة: D
السؤال #7
While viewing packet capture data, an analyst sees that one IP is sending and receiving traffic for multiple devices by modifying the IP header. Which technology makes this behavior possible?
A. encapsulation
B. TOR
C. tunneling
D. NAT
عرض الإجابة
اجابة صحيحة: D
السؤال #8
What is the difference between vulnerability and risk?
A. A vulnerability is a sum of possible malicious entry points, and a risk represents the possibility of the unauthorized entry itself
B. A risk is a potential threat that an exploit applies to, and a vulnerability represents the threat itself
C. A vulnerability represents a flaw in a security that can be exploited, and the risk is the potential damage it might cause
D. A risk is potential threat that adversaries use to infiltrate the network, and a vulnerability is an exploit
عرض الإجابة
اجابة صحيحة: B
السؤال #9
An engineer is analyzing a PCAP file after a recent breach An engineer identified that the attacker used an aggressive ARP scan to scan the hosts and found web and SSH servers. Further analysis showed several SSH Server Banner and Key Exchange Initiations. The engineer cannot see the exact data being transmitted over an encrypted channel and cannot identify how the attacker gained access How did the attacker gain access?
A. by using the buffer overflow in the URL catcher feature for SSH
B. by using an SSH Tectia Server vulnerability to enable host-based authentication
C. by using an SSH vulnerability to silently redirect connections to the local host
D. by using brute force on the SSH service to gain access
عرض الإجابة
اجابة صحيحة: D
السؤال #10
A security engineer deploys an enterprise-wide host/endpoint technology for all of the company's corporate PCs. Management requests the engineer to block a selected set of applications on all PCs. Which technology should be used to accomplish this task?
A. application whitelisting/blacklisting
B. network NGFW
C. host-based IDS
D. antivirus/antispyware software
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Which attack represents the evasion technique of resource exhaustion?
A. SQL injection
B. man-in-the-middle
C. bluesnarfing
D. denial-of-service
عرض الإجابة
اجابة صحيحة: C
السؤال #12
What does this output indicate?
A. HTTPS ports are open on the server
B. SMB ports are closed on the server
C. FTP ports are open on the server
D. Email ports are closed on the server
عرض الإجابة
اجابة صحيحة: B
السؤال #13
Drag and drop the security concept from the left onto the example of that concept on the right.
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: C
السؤال #14
Which vulnerability type is used to read, write, or erase information from a database?
A. cross-site scripting
B. cross-site request forgery
C. buffer overflow
D. SQL injection
عرض الإجابة
اجابة صحيحة: D
السؤال #15
Which category relates to improper use or disclosure of PII data?
A. legal
B. compliance
C. regulated
D. contractual
عرض الإجابة
اجابة صحيحة: A
السؤال #16
Which type of data collection requires the largest amount of storage space?
A. alert data
B. transaction data
C. session data
D. full packet capture
عرض الإجابة
اجابة صحيحة: C
السؤال #17
What is the potential threat identified in this Stealthwatch dashboard?
A. A policy violation is active for host 10
B. A host on the network is sending a DDoS attack to another inside host
C. There are three active data exfiltration alerts
D. A policy violation is active for host 10
عرض الإجابة
اجابة صحيحة: A
السؤال #18
What is occurring in this network?
A. ARP cache poisoning
B. DNS cache poisoning
C. MAC address table overflow
D. MAC flooding attack
عرض الإجابة
اجابة صحيحة: A
السؤال #19
Which type of log is displayed?
A. IDS
B. proxy
C. NetFlow
D. sys
عرض الإجابة
اجابة صحيحة: A
السؤال #20
What is the difference between inline traffic interrogation (TAPS) and traffic mirroring (SPAN)?
A. TAPS interrogation is more complex because traffic mirroring applies additional tags to data and SPAN does not alter integrity and provides full duplex network
B. SPAN results in more efficient traffic analysis, and TAPS is considerably slower due to latency caused by mirroring
C. TAPS replicates the traffic to preserve integrity, and SPAN modifies packets before sending them to other analysis tools
D. SPAN ports filter out physical layer errors, making some types of analyses more difficult, and TAPS receives all packets, including physical errors
عرض الإجابة
اجابة صحيحة: B
السؤال #21
Which HTTP header field is used in forensics to identify the type of browser used?
A. referrer
B. host
C. user-agent
D. accept-language
عرض الإجابة
اجابة صحيحة: C
السؤال #22
Which filter allows an engineer to filter traffic in Wireshark to further analyze the PCAP file by only showing the traffic for LAN 10.11.x.x, between workstations and servers without the Internet?
A. src=10
B. ip
C. ip
D. src==10
عرض الإجابة
اجابة صحيحة: AE
السؤال #23
How does TOR alter data content during transit?
A. It spoofs the destination and source information protecting both sides
B. It encrypts content and destination information over multiple layers
C. It redirects destination traffic through multiple sources avoiding traceability
D. It traverses source traffic through multiple destinations before reaching the receiver
عرض الإجابة
اجابة صحيحة: C
السؤال #24
Which security technology guarantees the integrity and authenticity of all messages transferred to and from a web application?
A. Hypertext Transfer Protocol
B. SSL Certificate
C. Tunneling
D. VPN
عرض الإجابة
اجابة صحيحة: C
السؤال #25
Which security principle requires more than one person is required to perform a critical task?
A. least privilege
B. need to know
C. separation of duties
D. due diligence
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: