Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which technique is a low-bandwidth attack?

A.

social engineering

B.

session hijacking

C.

evasion

D.

phishing

What is the key difference between mandatory access control (MAC) and discretionary access control (DAC)?

A.

DAC is controlled by the OS, and MAC is controlled by the owner of the access list.

B.

DAC is the most strict access control, and MAC is object-based access.

C.

MAC is controlled by the OS, and DAC is controlled by the owner of the access list.

D.

MAC is the most strict access control, and DAC is object-based access.

Refer to the exhibit. An engineer must map these events to the source technology that generated the event logs. To which technology do the generated logs belong?

A.

proxy

B.

antivirus

C.

IPS

D.

firewall

During which phase of the forensic process is data that is related to a specific event labeled and recorded to preserve its integrity?

A.

examination

B.

investigation

C.

collection

D.

reporting

Refer to the exhibit.

A network administrator is investigating suspicious network activity by analyzing captured traffic. An engineer notices abnormal behavior and discovers that the default user agent is present in the headers of requests and data being transmitted What is occurring?

A.

indicators of denial-of-service attack due to the frequency of requests

B.

garbage flood attack attacker is sending garbage binary data to open ports

C.

indicators of data exfiltration HTTP requests must be plain text

D.

cache bypassing attack: attacker is sending requests for noncacheable content

A user received a targeted spear-phishing email and identified it as suspicious before opening the content. To which category of the Cyber Kill Chain model does to this type of event belong?

A.

weaponization

B.

delivery

C.

exploitation

D.

reconnaissance

Drag and drop the definition from the left onto the phase on the right to classify intrusion events according to the Cyber Kill Chain model.

An engineer must compare NIST vs ISO frameworks The engineer deeded to compare as readable documentation and also to watch a comparison video review. Using Windows 10 OS. the engineer started a browser and searched for a NIST document and then opened a new tab in the same browser and searched for an ISO document for comparison

The engineer tried to watch the video, but there 'was an audio problem with OS so the engineer had to troubleshoot it At first the engineer started CMD and looked fee a driver path then locked for a corresponding registry in the registry editor The engineer enabled "Audiosrv" in task manager and put it on auto start and the problem was solved Which two components of the OS did the engineer touch? (Choose two)

A.

permissions

B.

PowerShell logs

C.

service

D.

MBR

E.

process and thread

Refer to the exhibit.

What is occurring?

A.

Cross-Site Scripting attack

B.

XML External Entitles attack

C.

Insecure Deserialization

D.

Regular GET requests

What is a difference between data obtained from Tap and SPAN ports?

A.

Tap mirrors existing traffic from specified ports, while SPAN presents more structured data for deeper analysis.

B.

SPAN passively splits traffic between a network device and the network without altering it, while Tap alters response times.

C.

SPAN improves the detection of media errors, while Tap provides direct access to traffic with lowered data visibility.

D.

Tap sends traffic from physical layers to the monitoring device, while SPAN provides a copy of network traffic from switch to destination