Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

A.

Reverse Social Engineering

B.

Tailgating

C.

Piggybacking

D.

Announced

The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance. Which of the following requirements would best fit under the objective, "Implement strong access control measures"?

A.

Regularly test security systems and processes.

B.

Encrypt transmission of cardholder data across open, public networks.

C.

Assign a unique ID to each person with computer access.

D.

Use and regularly update anti-virus software on all systems commonly affected by malware.

Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.

A.

nmap -sn -sF 10.1.0.0/16 445

B.

nmap -p 445 -n -T4 –open 10.1.0.0/16

C.

nmap -s 445 -sU -T5 10.1.0.0/16

D.

nmap -p 445 –max -Pn 10.1.0.0/16

Why should the security analyst disable/remove unnecessary ISAPI filters?

A.

To defend against social engineering attacks

B.

To defend against webserver attacks

C.

To defend against jailbreaking

D.

To defend against wireless attacks

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.

Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.

In this context, what can you say?

A.

Bob can be right since DMZ does not make sense when combined with stateless firewalls

B.

Bob is partially right. He does not need to separate networks if he can create rules by destination IPs, one by one

C.

Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations

D.

Bob is partially right. DMZ does not make sense when a stateless firewall is available

What is the least important information when you analyze a public IP address in a security alert?

A.

ARP

B.

Whois

C.

DNS

D.

Geolocation

Which of the following is the best countermeasure to encrypting ransomwares?

A.

Use multiple antivirus softwares

B.

Keep some generation of off-line backup

C.

Analyze the ransomware to get decryption key of encrypted data

D.

Pay a ransom

Darius is analysing IDS logs. During the investigation, he noticed that there was nothing suspicious found and an alert was triggered on normal web application traffic. He can mark this alert as:

A.

False-Negative

B.

False-Positive

C.

True-Positive

D.

False-Signature

Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

A.

ICMP Echo scanning

B.

SYN/FIN scanning using IP fragments

C.

ACK flag probe scanning

D.

IPID scanning

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

A.

Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

B.

Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

C.

Symmetric encryption allows the server to securely transmit the session keys out-of-band.

D.

Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?

A.

Internet Key Exchange (IKE)

B.

Oakley

C.

IPsec Policy Agent

D.

IPsec driver

What does the option * indicate?

A.

s

B.

t

C.

n

D.

a

Which of the following is considered as one of the most reliable forms of TCP scanning?

A.

TCP Connect/Full Open Scan

B.

Half-open Scan

C.

NULL Scan

D.

Xmas Scan

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

A.

nmap –A - Pn

B.

nmap –sP –p-65535-T5

C.

nmap –sT –O –T0

D.

nmap –A --host-timeout 99-T1

A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

A.

tcp.port != 21

B.

tcp.port = 23

C.

tcp.port ==21

D.

tcp.port ==21 || tcp.port ==22