QUESTION 161
Which technique obtains information about how the system works without knowing it’s design details?
A. DDOS attack
B. reverse engineering
C. malware analysis
D. DNS spoofing
Correct Answer: B
QUESTION 162
What is a Heartbleed vulnerability?
A. denial of service
B. command injection
C. information disclosure
D. buffer overflow
Correct Answer: C
QUESTION 163
Auser received a suspicious email and reported it to the SOC team. After analysis, the team concluded that it was a spear phishing attack. According to the Diamond Model, how is the phishing email categorized?
A. infrastructure
B. capability
C. victim
D. adversary
Correct Answer: B
QUESTION 164
An information security analyst inspects the pcap file and observes encrypted unusual SSH traffic flow over nonstandard ports. Which technology makes this behavior feasible?
A. tunneling
B. NAT
C. P2P
D. TOR
Correct Answer: A
QUESTION 165
According to CVSS, which metric group does user interaction belong to?
A. temporary
B. environmental
C. base
D. temporal
Correct Answer: C
QUESTION 166
Which data type is used to recreate a binary file for malware analysis?
A. statistical data
B. session data
C. alert data
D. meta-data
Correct Answer: D
QUESTION 167
Which tool is used by threat actors on a webpage to take advantage of the software vulnerabilities of a system to spread malware?
A. vulnerability kit
B. script kiddie kit
C. root kit
D. exploit kit
Correct Answer: D
QUESTION 168
Which type of attack is a blank email with the subject “price deduction” that contains a malicious attachment?
A. man-in-the-middle attack
B. smishing
C. integrity violation
D. phishing attack
Correct Answer: D
QUESTION 169
What does the SOC metric MTTC provide in incident analysis?
A. average time it takes to fix the issues caused by the incident
B. average time the attacker has access to the environment
C. average time it takes to detect that the incident has occurred
D. average time it takes to recognize and stop the incident
Correct Answer: D
QUESTION 170
What is the role of NAT in data visibility?
A. web filtering
B. hiding IP addresses
C. load balancing
D. encrypting files
Correct Answer: B
QUESTION 171
Which type of attack involves sending input commands to a web server to access data?
A. DNS poisoning
B. denial-of-service
C. cross-site scripting
D. SQL injection
Correct Answer: D
QUESTION 172
What is the benefit of processing statistical data for security systems?
A. provides fewer false negative events than full packet capture
B. detects suspicious behavior based on traffic baselining trends
C. uses less CPU and RAM resources than metadata-based monitoring
D. provides full visibility based on capture of packet traffic data
Correct Answer: B
QUESTION 173
An attacker used a known vulnerability and elevated privileges for an admin account. According to the Cyber Kill Chain Model, which step is the attacker on?
A. Exploitation
B. Installation
C. Delivery
D. weaponization
Correct Answer: A
QUESTION 174
An organization that develops high-end technology is going through an internal audit. The organization uses two databases. The main database stores patent information and a secondary database stores employee names and contact information. A compliance team is asked to analyze the infrastructure and identify protected data. Which two types of protected data should be identified? (Choose two.)
A. Payment Card Industry (PCI)
B. Intellectual Property (IP)
C. Personally Identifiable Information (PII)
D. Sarbanes-Oxley (SOX)
E. Protected Health Information (PHI)
Correct Answer: BC
QUESTION 175
What is data tunneling?
A. Malicious data is hidden within the legitimate system processes.
B. Packets are transformed into bytes and assembled by a receiver.
C. Data is split into packets and transported to the destination.
D. Encrypted information is returned to its original format.
Correct Answer: C
QUESTION 176
Which evasion method involves performing actions slower than normal to prevent detection?
A. timing attack
B. resource exhaustion
C. tunneling
D. traffic fragmentation
Correct Answer: A
QUESTION 177
What are the two differences between vulnerability and exploit? (Choose two.)
A. Vulnerabilities are usually populated in the dark web, and exploit tools and methods can be found in the public web.
B. Zero-day exploit can be used for taking advantage of a known vulnerability, and cyber-attack can be performed on company assets.
C. Vulnerabilities can be found in hardware and software, and exploits can be used only for software-based vulnerabilities
D. Known vulnerabilities are assigned special CVE numbers, and exploits are using process to take advantage of vulnerabilities
E. Zero-day exploit can be used to take advantage of a vulnerability until the vulnerable software or hardware is patched.
Correct Answer: DE
QUESTION 178
What is the buffer overflow attack?
A. Data is sent from a meterpreter shell to a vulnerable computer for reverse IP connection.
B. A program or process tries to write more data to a fixed-length block.
C. Malicious packets are sent to overwhelm network devices and cause them to crash.
D. A specially crafted code is designed to elevate privileges.
Correct Answer: C
QUESTION 179
Which statement describes the attack vector?
A. It is the total number of applicable exploits for a certain weakness.
B. It is the measurement of the access that an attacker requires to exploit the vulnerability.
C. It is the number of resources the attacker requires to exploit a known vulnerability.
D. It is the tools an attacker uses to exploit a certain vulnerability.
Correct Answer: D
QUESTION 180
Which two elements are used by the defense-in-depth strategy? (Choose two.)
A. distributed database management system
B. packet segmentation
C. firewalls
D. least privilege principle
E. single unified security solution
Correct Answer: CD
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.