Which two technologies are primarily used on peer-to-peer networks? (Choose two.) Bitcoin BitTorrent Darknet Snort Wireshark Answers Explanation & Hints: Bitcoin is used to share a distributed database or ledger.…
Which technique is necessary to ensure a private transfer of data using a VPN? authorization encryption scalability virtualization Answers Explanation & Hints: Confidential and secure transfers of data with VPNs…
Which ICMP message type should be stopped inbound? echo echo-reply unreachable source quench Answers Explanation & Hints: The echo ICMP packet should not be allowed inbound on an interface. The…
Why does HTTPS technology add complexity to network security monitoring? HTTPS uses tunneling technology for confidentiality. HTTPS hides the true source IP address using NAT/PAT. HTTPS conceals data traffic through…
How can IMAP be a security threat to a company? Encrypted data is decrypted. Someone inadvertently clicks on a hidden iFrame. An email can be used to bring malware to…
Which method is used by some malware to transfer files from infected hosts to a threat actor host? HTTPS traffic encryption ICMP tunneling iFrame injection UDP infiltration Answers Explanation &…
Which protocol is a name resolution protocol often used by malware to communicate with command-and-control (CnC) servers? DNS HTTPS ICMP IMAP Answers Explanation & Hints: Domain Name Service (DNS) is…
Which technique would a threat actor use to disguise traces of an ongoing exploit? Use SSL to encapsulate malware. Create an invisible iFrame on a web page. Corrupt time information…
Which approach is intended to prevent exploits that target syslog? Use syslog-ng. Use a Linux-based server. Use a VPN between a syslog client and the syslog server. Create an ACL…
Match the NIST Cybersecurity Framework core function with the description. (Not all options are used.) Explanation & Hint: The Framework consists of standards, guidelines, and practices to promote the protection…
What are the three outcomes of the NIST Cybersecurity Framework identify core function? (Choose three.) asset management risk assessment governance mitigation recovery planning information protection process and procedures Answers Explanation…
In what order are the steps in the vulnerability management life cycle conducted? discover, prioritize assets, assess, report, remediate, verify discover, assess, prioritize assets, report, remediate, verify discover, prioritize assets,…
Which security management plan specifies a component that involves tracking the location and configuration of networked devices and software across an enterprise? asset management risk management vulnerability management patch management…
What is an action that should be taken in the discovery step of the vulnerability management life cycle? assigning business value to assets determining a risk profile developing a network…
In addressing a risk that has low potential impact and relatively high cost of mitigation or reduction, which strategy will accept the risk and its consequences? risk sharing risk retention…
In addressing an identified risk, which strategy aims to stop performing the activities that create risk? risk sharing risk retention risk reduction risk avoidance Answers Explanation & Hints: There are…
Which two classes of metrics are included in the CVSS Base Metric Group? (Choose two.) Impact metrics Exploitability Modified Base Exploit Code Maturity Confidentiality Requirement Answers Explanation & Hints: The…
A cybersecurity analyst is performing a CVSS assessment on an attack where a web link was sent to several employees. Once clicked, an internal attack was launched. Which CVSS Base…
When a server profile for an organization is being established, which element describes the TCP and UDP daemons and ports that are allowed to be open on the server? listening…
Match the network profile element to the description. (Not all options are used.) Answers Explanation & Hints: Important elements of a network profile include: Total throughput - the amount of…