NO.371 A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?

Search for matching file hashes on malware websites

Open the document on an air-gapped network

View the document's metadata for origin clues

Detonate the document in an analysis sandbox

NO.376 A security analyst needs to be proactive in understand the types of attacks that could potentially target the company's execute. Which of the following intelligence sources should to security analyst review?

Industry information-sharing and collaboration groups

Trusted automated exchange of indicator information

Structured threat information expression

NO.377 The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?

Segment the network with firewalls.

Install a NIDS device at the boundary.

Update all antivirus signatures daily.

Implement application blacklisting.

NO.378 A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.

The most common set of MDM configurations will become the effective set of enterprise mobile security controls

All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to adversaries.

MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured.

NO.381 A security analyst Is hardening a Linux workstation and must ensure It has public keys forwarded to remote systems for secure login Which of the following steps should the analyst perform to meet these requirements? (Select TWO).

Forward the keys using ssh-copy-id.

Forward the keys using openssl -s.

Forward the keys using ssh-keyger.

NO.387 A security manager runs Nessus scans of the network after every maintenance window. Which of the following is the security manger MOST likely trying to accomplish?

Verifying that system patching has effectively removed knows vulnerabilities

Identifying assets on the network that may not exist on the network asset inventory

Validating the hosts do not have vulnerable ports exposed to the internet

Checking the status of the automated malware analysis that is being performed

NO.390 A website developer who is concerned about theft cf the company's user database warns to protect weak passwords from offline brute-force attacks. Which of the following be the BEST solution?

Lock accounts auter five failed logons

Precompute passwords with rainbow tables

Hash passwords with the MD5 algorithm

Comp_Sec_361-390

Quiz

•

Other

•

Practice Problem

•

Easy

Hacker Eurotech

Used 5+ times

FREE Resource

30 questions

Show all answers

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

NO.361 A security analyst is investigating multiple hosts that are communicating to external IP addresses during the hours of 2:00 a.m - 4:00 am. The malware has evaded detection by traditional antivirus software. Which of the following types of malware is MOST likely infecting the hosts?

A RAT

Ransomware

Logic bomb

A worm

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

NO.362 A public relations team will be taking a group of guest on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboars are cleaned and all desks are cleared. The company is MOST likely trying to protect against.

Loss of proprietary information

Damage to the company's reputation

Social engineering

Credential exposure

Answer explanation

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information think phishing, spoofing. That is not being demonstrated in this question. The company is protecting themselves from loss of proprietary information by clearing it all out. so that if anyone in the tour is looking to take it they will be out of luck

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

NO.363 A desktop support technician recently installed a new document-scanning software program on a computer However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?

A new firewall rule is needed to access the application.

The system was quarantined for missing software updates

The software was not added to the application whitelist.

The system was isolated from the network due to infected software.

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

NO.364 Users reported several suspicious activities within the last two weeks that resulted in several unauthorized transactions. Upon investigation, the security analyst found the following: Multiple reports of breached credentials within that time period Traffic being redirected in certain parts of the network * Fraudulent emails being sent by various internal users without their consent Which of the following types of attacks was MOST likely used?

Replay attack

Race condition

Cross site scripting

Request forgeries

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

NO.365 An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

It allows for the sharing of digital forensics data across organizations

It provides insurance in case of a data breach

It provides complimentary training and certification resources to IT security staff.

It certifies the organization can work with foreign entities that require a security clearance

It assures customers that the organization meets security standards

Answer explanation

According to the ISO https://www.iso.org/standard/54534.html ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in ISO/IEC 27001:2013 are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

NO.366 A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements:
* The devices will be used internationally by staff who travel extensively.
Occasional personal use is acceptable due to the travel requirements.
Users must be able to install and configure sanctioned programs and productivity suites.
The devices must be encrypted
The devices must be capable of operating in low-bandwidth environments.
Which of the following would provide the GREATEST benefit to the security posture of the devices?

Configuring an always-on VPN

Implementing application whitelisting

Requiring web traffic to pass through the on-premises content filter

Setting the antivirus DAT update schedule to weekly

MULTIPLE CHOICE QUESTION

5 mins • 1 pt

NO.367 A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

Configure the perimeter firewall to deny inbound external connections to SMB ports.

Ensure endpoint detection and response systems are alerting on suspicious SMB connections.

Deny unauthenticated users access to shared network folders.

Verify computers are set to install monthly operating system, updates automatically.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

KUIS KATA KERJA MEMAKAI

Quiz

•

9th - 12th Grade

25 questions

uh 1 dekiru koto

Quiz

•

11th Grade

25 questions

NOTARIADO/ORAL 2

Quiz

•

1st - 3rd Grade

25 questions

紅樓夢課堂測驗

Quiz

•

9th - 12th Grade

25 questions

QUI EST BTS ?

Quiz

•

KG - Professional Dev...

25 questions

Spring time

Quiz

•

10th Grade

25 questions

Quiz sobre versões do Android

Quiz

•

8th Grade

30 questions

Tributos

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

Discover more resources for Other

4 questions

Conflict Resolution

Lesson

•

20 questions

Place Value

Quiz

•

KG - 3rd Grade

20 questions

CVC Words

Quiz

•

KG - 1st Grade

24 questions

CKLA Unit 5 assessment K

Quiz

•

10 questions

STAAR Review - Editing & Revising Clusters

Quiz

•

10 questions

Reflexive Pronouns

Quiz

•

KG - 5th Grade

10 questions

Long i- igh, ie, and y Quiz

Quiz

•

KG - 3rd Grade

12 questions

Quarter Past, Half Past, and Quarter To

Quiz

•

KG - 12th Grade

Comp_Sec_361-390

30 questions

NO.361 A security analyst is investigating multiple hosts that are communicating to external IP addresses during the hours of 2:00 a.m - 4:00 am. The malware has evaded detection by traditional antivirus software. Which of the following types of malware is MOST likely infecting the hosts?

NO.363 A desktop support technician recently installed a new document-scanning software program on a computer However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?

NO.365 An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

NO.367 A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

NO.368 Which of the following disaster recovery tests is The LEAST time consuming for the disaster recovery team?

NO.370 A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other