Get Full Version of the Exam
A Chief Executive Officer (CEO) suspects someone in the lab testing environment is stealing confidential information after working hours when no one else is around. Which of the following actions can help to prevent this specific threat?
Implement time-of-day restrictions.
Audit file access times.
Secretly install a hidden surveillance camera
Require swipe-card access to enter the lab
A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA. The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solution would be BEST for the security administrator to implement to most efficiently assist with this issue?
A network technician is setting up a segmented network that will utilize a separate ISP to provide wireless access to the public area for a company. Which of the following wireless security methods should the technician implement to provide basic accountability for access to the public network?
Wi-Fi Protected Setup
The compute resource center issued smartphones to all first-level and above managers. The managers have the ability to install mobile tools. Which of the following tools should be implemented to control the types of tools the managers install?
A security administrator is reviewing the following network capture: 192.168.20.43:2043 -gt; 10.234.66.21:80
https://www.banksite.comlt;ENTERgt;JoeUsrlt;BackSPACEgt;erPasswordlt;ENTERgt;quot; Which of the following malware is MOST likely to generate the above information?
A security analyst captures forensic evidence from a potentially compromised system for further investigation. The evidence is documented and securely stored to FIRST:
maintain the chain of custody
preserve the data
obtain a legal hold
recover data at a later time
Which of the following BEST describes a network-based attack that can allow an attacker to take full control of a vulnerable host?
A security analyst receives a notification from the IDS after working hours, indicating a spike in network traffic. Which of the following BEST describes this type of IDS?
A security analyst reviews the following output:
The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network. After inspecting a large number of files, the SIEM reports the following.
File hash: E289F21CD33E4F57890DDEA5CF267ED2
File found: somestuff.xls, somefile.pdf, nofile.doc
Which of the following is the MOST likely cause of the hash being found in other areas?
Jan Smith is an insider threat.
There are MD5 has collisions
The file is encrypted.
Shadow copies are present.
A company#39;s loss control department identifies theft as a recurring loss type over the past year. Based on the department#39;s report, the Chief information Office (CIO) wants to detect theft of datacenter equipment. Which of the following controls should be implemented?