Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

An engineer must configure network systems to detect command-and-control communications by decrypting ingress and egress perimeter traffic and allowing network security devices to detect malicious outbound communications. Which technology must be used to accomplish this task?

A.

static IP addresses

B.

signatures

C.

digital certificates

D.

cipher suite

An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group.

What is the initial event called in the NIST SP800-61?

A.

online assault

B.

precursor

C.

trigger

D.

instigator

Which system monitors local system operation and local network access for violations of a security policy?

A.

host-based intrusion detection

B.

systems-based sandboxing

C.

host-based firewall

D.

antivirus

An engineer needs to discover alive hosts within the 192.168.1.0/24 range without triggering intrusive portscan alerts on the IDS device using Nmap. Which command will accomplish this goal?

A.

nmap --top-ports 192.168.1.0/24

B.

nmap –sP 192.168.1.0/24

C.

nmap -sL 192.168.1.0/24

D.

nmap -sV 192.168.1.0/24

Developers must implement tasks on remote Windows environments. They decided to use scripts for enterprise applications through PowerShell. Why does the functionality not work?

A.

WMI must be configured.

B.

Symlinks must be enabled.

C.

Ext4 must be implemented.

D.

MBR must be set up.

A security engineer has a video of a suspect entering a data center that was captured on the same day that files in the same data center were transferred to a competitor.

Which type of evidence is this?

A.

best evidence

B.

prima facie evidence

C.

indirect evidence

D.

physical evidence

Which security technology allows only a set of pre-approved applications to run on a system?

A.

application-level blacklisting

B.

host-based IPS

C.

application-level whitelisting

D.

antivirus

Which technology assures that the information transferred from point A to point B is unaltered and authentic?

A.

Subject Alternative Name

B.

Trust anchor

C.

Digital certificates

D.

EMV signatures

What describes a buffer overflow attack?

A.

injecting new commands into existing buffers

B.

fetching data from memory buffer registers

C.

overloading a predefined amount of memory

D.

suppressing the buffers in a process

An engineer received a flood of phishing emails from HR with the source address HRjacobm@companycom. What is the threat actor in this scenario?

A.

phishing email

B.

sender

C.

HR

D.

receiver