Which of the following attacks did the security consultant use?
A corporate wireless guest network uses an open SSID with a captive portal to authenticate guest
users. Guests can obtain their portal password at the service desk. A security consultant alerts the
administrator that the captive portal is easily bypassed, as long as one other wireless guest user is
on the network. Which of the following attacks did the security consultant use?
Which of the following wireless protocols should be implemented?
A company requires that all wireless communication be compliant with the Advanced encryption
standard. The current wireless infrastructure implements WEP + TKIP. Which of the following
wireless protocols should be implemented?
Which of the following is the FIRST step in responding to scan results?
A security analyst, while doing a security scan using packet c capture security tools, noticed large
volumes of data images of company products being exfiltrated to foreign IP addresses. Which of
the following is the FIRST step in responding to scan results?
Which of the following is the MOST likely cause of the warning message?
An administrator deploys a WPA2 Enterprise wireless network with EAP-PEAP-MSCHAPv2. The
deployment is successful and company laptops are able to connect automatically with no user
intervention. A year later, the company begins to deploy phones with wireless capabilities. Users
report that they are receiving a warning when they attempt to connect to the wireless network from
their phones. Which of the following is the MOST likely cause of the warning message?
Which off the following BEST describes this type of attack?
An attacker has gained access to the company’s web server by using the administrator’s
credentials. The attacker then begins to work on compromising the sensitive data on other
servers. Which off the following BEST describes this type of attack?
Which of the following technologies, when deployed, would provide the BEST round the clock automated protectio
A security technician is concerned there4 is not enough security staff available the web servers
and database server located in the DMZ around the clock. Which of the following technologies,
when deployed, would provide the BEST round the clock automated protection?
Which of the following best describes the objectives of succession planning?
Which of the following best describes the objectives of succession planning?
As a part of the download and installation process, the administrator should verify the integrity of the softw
A system administrator wants to use open source software but is worried about the source code
being comprised. As a part of the download and installation process, the administrator should
verify the integrity of the software by:
which of the following would the CSO MOST likely to reduce the number of incidents?
The chief security officer (CSO) has reported a rise in data loss but no break-ins have occurred.
By doing which of the following would the CSO MOST likely to reduce the number of incidents?
Which of the following is being tested?
In an effort to test the effectiveness of an organization’s security awareness training, a penetrator
tester crafted an email and sent it to all of the employees to see how many of them clicked on the
enclosed links. Which of the following is being tested?