An IT enterprise is recommending the use of PKI applications to securely exchange information between the employees. In which two cases might an organization use PKI applications to securely exchange…
What is the primary objective of a threat intelligence platform (TIP)? to provide a specification for an application layer protocol that allows the communication of CTI over HTTPS to provide…
Match the security organization with its security functions. (Not all options are used.) Explanation & Hint: SANS - It provides vendor-neutral educational products and career services to industry professionals globally.…
Which Windows Event Viewer log includes events regarding the operation of drivers, processes, and hardware? application logs security logs setup logs system logs Answers Explanation & Hints: By default Windows…
Which wireless parameter is used by an access point to broadcast frames that include the SSID? passive mode active mode channel setting security mode Answers Explanation & Hints: The two…
Match the destination network routing table entry type with a defintion. Explanation & Hint: DoS (Denial of Service) - It can crash applications or network services. It can also flood…
A device has been assigned the IPv6 address of 2001:0db8:cafe:4500:1000:00d8:0058:00ab/64. Which is the network identifier of the device? 1000:00d8:0058:00ab 2001 2001:0db8:cafe:4500:1000:00d8:0058:00ab 2001:0db8:cafe:4500:1000 2001:0db8:cafe:4500 Answers Explanation & Hints: The address has…
What subnet mask is represented by the slash notation /20? 255.255.255.248 255.255.224.0 255.255.255.192 255.255.240.0 255.255.255.0 Answers Explanation & Hints: The slash notation /20 represents a subnet mask with 20 1s.…
What characterizes a threat actor? They are all highly-skilled individuals. They always try to cause some harm to an individual or organization. They always use advanced tools to launch attacks.…
In addressing an identified risk, which strategy aims to shift some of the risk to other parties? risk avoidance risk retention risk reduction risk sharing Explanation & Hint: Risk Sharing:…
When establishing a network profile for an organization, which element describes the time between the establishment of a data flow and its termination? routing protocol convergence total throughput session duration…
After host A receives a web page from server B, host A terminates the connection with server B. Match each step to its correct option in the normal termination process…
After containment, what is the first step of eradicating an attack? Patch all vulnerabilities. Change all passwords. Identify all hosts that need remediation. Hold meetings on lessons learned. Answers Explanation…
Which NIST incident response life cycle phase includes continuous monitoring by the CSIRT to quickly identify and validate an incident? detection and analysis preparation containment, eradication, and recovery postincident activities…
What is the responsibility of the human resources department when handling a security incident? Coordinate the incident response with other stakeholders and minimize the damage of the incident. Review the…
What will a threat actor do to create a back door on a compromised target according to the Cyber Kill Chain model? Collect and exfiltrate data. Add services and autorun…
Which activity is typically performed by a threat actor in the installation phase of the Cyber Kill Chain? Harvest email addresses of user accounts. Obtain an automated tool to deliver…
What is the goal of an attack in the installation phase of the Cyber Kill Chain? Break the vulnerability and gain control of the target. Establish command and control (CnC)…
When dealing with a security threat and using the Cyber Kill Chain model, which two approaches can an organization use to help block potential exploitations on a system? (Choose two.)…
Place the evidence collection priority from most volatile to least volatile as defined by the IETF guidelines. Explanation & Hint: According to the IETF (Internet Engineering Task Force) guidelines for…