A security analyst is looking for a solution to help communicate to the leadership team the seventy levels of the organization's vulnerabilities. Which of the following would BEST meet this need?

A technician needs to prevent data loss in a laboratory. The laboratory is not connected to any external networks. Which of the following methods would BEST prevent data? (Select TWO)

Which of the following types of controls is a turnstile?

After entering a username and password, an administrator must draw a gesture on a touch screen. Which of the following demonstrates what the administrator is providing?

Image

Which of the following algorithms has the SMALLEST key size?

A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?

A financial analyst is expecting an email containing sensitive information from a client. When the email arrives, the analyst receives an error and is unable to open the encrypted message. Which of the following is the MOST likely cause of the issue?

A system administrator needs to implement an access control scheme that will allow an object's access policy be determined by its owner. Which of the following access control schemes BEST fits the requirements?

Which of the following are the MOST likely vectors for the unauthorized or unintentional inclusion of vulnerable code in a software company's final software releases? (Choose two.)

A malicious actor recently penetration a company's network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server. Which of the following files should be given to the forensics firm?

An enterprise has hired an outside security firm to conduct penetration testing on its network and applications. The firm has only been given the documentation available to the customers of the applications. Which of the following BEST represents the type of testing that will occur?

A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do FIRST after recovery?

A well-known organization has been experiencing attacks from APIs. The organization is concerned that custom malware is being created and emailed into the company or installed on USB sticks that are dropped in parking lots. Which of the following is the BEST defense against this scenario?

A cybersecurity administrator has a reduced team and needs to operate an on-premises network and security infrastructure efficiently. To help with the situation, the administrator decides to hire a service provider. Which of the following should the administrator use?

Which of the following will provide the BEST physical security countermeasures to stop intruders? (Choose two.)

A security engineer needs to Implement the following requirements: - All Layer 2 switches should leverage Active Directory for authentication. - All Layer 2 switches should use local fallback authentication If Active Directory Is offline. - All Layer 2 switches are not the same and are manufactured by several vendors. Which of the following actions should the engineer take to meet these requirements? (Choose two.)

A software developer needs to perform code-execution testing, black-box testing, and nonfunctional testing on a new product before its general release. Which of the following BEST describes the tasks the developer is conducting?

A vulnerability assessment report will include the CVSS score of the discovered vulnerabilities because the score allows the organization to better.

During an incident response, a security analyst observes the following log entry on the web server. GET http://www.companysite.com/product_info.php? show=../../../../etc/passwd HTTP/1.1 Host: www.companysite.com Which of the following BEST describes the type of attack the analyst is experience?

Users have been issued smart cards that provide physical access to a building. The cards also contain tokens that can be used to access information systems. Users can log in to any thin client located throughout the building and see the same desktop each time. Which of the following technologies are being utilized to provide these capabilities? (Choose two.)

A security analyst discovers several jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?

A security analyst is performing a forensic investigation compromised account credentials. Using the Event Viewer, the analyst able to detect the following message: "Special privileges assigned to new login." Several of these messages did not have a valid logon associated with the user before these privileges were assigned. Which of the following attacks is MOST likely being detected?

A security analyst needs to generate a server certificate to be used for 802.1 and secure RDP connections. The analyst is unsure what is required to perform the task and solicits help from a senior colleague. Which of the following is the FIRST step the senior colleague will most likely tell the analyst to perform to accomplish this task?

An organization hired a consultant to assist with an active attack, and the consultant was able to identify the compromised accounts and computers. Which of the following is the consultant MOST likely to recommend to prepare for eradication?

Users at organization have been installing programs from the internet on their workstations without first proper authorization. The organization maintains a portal from which users can install standardized programs. However, some users have administrative access on their workstations to enable legacy programs to function property. Which of the following should the security administrator consider implementing to address this issue?

Image

Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the following should administrator implement to protect the environment from this malware?

A security analyst needs to complete an assessment. The analyst is logged into a server and must use native tools to map services running on it to the server's listening ports. Which of the following tools can BEST accomplish this talk?

An organization just experienced a major cyberattack modem. The attack was well coordinated sophisticated and highly skilled. Which of the following targeted the organization?

A user enters a password to log in to a workstation and is then prompted to enter an authentication code. Which of the following MFA factors or attributes are being utilized in the authentication process? (Choose two.)

A security engineer is reviewing log files after a third party discovered usernames and passwords for the organization's accounts. The engineer sees there was a change in the IP address for a vendor website one week earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?

A database administrator needs to ensure all passwords are stored in a secure manner, so the administrate adds randomly generated data to each password before string. Which of the following techniques BEST explains this action?

A network administrator is setting up wireless access points in all the conference rooms and wants to authenticate device using PKI. Which of the following should the administrator configure?

An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:

A network engineer is troubleshooting wireless network connectivity issues that were reported by users. The issues are occurring only in the section of the building that is closest to the parking lot. Users are intermittently experiencing slow speeds when accessing websites and are unable to connect to network drives. The issues appear to increase when laptop users return desks after using their devices in other areas of the building. There have also been reports of users being required to enter their credentials on web pages in order to gain access to them. Which of the following is the MOST likely cause of this issue?

A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization's executives determine the next course of action?

Which of the following scenarios BEST describes a risk reduction technique?

Image

An end user reports a computer has been acting slower than normal for a few weeks. During an investigation, an analyst determines the system is sending the user's email address and a ten- digit number to an IP address once a day. The only recent log entry regarding the user's computer is the following: Which of the following is the MOST Ilikely cause of the issue?

Which of the following scenarios would make a DNS sinkhole effective in thwarting an attack?

A security analyst reviews the datacenter access logs for a fingerprint scanner and notices an abundance of errors that correlate with users' reports of issues accessing the facility. Which of the following MOST likely the cause of the cause of the access issues?

A company's Chief Information Security Officer (CISO) recently wamed the security manager that the company's Chief Executive Officer (CEO) is planning to publish a controversial opinion article in a national newspaper, which may result in new cyberattacks. Which of the following would be BEST for the security manager to use in a threat model?

When used at the design stage, which of the following improves the efficiency, accuracy, and speed of a database?

An analyst needs to set up a method for securely transferring files between systems. One of the requirements is to authenticate the IP header and the payload. Which of the following services would BEST meet the criteria?

A company has determined that if its computer-based manufacturing is not functioning for 12 consecutive hours, it will lose more money that it costs to maintain the equipment. Which of the following must be less than 12 hours to maintain a positive total cost of ownership?

Which of the following control sets should a well-written BCP Iinclude? (SELECT THREE)

The manager who is responsible for a data set has asked a security engineer to apply encryption to the data on a hard disk. The security engineer is an example of a:

Which of the following disaster recovery tests is the LEAST time-consuming for the disaster recovery team?

Some laptops recently went missing from a locked storage area that is protected by keyless RFID-enabled locks. There is no obvious damage to the physical space. The security manager identifies who unlocked the door, however, human resources confirms the employee was on vacation at the time of the incident. Which of the following describes what MOST likely occurred?

Which of the following would be the BEST resource for a software developer who is looking to improve secure coding practices for web applications?

A security analyst is reviewing logs on a server and observes the following output: 01/01/2020 03:33:23 admin attempted login with password sneak 01/01/2020 03:33:32 admin attempted login with password sneaked 01/01/2020 03:33:41 admin attempted login with password sneaker 01/01/2020 03:33:50 aimin attempted login with password sneer 01/01/2020 03:33:59 admin attempted login with password sneeze 01/01/2020 03:34:08 admin attempted login with password sneezy Which of the following is the security analyst observing?

A security analyst needs to make a recommendation for restricting access to certain segments of the network using only data-link layer security. Which of the following controls will the analyst MOST likely recommend?

Several employees have noticed other bystanders can clearly observe a terminal where passcodes are being entered. Which of the following can be eliminated with the use of a privacy screen?

An organization routes all of its traffic through a VPN Most users are remote and connect into a corporate datacenter that houses confidential information There is a firewall at the Internet border followed by a DIP appliance, the VPN server and the datacenter itself. Which of the following is the WEAKEST design element?

Which of the following are requirements that must be configured for PCI DSS compliance? (Choose two.)

A network technician is instaling a guest wireless network at a coffee shop. When a customer purchases an Item, the password for the wireless network is printed on the recent so the customer can log in. Which of the following will the technician MOST likely configure to provide the highest level of security with the least amount of overhead?

A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices, the following requirements must be met: -Mobile device 0Ss must be patched up to the latest release. -A screen lock must be enabled (passcode or biometric). -Corporate data must be removed if the device is reported lost or stolen. Which of the following controls should the security engineer configure? (Choose two.)

Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms?

A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error?

To reduce and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would BEST meet the needs of the organization?

A security manager for a retailer needs to reduce the scope of a project to comply with PCI DSS. The PCI data is located in different offices than where credit cards are accepted. All the offices are connected via MPLS back to the primary datacenter. Which of the following should the security manager implement to achieve the objective?

A company is launching a new internet platform for its clients. The company does not want te implement its own authorization solution but instead wants to rely on the authorization provided by another platform. Which of the following is the BEST approach to implement the desired solution?

The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern?

A security analyst is reviewing the output of a web server log and notices a particular account is attempting to transfer large amounts of money: GET http://yourbank. com/trans fer . do? acctnum=087646958 &amount=500000 HTTP/1. 1 GET http://yourbank. com/transfer.do?acctnum=087646958 &amount=5000000 HTTP/1.1 GET http://yourbank. com/transfer .do? acctnum=087646958 samount=1000000 HTTP/1.1 GET http://yourbank.com/transfer. do?acctnum=087646958 &amount=500 HTTP/1.1 Which of the following types of attack is MOST likely being conducted?

A security analyst is logged into a Windows file server and needs to see who is accessing files and from which computers. Which of the following tools should the analyst use?

After consulting with the Chief Risk Officer (CRO). A manager decides to acquire cybersecurity insurance for the company. Which of the following risk management strategies is the manager adopting?

A company is designing the layout of a new datacenter so it will have an optimal environmental temperature. Which of the following must be included? (Select TWO)

Image

A company has decided to move its operations to the cloud. It wants to utilize technology that will prevent users from downloading company applications for personal use, restrict data that is uploaded, and have visibility into which applications are being used across the company. Which of the following solutions will BEST meet these requirements?

An attacker is exploiting a vulnerability that does not have a patch available. Which of the following is the attacker exploiting?

Image

A company is upgrading its wireless infrastructure to WPA2-Enterprise using EAP-TLS. Which of the following must be part of the security architecture to achieve AAA? (Select TWO)

A company has a flat network that is deployed in the cloud. Security policy states that all production and development servers must be segmented. Which of the following should be used to design the network to meet the security requirements?

An information security incident recently ocCurred at an organization, and the organization was required to report the incident to authorities and notify the affected parties. When the organization's customers became of aware of the incident, some reduced their orders or stopped placing orders entirely. Which of the following is the organization experiencing?

An attacker is attempting to exploit users by creating a fake website with the URL users. Which of the following social-engineering attacks does this describe?

Following a prolonged datacenter outage that affected web-based sales a company has decided to move its operations to a private cloud solution. The security team has received the following requirements: _There must be vísibílity into how teans are using cloud-based services. -The company must be able to identify when data related to payment cards is being sent to the cloud. -Data must be available regardless of the end user's geographic location - Administrators need a single pane-of-qlass víew ínto traffic and trends. Which of the following should the security analyst recommend?

A security engineer has enabled two-factor authentication on all workstations. Which of the following approaches are the MOST secure? (Choose two.)

A large enterprise has moved all Hs data to the cloud behind strong authentication and encryption. A sales director recently had a laptop stolen and later, enterprise data was round to have been compromised database. Which of the following was the MOST likely cause?

During a routine scan of a wireless seament at a retail company, a security administrator discovers several devices are connected to the network that do not match the company's naming Convention and are not in the asset Inventory. WiFi access Is protected with 255-Wt encryption via WPA2. Physical access to the company's facility requires two-factor authentication using a badge and a passcode. Which of the following should the administrator implement to find and remediate the lssue? (Choose two.)

A security analyst ís hardening a Linux workstation and must ensure it has pubilic keys forwarded to remote systems for secure login. Which of the following steps should the analyst perform to meet these requirements? (Choose two.)

A company recently experienced an attack in which a malicious actor was able to exfiltrate data by cracking stolen passwords, using a rainbow table the sensitive data. Which of the following should a security engineer do to prevent such an attack in the future?

The website http/companywebsite.com requires users to provide personal Information, including security question responses, for registration. Which of the following would MOST likely cause a data breach?

The process of passively gathering information poor to launching a cyberattack is called:

An attacked is attempting to exploit users by creating a fake website with the URL www.validwebsite.com. The attacker s intent is to imitate the look and feel of a legitimate website to obtain personal information from unsuspecting users. Which of the following social-engineering attacks does this describe?

visited An attacker is trying to gain access by installing malware on a website that is known to be by the target victims. Which of the following is the attacker MOST likely attempting?

Which of the following types of controls is a CCTV camera that is not being monitored?

A cybersecurity administrator is using iptables as an enterprise firewall. The administrator created some rules, but the network now seems to be unresponsive. All connections are being dropped by the firewall. Which of the following would be the BEST option to remove the rules?

A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements: - The devices will be used internationally by staff who travel extensively. - Occasional personal use is acceptable due to the travel requirements. - Users must be able to install and configure sanctioned programs and productivity suites. - The devices must be encrypted - The devices must be capable of operating in low-bandwidth environments. Which of the following would provide the GREATEST benefit to the security posture of the devices?

A privileged user at a company stole several proprietary documents from a server. The user also went into the log files and deleted all records of the incident. The systems administrator has Just informed investigators that other log files are available for review. Which of the following did the administrator MOST likely configure that will assist the investigators?

A security engineer at an offline government facility is concerned about the validity of an SSL certificate. The engineer wants to perform the fastest check with the least delay to determine if the certificate has been revoked. Which of the following would BEST these requirement?

A security analyst needs to perf rm periodic vulnerability scans on production systems. Which of the following scan Types would produce the BEST vulnerability scan report?

ornpany was recently breached Part of the company's new cybersecurity strategy is to centralize the logs from all security devices. or the following components forwards the logs to a central source?

Image

An organization is concerned that it’s hosted web servers are not running the most updated version of the software. Which of the following would work BEST to help identify potential vulnerabilities?

Which of the following will MOST likely cause machine learning and AI-enabled systems to operate with unintended consequences?

An organization blocks user access to command-line interpreters but hackers still managed to invoke the interpreters using native administrative tools. Which of the following should the security team do to prevent this from Happening in the future?

An analyst has determined that a server was not patched and an external actor exfiltrated data on port 139. Which of the following sources should the analyst review to BEST ascertain how the Incident could have been prevented?

A local coffee shop runs a small WiFi hotspot for its customers that utilizes WPA2-PSK. The coffee shop would like to stay current with security trends and wants to implement WPA3 to make its WiFi even more secure. Which of the following technologies will the coffee shop MOST likely use in place of PSK?

A security analyst is running a vulnerability scan to check for missing patches during a suspected security rodent. During which of the following phases of the response process is this activity MOST lIikely occurring?