لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be non-disruptive and user friendly. Which of the following technologies should the IT manager use when implementing MFA?
A. One-time passwords
B. Email tokens
C. Push notifications
D. Hardware authentication
عرض الإجابة
اجابة صحيحة: C
السؤال #2
A security analyst needs to perform periodic vulnerability scans on production systems. Which of the following scan Types would produce the BEST vulnerability scan report?
A. Port
B. Intrusive
C. Host discovery
D. Credentialed
عرض الإجابة
اجابة صحيحة: A
السؤال #3
A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?
A. RA
B. OCSP
C. CRL
D. CSR
عرض الإجابة
اجابة صحيحة: C
السؤال #4
The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, incident during a pandemic or crisis, However, the CEO is concerned that some staff members may take advantage of the of the flexibility and work from high-risk countries while on holidays work to a third-party organization in another country. The Chief information Officer (CIO) believes the company can implement some basic to mitigate the majority of the ris
A. Geolocation
B. Time-of-day restrictions
C. Certificates
D. Tokens
E. Geotagging
F. Role-based access controls
عرض الإجابة
اجابة صحيحة: D
السؤال #5
Which of the following would MOST likely support the integrity of a voting machine?
A. Asymmetric encryption
B. Blockchain
C. Transport Layer Security
D. Perfect forward secrecy
عرض الإجابة
اجابة صحيحة: C
السؤال #6
An organization is having difficulty correlating events from its individual AV, EDR. DLP. SWG, WAF, MDM. HIPS. and CASB systems. Which of the following Is the BEST way to improve the situation?
A. Remove expensive systems that generate few alerts,
B. Modify the systems to alert only on critical issues
C. Utilize a SIEM to centralize logs and dashboards
D. implement a new syslog/NetFlow applianc
عرض الإجابة
اجابة صحيحة: B
السؤال #7
A company was recently breached. Part of the company's new cybersecurity strategy is to centralize the logs from all security devices. Which of the following components forwards the logs to a central source?
A. Log enrichment
B. Log aggregation
C. Log parser
D. Log collector
عرض الإجابة
اجابة صحيحة: D
السؤال #8
The website http://companywebsite.com requires users to provide personal information, including security question responses, for registration. Which of the following would MOST likely cause a data breach?
A. Lack of input validation
B. Open permissions
C. Unsecure protocol
D. Missing patches
عرض الإجابة
اجابة صحيحة: D
السؤال #9
A penetration tester successfully gained access ta a company’s network, The investigating analyst detarmines malicious traffic connacted through the WAP despite filtering rules being in place, Logging in to the connected switch, the analyst sees the folowing in the ARP table: Which of the following cid the penetration tester MOST liely use?
A. ARP poisoning
B. MAG eioning
C. Man in the middle
D. Evil twin
عرض الإجابة
اجابة صحيحة: AD
السؤال #10
Which of the following policies establishes rules to measure third-party work tasks and ensure deliverables are provided within a specific time line?
A. SLA
B. MOU
C. AUP
D. NDA
عرض الإجابة
اجابة صحيحة: A
السؤال #11
When used at the design stage, which of the following improves the efficiency, accuracy, and speed of a database?
A. Tokenization
B. Data masking
C. Normalization
D. Obfuscation
عرض الإجابة
اجابة صحيحة: A
السؤال #12
An engineer needs to deploy a security measure to identify and prevent data tampering within the enterprise. Which of the following will accomplish this goal?
A. Antivirus
B. IPS
C. FTP
D. FIM
عرض الإجابة
اجابة صحيحة: DE
السؤال #13
In which of the following situations would it be BEST to use a detective control type for mitigation?
A. A company implemented a network load balancer to ensure 99
B. A company designed a backup solution to increase the chances of restoring services in case of a natural disaster
C. A company purchased an application-level firewall to isolate traffic between the accounting department and the information technology department
D. A company purchased an IPS system, but after reviewing the requirements, the appliance was supposed to monitor, not block, any traffic
E. A company purchased liability insurance for flood protection on all capital assets
عرض الإجابة
اجابة صحيحة: A
السؤال #14
Which of the following control sets should a well-written BCP include? (Select THREE)
A. Preventive
B. Detective
C. Deterrent
D. Corrective
E. Compensating
F. Physical G
عرض الإجابة
اجابة صحيحة: D
السؤال #15
A security administrator checks the table of a network switch, which shows the following output: Which of the following is happening to this switch?
A. MAC Flooding
B. DNS poisoning
C. MAC cloning
D. ARP poisoning
عرض الإجابة
اجابة صحيحة: B
السؤال #16
An engineer is configuring AAA authentication on a Cisco MDS 9000 Series Switch. The LDAP server is located under the IP 10.10.2.2. The data sent to the LDAP server should be encrypted. Which command should be used to meet these requirements?
A. Idap-server 10
B. Idap-server host 10
C. Idap-server 10
D. Idap-server host 10
عرض الإجابة
اجابة صحيحة: A
السؤال #17
An analyst has determined that a server was not patched and an external actor exfiltrated data on port 139. Which of the following sources should the analyst review to BEST ascertain how the incident could have been prevented?
A. The vulnerability scan output
B. The security logs
C. The baseline report
D. The correlation of events
عرض الإجابة
اجابة صحيحة: B
السؤال #18
A company has limited storage available and online presence that cannot for more than four hours. Which of the following backup methodologies should the company implement to allow for the FASTEST database restore time In the event of a failure, which being maindful of the limited available storage space?
A. Implement fulltape backup every Sunday at 8:00 p
B. Implement different backups every Sunday at 8:00 and nightly incremental backups at 8:00 p
C. Implement nightly full backups every Sunday at 8:00 p
D. Implement full backups every Sunday at 8:00 p
عرض الإجابة
اجابة صحيحة: B
السؤال #19
A public relations team will be taking a group of guest on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboars are cleaned and all desks are cleared. The company is MOST likely trying to protect against.
A. Loss of proprietary information
B. Damage to the company’s reputation
C. Social engineering
D. Credential exposure
عرض الإجابة
اجابة صحيحة: A
السؤال #20
When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?
A. Acceptance
B. Mitigation
C. Avoidance
D. Transference
عرض الإجابة
اجابة صحيحة: A
السؤال #21
Which of the following environments minimizes end-user disruption and is MOST likely to be used to assess the impacts of any database migrations or major system changes by using the final version of the code?
A. Staging
B. Test
C. Production
D. Development
عرض الإجابة
اجابة صحيحة: B
السؤال #22
A software developer needs to perform code-execution testing, black-box testing, and non-functional testing on a new product before its general release. Which of the following BEST describes the tasks the developer is conducting?
A. Verification
B. Validation
C. Normalization
D. Staging
عرض الإجابة
اجابة صحيحة: D
السؤال #23
The process of passively gathering information poor to launching a cyberattack is called:
A. tailgating
B. reconnaissance
C. pharming
D. prepending
عرض الإجابة
اجابة صحيحة: D
السؤال #24
uring an investigation, a security manager receives notification from local authorities that company proprietary data was found on a former employee's home computer. The former employee's corporate workstation has since been repurposed, and the data on the hard drive has been overwritten. Which of the following would BEST provide the security manager with enough details to determine when the data was removed from the company network?
A. Properly configured hosts with security logging
B. Properly configured endpoint security tool with alerting
C. Properly configured SIEM with retention policies
D. Properly configured USB blocker with encryption
عرض الإجابة
اجابة صحيحة: D
السؤال #25
Which of the following refers to applications and systems that are used within an organization without consent or approval?
A. Shadow IT
B. OSINT
C. Dark web
D. Insider threats
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: