Free certification test prep

NO.46 A security analyst discovers a vulnerability on an unpatched web server that is used for testing machine learning on Bing Data sets. Exploitation of the vulnerability could cost the organization $1.5 million in lost productivity. The server is located on an isolated network segment that has a 5% chance of being compromised. Which of the following is the value of this risk?

NO.47 A security analyst needs to identify possible threats to a complex system a client is developing. Which of the following methodologies would BEST address this task?

NO.48 A cybersecurity analyst is responding to an incident. The company’s leadership team wants to attribute the incident to an attack group. Which of the following models would BEST apply to the situation?

NO.49 A security analyst is trying to determine if a host is active on a network. The analyst first attempts the following:

The analyst runs the following command next:

Which of the following would explain the difference in results?

NO.50 A security analyst suspects a malware infection was caused by a user who downloaded malware after clicking
http://<malwaresource>/a.php in a phishing email.
To prevent other computers from being infected by the same malware variation, the analyst should create a rule on the.

NO.51 A security analyst has been alerted to several emails that show evidence an employee is planning malicious activities that involve employee PII on the network before leaving the organization. The security analyst’s BEST response would be to coordinate with the legal department and:

NO.52 After a breach involving the exfiltration of a large amount of sensitive data a security analyst is reviewing the following firewall logs to determine how the breach occurred:

Which of the following IP addresses does the analyst need to investigate further?

NO.53 A system administrator is doing network reconnaissance of a company’s external network to determine the vulnerability of various services that are running. Sending some sample traffic to the external host, the administrator obtains the following packet capture:

Based on the output, which of the following services should be further tested for vulnerabilities?

NO.54 A cybersecurity professional wants to determine if a web server is running on a remote host with the IP address 192.168.1.100. Which of the following can be used to perform this task?

NO.55 A development team signed a contract that requires access to an on-premises physical server. Access must be restricted to authorized users only and cannot be connected to the Internet.
Which of the following solutions would meet this requirement?

NO.56 A company has recently launched a new billing invoice website for a few key vendors.
The cybersecurity analyst is receiving calls that the website is performing slowly and the pages sometimes time out.
The analyst notices the website is receiving millions of requests, causing the service to become unavailable.
Which of the following can be implemented to maintain the availability of the website?

NO.57 Which of the following BEST articulates the benefit of leveraging SCAP in an organization’s cybersecurity analysis toolset?

NO.58 A security analyst is investigating a compromised Linux server. The analyst issues the ps command and receives the following output.

Which of the following commands should the administrator run NEXT to further analyze the compromised system?

NO.59 Understanding attack vectors and integrating intelligence sources are important components of:

NO.60 Which of the following BEST describes why vulnerabilities found in ICS and SCADA can be difficult to remediate?

NO.61 An application server runs slowly and then triggers a high CPU alert. After investigating, a security analyst finds an unauthorized program is running on the server. The analyst reviews the application log below.

Which of the following conclusions is supported by the application log?

NO.62 Which of the following is the MOST secure method to perform dynamic analysis of malware that can sense when it is in a virtual environment?

NO.63 A security analyst is supporting an embedded software team. Which of the following is the BEST recommendation to ensure proper error handling at runtime?

NO.64 A red team actor observes it is common practice to allow cell phones to charge on company computers, but access to the memory storage is blocked. Which of the following are common attack techniques that take advantage of this practice? (Choose two.)