問題1
Poor inventory control practices can lead to undetected and potentially catastrophic system exploitation due to:
Poor inventory control practices can lead to undetected and potentially catastrophic system exploitation due to:
正確答案: C
問題2
A security engineer wants to further secure a sensitive VLAN on the network by introducing MFA.
Which of the following is the BEST example of this?
A security engineer wants to further secure a sensitive VLAN on the network by introducing MFA.
Which of the following is the BEST example of this?
正確答案: B
問題3
During incident response procedures, technicians capture a unique identifier for a piece of malware running in memory. This captured information is referred to as:
During incident response procedures, technicians capture a unique identifier for a piece of malware running in memory. This captured information is referred to as:
正確答案: A
問題4
A company needs to fix some audit findings related to its physical security. A key finding was that multiple people could physically enter a location at the same time. Which of the following is the BEST control to address this audit finding?
A company needs to fix some audit findings related to its physical security. A key finding was that multiple people could physically enter a location at the same time. Which of the following is the BEST control to address this audit finding?
正確答案: A
問題5
The exploitation of a buffer-overrun vulnerability in an application will MOST likely lead to:
The exploitation of a buffer-overrun vulnerability in an application will MOST likely lead to:
正確答案: A
問題6
A security analyst is specifying requirements for a wireless network. The analyst must explain the security features provided by various architecture choices.
Which of the following is provided by PEAP, EAP-TLS, and EAP-TTLS?
A security analyst is specifying requirements for a wireless network. The analyst must explain the security features provided by various architecture choices.
Which of the following is provided by PEAP, EAP-TLS, and EAP-TTLS?
正確答案: D
問題7
A company network is currently under attack. Although security controls are in place to stop the attack, the security administrator needs more information about the types of attacks being used. Which of the following network types would BEST help the administrator gather this information?
A company network is currently under attack. Although security controls are in place to stop the attack, the security administrator needs more information about the types of attacks being used. Which of the following network types would BEST help the administrator gather this information?
正確答案: C
問題8
After discovering a buffer overflow vulnerability an application the security analyst needs to report it to the development team leader. Which of the following are MOST to appear m the impact section of the report? (Select TWO).
After discovering a buffer overflow vulnerability an application the security analyst needs to report it to the development team leader. Which of the following are MOST to appear m the impact section of the report? (Select TWO).
正確答案: D,E
問題9
During an audit, the auditor requests to see a copy of the identified mission-critical applications as well as their disaster recovery plans. The company being audited has an SLA around the applications it hosts. With which of the following is the auditor MOST likely concerned?
During an audit, the auditor requests to see a copy of the identified mission-critical applications as well as their disaster recovery plans. The company being audited has an SLA around the applications it hosts. With which of the following is the auditor MOST likely concerned?
正確答案: C
問題10
While testing a new vulnerability scanner, a technician becomes concerned about reports that list security concerns that are not present on the systems being tested. Which of the following BEST describes this flaw?
While testing a new vulnerability scanner, a technician becomes concerned about reports that list security concerns that are not present on the systems being tested. Which of the following BEST describes this flaw?
正確答案: B
問題11
An organization wishes to allow its users to select devices for business use but does not want to overwhelm the service desk with requests for too many different device types and models. Which of the following deployment models should the organization use to BEST meet these requirements?
An organization wishes to allow its users to select devices for business use but does not want to overwhelm the service desk with requests for too many different device types and models. Which of the following deployment models should the organization use to BEST meet these requirements?
正確答案: B
問題12
Which of the following are considered to be "something you do"? (Select TWO).
Which of the following are considered to be "something you do"? (Select TWO).
正確答案: E,F
問題13
A systems administrator is trying to reduce the amount of time backups take every night. Which of the following backup types only includes changes since the most recent backup of any type?
A systems administrator is trying to reduce the amount of time backups take every night. Which of the following backup types only includes changes since the most recent backup of any type?
正確答案: A