Free Cram & Latest Exams Dumps

NO.276 An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance’s vulnerable state?

NO.277 In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capacity demand.
Which of the following characteristics BEST describes what the CIO has requested?

NO.278 Which of the following controls does a mantrap BEST represent?

NO.279 A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the
MOST likely risk in this situation?

NO.280 An administrator intends to configure an IPSec solution that provides ESP with integrity protection, but not confidentiality protection. Which of the following AES modes of operation would meet this integrity-only requirement?

NO.281 A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.
INSTRUCTIONS
Please click on the below items on the network diagram and configure them accordingly:
* WAP
* DHCP Server
* AAA Server
* Wireless Controller
* LDAP Server
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

NO.282 A company is performing an analysis of the corporate enterprise network with the intent of identifying any one system, person, function, or service that, when neutralized, will cause or cascade disproportionate damage to the company’s revenue, referrals, and reputation. Which of the following is an element of the BIA that this action is addressing?

NO.283 A system’s administrator has finished configuring firewall ACL to allow access to a new web answer.

The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server:

The company’s internal auditor issues a security finding and requests that immediate action be taken.
With which of the following is the auditor MOST concerned?

NO.284 A company is performing an analysis of which corporate units are most likely to cause revenue loss in the event the unit is unable to operate. Which of the following is an element of the BIA that this action is addressing?

NO.285 Which of the following serves to warn users against downloading and installing pirated software on company devices?

NO.286 A network administrator was provided the following output from a vulnerability scan.

The network administrator has been instructed to prioritize remediation efforts based on overall risk to the enterprise Which of the following plugin IDs should be remediated FIRST?

NO.287 A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

NO.288 A security engineer is configuring a wireless network with EAP-TLS. Which of the following activities is a requirement for this configuration?

NO.289 During a forensic investigation, which of the following must be addressed FIRST according to the order of volatility?

NO.290 An audit takes place after company-wide restricting, in which several employees changed roles. The following deficiencies are found during the audit regarding access to confidential data:

Which of the following would be the BEST method to prevent similar audit findings in the future?

NO.291 A network administrator has been alerted that web pages are experiencing long load times. After determining it is not a routing or DNS issue, the administrator logs in to the router, runs a command, and receives the following output:

Which of the following is the router experiencing?

NO.292 Task: Determine the types of attacks below by selecting an option from the dropdown list.

NO.293 Drag and drop the correct protocol to its default port.

NO.294 A bank requires tellers to get manager approval when a customer wants to open a new account.
A recent audit shows that there have been four cases in the previous year where tellers opened accounts without management approval. The bank president thought separation of duties would prevent this from happening. In order to implement a true separation of duties approach the bank could:

NO.295 A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

NO.296 A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

NO.297 Which of the following is an important step to take BEFORE moving any installation packages from a test environment to production?

NO.298 A security administrator receives an alert from a third-party vendor that indicates a certificate that was installed in the browser has been hijacked at the root of a small public CA.
The security administrator knows there are at least four different browsers in use on more than a thousand computers in the domain worldwide. Which of the following solution would be BEST for the security administrator to implement to most efficiently assist with this issue?

NO.299 A network administrator is implementing multifactor authentication for employees who travel and use company devices remotely by using the company VPN. Which of the following would provide the required level of authentication?