Ann, a systems engineer, is working to identify an unknown node on the corporate network. To begin her
investigative work, she runs the following nmap command string:
user@hostname:~$ sudo nmap O 192.168.1.54
Based on the output, nmap is unable to identify the OS running on the node, but the following ports are open on
the device:
TCP/22
TCP/111
TCP/512-514
TCP/2049
TCP/32778
Based on this information, which of the following operating systems is MOST likely running on the unknown
node?

Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security
Officer (CISO) has asked that it be done under a black box methodology.
Which of the following would be the advantage of conducting this kind of penetration test?A. The risk of unplanned server outages is reduced.

An external penetration tester compromised one of the client organization’s authentication servers and retrieved
the password database. Which of the following methods allows the penetration tester to MOST efficiently useany obtained administrative credentials on the client organization’s other systems, without impacting the
integrity of any of the systems?

The Information Security Officer (ISO) believes that the company has been targeted by cybercriminals and it is
under a cyber attack. Internal services that are normally available to the public via the Internet are inaccessible,
and employees in the office are unable to browse the Internet. The senior security engineer starts by reviewing
the bandwidth at the border router, and notices that the incoming bandwidth on the router’s external interface is
maxed out. The security engineer then inspects the following piece of log to try and determine the reason for
the downtime, focusing on the company’s external router’s IP which is 128.20.176.19:
11:16:22.110343 IP 90.237.31.27.19 > 128.20.176.19.19: UDP, length 1400
11:16:22.110351 IP 23.27.112.200.19 > 128.20.176.19.19: UDP, length 1400
11:16:22.110358 IP 192.200.132.213.19 > 128.20.176.19.19: UDP, length 1400
11:16:22.110402 IP 70.192.2.55.19 > 128.20.176.19.19: UDP, length 1400
11:16:22.110406 IP 112.201.7.39.19 > 128.20.176.19.19: UDP, length 1400
Which of the following describes the findings the senior security engineer should report to the ISO and the
BEST solution for service restoration?

Which of the following provides the BEST risk calculation methodology?

The Chief Executive Officer (CEO) of a large prestigious enterprise has decided to reduce business costs by
outsourcing to a third party company in another country. Functions to be outsourced include: business analysts,
testing, software development and back office functions that deal with the processing of customer data. The
Chief Risk Officer (CRO) is concerned about the outsourcing plans. Which of the following risks are MOSTlikely to occur if adequate controls are not implemented?

Which of the following describes a risk and mitigation associated with cloud data storage?

A security administrator is shown the following log excerpt from a Unix system:
2013 Oct 10 07:14:57 web14 sshd[1632]: Failed password for root from 198.51.100.23 port 37914 ssh2
2013 Oct 10 07:14:57 web14 sshd[1635]: Failed password for root from 198.51.100.23 port 37915 ssh2
2013 Oct 10 07:14:58 web14 sshd[1638]: Failed password for root from 198.51.100.23 port 37916 ssh2
2013 Oct 10 07:15:59 web14 sshd[1640]: Failed password for root from 198.51.100.23 port 37918 ssh2
2013 Oct 10 07:16:00 web14 sshd[1641]: Failed password for root from 198.51.100.23 port 37920 ssh2
2013 Oct 10 07:16:00 web14 sshd[1642]: Successful login for root from 198.51.100.23 port 37924 ssh2
Which of the following is the MOST likely explanation of what is occurring and the BEST immediate response?
(Select TWO).

select id, firstname, lastname from authors
User input= firstname= Hack;man
lastname=Johnson
Which of the following types of attacks is the user attempting?