What does an attacker use to determine which network ports are listening on a potential target device?
A.
man-in-the-middle
B.
port scanning
C.
SQL injection
D.
ping sweep
port scanning
An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group.
What is the initial event called in the NIST SP800-61?
A.
online assault
B.
precursor
C.
trigger
D.
instigator
precursor
Which artifact is used to uniquely identify a detected file?
A.
file timestamp
B.
file extension
C.
file size
D.
file hash
file hash
Refer to the exhibit.
What is occurring in this network?
A.
ARP cache poisoning
B.
DNS cache poisoning
C.
MAC address table overflow
D.
MAC flooding attack
ARP cache poisoning
What is the difference between statistical detection and rule-based detection models?
A.
Rule-based detection involves the collection of data in relation to the behavior of legitimate users over a period of time
B.
Statistical detection defines legitimate data of users over a period of time and rule-based detection defines it on an IF/THEN basis
C.
Statistical detection involves the evaluation of an object on its intended actions before it executes that behavior
D.
Rule-based detection defines legitimate data of users over a period of time and
statistical detection defines it on an IF/THEN basis
Statistical detection defines legitimate data of users over a period of time and rule-based detection defines it on an IF/THEN basis
Which principle is being followed when an analyst gathers information relevant to a security incident to determine the appropriate course of action?
A.
decision making
B.
rapid response
C.
data mining
D.
due diligence
decision making
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
A.
CSIRT
B.
BPSIRT
C.
public affairs
D.
management
management
What causes events on a Windows system to show Event Code 4625 in the log
messages?
A.
The system detected an XSS attack
B.
Someone is trying a brute force attack on the network
C.
Another device is gaining root access to the system
D.
A privileged user successfully logged into the system
Someone is trying a brute force attack on the network
When trying to evade IDS/IPS devices, which mechanism allows the user to make the data incomprehensible
without a specific key, certificate, or password?
A.
fragmentation
B.
pivoting
C.
encryption
D.
stenography
pivoting
What is the difference between an attack vector and attack surface?
A.
An attack surface identifies vulnerabilities that require user input or validation; and anVattack vector
identifies vulnerabilities that are independent of user actions.
B.
An attack vector identifies components that can be exploited; and an attack surface
identifies the potential
path an attack can take to penetrate the network.
C.
An attack surface recognizes which network parts are vulnerable to an attack; and an
attack vector
identifies which attacks are possible with these vulnerabilities.
D.
An attack vector identifies the potential outcomes of an attack; and an attack surface
launches an attack
using several methods against the identified vulnerabilities.
An attack surface recognizes which network parts are vulnerable to an attack; and an
attack vector
identifies which attacks are possible with these vulnerabilities.
What is personally identifiable information that must be safeguarded from unauthorized access?
A.
date of birth
B.
driver's license number
C.
gender
D.
zip code
driver's license number
While viewing packet capture data, an analyst sees that one IP is sending and receivingVtraffic for multiple devices by modifying the IP header.
Which technology makes this behavior possible?
A.
encapsulation
C.
tunneling
D.
NAT
NAT
| Page 5 out of 34 Pages |
| Previous |