Because of limited space on a laptop keyboard, some keys have a dual-purpose. What are these keys called? control keys alternate keys special purpose keys function keys Answers Explanation &…
A technician suspects that a power supply is faulty. How can it be checked? by checking the temperature of the power supply by using a multimeter by taking apart the…
What is the main goal of using different evasion techniques by threat actors? to launch DDoS attacks on targets to identify vulnerabilities of target systems to gain the trust of…
Match the category of attacks with the description. (Not all options are used.) Explanation & Hint: The image you've uploaded is a matching exercise for categories of attacks and their…
Match the attack tools with the description. (Not all options are used.) Explanation & Hint: RainbowCrack - This tool is used for password cracking by either removing the original password,…
Which type of data would be considered an example of volatile data? web browser cache log files memory registers temp files Answers Explanation & Hints: Volatile data is data stored…
A threat actor has identified the potential vulnerability of the web server of an organization and is building an attack. What will the threat actor possibly do to build an…
Match the Linux host-based firewall application with its description. Explanation & Hint: iptables: This is a rule-based access control and logging system for Linux packet filtering based on IP addresses…
Match the network-based antimalware solution to the function. (Not all options are used.) Explanation & Hint: Web Security Appliance - This is generally responsible for providing filtering of websites and…
What best describes the destination IPv4 address that is used by multicasting? a single IP multicast address that is used by all destinations in a group an IP address that…
What are three goals of a port scan attack? (Choose three.) to discover system passwords to identify operating systems to identify active services to identify peripheral configurations to determine potential…
Which two techniques are used in a smurf attack? (Choose two.) session hijacking reflection amplification botnets resource exhaustion Explanation & Hint: In a Smurf attack, two primary techniques are used:…
In which phase of the NIST incident response life cycle is evidence gathered that can assist subsequent investigations by authorities? preparation detection and analysis containment, eradication, and recovery postincident activities…
What information is gathered by the CSIRT when determining the scope of a security incident? the networks, systems, and applications affected by an incident the strategies and procedures used for…
According to NIST standards, which incident response stakeholder is responsible for coordinating an incident response with other stakeholders to minimize the damage of an incident? IT support management legal department…
What is defined in the SOP of a computer security incident response capability (CSIRC)? the procedures that are followed during an incident response the metrics for measuring incident response capabilities…
Which meta-feature element in the Diamond Model describes information gained by the adversary? results direction resources methodology Answers Explanation & Hints: The meta-feature element results are used to delineate what…
What is the objective the threat actor in establishing a two-way communication channel between the target system and a CnC infrastructure? to launch a buffer overflow attack to send user…
When dealing with security threats and using the Cyber Kill Chain model, which two approaches can an organization use to block a potential back door creation? (Choose two.) Conduct damage…
Why would threat actors prefer to use a zero-day attack in the Cyber Kill Chain weaponization phase? to get a free malware package to launch a DoS attack toward the…