لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Under GDPR, which of the following is MOST responsible for the protection of privacy and website user rights?
A. The data protection officer
B. The data processor
C. The data owner
D. The data controller
عرض الإجابة
اجابة صحيحة: D
السؤال #2
Company engineers regularly participate in a public Internet forum with other engineers throughout the industry. Which of the following tactics would an attacker MOST likely use in this scenario?
A. Watering-hole attack
B. Credential harvesting
C. Hybrid warfare
D. Pharming
عرض الإجابة
اجابة صحيحة: AE
السؤال #3
A company has decided to move its operations to the cloud. It wants to utilize technology that will prevent users from downloading company applications for personal use, restrict data that is uploaded, and have visibility into which applications are being used across the company. Which of the following solutions will BEST meet these requirements?
A. An NGFW
B. A CASB
C. Application whitelisting
D. An NG-SWG
عرض الإجابة
اجابة صحيحة: C
السؤال #4
Which of the following would a European company interested in implementing a technical, hands-on set of security standards MOST likely choose?
A. GOPR
B. CIS controls
C. ISO 27001
D. Is0 37000
عرض الإجابة
اجابة صحيحة: B
السؤال #5
Which of the following describes the BEST approach for deploying application patches?
A. Apply the patches to systems in a testing environment then to systems in a staging environment, and finally to production systems
B. Test the patches in a staging environment, develop against them in the development environment, and then apply them to the production systems
C. Test the patches m a test environment apply them to the production systems and then apply them to a staging environment
D. Apply the patches to the production systems apply them in a staging environment, and then test all of them in a testing environment
عرض الإجابة
اجابة صحيحة: B
السؤال #6
In which of the following risk management strategies would cybersecurity insurance be used?
A. Transference
B. Avoidance
C. Acceptance
D. Mitigation
عرض الإجابة
اجابة صحيحة: C
السؤال #7
A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred. Which of the following is the analyst MOST likely seeing?
A. Option A
B. Option B
C. Option C
D. Option D
عرض الإجابة
اجابة صحيحة: C
السؤال #8
A security analyst is preparing a threat for an upcoming internal penetration test. The analyst needs to identify a method for determining the tactics, techniques, and procedures of a threat against the organization’s network. Which of the following will the analyst MOST likely use to accomplish the objective?
A. A table exercise
B. NST CSF
C. MTRE ATT$CK
D. OWASP
عرض الإجابة
اجابة صحيحة: A
السؤال #9
Law enforcement officials sent a company a notification that states electronically stored information and paper documents cannot be destroyed. Which of the following explains this process?
A. Data breach notification
B. Accountability
C. Legal hald
D. Chain of custody
عرض الإجابة
اجابة صحيحة: D
السؤال #10
A RAT that was used to compromise an organization’s banking credentials was found on a user’s computer. The RAT evaded antivirus detection. It was installed by a user who has local administrator rights to the system as part of a remote management tool set. Which of the following recommendations would BEST prevent this from reoccurring?
A. Create a new acceptable use policy
B. Segment the network into trusted and untrusted zones
C. Enforce application whitelisting
D. Implement DLP at the network boundary
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Which of the following allows for functional test data to be used in new systems for testing and training purposes to protect the read data?
A. Data encryption
B. Data masking
C. Data deduplication
D. Data minimization
عرض الإجابة
اجابة صحيحة: A
السؤال #12
The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?
A. Updating the playbooks with better decision points
B. Dividing the network into trusted and untrusted zones
C. Providing additional end-user training on acceptable use
D. Implementing manual quarantining of infected hosts
عرض الإجابة
اجابة صحيحة: C
السؤال #13
A security engineering installing A WAF to protect the company’s website from malicious web requests over SSL. Which of the following is needed to meet the objective?
A. A reverse proxy
B. A decryption certificate
C. A split-tunnel VPN
D. Load-balanced servers
عرض الإجابة
اجابة صحيحة: A
السؤال #14
Which of the following scenarios BEST describes a risk reduction technique?
A. A security control objective cannot be met through a technical change, so the company purchases insurance and is no longer concerned about losses from data breaches
B. A security control objective cannot be met through a technical change, so the company implements a policy to train users on a more secure method of operation
C. A security control objective cannot be met through a technical change, so the company changes as method of operation
D. A security control objective cannot be met through a technical change, so the Chief Information Officer (CIO) decides to sign off on the risk
عرض الإجابة
اجابة صحيحة: D
السؤال #15
A security analyst has received an alert about being sent via email. The analyst’s Chief information Security Officer (CISO) has made it clear that PII must be handle with extreme care From which of the following did the alert MOST likely originate?
A. S/MIME
B. DLP
C. IMAP
D. HIDS
عرض الإجابة
اجابة صحيحة: C
السؤال #16
A company uses specially configured workstations for any work that requires administrator privileges to its Tier 0 and Tier 1 systems. The company follows a strict process to harden systems immediately upon delivery. Even with these strict security measures in place, an incident occurred from one of the workstations. The root cause appears to be that the SoC was tampered with or replaced. Which of the following MOST likely occurred?
A. Fileless malware
B. A downgrade attack
C. A supply-chain attack
D. A logic bomb
E. Misconfigured BIOS
عرض الإجابة
اجابة صحيحة: D
السؤال #17
An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance’s vulnerable state?
A. The system was configured with weak default security settings
B. The device uses weak encryption ciphers
C. The vendor has not supplied a patch for the appliance
D. The appliance requires administrative credentials for the assessment
عرض الإجابة
اجابة صحيحة: C
السؤال #18
An analyst needs to set up a method for securely transferring files between systems. One of the requirements is to authenticate the IP header and the payload. Which of the following services would BEST meet the criteria?
A. TLS
B. PFS
C. ESP
D. AH
عرض الإجابة
اجابة صحيحة: D
السؤال #19
An attacker is trying to gain access by installing malware on a website that is known to be visited by the target victims. Which of the following is the attacker MOST likely attempting?
A. A spear-phishing attack
B. A watering-hole attack
C. Typo squatting
D. A phishing attack
عرض الإجابة
اجابة صحيحة: B
السؤال #20
A security analyst Is investigating a malware incident at a company. The malware is accessing a command-and-control website at www.comptia.com. All outbound Intemet traffic is logged to a syslog server and stored in / logfiles/messages. Which of the following commands would be BEST for the analyst to use on the syslog server to search for recent traffic to the command-and-control website?
A. head -500 www
B. cat /logfiles/messages | tail -500 wew
C. tail -500 /legfiles/messages | grep www
D. grep -500 /logfiles/messages | cat www
عرض الإجابة
اجابة صحيحة: B
السؤال #21
Which of the following stores data directly on devices with limited processing and storage capacity?
A. Thin client
B. Containers
C. Edge
D. Hybrid cloud
عرض الإجابة
اجابة صحيحة: B
السؤال #22
A user enters a password to log in to a workstation and is then prompted to enter an authentication code. Which of the following MFA factors or attributes are being utilized in the authentication process? (Select TWO).
A. Something you know
B. Something you have
C. Somewhere you are
D. Someone you are
E. Something you are
F. Something you can do
عرض الإجابة
اجابة صحيحة: C
السؤال #23
A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?
A. A non-disclosure agreement
B. Least privilege
C. An acceptable use policy
D. Ofboarding
عرض الإجابة
اجابة صحيحة: ADG
السؤال #24
Several employees return to work the day after attending an industry trade show. That same day, the security manager notices several malware alerts coming from each of the employee’s workstations. The security manager investigates but finds no signs of an attack on the perimeter firewall or the NIDS. Which of the following is MOST likely causing the malware alerts?
A. A worm that has propagated itself across the intranet, which was initiated by presentation media
B. A fileless virus that is contained on a vCard that is attempting to execute an attack
C. A Trojan that has passed through and executed malicious code on the hosts
D. A USB flash drive that is trying to run malicious code but is being blocked by the host firewall
عرض الإجابة
اجابة صحيحة: C
السؤال #25
The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?
A. Install a NIDS device at the boundary
B. Segment the network with firewalls
C. Update all antivirus signatures daily
D. Implement application blacklisting
عرض الإجابة
اجابة صحيحة: C
السؤال #26
Which of the following describes the ability of code to target a hypervisor from inside
A. Fog computing
B. VM escape
C. Software-defined networking
D. Image forgery
E. Container breakout
عرض الإجابة
اجابة صحيحة: C
السؤال #27
Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the following should administrator implement to protect the environment from this malware?
A. Install a definition-based antivirus
B. Implement an IDS/IPS
C. Implement a heuristic behavior-detection solution
D. Implement CASB to protect the network shares
عرض الإجابة
اجابة صحيحة: C
السؤال #28
A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?
A. Corrective
B. Physical
C. Detective
D. Administrative
عرض الإجابة
اجابة صحيحة: A
السؤال #29
A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet. Which of the following would MOST likely allow the company to find the cause?
A. Checksums
B. Watermarks
C. Oder of volatility
D. A log analysis
E. A right-to-audit clause
عرض الإجابة
اجابة صحيحة: C
السؤال #30
A network administrator al a large organization | reviewing methods lo improve the securty of the wired LAN, Any seourty improvement must be centrally managed and alow corporate-owned devices lo have access to the intranet bul limit others to Internet access only. Which of the following should the adeninistrator recommend?
A. 802
B. $50 to authenticate comorate users
C. MAC address filtering with ACLs on the router
D. PAM for user account management
عرض الإجابة
اجابة صحيحة: A
السؤال #31
A cybersecurity administrator is using iptables as an enterprise firewall. The administrator created some rules, but the network now seems to be unresponsive All connections are being dropped by the firewall. Which of the following would be the BEST option to remove the rules?
A. # iptables -t mangle -X
B. # iptables –F
C. # iptables -Z
D. # iptables -P INPUT -j DROP
عرض الإجابة
اجابة صحيحة: C
السؤال #32
A security Daalyst is taking part in an evaluation process that analyzes and categorizes threat actors of real-world events in order to improve the incident response team's process. Which of the following is the analyst MOST likely participating in?
A. MITRE ATT&CKB Walk-through
B. Red team
C. Purple team
D. TAXII
عرض الإجابة
اجابة صحيحة: B
السؤال #33
A Chief Security Officer (CSO) is concerned about the amount of PII that is stored locally on each salesperson’s laptop. The sales department has a higher-than- average rate of lost equipment. Which of the following recommendations would BEST address the CSO’s concern?
A. Deploy an MDM solution
B. Implement managed FDE
C. Replace all hard drives with SEDs
D. Install DLP agents on each laptop
عرض الإجابة
اجابة صحيحة: B
السؤال #34
A company just developed a new web application for a government agency. The application must be assessed and authorized prior to being deployed. Which of the following is required to assess the vulnerabilities resident in the application?
A. Repository transaction logs
B. Common Vulnerabilities and Exposures
C. Static code analysis
D. Non-credentialed scans
عرض الإجابة
اجابة صحيحة: A
السؤال #35
ecent changes toa company's BYOD policy require all personal mobile devices to use a two-factor authentication method that Is not something you know or have. Which of the following will meet this requirement?
A. Facial recognition
B. Six-digit PIN
C. PKI certificate
D. Smart card
عرض الإجابة
اجابة صحيحة: B
السؤال #36
A penetration tester gains access to a network by exploiting a vulnerability on a public-facing web server. Which of the following techniques will the tester most likely perform NEXT?
A. Gather more Information about the target through passive reconnaissance
B. Establish rules of engagement before proceeding
C. Create a user account to maintain persistence
D. Move laterally throughout the network to search for sensitive information
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.