Daniel who works as a network administrator has just deployed an in his organizations network. He wants to calculate the False Positive rate for his implementation. Which of the following formulas will he use to calculate the False Positive rate?
Which type of training can create awareness among employees regarding compliance issues?
Which of the following Event Correlation Approach checks and compares all the fields systematically and intentionally for positive and negative correlation with each other to determine the correlation across one or
multiple fields?
Which type of information security policy addresses the implementation and configuration of technology and user behavior?
Mark is monitoring the network traffic on his organization’s network. He wants to detect TCP and UDP ping sweeps on his network. Which type of filter will be used to detect this?
Which of the following helps in viewing account activity and events for supported services made by AWS?
Identify the attack where an attacker manipulates or tricks people into revealing their confidential details like bank account information, credit card details, etc.?
Which firewall technology can filler application-specific commands such as CET and POST requests?
An administrator wants to monitor and inspect large amounts of traffic and detect unauthorized attempts from inside the organization, with the help of an IDS. They are not able to
recognize the exact location to deploy the IDS sensor. Can you help him spot the location where the IDS sensor should be placed?
Which of the following indicators refers to potential risk exposures that attackers can use to breach the security of an organization?
Which of the following manages the Docker images, containers, networks, and storage volume and processes the request of Docker API?
A CCTV camera, which can be accessed on the smartphone from a remote location, is an example of _____
Which type of modulation technique is used in local area wireless networks (LAWNs)?
Which of the following provides enhanced password protection, secured loT connections, and encompasses stronger encryption techniques?
An employee of a medical service company clicked a malicious link in an email sent by an attacker. Suddenly, employees of the company are not able to access billing information or client record as it is
encrypted. The attacker asked the company to pay money for gaining access to their data. Which type of malware attack is described above?
James wants to implement certain control measures to prevent denial-of-service attacks against the organization. Which of the following control measures can help James?
Oliver is a Linux security administrator at an MNC. An employee named Alice has resigned from his organization and Oliver wants to disable this user in Ubuntu. Which of the following commands can be used to accomplish this?
A VPN Concentrator acts as a bidirectional tunnel endpoint among host machines. What are the other f unction(s) of the device? (Select all that apply)
Katie has implemented the RAID level that split data into blocks and evenly write the data to multiple hard drives but does not provide data redundancy. This type of RAID level requires a minimum of________in order to
setup.
John is the Vice-President of a BPO. He wants to implement a policy allowing employees to use and manage devices purchased by the organization but restrict the use of the device for business use only. Which among the following policies does John want to implement?
Which of the following network security protocols protects from sniffing attacks by encrypting entire communication between the clients and server including user passwords?
John wants to implement a packet filtering firewall in his organization's network. What TCP/IP layer does a packet filtering firewall work on?
-----------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)
A network designer needs to submit a proposal for a company, which has just published a web
portal for its clients on the internet. Such a server needs to be isolated from the internal network,
placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with
three interfaces, one for the internet network, another for the DMZ server farm and another for the
internal network. What kind of topology will the designer propose?
Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?
A popular e-commerce company has recently received a lot of complaints from its customers. Most
of the complaints are about the customers being redirected to some other website when trying to
access the e-com site, leading to all their systems being compromised and corrupted. Upon
investigation, the network admin of the firm discovered that some adversary had manipulated the
company’s IP address in the domain name server’s cache. What is such an attack called?
Alex is administrating the firewall in the organization's network. What command will he use to check the ports applications open?
John, the network administrator and he wants to enable the NetFlow feature in Cisco routers to collect and monitor the IP network traffic passing through the router. Which command will John use to enable NetFlow on
an interface?
You are tasked to perform black hat vulnerability assessment for a client. You received official written permission to work with: company site, forum, Linux server with LAMP, where this site is hosted.
Which vulnerability assessment tool should you consider using?
Identify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware.
Based on which of the following registry key, the Windows Event log audit configurations are recorded?
Which of the following VPN topologies establishes a persistent connection between an organization's main office and its branch offices using a third-party network or the Internet?
An attacker uses different types of password cracking techniques to crack the password and gain unauthorized access to a system. An attacker uses a file containing a list of commonly used passwords. They then
upload this file into the cracking application that runs against the user accounts. Which of the following password cracking techniques is the attacker trying?
John, who works as a team lead in Zen Technologies, found that his team members were accessing social networking sites, shopping sites and watching movies during office hours. He approached the
network admin to block such websites. What kind of network security device can be used to implement John’s decision?
Syslog and SNMP are the two main _______ protocols through which log records are transferred.
Daniel is giving training on designing and implementing a security policy in the organization. He is explaining the hierarchy of the security policy which demonstrates how policies are drafted, designed and implemented.
What is the correct hierarchy for a security policy implementation?
Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system?
Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. Which step should Malone list as the last step in the incident response methodology?
Identify the type of event that is recorded when an application driver loads successfully in Windows.
Sam wants to implement a network-based IDS in the network. Sam finds out the one IDS solution which works is based on patterns matching. Which type of network-based IDS is Sam implementing?
The Circuit-level gateway firewall technology functions at which of the following OSI layer?
If an organization has decided to consume PaaS Cloud service model, then identify the organization's responsibility that they need to look after based on shared responsibility model.
Which of the following creates passwords for individual administrator accounts and stores them in Windows AD?
Identify the firewall technology that monitors the TCP handshake between the packets to determine whether a requested session is legitimate.
Which of the following includes examining the probability, impact status, and exposure of risk?
Which scan attempt can penetrate through a router and a firewall that filter incoming packets with particular flags set and is not supported by Windows?
John is a network administrator and is monitoring his network traffic with the help of Wireshark. He suspects that someone from outside is making a TCP OS fingerprinting attempt on his organization's network. Which
of the following Wireshark filter(s) will he use to locate the TCP OS fingerprinting attempt?
During a security awareness program, management was explaining the various reasons which create threats to network security. Which could be a possible threat to network security?
As a network administrator, you have implemented WPA2 encryption in your corporate wireless network. The WPA2's_________integrity check mechanism provides security against a replay attack
You are using Wireshark to monitor your network traffic and you see a lot of packages with FIN,
PUSH and URG flags activated; what can you infer about this behavior?
Liza was told by her network administrator that they will be implementing IPsec VPN tunnels to connect the branch locations to the main office. What layer of the OSI model do IPsec tunnels function on?
Jason has set a firewall policy that allows only a specific list of network services and denies everything else. This strategy is known as a ____________.
Geon Solutions INC., had only 10 employees when it started. But as business grew, the organization had to increase the amount of staff. The network administrator is finding it difficult to accommodate an increasing
number of employees in the existing network topology. So the organization is planning to implement a new topology where it will be easy to accommodate an increasingnumber of employees. Which network topology
will help the administrator solve the problem of needing to add new employees and expand?
Which antenna's characteristic refer to the calculation of radiated in a particular direction. It is generally the ratio of radiation intensity in a given direction to the average radiation intensity?
Which among the following control and manage the communication between VNF with computing, storage, and network resources along with virtualization?
Physical access controls help organizations monitor, record, and control access to the information assets and facility. Identify the category of physical security controls which includes security labels and
warning signs.
Kelly is taking backups of the organization's data. Currently, he is taking backups of only those files which are created or modified after the last backup. What type of backup is Kelly using?
Xenon is a leading real estate firm located in Australia. Recently, the company had decided a bid
amount for a prestigious construction project and was sure of being awarded the project. Unfortunately,
the company lost the tender to one of its competitors. A few days later, while performing a network
scan, the network admin identified that somebody had captured the confidential e-mails conversions
related to the tender. Upon further investigation, the admin discovered that one of the switch ports was
left open and an employee had plugged into the network using an Ethernet cable.
Which attack did the employee perform in the above situation?
Frank is a network technician working for a medium-sized law firm in Memphis. Frank and two other IT employees take care of all the technical needs for the firm. The firm's partners have asked that a secure wireless
network be implemented in the office so employees can move about freely without being tied to a network cable. While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3, they are not familiar
with how to setup wireless in a business environment. What IEEE standard should Frank and the other IT employees follow to become familiar with wireless?
Which type of wireless network attack is characterized by an attacker using a high gain amplifier from a nearby location to drown out the legitimate access point signal?
Bankofamerica Enterprise is working on an internet and usage policy in a way to control the
internet demand. What group of policy does this belong to?
Chris is a senior network administrator. Chris wants to measure the Key Risk Indicator (KRI) to assess the organization. Why is Chris calculating the KRI for his organization? It helps Chris to:
Which technique is used in RAID level 0 where the data is split into blocks and written evenly across multiple disks?
Kyle is an IT consultant working on a contract for a large energy company in Houston. Kyle was hired on to do contract work three weeks ago so the company could prepare for an external IT security audit. With
suggestions from upper management, Kyle has installed a network-based IDS system. This system checks for abnormal behavior and patterns found in network traffic that appear to be dissimilar from the traffic
normally recorded by the IDS. What type of detection is this network-based IDS system using?
Which of the Windows security component is responsible for controlling access of a user to Windows resources?
Which of the following is a data destruction technique that protects the sensitivity of information against a laboratory attack where an unauthorized individual uses signal processing recovery tools in a laboratory environment to recover the information?
Which of the following things need to be identified during attack surface visualization?
Which authentication technique involves mathematical pattern-recognition of the colored part of the eye behind the cornea?
Alex is administrating the firewall in the organization's network. What command will he use to check all the remote addresses and ports in numerical form?
Jeanne is working as a network administrator in an IT company. She wants to control/limit container
access to CPU, memory, swap, block IO (rates), network. Which Linux kernel feature allows Jeanne to
manage, restrict, and audit groups of the process?
James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep
attack. Which of the following Wireshark filters will he use?
John has planned to update all Linux workstations in his network. The organization is using various Linux distributions including Red hat, Fedora and Debian. Which of following commands will he use to
update each respective Linux distribution?
XX
Identify the Password Attack Technique in which the adversary attacks cryptographic hash functions based on the probability, that if a hashing process is used for creating a key, then the same is
used for other keys?
Larry is responsible for the company's network consisting of 300 workstations and 25 servers. After using a hosted email service for a year, the company wants to control the email internally. Larry likes this idea because
it will give him more control over the email. Larry wants to purchase a server for email but does not want the server to be on the internal network due to the potential to cause security risks. He decides to place the server
outside of the company's internal firewall. There is another firewall connected directly to the Internet that will protect traffic from accessing the email server. The server will be placed between the two firewalls. What
logical area is Larry putting the new email server into?
Implementing access control mechanisms, such as a firewall, to protect the network is an example of which of the following network defense approach?
Which of the following defines the extent to which an interruption affects normal business operations and the amount of revenue lost due to that interruption?
Which firewall can a network administrator use for better bandwidth management, deep packet inspection, and Hateful inspection?
_______________ is a structured and continuous process which integrates information security
and risk management activities into the system development life cycle (SDLC).
Sam, a network administrator is using Wireshark to monitor the network traffic of the organization. He wants to detect TCP packets with no flag set to check for a specific attack attempt. Which filter will he use to view
the traffic?
Smith is an IT technician that has been appointed to his company's network vulnerability assessment team. He is the only IT employee on the team. The other team members include employees from Accounting,
Management, Shipping, and Marketing. Smith and the team members are having their first meeting to discuss how they will proceed. What is the first step they should do to create the network vulnerability assessment
plan?
------------is a group of broadband wireless communications standards for Metropolitan Area Networks (MANs)
Andrew would like to configure IPsec in a manner that provides confidentiality for the content of packets. What component of IPsec provides this capability?
Which Internet access policy starts with all services blocked and the administrator enables safe and necessary services individually, which provides maximum security and logs everything, such as system
and network activities?
Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an _______ for legal
advice to defend them against this allegation.
A company wants to implement a data backup method which allows them to encrypt the data ensuring its security as well as access at any time and from any location. What is the appropriate backup method that
should be implemented?