Which node is responsible for conducting an intrusion in the diamond model? adversary capability infrastructure victim attacker vector Explanation & Hint: In the Diamond Model of Intrusion Analysis, the node…
Regarding the diamond model, which four nodes are used to model an intrusion? (Choose four.) adversary capability attacker network infrastructure capacity victim vector path Explanation & Hint: In the Diamond…
Which two statements are true regarding the delivery phase in the cyber kill chain model? (Choose two.) Delivery is the transmission of the payload to the target via a communication…
Regarding the diamond model, which tool or technique might the adversary use in an event? infrastructure victim capability attacker vector Explanation & Hint: In the context of the Diamond Model…
Which phase of the cyber kill chain model describes actions taken by the threat actor that are objective-dependent? installation CnC exploitation actions on objectives Explanation & Hint: The phase of…
What does a digital certificate certify about an entity? A digital certificate certifies the ownership of the public key of the named subject of the certificate. A digital certificate certifies…
If a client connected to a server using SSHv1 previously, how should the client be able to authenticate the server? The same encryption algorithm will be used each time and…
Why is a digital signature used to provide the authenticity of digitally signed data? Both the signer and the recipient must first agree on a shared secret key that is…
Which attack can be used to find collisions in a cryptographic hash function? birthday attack chosen-plaintext attack ciphertext-only attack chosen-ciphertext attack Explanation & Hint: The attack that can be used…
Why is using ECDHE_ECDSA stronger than using RSA? ECDHE_ECDSA provides both data authenticity and confidentiality. ECDHE_ECDSA uses a much larger key size. ECDHE_ECDSA uses a pseudorandom function to generate the…
Which two statements best describe the impact of cryptography on security investigations? (Choose two.) All the employee's SSL/TLS outbound traffic should be decrypted and inspected since it requires minimal resources…
Which option describes the concept of using a different key for encrypting and decrypting data? symmetric encryption avalanche effect asymmetric encryption cipher text Explanation & Hint: The concept of using…
Which method allows you to verify entity authentication, data integrity, and authenticity of communications, without encrypting the actual data? Both parties calculate an authenticated MD5 hash value of the data…
What three things does the client validate on inspection of a server certificate? (Choose three.) The subject matches the URL that is being visited. The website was already in the…
How many encryption key bits are needed to double the number of possible key values that are available with a 40-bit encryption key? 41 bits 80 bits 120 bits 160…
What best describes a brute-force attack? breaking and entering into a physical building or network closet an attacker's attempt to decode a cipher by attempting each possible key combination to…
Which statement describes the risk of not destroying a session key that is no longer used for completed communication of encrypted data? The attacker could have captured the encrypted communication…
Why isn't asymmetric encryption used to perform bulk encryption? Asymmetric algorithms are substantially slower than symmetric algorithms. Asymmetric algorithms are easier to break than symmetric algorithms. Symmetric algorithms can provide…
Which PKI operation would likely cause out-of-band communication over the phone? The client checks with the CA to determine whether a certificate has been revoked. The client validates with the…
Which option was used by Diffie-Hellman to determine the strength of the key that is used in the key agreement process? DH prime number (p) DH base generator (g) DH…