Secure Network Protocol: Talk with customers on scheduled conference calls
You’ve hired a third-party to gather information about your company’s servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach?
Which of these threat actors would be motivated by social change and would likely have limited funding options?
A shipping company stores information in small regional warehouses around the country. The company keeps an IPS online at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?
A security administrator has performed an audit of the organization’s production web servers, and the results have identified banner information leakage, web services running from a privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?
Which of the following would be the BEST way to monitor a cloud-based microservice architecture?
Which of these threat actors would be MOST likely to attack systems for direct financial gain?
A security incident has occurred on a file server. Which of the following data sources should be gathered to address file storage volatility? (Select TWO)
A virus alert appears in your browser from Microsoft with a phone number to call for support
Which of these protocols use TLS to provide secure communication? (Select TWO)
Which of the following would be considered an authentication attribute?
The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:
Multiple attackers overwhelm a web server
An organization has developed an in-house mobile device app for order processing. The developers would like the app to identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following MUST be configured to allow this functionality?
An IPS report shows a series of exploit attempts were made against externally facing web servers. The system administrator of the web servers has identified a number of unusual log entries on each system. Which of the following would be the NEXT step in the incident response process?
Rodney, a security engineer, is viewing this record from the firewall logs: UTC 04/05/2018 03:09:15809 AV Gateway Alert 136.127.92.171 80 -> 10.16.10.14 60818 Gateway Anti-Virus Alert: XPACK.A_7854 (Trojan) blocked. Which of the following can be observed from this log information?
Which of the following standards provides information on privacy and managing PII?
Which of the following companies would be MOST likely to manage PHI?
Which of the following is responsible for enforcing rules during a cybersecurity exercise?
Which of the following would be the BEST way to provide connectivity to VPCs?
Administer a remote Linux server console. Which secure protocol should be used for this task?
Attacker intercepts all communication between a client and a web server
Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration?
Build a secure tunnel between two remote locations. Which secure protocol should be used for this task?
Secure Network Protocol: Access your switch using a CLI terminal screen
Which of the following is used by WPA3 to prevent PSK brute force attacks?
An organization has traditionally purchased insurance to cover a ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and deal with ransomware issues internally. Which of the following would best describe this action?
An attacker is modifying data sent in real-time between two devices. Which of the following attacks is MOST likely in use?
A recent security audit has discovered email addresses and passwords located in a packet capture. Which of the following did the audit identify?
A transportation company has moved their reservation system to a cloud-based infrastructure. The security manager would like to monitor data transfers, identify potential threats, and ensure that all data transfers are encrypted. Which of the following would be the BEST choice for these requirements?
Sam, a security administrator, is configuring the authentication process used by technicians when logging into a router. Instead of using accounts that are local to the router, Sam would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?
Secure Network Protocol: Synchronize the time across all of your devices
Attacker modifies a legitimate DNS server to resolve the IP address of a malicious site
Attacker obtains bank account number and birth date by calling the victim
A security administrator is designing a storage array that would maintain an exact replica of all data without striping. The array needs to operate normally if a single drive was to fail. Which of the following would be the BEST choice for this storage system?
A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement?
Which security framework is mandatory for US federal agencies and includes a six step process?
A transportation company is installing new wireless access points in their corporate offices. The manufacturer estimates that the access points will operate an average of 100,000 hours before a hardware-related outage. Which of the following describes this estimate?
Lookup the IP address of a server based on the FQDN.Which secure protocol should be used for this task?
A security team has been asked to document information in the Diamond Model. Which of the following best describes this model?
Secure Network Protocol: Accept customer purchases from your primary website
An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices?
A company would like to automate their response when a virus is detected on company devices. Which of the following would be the BEST way to implement this function?
Which of these would provide a connection between smartphones without the use of an access point?
Sam, a security administrator, is configuring an IPsec tunnel to a remote site. Which protocol should she enable to protect all of the data traversing the VPN tunnel?
Transfer daily transaction files from one server to another. Which secure protocol should be used for this task?
Secure Network Protocol: Gather metrics from routers at remote sites
Which of the following would be the BEST method of sending data to a specific port number on a remote device?