لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Which of the following is the correct order of volatility from MOST to LEAST volatile?
A. Memory, temporary filesystems, routing tables, disk, network storage
B. Cache, memory, temporary filesystems, disk, archival media C
عرض الإجابة
اجابة صحيحة: D
السؤال #2
An organization’s help desk is flooded with phone calls from users stating they can no longer access certain websites. The help desk escalates the issue to the security team, as these websites were accessible the previous day. The security analysts run the following command: ipconfig /flushdns, but the issue persists. Finally, an analyst changes the DNS server for an impacted machine, and the issue goes away. Which of the following attacks MOST likely occurred on the original DNS server?
A. DNS cache poisoning
B. Domain hijacking C
عرض الإجابة
اجابة صحيحة: D
السؤال #3
An organization has decided to host its web application and database in the cloud. Which of the following BEST describes the security concerns for this decision?
A. Access to the organization’s servers could be exposed to other cloud-provider clients
B. The cloud vendor is a new attack vector within the supply chain
عرض الإجابة
اجابة صحيحة: D
السؤال #4
A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error?
A. The examiner does not have administrative privileges to the system
B. The system must be taken offline before a snapshot can be created
عرض الإجابة
اجابة صحيحة: C
السؤال #5
A small retail business has a local store and a newly established and growing online storefront. A recent storm caused a power outage to the business and the local ISP, resulting in several hours of lost sales and delayed order processing. The business owner now needs to ensure two things: Protection from power outages Always-available connectivity in case of an outage The owner has decided to implement battery backups for the computer equipment. Which of the following would BEST fulfill the owner’s second
A. Lease a point-to-point circuit to provide dedicated access
B. Connect the business router to its own dedicated UPS
عرض الإجابة
اجابة صحيحة: D
السؤال #6
Which of the following are requirements that must be configured for PCI DSS compliance? (Choose two.)
A. Testing security systems and processes regularly
B. Installing and maintaining a web proxy to protect cardholder data C
E. Benchmarking security awareness training for contractors
F. Using vendor-supplied default passwords for system passwords
عرض الإجابة
اجابة صحيحة: B
السؤال #7
SIMULATION A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites. INSTRUCTIONS Click on each firewall to do the following: 1. Deny cleartext web traffic. 2. Ensure secure management protocols are used. 3. Resolve issues at the DR site. The ruleset order cannot be modified due to outside constraints. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
A. See explanation below
عرض الإجابة
اجابة صحيحة: D
السؤال #8
A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be nondisruptive and user friendly. Which of the following technologies should the IT manager use when implementing MFA?
A. One-time passwords
B. Email tokens C
عرض الإجابة
اجابة صحيحة: F
السؤال #9
An organization has various applications that contain sensitive data hosted in the cloud. The company’s leaders are concerned about lateral movement across applications of different trust levels. Which of the following solutions should the organization implement to address the concern? A.ISFW B.UTM C.SWG D.CASB
An organization has various applications that contain sensitive data hosted in the cloud. The company’s leaders are concerned about lateral movement across applications of different trust levels
عرض الإجابة
اجابة صحيحة: A
السؤال #10
Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the real data?
A. Data encryption
B. Data masking C
عرض الإجابة
اجابة صحيحة: C
السؤال #11
To reduce and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would BEST meet the needs of the organization?
A. MaaS
B. IaaS C
عرض الإجابة
اجابة صحيحة: C
السؤال #12
Which of the following provides the BEST protection for sensitive information and data stored in cloud-based services but still allows for full functionality and searchability of data within the cloud-based services?
A. Data encryption
B. Data masking C
عرض الإجابة
اجابة صحيحة: D
السؤال #13
A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are: www.company.com (main website) contactus.company.com (for locating a nearby location) quotes.company.com (for requesting a price quote) The company wants to purchase one SSL certificate that will work for all the existing applications and any future applications that follow the same naming conventions, such as store.company.com. Which of the following certificate types would BEST meet the requirem
A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are: www
عرض الإجابة
اجابة صحيحة: A
السؤال #14
An analyst needs to set up a method for securely transferring files between systems. One of the requirements is to authenticate the IP header and the payload. Which of the following services would BEST meet the criteria?
A. TLS B
عرض الإجابة
اجابة صحيحة: C
السؤال #15
In the middle of a cyberattack, a security engineer removes the infected devices from the network and locks down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?
A. Identification
B. Preparation C
F. Containment
عرض الإجابة
اجابة صحيحة: B
السؤال #16
A cybersecurity analyst needs to implement secure authentication to third-party websites without users’ passwords. Which of the following would be the BEST way to achieve this objective? A.OAuth B.SSO C.SAML D.PAP
A cybersecurity analyst needs to implement secure authentication to third-party websites without users’ passwords. Which of the following would be the BEST way to achieve this objective? A
عرض الإجابة
اجابة صحيحة: C
السؤال #17
A security analyst is running a vulnerability scan to check for missing patches during a suspected security incident. During which of the following phases of the response process is this activity MOST likely occurring?
A. Containment
B. Identification C
عرض الإجابة
اجابة صحيحة: B
السؤال #18
A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted web-browsing protocols. A security engineer runs a port scan against the server from the Internet and sees the following output: Which of the following steps would be best for the security engineer to take NEXT? A.Allow DNS access from the Internet. B.Block SMTP access from the Internet. C.Block HTTPS access from the Internet. D.Block SSH access from the Internet.
A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted web-browsing protocols. A security engineer runs a port scan against the server from the Internet and sees the following output: Which of the following steps would be best for the security engineer to take NEXT? A
عرض الإجابة
اجابة صحيحة: A
السؤال #19
A systems administrator needs to implement an access control scheme that will allow an object’s access policy to be determined by its owner. Which of the following access control schemes BEST fits the requirements?
A. Role-based access control
B. Discretionary access control C
عرض الإجابة
اجابة صحيحة: C
السؤال #20
HOTSPOT Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation. INSTRUCTIONS Not all attacks and remediation actions will be used. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Hot Area:
عرض الإجابة
اجابة صحيحة: BD
السؤال #21
Which of the following is a team of people dedicated to testing the effectiveness of organizational security programs by emulating the techniques of potential attackers?
A. Red team
B. White team C
عرض الإجابة
اجابة صحيحة: D
السؤال #22
Which of the following types of attacks is specific to the individual it targets?
A. Whaling
B. Pharming C
عرض الإجابة
اجابة صحيحة: B
السؤال #23
An organization is developing a plan in the event of a complete loss of critical systems and data. Which of the following plans is the organization MOST likely developing?
A. Incident response
B. Communications C
عرض الإجابة
اجابة صحيحة: C
السؤال #24
A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications. Which of the following implementations would be BEST to prevent the issue from reoccurring? A.CASB B.SWG C.Containerization D.Automated failover
A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications. Which of the following implementations would be BEST to prevent the issue from reoccurring? A
عرض الإجابة
اجابة صحيحة: D
السؤال #25
A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?
A. Implement open PSK on the APs
B. Deploy a WAF C
عرض الإجابة
اجابة صحيحة: C
السؤال #26
If a current private key is compromised, which of the following would ensure it cannot be used to decrypt all historical data? A.Perfect forward secrecy B.Elliptic-curve cryptography C.Key stretching D.Homomorphic encryption
If a current private key is compromised, which of the following would ensure it cannot be used to decrypt all historical data? A. erfect forward secrecy B
عرض الإجابة
اجابة صحيحة: B
السؤال #27
A public relations team will be taking a group of guests on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboards are cleaned and all desks are cleared. The company is MOST likely trying to protect against:
A. loss of proprietary information
B. damage to the company’s reputation
عرض الإجابة
اجابة صحيحة: A
السؤال #28
While reviewing the wireless router, a systems administrator of a small business determines someone is spoofing the MAC address of an authorized device. Given the table below: Which of the following should be the administrator’s NEXT step to detect if there is a rogue system without impacting availability?
A. Conduct a ping sweep
عرض الإجابة
اجابة صحيحة: A
السؤال #29
SIMULATION A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802.1X using the most secure encryption and protocol available. INSTRUCTIONS Perform the following steps: 1. Configure the RADIUS server. 2. Configure the WiFi controller. 3. Preconfigure the client for an incoming guest. The guest AD credentials are: User: guest01 Password: guestpass If at any time you would like to bring back the initial state of the simulation, pl
SIMULATION A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802
عرض الإجابة
اجابة صحيحة: A
السؤال #30
An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operations in a:
A. business continuity plan
B. communications plan
عرض الإجابة
اجابة صحيحة: C
السؤال #31
A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data. Historically, this setup has worked without issue, but the researcher recently started getting the following message: Which of the following network attacks is the researcher MOST likely experiencing? A.MAC cloning B.Evil twin C.Man-in-the-middle D.ARP poisoning
A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data
عرض الإجابة
اجابة صحيحة: A
السؤال #32
A user received an SMS on a mobile phone that asked for bank details. Which of the following social-engineering techniques was used in this case? A.SPIM
B. Vishing C
عرض الإجابة
اجابة صحيحة: C
السؤال #33
Which of the following distributes data among nodes, making it more difficult to manipulate the data while also minimizing downtime? A.MSSP
B. Public cloud C
عرض الإجابة
اجابة صحيحة: B
السؤال #34
An organization just experienced a major cyberattack incident. The attack was well coordinated, sophisticated, and highly skilled. Which of the following targeted the organization?
A. Shadow IT
B. An insider threat C
عرض الإجابة
اجابة صحيحة: C
السؤال #35
An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include: Check-in/checkout of credentials The ability to use but not know the password Automated password changes Logging of access to credentials Which of the following solutions would meet the requirements? A.OAuth 2.0 B.Secure Enclave C.A privileged access management system D.An OpenID Connect authentication system
An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include: Check-in/checkout of credentials The ability to use but not know the password Automated password changes Logging of access to credentials Which of the following solutions would meet the requirements? A
عرض الإجابة
اجابة صحيحة: D
السؤال #36
A startup company is using multiple SaaS and IaaS platforms to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms? A.SIEM
B. DLP C
عرض الإجابة
اجابة صحيحة: D
السؤال #37
A systems administrator is considering different backup solutions for the IT infrastructure. The company is looking for a solution that offers the fastest recovery time while also saving the most amount of storage used to maintain the backups. Which of the following recovery solutions would be the BEST option to meet these requirements?
A. Snapshot
B. Differential C
عرض الإجابة
اجابة صحيحة: A
السؤال #38
A company has determined that if its computer-based manufacturing machinery is not functioning for 12 consecutive hours, it will lose more money than it costs to maintain the equipment. Which of the following must be less than 12 hours maintain a positive total cost of ownership? A.MTBF B.RPO C.RTO D.MTTR
A company has determined that if its computer-based manufacturing machinery is not functioning for 12 consecutive hours, it will lose more money than it costs to maintain the equipment. Which of the following must be less than 12 hours maintain a positive total cost of ownership? A
عرض الإجابة
اجابة صحيحة: D
السؤال #39
An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance’s vulnerable state?
A. The system was configured with weak default security settings
B. The device uses weak encryption ciphers
عرض الإجابة
اجابة صحيحة: A
السؤال #40
Which of the following is the BEST reason to maintain a functional and effective asset management policy that aids in ensuring the security of an organization?
A. To provide data to quantify risk based on the organization’s systems
B. To keep all software and hardware fully patched for known vulnerabilities C
عرض الإجابة
اجابة صحيحة: C
السؤال #41
A security administrator currently spends a large amount of time on common security tasks, such as report generation, phishing investigations, and user provisioning and deprovisioning. This prevents the administrator from spending time on other security projects. The business does not have the budget to add more staff members. Which of the following should the administrator attempt? A.DAC B.ABAC C.SCAP D.SOAR
A security administrator currently spends a large amount of time on common security tasks, such as report generation, phishing investigations, and user provisioning and deprovisioning. This prevents the administrator from spending time on other security projects
عرض الإجابة
اجابة صحيحة: C
السؤال #42
A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports. Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)
A. Trusted Platform Module
B. A host-based firewall C
F. Antivirus software
عرض الإجابة
اجابة صحيحة: B
السؤال #43
When used at design stage, which of the following improves the efficiency, accuracy, and speed of a database?
A. Tokenization
B. Data masking C
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.