QUESTION 229
A company has a data classification system with definitions for “Private” and “Public”. the company’s security policy outlines how data should be protected based on type. The company recently added data type “Proprietary”. Which of the following is the MOST likely reason the company added this data type?

QUESTION 230
A security analyst is reviewing an assessment report that includes software versions, running services,
supported encryption algorithms, and permission settings. Which of the following produced the report?

QUESTION 231
A member of the human resources department is searching for candidate resumes and encounters the following error message when attempting to access popular job search websites:

Which of the following would resolve this issue without compromising the company’s security policies?

QUESTION 232
Hotspot Question
A newly purchased corporate WAP needs to be configured in the MOST secure manner possible.
INSTRUCTIONS
Please click on the below items on the network diagram and configure them accordingly:
WAP
DHCP Server
AAA Server
Wireless Controller
LDAP Server
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

QUESTION 233
Which of the following outcomes is a result of proper error-handling procedures in secure code?

QUESTION 234
Malware that changes its binary pattern on specific dates at specific times to avoid detection is known as a (n):

QUESTION 235
A security auditor is reviewing the following output from file integrity monitoring software installed on a very busy server at a large service provider. The server has not been updates since it was installed. Drag and drop the log entry that identifies the first instance of server compromise.

QUESTION 236
An analyst is reviewing a simple program for potential security vulnerabilities before being deployed to a Windows server. Given the following code:

Which of the following vulnerabilities is present?

QUESTION 237
A user receives a security alert pop-up from the host-based IDS, and a few minutes later notices a document on the desktop has disappeared and in its place is an odd filename with no icon image. When clicking on this icon, the user receives a system notification that it cannot find the correct program to use to open this file.
Which of the following types of malware has MOST likely targeted this workstation?

QUESTION 238
A dumpster diver was able 10 retrieve hard drives from a competitor’s trash bin. After installing the and hard drives and running common date recovery software. Sensitive information was recovered. In which of the following ways did the competitor apply media sanitation?

QUESTION 239
A systems administrator has created network file shares for each department with associated security groups for each role within the organization. Which of the following security concepts is the systems administrator implementing?

QUESTION 240
A security administrator has been tasked with implementing controls that meet management goals. Drag and drop the appropriate control used to accomplish the account management goal. Options may be used once or not at all.

QUESTION 241
A security, who is analyzing the security of the company’s web server, receives the following output:

Which of the following is the issue?

QUESTION 242
For each of the given items, select the appropriate authentication category from the drop down choices.
Select the appropriate authentication type for the following items:

QUESTION 243
An attacker went to a local bank and collected disposed paper for the purpose of collecting data that could be used to steal funds and information from the bank’s customers. This is an example of:

QUESTION 244
A network administrator needs to allocate a new network for the R&D group. The network must not be accessible from the Internet regardless of the network firewall or other external misconfigurations. Which of the following settings should the network administrator implement to accomplish this?

QUESTION 245
A large financial services firm recently released Information regarding a security breach within its corporate network that began several years before. During the time frame In which the breach occurred, indicators show an attacker gained administrative access to the network through a file download from a social media site and subsequently installed without the user’s knowledge. Since the compromise, the attacker was able to take command and control of the computer systems anonymously while obtaining sensitive corporate and personal employee information. Which of the following methods did the attacker MOST likely use to gain access?

QUESTION 246
Given the output:

Which of the following account management practices should the security engineer use to mitigate the identified risk?

QUESTION 247
When attempting to secure a mobile workstation, which of the following authentication technologies rely on the user’s physical characteristics? (Select TWO)

QUESTION 248
A company would like to transition its directory service from an OpenLDAP solution to Active Directory. The main goal for this project is security. All authentications to the domain controllers must be as secure as possible. Which of the following should the company use to achieve this goal?

QUESTION 249
When accessing a popular website, a user receives a warning that the certificate for the website is not valid.
Upon investigation, it was noted that the certificate is not revoked and the website is working fine for other users. Which of the following is the MOST likely cause for this?

QUESTION 250
A cybersecurity analyst is looking into the payload of a random packet capture file that was selected for analysis. The analyst notices that an internal host had a socket established with another internal host over a non-standard port. Upon investigation, the origin host that initiated the socket shows this output:
usera@host>history
mkdir /local/usr/bin/somedirectory
nc -1 192.168.5.1 -p 9856
ping -c 30 8.8.8.8 -a 600
rm /etc/dir2/somefile
rm -rm /etc/dir2/
traceroute 8.8.8.8
pakill pid 9487
usera@host>
Given the above output, which of the following commands would have established the questionable socket?

QUESTION 251
For each of the given items, select the appropriate authentication category from the dropdown choices.
Instructions: When you have completed the simulation, please select the Done button to submit.

QUESTION 252
A user suspects someone has been accessing a home network without permission by spoofing the MAC address of an authorized system. While attempting to determine if an authorized user is logged into the home network, the user reviews the wireless router, which shows the following table for systems that are currently on the home network.

Which of the following should be the NEXT step to determine if there is an unauthorized user on the network?