Which of the following represents the BEST approach to gathering the required data?
A security technician wishes to gather and analyze all Web traffic during a particular time period.
Which of the following represents the BEST approach to gathering the required data?
Which of the following would accomplish this task?
A security administrator suspects that an increase in the amount of TFTP traffic on the network is
due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic. Which
of the following would accomplish this task?
Which of the following provides the highest degree of protection from unauthorized wired network access?
A company determines a need for additional protection from rogue devices plugging into physical
ports around the building. Which of the following provides the highest degree of protection from
unauthorized wired network access?
Which of the following technologies should be recommended to detect such anomalies?
The Chief Technical Officer (CTO) is worried about an increased amount of malware detected on
end user’s workstations. Which of the following technologies should be recommended to detect
such anomalies?
Which of the following types of IDS has been deployed?
The network security engineer just deployed an IDS on the network, but the Chief Technical
Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the
following types of IDS has been deployed?
Which of the following is the BEST method to deter employees from the improper use of the company’s informat
Joe, a newly hired employee, has a corporate workstation that has been compromised due to
several visits to P2P sites. Joe insisted that he was not aware of any company policy that prohibits
the use of such web sites. Which of the following is the BEST method to deter employees from the
improper use of the company’s information systems?
which of the following is likely to be an issue with this incident?
A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been
removed from the network and an image of the hard drive has been created. However, the system
administrator stated that the system was left unattended for several hours before the image was
created. In the event of a court case, which of the following is likely to be an issue with this
incident?
Which of the following stages of the Incident Handling process is the team working on?
The Chief Technical Officer (CTO) has tasked The Computer Emergency Response Team (CERT)
to develop and update all Internal Operating Procedures and Standard Operating Procedures
documentation in order to successfully respond to future incidents. Which of the following stages
of the Incident Handling process is the team working on?
Which of the following is the MOST secure method to dispose of these hard drives?
Company XYZ recently salvaged company laptops and removed all hard drives, but the Chief
Information Officer (CIO) is concerned about disclosure of confidential information. Which of the
following is the MOST secure method to dispose of these hard drives?
which of the following phases of the Incident Response process should a security administrator define and impl
During which of the following phases of the Incident Response process should a security
administrator define and implement general defense against malware?