A security analyst needs to perform periodic vulnerably scans on production systems.
Which of the following scan types would produce the BEST vulnerability scan report?

A.

Port

B.

Intrusive

C.

Host discovery

D.

Credentialed

A security analyst is Investigating a malware incident at a company. The malware Is
accessing a command-and-control website at www.comptia.com. All outbound Internet
traffic is logged to a syslog server and stored in /logfiles/messages.
Which of the following commands would be BEST for the analyst to use on the syslog
server to search for recent traffic to the command-and-control website?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Which two features are available only in next-generation firewalls? (Choose two )

A.

deep packet inspection

B.

packet filtering

C.

application awareness

D.

stateful inspection

E.

virtual private network

The Chief Information Security Officer wants to pilot a new adaptive, user-based
authentication method. The concept Includes granting logical access based on physical location and proximity. Which of the following Is the BEST solution for the pilot?

A.

Geofencing

B.

Self-sovereign identification

C.

PKl certificates

D.

SSO

If a current private key is compromised, which of the following would ensure it cannot be used to decrypt all historical data?

A.

Perfect forward secrecy

B.

Elliptic-curve cryptography

C.

Key stretching

D.

Homomorphic encryption

A financial institution would like to stare is customer data a could but still allow the data ta
he accessed and manipulated while encrypted. Doing se would prevent the cloud service
provider from being able to decipher the data due to its sensitivity. The financial institution
is not concern about computational overheads and slow speeds, Which of the following
cryptographic techniques would BEST meet the requirement?

A.

Asymmatric

B.

Symmetric

C.

Homeomorphic

D.

Ephemeral

A developer is concerned about people downloading fake malware-infected replicas of a
popular game. Which of the following should the developer do to help verify legitimate
versions of the game for users?

A.

Digitally sign the relevant game files.

B.

Embed a watermark using steganography

C.

Implement TLS on the license activation server

D.

Fuzz the application for unknown vulnerabilities

A company is implementing a new SIEM to log and send alerts whenever malicious activity is blocked by its antivirus and web content filters. Which of the following is the primary use case for this scenario?

A.

Implementation of preventive controls

B.

Implementation of detective controls

C.

Implementation of deterrent controls

D.

Implementation of corrective controls

A company uses specially configured workstations tor any work that requires administrator
privileges to its Tier 0 and Tier 1 systems. The company follows a strict process to harden
systems immediately upon delivery. Even with these strict security measures in place, an
incident occurred from one of the workstations. The root cause appears to be that the SoC
was tampered with or replaced. Which of the following MOST likely occurred?

A.

Fileless malware

B.

A downgrade attack

C.

A supply-chain attack

D.

A logic bomb

E.

Misconfigured BIOS

An attack relies on an end user visiting a website the end user would typically visit, however, the site is compromised and uses vulnerabilities in the end users browser to deploy malicious software. Which of the blowing types of attack does this describe?

A.

Smishing

B.

Whaling

C.

Watering hole

D.

Phishing

A security analyst notices several attacks are being blocked by the NIPS but does not see
anything on the boundary firewall logs. The attack seems to have been thwarted Which of
the following resiliency techniques was applied to the network to prevent this attack?

A.

NIC Teaming

B.

Port mirroring

C.

Defense in depth

D.

High availability

E.

Geographic dispersal

A company has been experiencing very brief power outages from its utility company over
the last few months. These outages only last for one second each time. The utility company
is aware of the issue and is working to replace a faulty transformer. Which of the following
BEST describes what the company should purchase to ensure its critical servers and
network devices stay online?

A.

Dual power supplies

B.

A UPS

C.

A generator

D.

APDU