NEW QUESTION 1
A security technician has been receiving alerts from several servers that indicate load balancers have had a significant increase in traffic. The technician initiates a system scan. The scan results illustrate that the disk space on several servers has reached capacity. The scan also indicates that incoming internet traffic to the servers has increased. Which of the following is the MOST likely cause of the decreased disk space?

• A. Misconfigured devices
• B. Logs and events anomalies
• C. Authentication issues
• D. Unauthorized software

Answer: D

NEW QUESTION 2
A security administrator suspects that data on a server has been exhilarated as a result of un- authorized remote access. Which of the following would assist the administrator in con-firming the suspicions? (Select TWO)

• A. Networking access control
• B. DLP alerts
• C. Log analysis
• D. File integrity monitoring
• E. Host firewall rules

Answer: BC

NEW QUESTION 3
Which of the following solutions should an administrator use to reduce the risk from an unknown vulnerability in a third-party software application?

• A. Sandboxing
• B. Encryption
• C. Code signing
• D. Fuzzing

Answer: A

NEW QUESTION 4
An information security analyst needs to work with an employee who can answer QUESTION NO:s about
how data for a specific system is used in the business. The analyst should seek out an employee who has the role of:

• A. steward
• B. owner
• C. privacy officer
• D. systems administrator

Answer: B

NEW QUESTION 5
An attacker captures the encrypted communication between two parties for a week, but is unable to decrypt the messages. The attacker then compromises the session key during one exchange and successfully compromises a single message. The attacker plans to use this key to decrypt previously captured and future communications, but is unable to. This is because the encryption scheme in use adheres to:

• A. Asymmetric encryption
• B. Out-of-band key exchange
• C. Perfect forward secrecy
• D. Secure key escrow

Answer: C

NEW QUESTION 6
AChief Information Officer (CIO) asks the company's security specialist if the company should spend any funds on malware protection for a specific server. Based on a risk assessment, the ARO value of a malware infection for a server is 5 and the annual cost for the malware protection is $2500. Which of the following SLE values warrants a recommendation against purchasing the malware protection?

• A. $500
• B. $1000
• C. $2000
• D. $2500

Answer: A

NEW QUESTION 7
An audit reported has identifies a weakness that could allow unauthorized personnel access to the facility at its main entrance and from there gain access to the network. Which of the following would BEST resolve the vulnerability?

• A. Faraday cage
• B. Air gap
• C. Mantrap
• D. Bollards

Answer: C

NEW QUESTION 8
While troubleshooting a client application connecting to the network, the security administrator notices the following error: Certificate is not valid. Which of the following is the BEST way to check if the digital certificate is valid?

• A. PKI
• B. CRL
• C. CSR
• D. IPSec

Answer: B

NEW QUESTION 9
A system administrator wants to implement an internal communication system that will allow employees to send encrypted messages to each other. The system must also support non- repudiation. Which of the following implements all these requirements?

• A. Bcrypt
• B. Blowfish
• C. PGP
• D. SHA

Answer: C

NEW QUESTION 10
A technician suspects that a system has been compromised. The technician reviews the following log entry: WARNING- hash mismatch: C:WindowSysWOW64user32.dll
WARNING- hash mismatch: C:WindowSysWOW64kernel32.dll
Based solely ono the above information, which of the following types of malware is MOST likely installed on the system?

• A. Rootkit
• B. Ransomware
• C. Trojan
• D. Backdoor

Answer: A

NEW QUESTION 11
An organization is comparing and contrasting migration from its standard desktop configuration to the newest version of the platform. Before this can happen, the Chief Information Security Officer (CISO) voices the need to evaluate the functionality of the newer desktop platform to ensure interoperability with existing software in use by the organization. In which of the following principles of architecture and design is the CISO engaging?

• A. Dynamic analysis
• B. Change management
• C. Baselining
• D. Waterfalling

Answer: B

NEW QUESTION 12
Which of the following controls allows a security guard to perform a post-incident review?

• A. Detective
• B. Preventive
• C. Corrective
• D. Deterrent

Answer: C

NEW QUESTION 13
Which of the following is the BEST reason for salting a password hash before it is stored in a database?

• A. To prevent duplicate values from being stored
• B. To make the password retrieval process very slow
• C. To protect passwords from being saved in readable format
• D. To prevent users from using simple passwords for their access credentials

Answer: A

NEW QUESTION 14
A user of the wireless network is unable to gain access to the network. The symptoms are:
1.) Unable to connect to both internal and Internet resources
2.) The wireless icon shows connectivity but has no network access
The wireless network is WPA2 Enterprise and users must be a member of the wireless security group to authenticate.
Which of the following is the MOST likely cause of the connectivity issues?

• A. The wireless signal is not strong enough
• B. A remote DDoS attack against the RADIUS server is taking place
• C. The user's laptop only supports WPA and WEP
• D. The DHCP scope is full
• E. The dynamic encryption key did not update while the user was offline

Answer: A

NEW QUESTION 15
A security administrator is evaluating three different services: radius, diameter, and Kerberos. Which of the following is a feature that is UNIQUE to Kerberos?

• A. It provides authentication services
• B. It uses tickets to identify authenticated users
• C. It provides single sign-on capability
• D. It uses XML for cross-platform interoperability

Answer: B

NEW QUESTION 16
To reduce disk consumption, an organization’s legal department has recently approved a new policy setting the data retention period for sent email at six months. Which of the following is the BEST way to ensure this
goal is met?

• A. Create a daily encrypted backup of the relevant emails.
• B. Configure the email server to delete the relevant emails.
• C. Migrate the relevant emails into an “Archived” folder.
• D. Implement automatic disk compression on email servers.

Answer: A

NEW QUESTION 17
Which of the following is the summary of loss for a given year?

• A. MTBF
• B. ALE
• C. SLA
• D. ARO

Answer: B