The following has been discovered in an internally developed application:

Error – Memory allocated but not freed:
char *myBuffer = malloc(BUFFER_SIZE);
if (myBuffer != NULL) {
*myBuffer = STRING_WELCOME_MESSAGE;
printf(“Welcome to: %s\\n”, myBuffer);
}

exit(0);
Which of the following security assessment methods are likely to reveal this security weakness? (Select TWO).

An organization recently upgraded its wireless infrastructure to support 802.1x and requires all clients to use this method. After the upgrade, several critical wireless
clients fail to connect because they are only pre-shared key compliant. For the foreseeable future, none of the affected clients have an upgrade path to put them
into compliance with the 802.1x requirement. Which of the following provides the MOST secure method of integrating the non-compliant clients into the network?

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:
Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0
Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0
Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0
All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interface’s MAC is 00-01-42-32-ab-1a
A packet capture shows the following:
09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:08:10.937590 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2305, seq 1, length

65534
09:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2306, seq 2, length 65534
09:08:10.937592 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2307, seq 3, length 65534
Which of the following is occurring on the network?

Which of the following would be used in forensic analysis of a compromised Linux system? (Select THREE).

The latest independent research shows that cyber attacks involving SCADA systems grew an average of 15% per year in each of the last four years, but that this
year’s growth has slowed to around 7%. Over the same time period, the number of attacks against applications has decreased or stayed flat each year. At the start
of the measure period, the incidence of PC boot loader or BIOS based attacks was negligible. Starting two years ago, the growth in the number of PC boot loader
attacks has grown exponentially. Analysis of these trends would seem to suggest which of the following strategies should be employed?

An administrator has enabled salting for users’ passwords on a UNIX box. A penetration tester must attempt to retrieve password hashes. Which of the following
files must the penetration tester use to eventually obtain passwords on the system? (Select TWO).

A user is suspected of engaging in potentially illegal activities. Law enforcement has requested that the user continue to operate on the network as normal.
However, they would like to have a copy of any communications from the user involving certain key terms. Additionally, the law enforcement agency has requested
that the user’s ongoing communication be retained in the user’s account for future investigations. Which of the following will BEST meet the goals of law

enforcement?

A recently hired security administrator is advising developers about the secure integration of a legacy in-house application with a new cloud based processing
system. The systems must exchange large amounts of fixed format data such as names, addresses, and phone numbers, as well as occasional chunks of data in
unpredictable formats. The developers want to construct a new data format and create custom tools to parse and process the data. The security administrator
instead suggests that the developers:

A security analyst, Ann, states that she believes Internet facing file transfer servers are being attacked. Which of the following is evidence that would aid Ann in
making a case to management that action needs to be taken to safeguard these servers?

A pentester must attempt to crack passwords on a windows domain that enforces strong complex passwords. Which of the following would crack the MOST
passwords in the shortest time period?