NEW QUESTION 1
It is a short-range wireless communication technology intended to replace the cables connecting portables of fixed deviceswhile maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short- range wireless connection.
Which of the following terms best matches the definition?

• A. Bluetooth
• B. Radio-Frequency Identification
• C. WLAN
• D. InfraRed

Answer: A

NEW QUESTION 2
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

• A. PKI
• B. biometrics
• C. SOA
• D. single sign on

Answer: A

NEW QUESTION 3
Your company was hired by a small healthcare provider to perform a technical assessment on the network.
What is the best approach for discovering vulnerabilities on a Windows-based computer?

• A. Use the built-in Windows Update tool
• B. Create a disk imageof a clean Windows installation
• C. Check MITRE.org for the latest list of CVE findings
• D. Used a scan tool like Nessus

Answer: D

NEW QUESTION 4
Nation-state threat actors often discover vulnerabilitiesand hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack because it used four types of this vulnerability.
What is this style of attack called?

• A. zero-hour
• B. no-day
• C. zero-day
• D. zero-sum

Answer: C

NEW QUESTION 5
Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document.Upon execution, a windows appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATAlocal directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?

• A. Trojan
• B. Worm
• C. Key-Logger
• D. Micro Virus

Answer: A

NEW QUESTION 6
An incident investigator asks to receive a copy of the event from all firewalls, prosy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up.
What is the most likely cause?

• A. The network devices are not all synchronized
• B. The securitybreach was a false positive.
• C. The attack altered or erased events from the logs.
• D. Proper chain of custody was not observed while collecting the logs.

Answer: C

NEW QUESTION 7
Which of the following is not a Bluetooth attack?

• A. Bluejacking
• B. Bluedriving
• C. Bluesnarfing
• D. Bluesmaking

Answer: B

NEW QUESTION 8
Which of the following is component of a risk assessment?

• A. Logical interface
• B. DMZ
• C. Administrative safeguards
• D. Physical security

Answer: C

NEW QUESTION 9
Which of the following statements regarding ethical hacking is incorrect?

• A. Testing should be remotely performed offsite.
• B. Ethical hackers should never use tools that have potential of exploiting vulnerabilities in theorganizations IT system.
• C. Ethical hacking should not involve writing to or modifying the target systems.
• D. An organization should use ethical hackers who do not sell hardware/software or other consulting services.

Answer: B

NEW QUESTION 10
During a blackbox pen test you attempt to pass IRC traffic over post 80/TCP from a compromised web enabled host. The traffic gets blocked; however outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?

• A. Circuit
• B. Packet Filtering
• C. Application
• D. Stateful

Answer: C

NEW QUESTION 11
An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is most likely able to handle this requirement?

• A. DIAMETER
• B. Kerberos
• C. RADIUS
• D. TACACS+

Answer: D

NEW QUESTION 12
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shallscript files, and the third is a binary file is named “nc.” The FTP server’s access logs show that the anonymous user account logged in the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function providedby the FTP server’s software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.
Which kind of vulnerability must be present to make this remote attack possible?

• A. Filesystem permissions
• B. Brute Force Login
• C. Privilege Escalation
• D. Directory Traversal

Answer: D

NEW QUESTION 13
Session splicing is an IDS evasiontechnique in which an attacker delivers data in multiple, smallsized packets to the target computer, making it very difficult for an IDS to detect the attack signatures.
Which tool can used to perform session splicing attacks?

• A. Hydra
• B. Burp
• C. Whisker
• D. Tcpsplice

Answer: C

NEW QUESTION 14
The network administrator contacts you and tells you that she noticed the temperature on the internal wireless router increases by more than 20% during weekend hours when the office was closed. She asks you to investigate the issue because she is busy dealing with a big conference and she doesn’t have time to perform the task.
What tool can you use to view the network traffic being sent and received by the wireless router?

• A. Netcat
• B. Wireshark
• C. Nessus
• D. Netstat

Answer: B

NEW QUESTION 15
Which of the following is a design pattern based on distinct pieces ofsoftware providing application functionality as services to other applications?

• A. Lean Coding
• B. Service Oriented Architecture
• C. Object Oriented Architecture
• D. Agile Process

Answer: B

NEW QUESTION 16
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

• A. ESP confidential
• B. AH Tunnel mode
• C. ESP transport mode
• D. AH permiscuous

Answer: C

NEW QUESTION 17
A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?

• A. Move the financial data to another server on the same IP subnet
• B. Place a front-end web server in a demilitarized zone that only handles external web traffic
• C. Issue new certificates to the web servers from the root certificate authority
• D. Require all employees to change their passwords immediately

Answer: A

NEW QUESTION 18
A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?

• A. Mitigate
• B. Avoid
• C. Accept
• D. Delegate

Answer: D

NEW QUESTION 19
Which of the following is a protocol specifically designed for transporting event messages?

• A. SMS
• B. SNMP
• C. SYSLOG
• D. ICMP

Answer: C

NEW QUESTION 20
What is the process of logging, recording, and resolving events that take place in an organization?

• A. Metrics
• B. Security Policy
• C. Internal Procedure
• D. Incident Management Process

Answer: D