NEW QUESTION 1
Which of the following are MOST susceptible to birthday attacks?

• A. Hashed passwords
• B. Digital certificates
• C. Encryption passwords
• D. One time passwords

Answer: A

NEW QUESTION 2
A network technician is trying to determine the source of an ongoing network based attack. Which of the following should the technician use to view IPv4 packet data on a particular internal network segment?

• A. Proxy
• B. Protocol analyzer
• C. Switch
• D. Firewall

Answer: B

NEW QUESTION 3
The firewall administrator is adding a new certificate for the company's remote access solution. The solution requires that the uploaded file contain the entire certificate chain for the certificate to load properly. The administrator loads the company certificate and the root CA certificate into the file. The file upload is rejected. Which of the following is required to complete the certificate chain?

• A. Certificate revocation list
• B. Intermediate authority
• C. Recovery agent
• D. Root of trust

Answer: B

NEW QUESTION 4
Joe is exchanging encrypted email with another party. Joe encrypts the initial email with a key. When Joe receives a response, he is unable to decrypt the response with the same key he used initially. Which of the following would explain the situation?

• A. An ephemeral key was used for one of the messages
• B. A stream cipher was used for the initial email; a block cipher was used for the reply
• C. Out-of-band key exchange has taken place
• D. Asymmetric encryption is being used

Answer: D

Explanation: Asymmetric algorithms use two keys to encrypt and decrypt datA. These asymmetric keys are referred to as the public key and the private key. The sender uses the public key to encrypt a message, and the receiver uses the private key to decrypt the message; what one key does, the other one undoes.

NEW QUESTION 5
A technician has installed new vulnerability scanner software on a server that is joined to the company domain. The vulnerability scanner is able to provide visibility over the patch posture of all company's clients. Which of the following is being used?

• A. Gray box vulnerability testing
• B. Passive scan
• C. Credentialed scan
• D. Bypassing security controls

Answer: A

NEW QUESTION 6
A new Chief Information Officer (CIO) has been reviewing the badging and decides to write a policy that all employees must have their badges rekeyed at least annually. Which of the following controls BEST describes this policy?

• A. Physical
• B. Corrective
• C. Technical
• D. Administrative

Answer: D

NEW QUESTION 7
A security analyst is investigating a security breach. Upon inspection of the audit an access logs, the analyst notices the host was accessed and the /etc/passwd file was modified with a new entry for username “gotcha” and user ID of 0. Which of the following are the MOST likely attack vector and tool the analyst should use to determine if the attack is still ongoing? (Select TWO)

• A. Logic bomb
• B. Backdoor
• C. Keylogger
• D. Netstat
• E. Tracert
• F. Ping

Answer: BD

NEW QUESTION 8
When connected to a secure WAP, which of the following encryption technologies is MOST likely to be configured when connecting to WPA2-PSK?

• A. DES
• B. AES
• C. MD5
• D. WEP

Answer: B

NEW QUESTION 9
Which of the following threat actors is MOST likely to steal a company’s proprietary information to gain a market edge and reduce time to market?

• A. Competitor
• B. Hacktivist
• C. Insider
• D. Organized crime.

Answer: A

NEW QUESTION 10
A systems administrator found a suspicious file in the root of the file system. The file contains URLs, usernames, passwords, and text from other documents being edited on the system. Which of the following types of malware would generate such a file?

• A. Keylogger
• B. Rootkit
• C. Bot
• D. RAT

Answer: A

NEW QUESTION 11
Every morning, a systems administrator monitors failed login attempts on the company's log management server. The administrator notices the DBAdmin account has five failed username and/or password alerts during a ten-minute window. The systems administrator determines the user account is a dummy account used to attract attackers. Which of the following techniques should the systems administrator implement?

• A. Role-based access control
• B. Honeypot
• C. Rule-based access control
• D. Password cracker

Answer: B

NEW QUESTION 12
An administrator is replacing a wireless router. The configuration of the old wireless router was not documented before it stopped functioning. The equipment connecting to the wireless network uses older legacy equipment that was manufactured prior to the release of the 802.11i standard. Which of the following configuration options should the administrator select for the new wireless router?

• A. WPA+CCMP
• B. WPA2+CCMP
• C. WPA+TKIP
• D. WPA2+TKIP

Answer: D

NEW QUESTION 13
A security administrator is tasked with conducting an assessment made to establish the baseline security posture of the corporate IT infrastructure. The assessment must report actual flaws and weaknesses in the infrastructure. Due to the expense of hiring outside consultants, the testing must be performed using in-house or cheaply available resource. There cannot be a possibility of any requirement being damaged in the test.
Which of the following has the administrator been tasked to perform?

• A. Risk transference
• B. Penetration test
• C. Threat assessment
• D. Vulnerability assessment

Answer: D

NEW QUESTION 14
When sending messages using symmetric encryption, which of the following must happen FIRST?

• A. Exchange encryption key
• B. Establish digital signatures
• C. Agree on an encryption method
• D. Install digital certificates

Answer: C

NEW QUESTION 15
A company hires a consulting firm to crawl its Active Directory network with a non-domain account looking for unpatched systems. Actively taking control of systems is out of scope, as is the creation of new administrator accounts. For which of the following is the company hiring the consulting firm?

• A. Vulnerability scanning
• B. Penetration testing
• C. Application fuzzing
• D. User permission auditing

Answer: A

NEW QUESTION 16
Which of the following uses precomputed hashes to guess passwords?

• A. Iptables
• B. NAT tables
• C. Rainbow tables
• D. ARP tables

Answer: C

NEW QUESTION 17
Systems administrator and key support staff come together to simulate a hypothetical interruption of service. The team updates the disaster recovery processes and documentation after meeting. Which of the following
describes the team's efforts?

• A. Business impact analysis
• B. Continuity of operation
• C. Tabletop exercise
• D. Order of restoration

Answer: C