Question # 1
While troubleshooting a firewall configuration, a technician determines that a “deny
any” policy should be added to the bottom of the ACL. The technician updates the
policy, but the new policy causes several company servers to become unreachable.
Which of the following actions would prevent this issue?
Options:
A.
Documenting the new policy in a change request and submitting the request to change
management
B.
Testing the policy in a non-production environment before enabling the policy in the
production network
C.
Disabling any intrusion prevention signatures on the 'deny any* policy prior to
enabling the new policy
D.
Including an 'allow any1 policy above the 'deny any* policy
Question # 2
An employee receives a text message that appears to have been sent by the payroll
department and is asking for credential verification. Which of the following social
engineering techniques are being attempted? (Choose two.)
Options:
A.
Typosquatting
,B.
Phishing
C.
Impersonation
D.
Vishing
E.
Smishing
F.
Misinformation
Question # 3
A security analyst is reviewing alerts in the SIEM related to potential malicious
network traffic coming from an employee’s corporate laptop. The security analyst has
determined that additional data about the executable running on the machine is
necessary to continue the investigation. Which of the following logs should the
analyst use as a data source?
Options:
A.
Application
B.
IPS/IDS
C.
Network
D.
Endpoint
Question # 4
, A company prevented direct access from the database administrators’ workstations to
the network segment that contains database servers. Which of the following should a
database administrator use to access the database servers?
Options:
A.
Jump server
B.
RADIUS
C.
HSM
D.
Load balancer
Question # 5
Which of the following allows for the attribution of messages to individuals?
Options:
A.
Adaptive identity
B.
Non-repudiation
C.
Authentication
D.
Access logs
Question # 6
The management team notices that new accounts that are set up manually do not
always have correct access or permissions.
While troubleshooting a firewall configuration, a technician determines that a “deny
any” policy should be added to the bottom of the ACL. The technician updates the
policy, but the new policy causes several company servers to become unreachable.
Which of the following actions would prevent this issue?
Options:
A.
Documenting the new policy in a change request and submitting the request to change
management
B.
Testing the policy in a non-production environment before enabling the policy in the
production network
C.
Disabling any intrusion prevention signatures on the 'deny any* policy prior to
enabling the new policy
D.
Including an 'allow any1 policy above the 'deny any* policy
Question # 2
An employee receives a text message that appears to have been sent by the payroll
department and is asking for credential verification. Which of the following social
engineering techniques are being attempted? (Choose two.)
Options:
A.
Typosquatting
,B.
Phishing
C.
Impersonation
D.
Vishing
E.
Smishing
F.
Misinformation
Question # 3
A security analyst is reviewing alerts in the SIEM related to potential malicious
network traffic coming from an employee’s corporate laptop. The security analyst has
determined that additional data about the executable running on the machine is
necessary to continue the investigation. Which of the following logs should the
analyst use as a data source?
Options:
A.
Application
B.
IPS/IDS
C.
Network
D.
Endpoint
Question # 4
, A company prevented direct access from the database administrators’ workstations to
the network segment that contains database servers. Which of the following should a
database administrator use to access the database servers?
Options:
A.
Jump server
B.
RADIUS
C.
HSM
D.
Load balancer
Question # 5
Which of the following allows for the attribution of messages to individuals?
Options:
A.
Adaptive identity
B.
Non-repudiation
C.
Authentication
D.
Access logs
Question # 6
The management team notices that new accounts that are set up manually do not
always have correct access or permissions.
