A network technician was tasked to respond to a compromised workstation. The technician documented the scene, took the machine offline, and left the PC under a cubicle overnight.
Which of the following steps of incident handling has been incorrectly performed? occurred. A well-prepared organization will have process and procedures that are used when an incident occurs. authorities when required by policy or law. The chain of custody also includes documentation of the scene, preserve all forms of evidence and data when litigation is expected. The preservation of the evidence, data, and details is referred to as legal hold.

Ann, a network technician, was asked to remove a virus. Issues were found several levels deep within the directory structure. To ensure the virus has not infected the .mp4 files in the directory, she views one of the files and believes it contains illegal material.
Which of the following forensics actions should Ann perform? authorities when required by policy or law.

Which of the following is a security benefit gained from setting up a guest wireless network? provide Internet access for guest users. The corporate resources would be inaccessible (isolated) from the guest network.

Which of the following types of network would be set up in an office so that customers could access the Internet but not be given access to internal resources such as printers and servers? provide Internet access for guest users.

The ability to make access decisions based on an examination of Windows registry settings, antivirus software, and AD membership status is an example of which of the following NAC features? device seeking admission, rather than just checking user credentials. For example, a client’s OS, Windows requirements before allowing the client to access a network.

A technician is installing a surveillance system for a home network. The technician is unsure which ports need to be opened to allow remote access to the system.
Which of the following should the technician perform? opened for remote access. and the outside public network. It prevents outside users from getting direct access to a server that has company data. A DMZ often contains servers that should be accessible from the public Internet.

A firewall ACL is configured as follows:
10. Deny Any Trust to Any DMZ eq to TCP port 22
11. Allow 10.200.0.0/16 to Any DMZ eq to Any
12. Allow 10.0.0.0/8 to Any DMZ eq to TCP ports 80, 443
13. Deny Any Trust to Any DMZ eq to Any
A technician notices that users in the 10.200.0.0/16 network are unable to SSH into servers in the DMZ. The company wants 10.200.0.0/16 to be able to use any protocol, but restrict the rest of the 10.0.0.0/8 subnet to web browsing only.
Reordering the ACL in which of the following manners would meet the company’s objectives?

A technician is setting up a computer lab. Computers on the same subnet need to communicate with each other using peer to peer communication.
Which of the following would the technician MOST likely configure? firewall would be the most cost effective in a lab scenario.

A technician needs to install software onto company laptops to protect local running services, from external threats.
Which of the following should the technician install and configure on the laptops if the threat is network based?

Which of the following physical security controls prevents an attacker from gaining access to a network closet? magnetic stripe cards such as credit cards and “contact” type smart cards. The proximity cards are part of the encoded number.