لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Which of the following BEST describes a security exploit for which a vendor patch is not readily available?
A. Integer overflow
B. Zero-day
C. End of life
D. Race condition
عرض الإجابة
اجابة صحيحة: C
السؤال #2
A security analyst needs to determine how an attacker was able to use User3 to gain a foothold within a company's network. The company's lockout policy requires that an account be locked out for a minimum of 15 minutes after three unsuccessful attempts. While reviewing the log files, the analyst discovers the following: Which of the following attacks MOST likely occurred?
A. Dictionary
B. Credential-stuffing
C. Password-spraying
D. Brute-force
عرض الإجابة
اجابة صحيحة: D
السؤال #3
A network administrator would like to configure a site-to-site VPN utilizing iPSec. The administrator wants the tunnel to be established with data integrity encryption, authentication and anti- replay functions Which of the following should the administrator use when configuring the VPN?
A. AH
B. EDR
C. ESP
D. DNSSEC
عرض الإجابة
اجابة صحيحة: E
السؤال #4
The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?
A. install a smart meter on the staff WiFi
B. Place the environmental systems in the same DHCP scope as the staff WiFi
C. Implement Zigbee on the staff WiFi access points
D. Segment the staff WiFi network from the environmental systems network
عرض الإجابة
اجابة صحيحة: B
السؤال #5
In the middle of a cybersecurity, a security engineer removes the infected devices from the network and lock down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?
A. Identification
B. Preparation
C. Eradiction
D. Recovery
E. Containment
عرض الإجابة
اجابة صحيحة: C
السؤال #6
A Chief Information Security Officer (CISO) is concerned about the organization's ability to continue business operation in the event of a prolonged DDoS attack on its local datacenter that consumes database resources. Which of the following will the CISO MOST likely recommend to mitigate this risk?
A. Upgrade the bandwidth available into the datacenter
B. Implement a hot-site failover location
C. Switch to a complete SaaS offering to customers
D. Implement a challenge response test on all end-user queries
عرض الإجابة
اجابة صحيحة: CD
السؤال #7
A symmetric encryption algorithm Is BEST suited for:
A. key-exchange scalability
B. protecting large amounts of data
C. providing hashing capabilities,
D. implementing non-repudiation
عرض الإجابة
اجابة صحيحة: A
السؤال #8
A security administrator is trying to determine whether a server is vulnerable to a range of attacks. After using a tool, the administrator obtains the following output: Which of the following attacks was successfully implemented based on the output?
A. Memory leak
B. Race conditions
C. SQL injection
D. Directory traversal
عرض الإجابة
اجابة صحيحة: A
السؤال #9
After a phishing scam for a user's credentials, the red team was able to craft a payload to deploy on a server. The attack allowed the installation of malicious software that initiates a new remote session. Which of the following types of attacks has occurred?
A. Privilege escalation
B. Session replay
C. Application programming interface
D. Directory traversal
عرض الإجابة
اجابة صحيحة: D
السؤال #10
An analyst has determined that a server was not patched and an external actor exfiltrated data on port 139. Which of the following sources should the analyst review to BEST ascertain how the Incident could have been prevented?
A. The vulnerability scan output
B. The security logs
C. The baseline report
D. The correlation of events
عرض الإجابة
اجابة صحيحة: D
السؤال #11
An organization recently recovered from a data breach. During the root cause analysis, the organization determined the source of the breach to be a personal cell phone that had been reported lost. Which of the following solutions should the organization implement to reduce the likelihood of future data breaches?
A. MDM
B. MAM
C. VDI
D. DLP
عرض الإجابة
اجابة صحيحة: D
السؤال #12
A SOC is implementing an in sider-threat-detection program. The primary concern is that users may be accessing confidential data without authorization. Which of the following should be deployed to detect a potential insider threat?
A. A honeyfile
B. ADMZ
C. DLP
D. File integrity monitoring
عرض الإجابة
اجابة صحيحة: C
السؤال #13
A security analyst is investigation an incident that was first reported as an issue connecting to network shares and the internet, While reviewing logs and tool output, the analyst sees the following: Which of the following attacks has occurred?
A. IP conflict
B. Pass-the-hash
C. MAC flooding
D. Directory traversal
E. ARP poisoning
عرض الإجابة
اجابة صحيحة: C
السؤال #14
Which of the following BEST describes the MFA attribute that requires a callback on a predefined landline?
A. Something you exhibit
B. Something you can do
C. Someone you know
D. Somewhere you are
عرض الإجابة
اجابة صحيحة: E
السؤال #15
A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?
A. Salting the magnetic strip information
B. Encrypting the credit card information in transit
C. Hashing the credit card numbers upon entry
D. Tokenizing the credit cards in the database
عرض الإجابة
اجابة صحيحة: C
السؤال #16
An end user reports a computer has been acting slower than normal for a few weeks, During an investigation, an analyst determines the system 3 sending the users email address and a ten-digit number ta an IP address once a day. The only resent log entry regarding the user's computer is the following: Which of the following is the MOST likely cause of the issue?
A. The end user purchased and installed 2 PUP from a web browser
B. 4 bot on the computer is rule forcing passwords against a website
C. A hacker Is attempting to exfilltrated sensitive data
D. Ransomwere is communicating with a command-and-control server
عرض الإجابة
اجابة صحيحة: AB
السؤال #17
An organization's finance department is implementing a policy to protect against collusion. Which of the following control types and corresponding procedures should the organization implement to fulfill this policy's requirement? (Select TWO).
A. Corrective
B. Deterrent
C. Preventive
D. Mandatory vacations
E. Job rotation
F. Separation of duties
عرض الإجابة
اجابة صحيحة: C
السؤال #18
A Chief Security Officer (CSO) was notified that a customer was able to access confidential internal company files on a commonly used file-sharing service. The file-sharing service is the same one used by company staff as one of its approved third-party applications. After further investigation, the security team determines the sharing of confidential files was accidental and not malicious. However, the CSO wants to implement changes to minimize this type of incident from reoccurring but does not want to im
A. DLP
B. SWG
C. CASB
D. Virtual network segmentation
E. Container security
عرض الإجابة
اجابة صحيحة: B
السؤال #19
A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?
A. A non-disclosure agreement
B. Least privilege
C. An acceptable use policy
D. Ofboarding
عرض الإجابة
اجابة صحيحة: BCF
السؤال #20
An organization is developing a plan in the event of a complete loss of critical systems and data. Which of the following plans is the organization MOST likely developing?
A. Incident response
B. Communications
C. Disaster recovery
D. Data retention
عرض الإجابة
اجابة صحيحة: C
السؤال #21
Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)
A. Block cipher
B. Hashing
C. Private key
D. Perfect forward secrecy
E. Salting
F. Symmetric keys
عرض الإجابة
اجابة صحيحة: A
السؤال #22
A security administrator suspects there may be unnecessary services running on a server. Which of the following tools will the administrator MOST likely use to confirm the suspicions?
A. Nmap
B. Wireshark
C. Autopsy
D. DNSEnum
عرض الإجابة
اجابة صحيحة: EF
السؤال #23
A security administrator is analyzing the corporate wireless network The network only has two access points running on channels 1 and 11. While using airodump- ng. the administrator notices other access points are running with the same corporate ESSID on all available channels and with the same BSSID of one of the legitimate access ports Which erf the following attacks in happening on the corporate network?
A. Man in the middle
B. Evil twin
C. Jamming
D. Rogue access point
E. Disassociation
عرض الإجابة
اجابة صحيحة: C
السؤال #24
A company just implemented a new telework policy that allows employees to use personal devices for official email and file sharing while working from home. Some of the requirements are: * Employees must provide an alternate work location (i.e., a home address) * Employees must install software on the device that will prevent the loss of proprietary data but will not restrict any other software from being installed. Which of the following BEST describes the MDM options the company is using?
A. Geofencing, content management, remote wipe, containerization, and storage segmentation
B. Content management, remote wipe, geolocation, context-aware authentication, and containerization
C. Application management, remote wipe, geofencing, context-aware authentication, and containerization
D. Remote wipe, geolocation, screen locks, storage segmentation, and full-device encryption
عرض الإجابة
اجابة صحيحة: D
السؤال #25
Which of the following represents a biometric FRR?
A. Authorized users being denied access
B. Users failing to enter the correct PIN
C. The denied and authorized numbers being equal
D. The number of unauthorized users being granted access
عرض الإجابة
اجابة صحيحة: C
السؤال #26
A security engineer has enabled two-factor authentication on all workstations. Which of the following approaches are the MOST secure? (Select TWO).
A. Password and security question
B. Password and CAPTCHA
C. Password and smart card
D. Password and fingerprint
E. Password and one-time token
F. Password and voice
عرض الإجابة
اجابة صحيحة: D
السؤال #27
A recent security assessment revealed that an actor exploited a vulnerable workstation within an organization and has persisted on the network for several months. The organization realizes the need to reassess Its security. Strategy for mitigating risks within the perimeter Which of the following solutions would BEST support the organization's strategy?
A. FIM
B. DLP
C. EDR
D. UTM
عرض الإجابة
اجابة صحيحة: A
السؤال #28
A security analyst is logged into a Windows file server and needs to see who is accessing files and from which computers Which of the following tools should the analyst use?
A. netstat
B. net share
C. netcat
D. nbtstat
E. net session
عرض الإجابة
اجابة صحيحة: DE
السؤال #29
An organization blocks user access to command-line interpreters but hackers still managed to invoke the interpreters using native administrative tools Which of the following should the security team do to prevent this from Happening in the future?
A. Implement HIPS to block Inbound and outbound SMB ports 139 and 445
B. Trigger a SIEM alert whenever the native OS tools are executed by the user
C. Disable the built-in OS utilities as long as they are not needed for functionality
D. Configure the AV to quarantine the native OS tools whenever they are executed
عرض الإجابة
اجابة صحيحة: A
السؤال #30
An organization just experienced a major cyberattack modem. The attack was well coordinated sophisticated and highly skilled. Which of the following targeted the organization?
A. Shadow IT
B. An insider threat
C. A hacktivist
D. An advanced persistent threat
عرض الإجابة
اجابة صحيحة: B
السؤال #31
After consulting with the Chief Risk Officer (CRO). a manager decides to acquire cybersecurity insurance for the company Which of the following risk management strategies is the manager adopting?
A. Risk acceptance
B. Risk avoidance
C. Risk transference
D. Risk mitigation
عرض الإجابة
اجابة صحيحة: A
السؤال #32
A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following: ? The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP ? The forged website's IP address appears to be 10.2.12.99. based on NetFtow records ? AH three at the organization's DNS servers show the website correctly resolves to the legitimate IP ? DNS query logs show one of
A. A reverse proxy was used to redirect network traffic
B. An SSL strip MITM attack was performed
C. An attacker temporarily pawned a name server
D. An ARP poisoning attack was successfully executed
عرض الإجابة
اجابة صحيحة: D
السؤال #33
An attacker is trying to gain access by installing malware on a website that is known to be visited by the target victims. Which of the following is the attacker MOST likely attempting?
A. A spear-phishing attack
B. A watering-hole attack
C. Typo squatting
D. A phishing attack
عرض الإجابة
اجابة صحيحة: C
السؤال #34
The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO’s concerns?
A. SSO would simplify username and password management, making it easier for hackers to pass guess accounts
B. SSO would reduce password fatigue, but staff would still need to remember more complex passwords
C. SSO would reduce the password complexity for frontline staff
D. SSO would reduce the resilience and availability of system if the provider goes offline
عرض الإجابة
اجابة صحيحة: B
السؤال #35
A network manager is concerned that business may be negatively impacted if the firewall in its datacenter goes offline. The manager would like to Implement a high availability pair to:
A. decrease the mean ne between failures
B. remove the single point of failure
C. cut down the mean tine to repair
D. reduce the recovery time objective
عرض الإجابة
اجابة صحيحة: BC
السؤال #36
Which of the following is the BEST reason to maintain a functional and effective asset management policy that aids in ensuring the security of an organization?
A. To provide data to quantity risk based on the organization's systems
B. To keep all software and hardware fully patched for known vulnerabilities
C. To only allow approved, organization-owned devices onto the business network
D. To standardize by selecting one laptop model for all users in the organization
عرض الإجابة
اجابة صحيحة: D
السؤال #37
An analyst is trying to identify insecure services that are running on the internal network After performing a port scan the analyst identifies that a server has some insecure services enabled on default ports Which of the following BEST describes the services that are currently running and the secure alternatives for replacing them' (Select THREE)
A. SFTP FTPS
B. SNMPv2 SNMPv3
C. HTTP, HTTPS
D. TFTP FTP
E. SNMPv1, SNMPv2
F. Telnet SSH G
عرض الإجابة
اجابة صحيحة: B
السؤال #38
During a routine scan of a wireless segment at a retail company, a security administrator discovers several devices are connected to the network that do not match the company's naming convention and are not in the asset Inventory. WiFi access Is protected with 255-Wt encryption via WPA2. Physical access to the company's facility requires two-factor authentication using a badge and a passcode Which of the following should the administrator implement to find and remediate the Issue? (Select TWO).
A. Check the SIEM for failed logins to the LDAP directory
B. Enable MAC filtering on the switches that support the wireless network
C. Run a vulnerability scan on all the devices in the wireless network
D. Deploy multifactor authentication for access to the wireless network
E. Scan the wireless network for rogue access points
F. Deploy a honeypot on the network
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.