Which security device is best for defending Web Servers against the OWASP Top 10 web application security risks? load balancer intrusion prevention system web security appliance stateful firewall web application…
Which endpoint security technology should be used to prevent any incoming connections to the host? host-based personal firewall host-based antivirus host-based IDS host-based malware protection Explanation & Hint: To prevent…
An end user’s host becomes infected with a virus because the end user browsed to a malicious website. Which endpoint security technology can be used to best prevent such an…
Which statement is true about sandboxing? Using a sandbox technique ensures that no malware infected files can get in the network. Running a file in a sandbox guarantees that the…
What is the primary difference between a host-based firewall and a traditional firewall? The host-based firewall can block traffic based on application or file type. The traditional firewall can identify…
File integrity checking tools work by calculating hash values of important files, storing the hash values, and periodically comparing those hash values to hash values that it calculates later. If…
What can a HIPS do that a NIPS cannot? (Choose two.) Detect malware delivered to the host via an encrypted channel. Protect a mobile host while connected to non-secured networks.…
After a file disposition changes from unknown to malicious, what is the next step that should be taken? Run the file in a sandbox to verify if it is malicious…
When Cisco AMP for Endpoints detects that an unknown file has been received on an endpoint, what does it do with the file? submits the file to the cloud for…
During incident investigations, what does the AMP for endpoints device trajectory feature show? hosts that have seen the malicious file the signature that triggered the malicious file alert actions that…
Which method is a permissive security control in which only specified applications can run on an end host, while all other applications are prevented? application blocked lists application allowed lists…
Where is the sda block device stored in the file system? /sys /dev /proc /tmp Explanation & Hint: The sda block device is typically stored in the /dev directory in the file…
If the parent process is terminated before its children, what will the PPID column show in the ps command? N/A - 0 1 Explanation & Hint: If the parent process is terminated…
When a host name is being translated to an IP address, where will the operating system look first? /etc/hosts /etc/hostname /etc/resolv.conf It depends on the configuration of /etc/nsswitch.conf. Explanation & Hint:…
A junior analyst is trying to use the tcpdump –i eth1 command on an Ubuntu system, but it is not working. What could be the problem? The tcpdump command requires root level privilege. The tcpdump command…
How would you copy a file that is called evidence from the local system to a Linux host at 192.168.1.33? scp evidence [email protected]:evidence scp [email protected]:evidence evidence ssh evidence [email protected]:evidence ssh [email protected]:evidence evidence…
Which of the following is the most appropriate structure of an LDAP entry? cn=bobsmith,dc=cisco,dc=com dc=bobsmith,cn=cisco,cn=com cn=bob,cn=smith,dc=cisco.com dc=bob,dc=smith,cn=cisco.com Explanation & Hint: The most appropriate structure of an LDAP (Lightweight Directory Access…
Given the ls command output that is shown below, what command will permit only the user owner and members of the "staff" group to read or modify the testpcap file? $ ls -l test…
Which file is an executable used to troubleshoot DNS issues? /etc/hosts /usr/bin/nslookup /bin/resolve /sys/domain/lookup Explanation & Hint: The executable used to troubleshoot DNS (Domain Name System) issues on a Linux…
What are the two primary Linux processes that are used for managing services? (Choose two.) System V init Systemd Task Manager Service Control Manager Explanation & Hint: The two primary…