Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

What is the difference between attack surface and vulnerability?

A.

An attack surface is a way of taking advantage of a system or resource, and a vulnerability is a specific technique utilized by the vulnerability.

B.

A vulnerability describes how software or a system is exposed to potential attacks, and an attack surface is an actual weakness that exposes the potential risk.

C.

A vulnerability is a way of taking advantage of a system or resource, and an attack surface is a specific technique utilized by the vulnerability.

D.

An attack surface describes how software or a system is exposed to potential attacks, and a vulnerability is an actual weakness that exposes the potential risk.

In digital communications, which method is recommended for securely exchanging public keys between users T0n2262144790 and D4n4126220794?

A.

Hardware Security Module

B.

Automated Certificate Management Environment

C.

Pretty Good Privacy

D.

Secure Multipurpose Internet Mail Extensions

A security engineer deploys an enterprise-wide host/endpoint technology for all of the company's corporate PCs. Management requests the engineer to block a selected set of applications on all PCs.

Which technology should be used to accomplish this task?

A.

application whitelisting/blacklisting

B.

network NGFW

C.

host-based IDS

D.

antivirus/antispyware software

STION NO: 102

Refer to the exhibit.

What is the potential threat identified in this Stealthwatch dashboard?

A.

A policy violation is active for host 10.10.101.24.

B.

A host on the network is sending a DDoS attack to another inside host.

C.

There are three active data exfiltration alerts.

D.

A policy violation is active for host 10.201.3.149.

What is the impact of false positive alerts on business compared to true positive?

A.

True positives affect security as no alarm is raised when an attack has taken place, resulting in a potential breach.

B.

True positive alerts are blocked by mistake as potential attacks affecting application availability.

C.

False positives affect security as no alarm is raised when an attack has taken place, resulting in a potential breach.

D.

False positive alerts are blocked by mistake as potential attacks affecting application availability.

Refer to the exhibit A penetration tester runs the Nmap scan against the company server to uncover possible vulnerabilities and exploit them Which two elements can the penetration tester identity from the scan results? (Choose two.)

A.

UIDs and group identifiers

B.

number of concurrent connections the server can handle

C.

running services and applications

D.

server uptime and internal clock

E.

server purpose and functionality

What should an engineer use to aid the trusted exchange of public keys between user tom0411976943 and dan1968754032?

A.

central key management server

B.

web of trust

C.

trusted certificate authorities

D.

registration authority data

One of the objectives of information security is to protect the CIA of information and systems. What does CIA mean in this context?

A.

confidentiality, identity, and authorization

B.

confidentiality, integrity, and authorization

C.

confidentiality, identity, and availability

D.

confidentiality, integrity, and availability

What does the SOC metric MTTC provide in incident analysis'?

A.

average time it takes to fix the issues caused by the incident

B.

average time it takes to recognize and stop the incident

C.

average time it takes to detect that the incident has occurred

D.

average time the attacker has access to the environment

Refer to the exhibit.

In which Linux log file is this output found?

A.

/var/log/authorization.log

B.

/var/log/dmesg

C.

var/log/var.log

D.

/var/log/auth.log