wotf analyzes network traffic to trace specific transactions and can intercept and log traffic passing over a digital network? Each correct answer represents a complete solution. Choose all that apply

What enables an organisation to analyse, identify and rectify hazards and prevent future recurrence in business continuity management?

Which of the following characteristics represents a normal TCP Packet?

What defines the maximum time period and organisation is willing to lose data during a major IT outage event?

Who oversees all the incident response activities in an organisation and is responsible for all actions of the IR team and IR function

What represents the ability of an organisation to respond under emergency in order to minimise the damage to its brand name, business operation and profit

Which type of information security policy addresses the implementation and configuration of technology and user behaviour

Which type of risk treatment process includes not allowing the use of laptops in an organisation to ensure its security

Rosa is working as a defender at Linda Systems. Recently the company migrated from windows to macOS. Rosa wants to view the security related logs of her system, where can she find this logs?

Which of the following is a Windows in -built feature that provides file system level encryption in the OS, except the home version of windows

Michelle is a network security administrator working at a multinational company. She wants to provide secure access to corporate data includes, documents spreadsheets, emails, schedules, presentations and other enterprise data on mobile devices across organisations network without being slowed down and also wants to enable easy and secure sharing of information between devices within an enterprise. based on the above mentioned requirements, which among the following solution should Michelle implement.

Which firewall technology can be implemented in all application, session, transport, network, and presentation layers of the OSI model

Which type of antenna is based on the principle of a satellite dish and can pick up Wi-Fi signals from a distance of 10 miles or more

Which firewall technology provides the best of both packet filtering and application based filtering and is used in Cisco addictive, security appliances

WPE encryption in a wireless network uses ____ encryption protocol and a/an _____ integrity check

which risk management phase helps in establishing context and quantifying risk

Which of the following technologies can be used to leverage zero trust model security?

Which among the following is used by anti-malware systems and threat intelligence platforms to spot and stop malicious activities at an initial stage

Oliver is a Linux security administrator at MNC. An employee named Alice has resigned from his organisation and Oliver wants to disable this user in Ubuntu. Which of the following commands can be used to accomplish this?

Maximus Tech is a multinational company that uses Cisco ASA firewall for their systems. Jason is the one of the members of the team that checks the logs at Maximus Tech. As a part of his job he is going through the logs and he came across a firewall log that looks like this: May 06 2018 21:27:27 asa 1:% ASA -5 - 11008: User 'enable_15' executed the 'configure term' command Based on the security level mentioned in the log, what did Jason understand about the description of this message?

which category of suspicious traffic signatures includes SYN flood attempts?

Which encryption algorithm is used by WPA3 encryption?

What should an administrator do when installing a sniffer on a system to listen to all data transmitted over the network

Which phase of incident response process involves collection of incident evidence and sending them to forensic department for further investigation

John is the vice president of a BPO. He wants to implement a policy allowing employees to use and manage devices purchased by the organisation, but restrict the use of the device for business use only. Which among the following policies does John want to implement?

Which form of access control is trust centric?

Which scan attempt can penetrate through a router and a firewall that filter incoming packet with particular flags set and is not supported by windows

Implementing access control mechanisms such as firewall to protect the network is an example of which of the following network defense approach?

John has been working as a network administrator at an IT company. He wants to prevent misuse of accounts by unauthorised users. He wants to ensure that no accounts have empty passwords, which of the following commands, does John use to delete all the accounts with an empty password.

Which firewall in a network administrator use for better bandwith management, deep packet inspection, stateful inspection?

Which of the following filters can be used to detect UDP scan attempts using wireshark?

Clement is the CEO of an IT firm. He wants to implement a policy allowing employees with a pre-approve set of devices from which the employees choose devices such as laptop, smartphones and tablets to access company data as per the organisations access privileges, which among the following policies does Clement want to enforce?

Which of the following is a database encryption feature that secure sensitive data by encrypting it in client applications without revealing the encrypted keys to the data engine in MS SQL Server?

In _____ method, windows event logs are arranged in the form of a circular buffer

Which of the following provides enhanced password protection, secured IoT connections, and encompasses stronger encryption techniques?

Which of the following refers to the clues, artifacts, or evidence that indicate a potential intrusion or malicious activity in organisations infrastructure?

Who is responsible for executing the policies and plans required for supporting the information technology and computer systems of an organisation

According to standard IoT security practice, IoT Gateway should be connected to a

Which of the following is a drawback of a traditional perimeter security?

Which of the following indicators are discoverd through an attacker's intent, their end goal or purpose and a series of actions that they miust take before being able to successfully lunch an attack

Identify the correct order for a successful black hat operation

Which of the following are benefits of using IOT devices in IOT enabled environments?

Which, among the following options represents professional hackers with an aim of attacking systems for profit

Which type of training can create awareness among employees regarding compliance issues

Who offers formal experience testimony in court

Which of the following filters can be applied to detect an ICMP ping sweep attempt using wireshark

Hacktivist are threat actors who can be described as

Which of the following is a data destruction technique that protects the sensitivity of information against laboratory attack where an unauthorise individual uses signal processing recovery tools in a laboratory environment to recover the information

Which RAID level system provides very good data performance but does not offer fault tolerance and data redundancy

How is the chip-level security of an IOT device achieved?

which type of modulation technique is used in local area wireless networks (LAWNs)

Identified a method involved in purging technique of data destruction

Who is responsible for conveying company details after an incident

Which firewall technology can filter application specific commands, such as GET and POST requests

How can an admin detect a TCP null scan attempt kn a UNIX server by using wireshark?

The CEO of Max Rager want to send a confidential message regarding the new formula for its coveted, soft drink, SuperMax, to its manufacturer in Texas. However, he fears the message could be altered in transit. How can he prevent this incident from happening, and what element of the message ensures the success of this method?

Disaster recovery is a

phising-like attemprs that present uses a fake usage bill of the cloud provider is an example of a

In MacOS, how can the user implement disk encryption?

Which of the following statements holds true in terms of virtual machines?

Which of the following creates password for individual administrator accounts and stores them in Windows AD?

John has implemented ____ in the network to restrict the number of public IP addresses in his organisation and to enhance the firewall filtering technique

Mark is monitoring the network traffic on his organisation's network. He wants to detect TCP and UDP ping sweep on his network, which type of filter will be used to detect this.

Docker provides platforms-as-a-service (PaaS) through ____ and delivers containerized software packages

Which of the following is not an AWS Shared Responsibility Model devised by AWS

If an organisation has decided to consume PaaS Cloud service model, then identify the organisations responsibility that they need to look after based on shared responsibility model

Syslog and SNMP are the two main ______ protocols through which log records are transferred

Peter works as an network administrator at an IT company. He wants to avoid ecploitation of the cloud, particularly Azure services. which of the following is a group of PowerShell scripts designed to help the network administrator understand how attacks happen and help them protect the cloud.

Which BC/DR activity includes action, taken toward resuming all services that are dependent on business critical applications

The ____ mechanism works on the basis of client-server model

Which subdirectory in /var/log directory stores information related to Apache web server

Implementing access control mechanisms, such as a firewall, to protect the network is an example of which of the following network defense approach?

Damian is the chief security officer of Enigma Electronics. To block intruders and prevent any environmental accidents, he needs to set a two-factor authenticated keypad lock at the entrance, rig a fire suppression system, and link any video cameras at various corridors to view the feeds in the surveillance room. What layer of network defense-in-depth strategy is he trying to follow?

Which of the following refers to a potential occurrence of an undesired event that can eventually damage and interrupt the operational and functional activities of an organization?

Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?

Management asked Adam to implement a system allowing employees to use the same credentials to access multiple applications. Adam should implement the _________ authentication technique to satisfy the request.

An employee of a medical service company clicked a malicious link in an email sent by an attacker. Suddenly, employees of the company are not able to access billing information or client record as it is encrypted. The attacker asked the company to pay money for gaining access to their data. Which type of malware attack is described above?

Which type of wireless network threats an attacker stakes out the area from a nearby location with a high gain amplifier drowning out the legitimate access point?

If a network is at risk resulting from misconfiguration performed by unskilled and/or unqualified individuals, what type of threat is this?

The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones without proper credentials. Which of the following physical security measures should the administrator use?

Physical access controls help organizations monitor, record, and control access to the information assets and facility. Identify the category of physical security controls which includes security labels and warning signs.

Which Internet access policy starts with all services blocked and the administrator enables safe and necessary services individually, which provides maximum security and logs everything, such as system and network activities?

Which type of training can create awareness among employees regarding compliance issues?

Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?

A local bank wants to protect their card holder data. The bank should comply with the __________ standard to ensure the security of card holder data.

Daniel is giving training on designing and implementing a security policy in the organization. He is explaining the hierarchy of the security policy which demonstrates how policies are drafted, designed and implemented. What is the correct hierarchy for a security policy implementation?

Which of the following policies to help define what users can and should do to use the network and organization of computer equipment?

Which of the following incident handling stage removes the root cause of the incident?

Which NIST Incident category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit?

You are monitoring your network traffic with the Wireshark utility and noticed that your network is experiencing a large amount of traffic from a certain region. You suspect a DoS incident on the network. What will be your first reaction as a first responder?

Assume that you are working as a network administrator in the head office of a bank. One day a bank employee informed you that she is unable to log in to her system. At the same time, you get a call from another network administrator informing you that there is a problem connecting to the main server. How will you prioritize these two incidents?

John works Incident Director of Tech World Inc. His job is to set up a wireless network in his organization. For this purpose, he needs to decide on appropriate equipment and policies need to set up a network. Which of the following stages of the incident handling process to help him accomplish the task?

Which BC/DR activity works on the assumption that the most critical processes are brought back from a remote location first, followed by the less critical functions?

Which of the following defines the extent to which an interruption affects normal business operations and the amount of revenue lost due to that interruption?

During the recovery process, RTO and RPO should be the main parameters of your disaster recovery plan. What does RPO refer to?

Blake is working on the company's updated disaster and business continuity plan. The last section of the plan covers computer and data incidence response. Blake is outlining the level of severity for each type of incident in the plan. Unsuccessful scans and probes are at what severity level?

Which of the following entities is responsible for cloud security?

Byron, a new network administrator at FBI, would like to ensure that Windows PCs there are up-to-date and have less internal security flaws. What can he do?

Which of the following statement holds true in terms of containers?

Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?