Which of the following would be the BEST method of sending data to a specific port number on a remote device?
A shipping company stores information in small regional warehouses around the country. The company keeps an IPS online at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?
Attacker obtains bank account number and birth date by calling the victim
A virus alert appears in your browser from Microsoft with a phone number to call for support
Which of these threat actors would be MOST likely to attack systems for direct financial gain?
Which security framework is mandatory for US federal agencies and includes a six step process?
A security incident has occurred on a file server. Which of the following data sources should be gathered to address file storage volatility? (Select TWO)
Transfer daily transaction files from one server to another. Which secure protocol should be used for this task?
A recent security audit has discovered email addresses and passwords located in a packet capture. Which of the following did the audit identify?
An attacker is modifying data sent in real-time between two devices. Which of the following attacks is MOST likely in use?
Which of the following is responsible for enforcing rules during a cybersecurity exercise?
Which of the following would be the BEST way to provide connectivity to VPCs?
An IPS report shows a series of exploit attempts were made against externally facing web servers. The system administrator of the web servers has identified a number of unusual log entries on each system. Which of the following would be the NEXT step in the incident response process?
A security team has been asked to document information in the Diamond Model. Which of the following best describes this model?
A transportation company has moved their reservation system to a cloud-based infrastructure. The security manager would like to monitor data transfers, identify potential threats, and ensure that all data transfers are encrypted. Which of the following would be the BEST choice for these requirements?
Lookup the IP address of a server based on the FQDN.Which secure protocol should be used for this task?
Which of the following standards provides information on privacy and managing PII?
Elizabeth, a security administrator, is concerned about the potential for data exfiltration using external storage drives. Which of the following would be the BEST way to prevent this method of data exfiltration?
Sam, a security administrator, is configuring an IPsec tunnel to a remote site. Which protocol should she enable to protect all of the data traversing the VPN tunnel?
You’ve hired a third-party to gather information about your company’s servers and data. The third-party will not have direct access to your internal network but can gather information from any other source. Which of the following would BEST describe this approach?
A company would like to automate their response when a virus is detected on company devices. Which of the following would be the BEST way to implement this function?
Which of these protocols use TLS to provide secure communication? (Select TWO)
Which of these threat actors would be motivated by social change and would likely have limited funding options?
Attacker modifies a legitimate DNS server to resolve the IP address of a malicious site
Secure Network Protocol: Talk with customers on scheduled conference calls
Administer a remote Linux server console. Which secure protocol should be used for this task?
A CISO (Chief Information Security Officer) would like to decrease the response time when addressing security incidents. Unfortunately, the company does not have the budget to hire additional security engineers. Which of the following would assist the CISO with this requirement?
Sam, a security administrator, is configuring the authentication process used by technicians when logging into a router. Instead of using accounts that are local to the router, Sam would like to pass all login requests to a centralized database. Which of the following would be the BEST way to implement this requirement?
The Vice President of Sales has asked the IT team to create daily backups of the sales data. The Vice President is an example of a:
A security administrator is designing a storage array that would maintain an exact replica of all data without striping. The array needs to operate normally if a single drive was to fail. Which of the following would be the BEST choice for this storage system?
Multiple attackers overwhelm a web server
Attacker intercepts all communication between a client and a web server
An organization has traditionally purchased insurance to cover a ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and deal with ransomware issues internally. Which of the following would best describe this action?
Which of the following is used by WPA3 to prevent PSK brute force attacks?
Secure Network Protocol: Gather metrics from routers at remote sites
Which of the following companies would be MOST likely to manage PHI?
Rodney, a security engineer, is viewing this record from the firewall logs: UTC 04/05/2018 03:09:15809 AV Gateway Alert 188.8.131.52 80 -> 10.16.10.14 60818 Gateway Anti-Virus Alert: XPACK.A_7854 (Trojan) blocked. Which of the following can be observed from this log information?
A security administrator has performed an audit of the organization’s production web servers, and the results have identified banner information leakage, web services running from a privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?
Build a secure tunnel between two remote locations. Which secure protocol should be used for this task?
Secure Network Protocol: Accept customer purchases from your primary website
Which of the following would be the BEST way to monitor a cloud-based microservice architecture?
An IPS at your company has found a sharp increase in traffic from all-in-one printers. After researching, your security team has found a vulnerability associated with these devices that allows the device to be remotely controlled by a third-party. Which category would BEST describe these devices?
Which of the following would be considered an authentication attribute?
An organization has developed an in-house mobile device app for order processing. The developers would like the app to identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following MUST be configured to allow this functionality?
A transportation company is installing new wireless access points in their corporate offices. The manufacturer estimates that the access points will operate an average of 100,000 hours before a hardware-related outage. Which of the following describes this estimate?
Which of these would provide a connection between smartphones without the use of an access point?
Secure Network Protocol: Synchronize the time across all of your devices
Secure Network Protocol: Access your switch using a CLI terminal screen