Which of the following attack types is the malicious in…
A malicious insider is using an ARP spoofing tool to impersonate the gateway router. Which of the following attack types is the malicious insider implementing?
Which of the following describes the type of applicatio…
An administrator sees the following entry in a system log:
02:23:41 AM Mar 09 2015 www: WARNING: MD5 checksum on file /etc/sudoers has changed. Please update db if this change is expected.
Which of the following describes the type of application that generated this log entry?
To ensure proper authorization for authenticated users …
A company has recently won a classified government contract involving both confidential and restricted information. To ensure proper authorization for
authenticated users and restrict unauthorized users from accessing information above their clearance, the company should establish:
Which of the following, if implemented, has the GREATES…
A security administrator determined that the time required to brute force 90% of the company’s password hashes is below the acceptable threshold. Which of the
following, if implemented, has the GREATEST impact in bringing this time above the acceptable threshold?
Which of the following could be used?
A company is planning to encrypt the files in several sensitive directories of a file server with an asymmetric key. Which of the following could be used?
Which of the following should the administrator do to h…
A security administrator has deployed five additional copies of the same virtualized Linux server to distribute the load of web traffic on the original server. Which of
the following should the administrator do to help security harden these new systems? (Select TWO).
Which of the following scan types is being run on the d…
An assessment team is conducting a vulnerability scan of an organization’s database servers. During the configuration of the vulnerability scanner, the lead
assessor only configures the parameter of the database servers’ IP range, and then runs the vulnerability scanner. Which of the following scan types is being run on
the database servers?
Which of the following should the company implement?
A company must implement management controls to deter system administrators from making unauthorized changes to sensitive systems. Which of the following
should the company implement?
Which of the following is the MOST important security a…
A large retail vendor provides access to a heating, ventilation, and air conditioning vendor for the purpose of issuing billing statements and receiving payments. A
security administrator wants to prevent attackers from using compromised credentials to access the billing system, moving laterally to the point-of-sale (POS)
system, and installing malware to skim credit card data. Which of the following is the MOST important security architecture consideration the retail vendor should
impose?
Which of the following actions would result in the LEAS…
A server technician is about to perform a major upgrade to the operating system of a critical system. This system is currently in a virtualization environment. Which
of the following actions would result in the LEAST amount of downtime if the upgrade were to fail?