Which mobile-use approach allows an organization’s employees to use devices that they are comfortable with and best fits their preferences and work purposes?
What command is used to terminate certain processes in an Ubuntu system?
Identify the network topology where each computer acts as a repeater and the data passes from one computer to the other in a single direction until it reaches the destination.
Your company is planning to use an uninterruptible power supply (UPS) to avoid damage from power fluctuations. As a network administrator, you need to suggest an appropriate UPS solution suitable for specific resources or conditions. Match the type of UPS with the use and advantage:
Identify the attack where an attacker manipulates or tricks people into revealing their confidential details like bank account information, credit card details, etc.?
Which category of suspicious traffic signatures includes SYN flood attempts?
The SNMP contains various commands that reduce the burden on the network administrators.
Which of the following commands is used by SNMP agents to notify SNMP managers about an event occurring in the network?
Which authorization lets users access a requested resource on behalf of others?
Who is responsible for executing the policies and plans required for supporting the information technology and computer systems of an organization?
Which of the following is true regarding any attack surface?
The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones without proper credentials. Which of
following physical security measures should the administrator use?
James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep
attack. Which of the following Wireshark filters will he use?
How does Windows’ in-built security component, AppLocker, whitelist applications?
Justine has been tasked by her supervisor to ensure that the company's physical security is on the same level as their logical security measures. She installs video cameras at all entrances and exits and installs badge
access points for all doors. The last item she wants to install is a method to prevent unauthorized people piggybacking employees. What should she install to prevent piggybacking?
Which Internet access policy starts with all services blocked and the administrator enables safe and necessary services individually, which provides maximum security and logs everything, such as system
and network activities?
Which of the following Layers of IoT Architecture provides dashboards to monitor, analyze, and implement proactive decisions?
Bryson is the IT manager and sole IT employee working for a federal agency in California. The agency was just given a grant and was able to hire on 30 more employees for a new extended project. Because of this,
Bryson has hired on two more IT employees to train up and work. Both of his new hires are straight out of college and do not have any practical IT experience. Bryson has spent the last two weeks teaching the new
employees the basics of computers, networking, troubleshooting techniques etc. To see how these two new hires are doing, he asks them at what layer of the OSI model do Network Interface Cards (NIC) work on. What
should the new employees answer?
James was inspecting ARP packets in his organization's network traffic with the help of Wireshark. He is checking the volume of traffic containing ARP requests as well as the source IP address from which they are
originating. Which type of attack is James analyzing?
Eric is receiving complaints from employees that their systems are very slow and experiencing odd issues including restarting automatically and frequent system hangs. Upon investigating, he is convinced the systems
are infected with a virus that forces systems to shut down automatically after period of time. What type of security incident are the employees a victim of?
Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an ______for legal advice to defend
them against this allegation.
Heather has been tasked with setting up and implementing VPN tunnels to remote offices. She will most likely be implementing IPsec VPN tunnels to connect the offices. At what layer of the OSI model does an IPsec
tunnel function on?
A network designer needs to submit a proposal for a company, which has just published a web
portal for its clients on the internet. Such a server needs to be isolated from the internal network,
placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with
three interfaces, one for the internet network, another for the DMZ server farm and another for the
internal network. What kind of topology will the designer propose?
Which of following are benefits of using loT devices in loT-enabled environments? I. loT device car be connected anytime M. loT device can be connected at any place ill. loT devices connected to anything
James, a network admin in a large US based IT firm, was asked to audit and implement security
controls over all network layers to achieve Defense-in-Depth. While working on this assignment, James
has implemented both blacklisting and whitelisting ACLs. Which layer of defense-in-depth architecture is
Jason working on currently?
Which of the information below can be gained through network sniffing? (Select all that apply)
Which of the following is not part of the recommended first response steps for network defenders?
Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. What is the last step he should list?
How is application whitelisting different from application blacklisting?
Match the following NIST security life cycle components with their activities:
John is a senior network security administrator working at a multinational company. He wants to block specific syscalls from being used by container binaries. Which Linux kernel feature restricts actions
within the container?
Michelle is a network security administrator working in an MNC company. She wants to set a
resource limit for CPU in a container. Which command-line allows Michelle to limit a container to 2
CPUs?
Physical access controls help organizations monitor, record, and control access to the information assets and facility. Identify the category of physical security controls which includes security labels and
warning signs.
The CEO of Max Rager wants to send a confidential message regarding the new formula for its coveted soft drink, SuperMax, to its manufacturer in Texas. However, he fears the message could be altered in
transit. How can he prevent this incident from happening and what element of the message ensures the success of this method?
What represents the ability of an organization to respond under emergency in order to minimize the damage to its brand name, business operation, and profit?
Ivan needs to pick an encryption method that is scalable even though it might be slower. He has settled on a method that works where one key is public and the other is private. What encryption method did Ivan settle
on?
Disaster Recovery is a _________.
Delta IT solutions suffered a substantial data loss translating into a huge monetary loss for them. While investigation, the network admin analyzed all the packets and traffic transmitted across the
network and identified that some user, within the organization, had leaked the data. Which of the following devices could have helped the network admin reach this conclusion?
Consider a scenario consisting of a tree network. The root Node N is connected to two man nodes N1 and N2. N1 is connected to N11 and N12. N2 is connected to N21 and N22. What will happen if any one of the main
nodes fail?
Which event type indicates a significant problem such as loss of data or loss of functionality?
Identify the spread spectrum technique that multiplies the original data signal with a pseudo random noise spreading code.
Which filter to locate unusual ICMP request an Analyst can use in order to detect a ICMP probes
from the attacker to a target OS looking for the response to perform ICMP fingerprinting?
Identify the firewall technology that monitors the TCP handshake between the packets to determine whether a requested session is legitimate.
Which of the following attack signature analysis techniques are implemented to examine the header information and conclude that a packet has been altered?
As a network administrator, you have implemented WPA2 encryption in your corporate wireless network. The WPA2's _________integrity check mechanism provides security against a replay attack
Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?
Which of the following is a database encryption feature that secures sensitive data by encrypting it in client applications without revealing the encrypted keys to the data engine in MS SQL Server?
Identify the minimum number of drives required to setup RAID level 5.
Sean has built a site-to-site VPN architecture between the head office and the branch office of his company. When users in the branch office and head office try to communicate with each other, the traffic is
encapsulated. As the traffic passes though the gateway, it is encapsulated again. The header and payload both are encapsulated. This second encapsulation occurs only in the __________implementation of a VPN.
Which phase of vulnerability management deals with the actions taken for correcting the discovered vulnerability?
Who is responsible for conveying company details after an incident?
In MacOS, how can the user implement disk encryption?
What should an administrator do while installing a sniffer on a system to listen to all data transmitted over the network?
According to the company's security policy, all access to any network resources must use Windows Active Directory Authentication. A Linux server was recently installed to run virtual servers and it is not using Windows
Authentication. What needs to happen to force this server to use Windows Authentication?
Daniel who works as a network administrator has just deployed an in his organizations network. He wants to calculate the False Positive rate for his implementation. Which of the following formulas will he use to calculate the False Positive rate?
A VPN Concentrator acts as a bidirectional tunnel endpoint among host machines. What are the other f unction(s) of the device? (Select all that apply)
USB ports enabled on a laptop is an example of____
Chris is a senior network administrator. Chris wants to measure the Key Risk Indicator (KRI) to assess the organization. Why is Chris calculating the KRI for his organization? It helps Chris to:
Which of the following provides the target for designing DR and BC solutions?
An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?
Which technique is used in RAID level 0 where the data is split into blocks and written evenly across multiple disks?
The SOC manager is reviewing logs in AlienVault USM to investigate an intrusion on the network.
Which CND approach is being used?
An attacker has access to password hashes of a Windows 7 computer. Which of the following attacks can the attacker use to reveal the passwords?
John, a network administrator, is configuring Amazon EC2 cloud service for his organization. Identify the type of cloud service modules his organization adopted.
Fred is a network technician working for Johnson Services, a temporary employment agency in Boston. Johnson Services has three remote offices in New England and the headquarters in Boston where Fred works.
The company relies on a number of customized applications to perform daily tasks and unfortunately these applications require users to be local administrators. Because of this, Fred's supervisor wants to implement
tighter security measures in other areas to compensate for the inherent risks in making those users local admins. Fred's boss wants a solution that will be placed on all computers throughout the company and
monitored by Fred. This solution will gather information on all network traffic to and from the local computers without actually affecting the traffic. What type of solution does Fred's boss want to implement?
Which of the following defines the extent to which an interruption affects normal business operations and the amount of revenue lost due to that interruption?
Alex is administrating the firewall in the organization's network. What command will he use to check all the remote addresses and ports in numerical form?
Which of the Windows security component is responsible for controlling access of a user to Windows resources?
Which of the following incident handling stage removes the root cause of the incident?
Identify the password cracking attempt involving precomputed hash values stored as plaintext and using these to crack the password.
James wants to implement certain control measures to prevent denial-of-service attacks against the organization. Which of the following control measures can help James?
What defines the maximum time period an organization is willing to lose data during a major IT outage event?
Ross manages 30 employees and only 25 computers in the organization. The network the company uses is a peer-to-peer. Ross configures access control measures allowing the employees to set their own control
measures for their files and folders. Which access control did Ross implement?
Which of the following things need to be identified during attack surface visualization?
Andrew would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?
The network admin decides to assign a class B IP address to a host in the network. Identify which of the following addresses fall within a class B IP address range.
Which of the following characteristics represents a normal TCP packet?
Which of the following network monitoring techniques requires extra monitoring software or hardware?
Identify the Password Attack Technique in which the adversary attacks cryptographic hash functions based on the probability, that if a hashing process is used for creating a key, then the same is
used for other keys?
Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know
of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out
SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her
intrusion detection system will log the traffic. What type of scan is Cindy attempting here?
Which of the following can be used to suppress fire from Class K sources?
John is the Vice-President of a BPO. He wants to implement a policy allowing employees to use and manage devices purchased by the organization but restrict the use of the device for business use only. Which among the following policies does John want to implement?
Henry needs to design a backup strategy for the organization with no service level downtime. Which backup method will he select?
Which risk management phase helps in establishing context and quantifying risks?
Which of the following is consumed into SIEM solutions to take control of chaos, gain in-depth knowledge of threats, eliminate false positives, and implement proactive intelligence-driven defense?
The--------------protocol works in the network layer and is responsible for handling the error codes during the delivery of packets. This protocol is also responsible for providing communication in the TCP/IP stack.
Individuals in the organization using system resources against acceptable usage policies indicates which of the following security incident:
Geon Solutions INC., had only 10 employees when it started. But as business grew, the organization had to increase the amount of staff. The network administrator is finding it difficult to accommodate an increasing
number of employees in the existing network topology. So the organization is planning to implement a new topology where it will be easy to accommodate an increasingnumber of employees. Which network topology
will help the administrator solve the problem of needing to add new employees and expand?
How is the chip-level security of an IoT device achieved?
Which among the following is used to limit the number of cmdlets or administrative privileges of administrator, user, or service accounts?
Which encryption algorithm does S/MIME protocol implement for digital signatures in emails?
How can organizations obtain information about threats through human intelligence?
An organization’s web server was recently compromised triggering its admin team into action to
defend the network. The admin team wants to place the web server in such a way that, even if it is
attacked, the other network resources will be unavailable to the attacker. Moreover, the network
monitoring will easily detect the future attacks. How can the admin team implement this plan?
Which antenna's characteristic refer to the calculation of radiated in a particular direction. It is generally the ratio of radiation intensity in a given direction to the average radiation intensity?
Jason works as a System Administrator for Inc. The company has a Windows
based network. Sam, an employee of the company, accidentally changes some of the applications and
system settings. He complains to Jason that his system is not working properly. To troubleshoot the
problem, Jason diagnoses the internals of his computer and observes that some changes have been
made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the
following utilities can Jason use to accomplish the task? Each correct answer represents a complete
solution. Choose all that apply.
Which of the following types of information can be obtained through network sniffing? (Select all that apply)
Syslog and SNMP are the two main _______ protocols through which log records are transferred.
An IDS or IDPS can be deployed in two modes. Which deployment mode allows the IDS to both
detect and stop malicious traffic?
Who is an IR custodian?
Timothy works as a network administrator in a multinational organization. He decides to implement a dedicated network for sharing storage resources. He uses a_______as itseperates the storage units from the
servers and the user network.
Which among the following tools can help in identifying IoEs to evaluate human attack surface?
_______________ is a structured and continuous process which integrates information security
and risk management activities into the system development life cycle (SDLC).
Which of the following is an example of Indicators of Attack?
Which of the following interfaces uses hot plugging technique to replace computer components without the need to shut down the system?