Correct
5
Question
The security administrator for a large organization receives numerous alerts from a network-based intrusion detection system (NIDS) of a possible worm infection spreading through the network via network shares. Before taking any drastic action to solve this problem such as blocking file sharing, what should first be done?
Correct
Which statement regarding vulnerability appraisal is NOT true?
CORRECT
Which of the following is NOT a risk associated with the use of private data?
CORRECT
Which of the following is a command-line alternative to Nmap?
CORRECT
Which of the following is NOT a function of a vulnerability scanner?
CORRECT
Which statement regarding a honeypot is NOT true?
CORRECT
Which of these should NOT be classified as an asset?
CORRECT
Which of the following tools is a Linux command-line protocol analyzer?
CORRECT
Which of the following command-line tools tests a connection between two network devices?
CORRECT
Which of the following data sensitivity labels has the lowest level of data sensitivity?
CORRECT
Which of the following is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm?
CORRECT
If a software application aborts and leaves the program open, which control structure is it using?
CORRECT
If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique?
CORRECT
Which of the following data sensitivity labels is the highest level of data sensitivity?
CORRECT
Which of the following must be kept secure as mandated by HIPAA?
CORRECT
Which of the following sends "probes" to network devices and examines the responses to evaluate whether a specific device needs remediation?
CORRECT
Which of the following constructs scenarios of the types of threats that assets can face to learn who the attackers are, why they attack, and what types of attacks may occur?
CORRECT
At what point in a vulnerability assessment would an attack tree be utilized?
CORRECT
Which of the following is NOT true about privacy?
CORRECT
Which of these is NOT a state of a port that can be returned by a port scanner?
CORRECT
Which of the following is NOT an issue raised regarding how private data is gathered and used?
CORRECT
Which of the following is NOT a category of fire suppression systems?
CORRECT
What is the maximum length of time that an organization can tolerate between data backups?
CORRECT
Margaux has been asked to work on the report that will analyze the exercise results with the purpose of identifying strengths to be maintained and weaknesses to be addressed for improvement. What report will she be working on?
CORRECT
Which level of RAID uses disk mirroring and is considered fault-tolerant?
CORRECT
A(n) _____ is always running off its battery while the main power runs the battery charger.
CORRECT
Which of these is NOT a characteristic of a disaster recovery plan (DRP)?
CORRECT
What is the average amount of time that it will take a device to recover from a failure that is not a terminal failure?
CORRECT
An electrical fire like that which would be found in a computer data center is known as what type of fire?
CORRECT
Which of the following can a UPS NOT perform?
CORRECT
Dilma has been tasked with creating a list of potential employees to serve in an upcoming tabletop exercise. Which employees will be on her list?
CORRECT
The chain of _____ documents that the evidence was under strict control at all times and no unauthorized person was given the opportunity to corrupt the evidence.
CORRECT
Which of the following is NOT required for a fire to occur?
CORRECT
What does an incremental backup do?
CORRECT
Which question is NOT a basic question to be asked regarding creating a data backup?
CORRECT
What is the amount of time added to or subtracted from Coordinated Universal Time to determine local time?
CORRECT
When an unauthorized event occurs, what is the first duty of the cyber-incident response team?
CORRECT
Raul has been asked to help develop an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT. What type of planning is this?
CORRECT
Which of these is an example of a nested RAID?
CORRECT
What does the abbreviation RAID represent?
CORRECT
Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?
CORRECT
Comments
Post a Comment