لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
A security engineer needs to implement the following requirements: All Layer 2 switches should leverage Active Directory for authentication. All Layer 2 switches should use local fallback authentication of Active Directory is offline. All Layer 2 switches are not the same and are manufactured by several vendors. Which of the following actions should the engineer take to meet these requirements? (Choose two.) A.Implement RADIUS.
B. Configure AAA on the switch with local login as secondary
E. Enable the local firewall on the Active Directory server
F. Implement a DHCP server
عرض الإجابة
اجابة صحيحة: AC
السؤال #2
A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would BEST support the policy? A.Mobile device management
B. Full-device encryption C
عرض الإجابة
اجابة صحيحة: A
السؤال #3
A network administrator has been asked to design a solution to improve a company’s security posture. The administrator is given the following requirements: The solution must be inline in the network. The solution must be able to block known malicious traffic. The solution must be able to stop network-based attacks. Which of the following should the network administrator implement to BEST meet these requirements? A.HIDS B.NIDS C.HIPS D.NIPS
A network administrator has been asked to design a solution to improve a company’s security posture. The administrator is given the following requirements: The solution must be inline in the network
عرض الإجابة
اجابة صحيحة: D
السؤال #4
A development team employs a practice of bringing all the code changes from multiple team members into the same development project through automation. A tool is utilized to validate the code and track source code through version control. Which of the following BEST describes this process?
A. Continuous delivery
B. Continuous integration C
عرض الإجابة
اجابة صحيحة: B
السؤال #5
An enterprise has hired an outside security firm to facilitate penetration testing on its network and applications. The firm has agreed to pay for each vulnerability that is discovered. Which of the following BEST represents the type of testing that is being used?
A. White-box
B. Red-team C
عرض الإجابة
اجابة صحيحة: C
السؤال #6
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?
A. The document is a honeyfile and is meant to attract the attention of a cyberintruder
B. The document is a backup file if the system needs to be recovered
عرض الإجابة
اجابة صحيحة: A
السؤال #7
Joe, a user at a company, clicked an email links that led to a website that infected his workstation. Joe was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and it has continued to evade detection. Which of the following should a security administrator implement to protect the environment from this malware?
A. Install a definition-based antivirus
عرض الإجابة
اجابة صحيحة: C
السؤال #8
A document that appears to be malicious has been discovered in an email that was sent to a company’s Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?
A. Open the document on an air-gapped network
B. View the document’s metadata for origin clues
عرض الإجابة
اجابة صحيحة: C
السؤال #9
A critical file server is being upgraded, and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meet this requirement? A.RAID 0+1 B.RAID 2 C.RAID 5 D.RAID 6
A critical file server is being upgraded, and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meet this requirement? A
عرض الإجابة
اجابة صحيحة: D
السؤال #10
A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?
A. The scan results show open ports, protocols, and services exposed on the target host
B. The scan enumerated software versions of installed programs C
عرض الإجابة
اجابة صحيحة: B
السؤال #11
Which of the following is a risk that is specifically associated with hosting applications in the public cloud?
A. Unsecured root accounts
B. Zero-day C
عرض الإجابة
اجابة صحيحة: BC
السؤال #12
An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device. Which of the following MDM configurations must be considered when the engineer travels for business? A.Screen locks
B. Application management C
عرض الإجابة
اجابة صحيحة: D
السؤال #13
The human resources department of a large online retailer has received multiple customer complaints about the rudeness of the automated chatbots it uses to interface and assist online shoppers. The system, which continuously learns and adapts, was working fine when it was installed a few months ago. Which of the following BEST describes the method being used to exploit the system?
A. Baseline modification B
عرض الإجابة
اجابة صحيحة: C
السؤال #14
An organization that has a large number of mobile devices is exploring enhanced security controls to manage unauthorized access if a device is lost or stolen. Specifically, if mobile devices are more than 3mi (4.8km) from the building, the management team would like to have the security team alerted and server resources restricted on those devices. Which of the following controls should the organization implement? A.Geofencing
B. Lockout C
عرض الإجابة
اجابة صحيحة: A
السؤال #15
A Chief Executive Officer (CEO) is dissatisfied with the level of service from the company’s new service provider. The service provider is preventing the CEO from sending email from a work account to a personal account. Which of the following types of service providers is being used?
A. Telecommunications service provider
B. Cloud service provider C
عرض الإجابة
اجابة صحيحة: B
السؤال #16
A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output: Which of the following is the router experiencing? A.DDoS attack
B. Memory leak C
عرض الإجابة
اجابة صحيحة: D
السؤال #17
A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks. Which of the following methods would BEST prevent the exfiltration of data? (Choose two.) A.VPN
B. Drive encryption C
F. MFA
عرض الإجابة
اجابة صحيحة: A
السؤال #18
A company is designing the layout of a new datacenter so it will have an optimal environmental temperature. Which of the following must be included? (Choose two.)
A. An air gap B
E. An IoT thermostat
F. A humidity monitor
عرض الإجابة
اجابة صحيحة: BE
السؤال #19
A security analyst needs to be proactive in understanding the types of attacks that could potentially target the company’s executives. Which of the following intelligence sources should the security analyst review?
A. Vulnerability feeds
B. Trusted automated exchange of indicator information C
عرض الإجابة
اجابة صحيحة: D
السؤال #20
Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms? A.SIEM B.CASB C.UTM D.EDR
Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms? A. IEM B
عرض الإجابة
اجابة صحيحة: B
السؤال #21
An organization relies on third-party video conferencing to conduct daily business. Recent security changes now require all remote workers to utilize a VPN to corporate resources. Which of the following would BEST maintain high-quality video conferencing while minimizing latency when connected to the VPN?
A. Using geographic diversity to have VPN terminations closer to end users
B. Utilizing split tunneling so only traffic for corporate resources is encrypted C
عرض الإجابة
اجابة صحيحة: B
السؤال #22
Which of the following incident response steps involves actions to protect critical systems while maintaining business operations?
A. Investigation
B. Containment C
عرض الإجابة
اجابة صحيحة: D
السؤال #23
A symmetric encryption algorithm is BEST suited for:
A. key-exchange scalability
B. protecting large amounts of data
عرض الإجابة
اجابة صحيحة: B
السؤال #24
A security analyst needs to perform periodic vulnerability scans on production systems. Which of the following scan types would produce the BEST vulnerability scan report? A.Port
B. Intrusive C
عرض الإجابة
اجابة صحيحة: D
السؤال #25
An organization is concerned that its hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?
A. hping3 –S comptia
B. nc –l –v comptia
عرض الإجابة
اجابة صحيحة: C
السؤال #26
An organization blocks user access to command-line interpreters, but hackers still managed to invoke the interpreters using native administrative tools. Which of the following should the security team do to prevent this from happening in the future?
A. Implement HIPS to block inbound and outbound SMB ports 139 and 445
B. Trigger a SIEM alert whenever the native OS tools are executed by the user
عرض الإجابة
اجابة صحيحة: C
السؤال #27
A company is upgrading its wireless infrastructure to WPA2-Enterprise using EAP-TLS. Which of the following must be part of the security architecture to achieve AAA? (Choose two.) A.DNSSEC
B. Reverse proxy C
F. RADIUS
عرض الإجابة
اجابة صحيحة: EF
السؤال #28
A security analyst receives a SIEM alert that someone logged in to the appadmin test account, which is only used for the early detection of attacks. The security analyst then reviews the following application log: Which of the following can the security analyst conclude?
A. A replay attack is being conducted against the application
B. An injection attack is being conducted against a user authentication system
عرض الإجابة
اجابة صحيحة: C
السؤال #29
Ann, a forensic analyst, needs to prove that the data she originally acquired has remained unchanged while in her custody. Which of the following should Ann use?
A. Chain of custody
B. Checksums C
عرض الإجابة
اجابة صحيحة: B
السؤال #30
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?
A. Updating the playbooks with better decision points
B. Dividing the network into trusted and untrusted zones C
عرض الإجابة
اجابة صحيحة: D
السؤال #31
Users at an organization have been installing programs from the Internet on their workstations without first receiving proper authorization. The organization maintains a portal from which users can install standardized programs. However, some users have administrative access on their workstations to enable legacy programs to function properly. Which of the following should the security administrator consider implementing to address this issue?
A. Application code signing
B. Application whitelisting C
عرض الإجابة
اجابة صحيحة: C
السؤال #32
After entering a username and password, an administrator must draw a gesture on a touch screen. Which of the following demonstrates what the administrator is providing?
A. Multifactor authentication
B. Something you can do C
عرض الإجابة
اجابة صحيحة: D
السؤال #33
A network administrator would like to configure a site-to-site VPN utilizing IPsec. The administrator wants the tunnel to be established with data integrity, encryption, authentication, and anti-replay functions. Which of the following should the administrator use when configuring the VPN? A.AH B.EDR C.ESP D.DNSSEC
A network administrator would like to configure a site-to-site VPN utilizing IPsec. The administrator wants the tunnel to be established with data integrity, encryption, authentication, and anti-replay functions
عرض الإجابة
اجابة صحيحة: C
السؤال #34
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?
A. DLP
B. HIDS C
عرض الإجابة
اجابة صحيحة: C
السؤال #35
The following are the logs of a successful attack: Which of the following controls would be BEST to use to prevent such a breach in the future?
A. Password history
B. Account expiration C
عرض الإجابة
اجابة صحيحة: D
السؤال #36
A security analyst is performing a forensic investigation involving compromised account credentials. Using the Event Viewer, the analyst was able to detect the following message: “Special privileges assigned to new logon.” Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?
A. Pass-the-hash
B. Buffer overflow C
عرض الإجابة
اجابة صحيحة: A
السؤال #37
A malicious actor recently penetrated a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know what was in the memory on the compromised server. Which of the following files should be given to the forensics firm? A.Security
B. Application C
عرض الإجابة
اجابة صحيحة: C
السؤال #38
A security analyst is reviewing information regarding recent vulnerabilities. Which of the following will the analyst MOST likely consult to validate which platforms have been affected? A.OSINT B.SIEM C.CVSS D.CVE
A security analyst is reviewing information regarding recent vulnerabilities. Which of the following will the analyst MOST likely consult to validate which platforms have been affected? A
عرض الإجابة
اجابة صحيحة: B
السؤال #39
During an incident, an EDR system detects an increase in the number of encrypted outbound connections from multiple hosts. A firewall is also reporting an increase in outbound connections that use random high ports. An analyst plans to review the correlated logs to find the source of the incident. Which of the following tools will BEST assist the analyst?
A. A vulnerability scanner B
عرض الإجابة
اجابة صحيحة: D
السؤال #40
After a hardware incident, an unplanned emergency maintenance activity was conducted to rectify the issue. Multiple alerts were generated on the SIEM during this period of time. Which of the following BEST explains what happened?
A. The unexpected traffic correlated against multiple rules, generating multiple alerts
B. Multiple alerts were generated due to an attack occurring at the same time C
عرض الإجابة
اجابة صحيحة: D
السؤال #41
An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable? A.SED B.HSM C.DLP D.TPM
An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable? A
عرض الإجابة
اجابة صحيحة: A
السؤال #42
A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements: The devices will be used internationally by staff who travel extensively. Occasional personal use is acceptable due to the travel requirements. Users must be able to install and configure sanctioned programs and productivity suites. The devices must be encrypted. The devices must be capable of operating in low-bandwidth environments. Which of the following would provide the GREATE
A. Configuring an always-on VPN
B. Implementing application whitelisting C
عرض الإجابة
اجابة صحيحة: D
السؤال #43
A smart switch has the ability to monitor electrical levels and shut off power to a building in the event of power surge of power surge or other fault situation. The switch was installed on a wired network in a hospital and is monitored by the facilities department via a cloud application. The security administrator isolated the switch on a separate VLAN and set up a patching routine. Which of the following steps should also be taken to harden the smart switch?
A. Set up an air gap for the switch
B. Change the default password for the switch
عرض الإجابة
اجابة صحيحة: B
السؤال #44
A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and gets a fiveminute pcap to analyze. The analyst observes the following output: Which of the following attacks does the analyst MOST likely see in this packet capture?
A. Session replay B
عرض الإجابة
اجابة صحيحة: B
السؤال #45
A privileged user at a company stole several proprietary documents from a server. The user also went into the log files and deleted all records of the incident. The systems administrator has just informed investigators that other log files are available for review. Which of the following did the administrator MOST likely configure that will assist the investigators?
A. Memory dumps
B. The syslog server C
عرض الإجابة
اجابة صحيحة: C
السؤال #46
Which of the following ISO standards is certified for privacy?
A. ISO 9001
B. ISO 27002 C
عرض الإجابة
اجابة صحيحة: BE
السؤال #47
A security analyst is reviewing the following attack log output: Which of the following types of attacks does this MOST likely represent?
A. Rainbow table B
عرض الإجابة
اجابة صحيحة: C
السؤال #48
When selecting a technical solution for identity management, an architect chooses to go from an in-house solution to a thirdparty SaaS provider. Which of the following risk management strategies is this an example of?
A. Transference
B. Avoidance C
عرض الإجابة
اجابة صحيحة: A
السؤال #49
An organization wants to implement a third factor to an existing multifactor authentication. The organization already uses a smart card and password. Which of the following would meet the organization’s needs for a third factor? A.Date of birth
B. Fingerprints C
عرض الإجابة
اجابة صحيحة: B
السؤال #50
Which of the following describes the BEST approach for deploying application patches?
A. Apply the patches to systems in a testing environment, then to systems in a staging environment, and finally to production systems
B. Test the patches in a staging environment, develop against them in the development environment, and then apply them to the production systems
عرض الإجابة
اجابة صحيحة: A
السؤال #51
During a routine scan of a wireless segment at a retail company, a security administrator discovers several devices are connected to the network that do not match the company’s naming convention and are not in the asset inventory. WiFi access is protected with 256-bit encryption via WPA2. Physical access to the company’s facility requires two-factor authentication using a badge and a passcode. Which of the following should the administrator implement to find and remediate the issue? (Choose two.)
A. Check the SIEM for failed logins to the LDAP directory
B. Enable MAC filtering on the switches that support the wireless network
E. Scan the wireless network for rogue access points
F. Deploy a honeypot on the network
عرض الإجابة
اجابة صحيحة: BE
السؤال #52
Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Choose two.) A.Block cipher
B. Hashing C
E. Salting
F. Symmetric keys
عرض الإجابة
اجابة صحيحة: C
السؤال #53
During an incident, a company’s CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. Which of the following techniques would be BEST to enable this activity while reducing the risk of lateral spread and the risk that the adversary would notice any changes?
A. Physically move the PC to a separate Internet point of presence
B. Create and apply microsegmentation rules
عرض الإجابة
اجابة صحيحة: B
السؤال #54
Which of the following should a technician consider when selecting an encryption method for data that needs to remain confidential for a specific length of time?
A. The key length of the encryption algorithm
B. The encryption algorithm’s longevity C
عرض الإجابة
اجابة صحيحة: A
السؤال #55
A commercial cyber-threat intelligence organization observes IoCs across a variety of unrelated customers. Prior to releasing specific threat intelligence to other paid subscribers, the organization is MOST likely obligated by contracts to:
A. perform attribution to specific APTs and nation-state actors
B. anonymize any PII that is observed within the IoC data
عرض الإجابة
اجابة صحيحة: B
السؤال #56
When implementing automation with IoT devices, which of the following should be considered FIRST to keep the network secure?
A. Z-Wave compatibility
B. Network range C
عرض الإجابة
اجابة صحيحة: D
السؤال #57
A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST meet these requirements?
A. RA B
عرض الإجابة
اجابة صحيحة: C
السؤال #58
Joe, an employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm Joe’s identity before sending him the prize. Which of the following BEST describes this type of email?
A. Spear phishing
B. Whaling C
عرض الإجابة
اجابة صحيحة: C
السؤال #59
A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices, the following requirements must be met: Mobile device OSs must be patched up to the latest release. A screen lock must be enabled (passcode or biometric). Corporate data must be removed if the device is reported lost or stolen. Which of the following controls should the security engineer configure? (Choo
A. Containerization
B. Storage segmentation C
E. Full-device encryption
F. Geofencing
عرض الإجابة
اجابة صحيحة: CD
السؤال #60
An organization is developing an authentication service for use at the entry and exit ports of country borders. The service will use data feeds obtained from passport systems, passenger manifests, and high-definition video feeds from CCTV systems that are located at the ports. The service will incorporate machine-learning techniques to eliminate biometric enrollment processes while still allowing authorities to identify passengers with increasing accuracy over time. The more frequently passengers travel, th
E. Retina
F. Fingerprint
عرض الإجابة
اجابة صحيحة: BD

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.