The help desk has received calls from users in multiple locations who are unable to access core network services The network team has identified and turned off the network switches using remote commands. Which of the following actions should the network team take NEXT?
A. Disconnect all external network connections from the firewall
B. Send response teams to the network switch locations to perform updates
C. Turn on all the network switches by using the centralized management software
D. Initiate the organization's incident response plan.
A network administrator at a large organization is reviewing methods to improve the security of the wired LAN. Any security improvement must be centrally managed and allow corporate-owned devices to have access to the intranet but limit others to Internet access only. Which of the following should the administrator recommend?
A. 802.1X utilizing the current PKI infrastructure
B. SSO to authenticate corporate users
C. MAC address filtering with ACLS on the router
D. PAM for user account management
A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following:
1.
The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP
2.
The forged website's IP address appears to be 10.2.12.99. based on NetFtow records
3.
AH three at the organization's DNS servers show the website correctly resolves to the legitimate IP
4.
DNS query logs show one of the three DNS servers returned a result of 10.2.12.99 (cached) at the approximate time of the suspected compromise.
Which of the following MOST likely occurred?
A. A reverse proxy was used to redirect network traffic
B. An SSL strip MITM attack was performed
C. An attacker temporarily pawned a name server
D. An ARP poisoning attack was successfully executed
Which of the following are requirements that must be configured for PCI DSS compliance? (Select TWO).
A. Testing security systems and processes regularly
B. Installing and maintaining a web proxy to protect cardholder data
C. Assigning a unique ID to each person with computer access
D. Encrypting transmission of cardholder data across private networks
E. Benchmarking security awareness training for contractors
F. Using vendor-supplied default passwords for system passwords
Which of the following is the MOST effective way to detect security flaws present on third- party libraries embedded on software before it is released into production?
A. Employ different techniques for server- and client-side validations.
B. Use a different version control system for third-party libraries.
C. Implement a vulnerability scan to assess dependencies earlier on SDLC.
D. Increase the number of penetration tests before software release.
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?
A. The document is a honeyfile and is meant to attract the attention of a cyberintruder.
B. The document is a backup file if the system needs to be recovered.
C. The document is a standard file that the OS needs to verify the login credentials.
D. The document is a keylogger that stores all keystrokes should the account be compromised.
Certain users are reporting their accounts are being used to send unauthorized emails and conduct suspicious activities After further investigation, a security analyst notices the following
1.
All users share workstations throughout the day
2.
Endpoint protection was disabled on several workstations throughout the network.
3.
Travel times on logins from the affected users are impossible
4.
Sensitive data is being uploaded to external sites
5.
All usee account passwords were forced lo be reset and the issue continued
Which of the following attacks is being used to compromise the user accounts?
A. Brute-force
B. Keylogger
C. Dictionary
D. Rainbow
Which of the following security design features can an development team to analyze the deletion eoting Of data sets the copy?
A. Stored procedures
B. Code reuse
C. Version control
D. Continunus
Which of the following best describes a use case for a DNS sinkhole?
A. Attackers can see a DNS sinkhole as a highly valuable resource to identify a company's domain structure.
B. A DNS sinkhole can be used to draw employees away from known-good websites to malicious ones owned by the attacker.
C. A DNS sinkhole can be used to capture traffic to known-malicious domains used by attackers.
D. A DNS sinkhole can be set up to attract potential attackers away from a company's network resources.
Which of the following best describes the process of adding a secret value to extend the length of stored passwords?
A. Hashing
B. Quantum communications
C. Salting
D. Perfect forward secrecy