لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
A user is trying unsuccessfully to send images via SMS. The user downloaded the images from a corporate email account on a work phone. Which of the following policies is preventing the user from completing this action?
A. Application management
B. Content management
C. Containerization
D. Full disk encryption
عرض الإجابة
اجابة صحيحة: AB
السؤال #2
A company has hired an assessment team to test the security of the corporate network and employee vigilance. Only the Chief Executive Officer and Chief Operating Officer are aware of this exercise, and very little information has been provided to the assessors. Which of the following is taking place?
A. A red-team test
B. A white-team test
C. A purple-team test
D. A blue-team test
عرض الإجابة
اجابة صحيحة: C
السؤال #3
An attacker is using a method to hide data inside of benign files in order to exfiltrate confidential data. Which of the following is the attacker most likely using?
A. Base64 encoding
B. Steganography
C. Data encryption
D. Perfect forward secrecy
عرض الإجابة
اجابة صحيحة: D
السؤال #4
An employee's company account was used in a data breach Interviews with the employee revealed: ? The employee was able to avoid changing passwords by using a previous password again. ? The account was accessed from a hostile, foreign nation, but the employee has never traveled to any other countries. Which of the following can be implemented to prevent these issues from reoccuring? (Select TWO)
A. Geographic dispersal
B. Password complexity
C. Password history
D. Geotagging
E. Password lockout
F. Geofencing
عرض الإجابة
اجابة صحيحة: A
السؤال #5
A security analyst receives alerts about an internal system sending a large amount of unusual DNS queries to systems on the internet over short periods of time during non-business hours. Which of the following is most likely occurring?
A. A worm is propagating across the network
B. Data is being exfiltrated
C. A logic bomb is deleting data
D. Ransomware is encrypting files
عرض الإجابة
اجابة صحيحة: C
السؤال #6
A user enters a password to log in to a workstation and is then prompted to enter an authentication code Which of the following MFA factors or attributes are being utilized in the authentication process? {Select two).
A. Something you know
B. Something you have
C. Somewhere you are
D. Someone you know
E. Something you are
F. Something you can do
عرض الإجابة
اجابة صحيحة: A
السؤال #7
An analyst is working on an investigation with multiple alerts for multiple hosts. The hosts are showing signs of being compromised by a fast-spreading worm. Which of the following should be the next step in order to stop the spread?
A. Disconnect every host from the network
B. Run an AV scan on the entire
C. Scan the hosts that show signs of
D. Place all known-infected hosts on an isolated network
عرض الإجابة
اجابة صحيحة: D
السؤال #8
Which of the following is the correct order of evidence from most to least volatile in forensic analysis?
A. Memory, disk, temporary filesystems, CPU cache
B. CPU cache, memory, disk, temporary filesystems
C. CPU cache, memory, temporary filesystems, disk
D. CPU cache, temporary filesystems, memory, disk
عرض الإجابة
اجابة صحيحة: B
السؤال #9
A security investigation revealed mat malicious software was installed on a server using a server administrator credentials. During the investigation the server administrator explained that Telnet was regularly used to log in. Which of the blowing most likely occurred?
A. A spraying attack was used to determine which credentials to use
B. A packet capture tool was used to steal the password
C. A remote-access Trojan was used to install the malware
D. A directory attack was used to log in as the server administrator
عرض الإجابة
اجابة صحيحة: CF
السؤال #10
An organization's corporate offices were destroyed due to a natural disaster, so the organization is now setting up offices in a temporary work space. Which of the following will the organization most likely consult?
A. The business continuity plan
B. The risk management plan
C. The communication plan
D. The incident response plan
عرض الإجابة
اجابة صحيحة: B
السؤال #11
A company is concerned about individuals dnvmg a car into the building to gam access Which of the following security controls would work BEST to prevent this from happening?
A. Bollard
B. Camera
C. Alarms
D. Signage
E. Access control vestibule
عرض الإجابة
اجابة صحيحة: D
السؤال #12
Which of the following would be most effective to contain a rapidly spreading attack that is affecting a large number of organizations?
A. Machine learning
B. DNS sinkhole
C. Blocklist
D. Honey pot
عرض الإجابة
اجابة صحيحة: D
السؤال #13
A company recently experienced an attack during which 5 main website was directed to the atack-er’s web server, allowing the attacker to harvest credentials from unsuspecting customers. Which of the following should the company Implement to prevent this type of attack from occurring in the future?
A. IPSec
B. SSL/TLS
C. DNSSEC
D. S/MIME
عرض الإجابة
اجابة صحيحة: B
السؤال #14
A company wants to deploy decoy systems alongside production systems in order to entice threat actors and to learn more about attackers. Which of the follow r 3 best describes these systems?
A. DNS sinkholes
B. Honey pots
C. Virtual machines
D. Neural networks
عرض الإجابة
اجابة صحيحة: D
السؤال #15
A security analyst is assisting a team of developers with best practices for coding. The security analyst would like to defend against the use of SQL injection attacks. Which of the following should the security analyst recommend first?
A. Tokenization
B. Input validation
C. Code signing
D. Secure cookies
عرض الإجابة
اجابة صحيحة: D
السؤال #16
A security operations center wants to implement a solution that can execute files to test for malicious activity. The solution should provide a report of the files' activity against known threats. Which of the following should the security operations center implement?
A. theHarvester
B. Nessus
C. Cuckoo
D. Sn1per
عرض الإجابة
اجابة صحيحة: AB
السؤال #17
Developers are writing code and merging it into shared repositories several times a day. where it is tested automatically. Which of the following concepts does this best represent?
A. Functional testing
B. Stored procedures
C. Elasticity
D. Continuous Integration
عرض الإجابة
اجابة صحيحة: A
السؤال #18
A company recently completed the transition from data centers to the cloud. Which of the following solutions will best enable the company to detect security threats in applications that run in isolated environments within the cloud environment?
A. Security groups
B. Container security
C. Virtual networks
D. Segmentation
عرض الإجابة
اجابة صحيحة: A
السؤال #19
A company a "right to forgotten" request To legally comply, the company must remove data related to the requester from its systems. Which Of the following Company most likely complying with?
A. NIST CSF
B. GDPR
C. PCI OSS
D. ISO 27001
عرض الإجابة
اجابة صحيحة: D
السؤال #20
A security administrator would like to ensure all cloud servers will have software preinstalled for facilitating vulnerability scanning and continuous monitoring. Which of the following concepts should the administrator utilize?
A. Provisioning
B. Staging
C. Development
D. Quality assurance
عرض الإجابة
اجابة صحيحة: C
السؤال #21
Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation. INSTRUCTIONS Not all attacks and remediation actions will be used. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
A. Mastered
B. Not Mastered
عرض الإجابة
اجابة صحيحة: B
السؤال #22
A security incident has been resolved Which of the following BEST describes the importance of the final phase of the incident response plan?
A. It examines and documents how well the team responded discovers what caused the incident, and determines how the incident can be avoided in the future
B. It returns the affected systems back into production once systems have been fully patched, data restored and vulnerabilities addressed
C. It identifies the incident and the scope of the breach how it affects the production environment, and the ingress point
D. It contains the affected systems and disconnects them from the network, preventing further spread of the attack or breach
عرض الإجابة
اجابة صحيحة: C
السؤال #23
An organization is concerned that ils hosted web servers are not running the most updated version of the software. Which of the following would work best to help identify potential vulnerabilities?
A. hping3 -S compcia
B. nc -1 -v comptia
C. nmap comptia
D. nslookup -port?80 comptia
عرض الإجابة
اجابة صحيحة: D
السؤال #24
A financial institution recently joined a bug bounty program to identify security issues in the institution's new public platform. Which of the following best describes who the institution is working with to identify security issues?
A. Script kiddie
B. Insider threats
C. Malicious actor
D. Authorized hacker
عرض الإجابة
اجابة صحيحة: A
السؤال #25
A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would best support the policy?
A. Mobile device management
B. Full device encryption
C. Remote wipe
D. Biometrics
عرض الإجابة
اجابة صحيحة: B
السؤال #26
A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst decides to run some commands on the gateway and obtains the following output: Which of the following BEST describes the attack the company is experiencing?
A. MAC flooding
B. URL redirection
C. ARP poisoning
D. DNS hijacking
عرض الإجابة
اجابة صحيحة: B
السؤال #27
A security analyst is reviewing computer logs because a host was compromised by malware After the computer was infected it displayed an error screen and shut down. Which of the following should the analyst review first to determine more information?
A. Dump file
B. System log
C. Web application log
D. Security too
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.