The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the secur
A security analyst is diagnosing an incident in which a system was compromised from an external IP address. The socket identified on the firewall was traced to 207.46.130.0:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection? A. tracert B. netstat C. ping D. […]
Which of the following would a security specialist be able to determine upon examination of a server’s certi
Which of the following would a security specialist be able to determine upon examination of a server’s certificate? A. CA public key B. Server private key C. CSR D. OID
Given the above outputs, which of the following MOST likely happened?
A security administrator has found a hash in the environment known to belong to malware. The administrator then finds this file to be in in the preupdate area of the OS, which indicates it was pushed from the central patch system. File: winx86_adobe_flash_upgrade.exe Hash: 99ac28bede43ab869b853ba62c4ea243 The administrator pulls a report from the patch management system […]
Which of the following account types is the systems administrator using?
A systems administrator is attempting to recover from a catastrophic failure in the datacenter. To recover the domain controller, the systems administrator needs to provide the domain administrator credentials. Which of the following account types is the systems administrator using? A. Shared account B. Guest account C. Service account D. User account
Which of the following would assist Company.com with its goal?
An attacker compromises a public CA and issues unauthorized X.509 certificates for Company.com. In the future, Company.com wants to mitigate the impact of similar incidents. Which of the following would assist Company.com with its goal? A. Certificate pinning B. Certificate stapling C. Certificate chaining D. Certificate with extended validation