Management decides to implement a risk management system to reduce and maintain the organization's risk at an acceptable level. Which of the following is the correct order in the risk management phase?
Which of the following attack signature analysis techniques are implemented to examine the header information and conclude that a packet has been altered?
What should a network administrator perform to execute/test the untrusted or untested programs or code from untrusted or unverified third-parties without risking the host system or OS?
Martin is a professional hacker. He is performing reconnaissance on an organization to hack a few
target systems. As a part of this method, he needs to determine what hosts are available on the
network, what services those hosts are offering, what operating systems they are running, what type of
packet filters/firewalls, etc. To obtain such information, Martin decided to use automated tools.
Which of the following tool must be employed by Martin?
Justine has been tasked by her supervisor to ensure that the company's physical security is on the same level as their logical security measures. She installs video cameras at all entrances and exits and installs badge
access points for all doors. The last item she wants to install is a method to prevent unauthorized people piggybacking employees. What should she install to prevent piggybacking?
Which type of firewall consists of three interfaces and allows further subdivision of the systems based on specific security objectives of the organization?
A company wants to implement a data backup method that allows them to encrypt the data ensuring its security as well as access it at any time and from any location. What is the appropriate backup method
that should be implemented?
If there is a fire incident caused by an electrical appliance short-circuit, which fire suppressant should be used to control it?
Maximus Tech Is a multinational company that uses Cisco ASA Firewalls for their systems. Jason is the one of the members of the team that checks the logs at Maximus Tech. As a part of his job. he is going through me logs and he came across a firewall log that looks like this:
May 06 2018 21:27:27 asa 1: % ASA -6-11008: User enable_16' executed the 'configure term' command
Based on the security level mentioned in the log, what did Jason understand about the description of this message?
What is the correct order of activities that a IDS is supposed to attempt in order to detect an intrusion?
Which of the following Wireshark filters allows an administrator to detect SYN/FIN DDoS attempt on
the network?
Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and
communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden’s organization.
Individuals in the organization using system resources against acceptable usage policies indicates which of the following security incident:
Which among the following options represents professional hackers with an aim of attacking systems for profit?
Which authorization lets users access a requested resource on behalf of others?
Daniel is monitoring network traffic with the help of a network monitoring tool to detect any abnormalities. What type of network security approach is Daniel adopting?
Wallcot, a retail chain in US and Canada, wants to improve the security of their administration
offices. They want to implement a mechanism with two doors. Only one of the doors can be opened at a
time. Once people enter from the first door, they have to be authorized to open the next one. Failing
the authorization, the person will be locked between the doors until an authorized person lets him or
her out. What is such a mechanism called?
Larry is responsible for the company's network consisting of 300 workstations and 25 servers. After using a hosted email service for a year, the company wants to control the email internally. Larry likes this idea because
it will give him more control over the email. Larry wants to purchase a server for email but does not want the server to be on the internal network due to the potential to cause security risks. He decides to place the server
outside of the company's internal firewall. There is another firewall connected directly to the Internet that will protect traffic from accessing the email server. The server will be placed between the two firewalls. What
logical area is Larry putting the new email server into?
James, a network admin in a large US based IT firm, was asked to audit and implement security
controls over all network layers to achieve Defense-in-Depth. While working on this assignment, James
has implemented both blacklisting and whitelisting ACLs. Which layer of defense-in-depth architecture is
Jason working on currently?
A popular e-commerce company has recently received a lot of complaints from its customers. Most
of the complaints are about the customers being redirected to some other website when trying to
access the e-com site, leading to all their systems being compromised and corrupted. Upon
investigation, the network admin of the firm discovered that some adversary had manipulated the
company’s IP address in the domain name server’s cache. What is such an attack called?
Fargo, head of network defense at Globadyne Tech, has discovered an undesirable process in several Linux systems, which causes machines to hang every 1 hour. Fargo would like to eliminate it; what
command should he execute?
To secure his company’s network, Tim the network admin, installed a security device that inspected
all inbound and outbound network traffic for suspicious patterns. The device was configured to alert him
if it found any such suspicious activity. Identify the type of network security device installed by Tim?
Syslog and SNMP are the two main _______ protocols through which log records are transferred.
Geon Solutions INC., had only 10 employees when it started. But as business grew, the organization had to increase the amount of staff. The network administrator is finding it difficult to accommodate an increasing
number of employees in the existing network topology. So the organization is planning to implement a new topology where it will be easy to accommodate an increasingnumber of employees. Which network topology
will help the administrator solve the problem of needing to add new employees and expand?
Frank installed Wireshark at all ingress points in the network. Looking at the logs he notices an odd packet source. The odd source has an address of 1080:0:FF:0:8:800:200C:4171 and is using port 21. What does this source address signify?
Which of the following statements holds true in terms of virtual machines?
Which type of risk treatment process Includes not allowing the use of laptops in an organization to ensure its security?
The GMT enterprise is working on their internet and web usage policies. GMT would like to control
internet bandwidth consumption by employees. Which group of policies would this belong to?
If an organization has decided to consume PaaS Cloud service model, then identify the organization's responsibility that they need to look after based on shared responsibility model.
Steven is a Linux system administrator at an IT company. He wants to disable unnecessary services in the system, which can be exploited by the attackers. Which among the following is the correct syntax for
disabling a service?
A newly joined network administrator wants to assess the organization against possible risk. He notices the organization doesn't have a________identified which helps measure how risky an activity is.
James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep
attack. Which of the following Wireshark filters will he use?
Which of the information below can be gained through network sniffing? (Select all that apply)
You are monitoring your network traffic with the Wireshark utility and noticed that your network is experiencing a large amount of traffic from certain region. You suspect a DoS incident on the network.
What will be your first reaction as a first responder?
Which risk management phase helps in establishing context and quantifying risks?
Kelly is taking backups of the organization's data. Currently, he is taking backups of only those files which are created or modified after the last backup. What type of backup is Kelly using?
The SOC manager is reviewing logs in AlienVault USM to investigate an intrusion on the network.
Which CND approach is being used?
A company wants to implement a data backup method which allows them to encrypt the data ensuring its security as well as access at any time and from any location. What is the appropriate backup method that
should be implemented?
Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?
Daniel who works as a network administrator has just deployed an in his organizations network. He wants to calculate the False Positive rate for his implementation. Which of the following formulas will he use to calculate the False Positive rate?
Management asked their network administrator to suggest an appropriate backup medium for their backup plan that best suits their organization's need. Which of the following factors will the administrator consider when
deciding on the appropriate backup medium?
On which of the following OSI layers does the Pretty Good Privacy (PGP) work?
A network designer needs to submit a proposal for a company, which has just published a web
portal for its clients on the internet. Such a server needs to be isolated from the internal network,
placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with
three interfaces, one for the internet network, another for the DMZ server farm and another for the
internal network. What kind of topology will the designer propose?
Andrew would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?
Simon had all his systems administrators implement hardware and software firewalls to ensure network security. They implemented IDS/IPS systems throughout the network to check for and stop any unauthorized
traffic that may attempt to enter. Although Simon and his administrators believed they were secure, a hacker group was able to get into the network and modify files hosted on the company's website. After searching
through the firewall and server logs, no one could find how the attackers were able to get in. He decides that the entire network needs to be monitored for critical and essential file changes. This monitoring tool alerts
administrators when a critical file is altered. What tool could Simon and his administrators implement to accomplish this?
How can organizations obtain information about threats through human intelligence?
An organization needs to adhere to the______________rules for safeguarding and protecting the electronically stored health information of employees.
Identify the Password Attack Technique in which the adversary attacks cryptographic hash functions based on the probability, that if a hashing process is used for creating a key, then the same is
used for other keys?
Identify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware.
Mark is monitoring the network traffic on his organization's network. He wants to detect a TCP and UDP ping sweep on his network. Which type of filter will be used to detect this on the network?
Which filter to locate unusual ICMP request an Analyst can use in order to detect a ICMP probes
from the attacker to a target OS looking for the response to perform ICMP fingerprinting?
You want to increase your network security implementing a technology that only allows certain MAC addresses in specific ports in the switches; which one of the above is the best choice?
John has planned to update all Linux workstations in his network. The organization is using various Linux distributions including Red hat, Fedora and Debian. Which of following commands will he use to
update each respective Linux distribution?
XX
Which of the following types of information can be obtained through network sniffing? (Select all that apply)
Heather has been tasked with setting up and implementing VPN tunnels to remote offices. She will most likely be implementing IPsec VPN tunnels to connect the offices. At what layer of the OSI model does an IPsec
tunnel function on?
Which firewall technology provides the best of both packet filtering and application-based filtering and is used in Cisco Adaptive Security Appliances?
Which of the following filters can be used to detect UDP scan attempts using Wireshark?
Oliver is a Linux security administrator at an MNC. An employee named Alice has resigned from his organization and Oliver wants to disable this user in Ubuntu. Which of the following commands can be used to accomplish this?
Which type of attack is used to hack an IoT device and direct large amounts of network traffic toward a web server, resulting in overloading the server with connections and preventing any new connections?
Chris is a senior network administrator. Chris wants to measure the Key Risk Indicator (KRI) to assess the organization. Why is Chris calculating the KRI for his organization? It helps Chris to:
Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know
of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out
SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her
intrusion detection system will log the traffic. What type of scan is Cindy attempting here?
John, the network administrator and he wants to enable the NetFlow feature in Cisco routers to collect and monitor the IP network traffic passing through the router. Which command will John use to enable NetFlow on
an interface?
Rosa is working as a network defender at Linda Systems. Recently, the company migrated from Windows to MacOS. Rosa wants to view the security related logs of her system, where con she find these logs?
Which among the following tools can help in identifying IoEs to evaluate human attack surface?
What can be the possible number of IP addresses that can be assigned to the hosts present in a subnet having 255.255.255.224 subnet mask?
Rick has implemented several firewalls and IDS systems across his enterprise network. What should he do to effectively correlate all incidents that pass through these security controls?
Who acts as an intermediary to provide connectivity and transport services between cloud consumers and providers?
Which component of the data packets is encrypted in Transport mode encryption of an IPsec server?
Patrick wants to change the file permission of a file with permission value 755 to 744. He used a Linux command chmod [permission Value] [File Name] to make these changes. What will be the change
in the file access?
Henry needs to design a backup strategy for the organization with no service level downtime. Which backup method will he select?
Stephanie is currently setting up email security so all company data is secured when passed through email. Stephanie first sets up encryption to make sure that a specific user's email is protected. Next, she needs to
ensure that the incoming and the outgoing mail has not been modified or altered using digital signatures. What is Stephanie working on?
The bank where you work has 600 windows computers and 400 Red Hat computers which primarily serve as bank teller consoles. You have created a plan and deployed all the patches to the Windows computers and
you are now working on updating the Red Hat computers. What command should you run on the network to update the Red Hat computers, download the security package, force the package installation, and update all
currently installed packages?
An insider in Hexagon, a leading IT company in USA, was testing a packet crafting tool. This tool
generated a lot of malformed TCP/IP packets which crashed the main server’s operating system leading
to restricting the employees’ accesses. Which attack did the insider use in the above situation?
What should an administrator do while installing a sniffer on a system to listen to all data transmitted over the network?
Lyle is the IT director for a medium-sized food service supply company in Nebraska. Lyle's company employs over 300 workers, half of which use computers. He recently came back from a security training seminar on
logical security. He now wants to ensure his company is as secure as possible. Lyle has many network nodes and workstation nodes across the network. He does not have much time for implementing a network-wide
solution. He is primarily concerned about preventing any external attacks on the network by using a solution that can drop packets if they are found to be malicious. Lyle also wants this solution to be easy to implement
and be network-wide. What type of solution would be best for Lyle?
Which of the following network monitoring techniques requires extra monitoring software or hardware?
Sophie has been working as a Windows network administrator at an MNC over the past 7 years. She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie
to do so?
-----------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)
Which of the following RAID storage techniques divides the data into multiple blocks, which are further written across the RAID system?
John has been working a* a network administrator at an IT company. He wants to prevent misuse of accounts by unauthorized users. He wants to ensure that no accounts have empty passwords. Which of the following commands does John use to list all the accounts with an empty password?
Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?
The company has implemented a backup plan. James is working as a network administrator for the company and is taking full backups of the data every time a backup is initiated. Alex who is a senior security manager
talks to him about using a differential backup instead and asks him to implement this once a full backup of the data is completed. What is/are the reason(s) Alex is suggesting that James use a differential backup?
(Select all that apply)
Which of the following connects the SDN application layer and SDN controller and allows communication between the network services and business applications?
Which of the Windows security component is responsible for controlling access of a user to Windows resources?
Frank is a network technician working for a medium-sized law firm in Memphis. Frank and two other IT employees take care of all the technical needs for the firm. The firm's partners have asked that a secure wireless
network be implemented in the office so employees can move about freely without being tied to a network cable. While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3, they are not familiar
with how to setup wireless in a business environment. What IEEE standard should Frank and the other IT employees follow to become familiar with wireless?
Paul is a network security technician working on a contract for a laptop manufacturing company in Chicago. He has focused primarily on securing network devices, firewalls, and traffic traversing in and out of the
network. He just finished setting up a server a gateway between the internal private network and the outside public network. This server will act as a proxy, limited amount of services, and will filter packets. What is this
type of server called?
Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an ______for legal advice to defend
them against this allegation.