Which method is used by some malware to transfer files from infected hosts to a threat actor host? HTTPS traffic encryption ICMP tunneling iFrame injection UDP infiltration Answers Explanation &…
Which protocol is a name resolution protocol often used by malware to communicate with command-and-control (CnC) servers? DNS HTTPS ICMP IMAP Answers Explanation & Hints: Domain Name Service (DNS) is…
Which technique would a threat actor use to disguise traces of an ongoing exploit? Use SSL to encapsulate malware. Create an invisible iFrame on a web page. Corrupt time information…
Which approach is intended to prevent exploits that target syslog? Use syslog-ng. Use a Linux-based server. Use a VPN between a syslog client and the syslog server. Create an ACL…
Match the NIST Cybersecurity Framework core function with the description. (Not all options are used.) Explanation & Hint: The Framework consists of standards, guidelines, and practices to promote the protection…
What are the three outcomes of the NIST Cybersecurity Framework identify core function? (Choose three.) asset management risk assessment governance mitigation recovery planning information protection process and procedures Answers Explanation…
In what order are the steps in the vulnerability management life cycle conducted? discover, prioritize assets, assess, report, remediate, verify discover, assess, prioritize assets, report, remediate, verify discover, prioritize assets,…
Which security management plan specifies a component that involves tracking the location and configuration of networked devices and software across an enterprise? asset management risk management vulnerability management patch management…
What is an action that should be taken in the discovery step of the vulnerability management life cycle? assigning business value to assets determining a risk profile developing a network…
In addressing a risk that has low potential impact and relatively high cost of mitigation or reduction, which strategy will accept the risk and its consequences? risk sharing risk retention…
In addressing an identified risk, which strategy aims to stop performing the activities that create risk? risk sharing risk retention risk reduction risk avoidance Answers Explanation & Hints: There are…
Which two classes of metrics are included in the CVSS Base Metric Group? (Choose two.) Impact metrics Exploitability Modified Base Exploit Code Maturity Confidentiality Requirement Answers Explanation & Hints: The…
A cybersecurity analyst is performing a CVSS assessment on an attack where a web link was sent to several employees. Once clicked, an internal attack was launched. Which CVSS Base…
When a server profile for an organization is being established, which element describes the TCP and UDP daemons and ports that are allowed to be open on the server? listening…
Match the network profile element to the description. (Not all options are used.) Answers Explanation & Hints: Important elements of a network profile include: Total throughput - the amount of…
In network security assessments, which type of test employs software to scan internal networks and Internet facing servers for various types of vulnerabilities? risk analysis penetration testing vulnerability assessment strength…
Which two statements correctly describe certificate classes used in the PKI? (Choose two.) A class 0 certificate is for testing purposes. A class 0 certificate is more trusted than a…
What technology has a function of using trusted third-party protocols to issue credentials that are accepted as an authoritative identity? PKI certificates symmetric keys hashing algorithms digital signatures Answers Explanation…
In a hierarchical CA topology, where can a subordinate CA obtain a certificate for itself? from the root CA only from the root CA or from self-generation from the root…
What is the purpose for using digital signatures for code signing? to generate a virtual ID to establish an encrypted connection to exchange confidential data with a vendor website to…