Download PASSEMALL Prep app now
Scan QR code or get instant email to install app
Question:
Comments
Your email address will not be published. Required fields are marked *
Comment *
Name*
Email*
URL
Save my name, email, and website in this browser for the next time I comment.
Which of the following additional countermeasure could Roger take to help protect privilege in the case that Roger, a security analyst, wants to tighten up privileges to make sure each user has only the privileges they need to do their work?
Instigate multi-factor authentication and authorization.
Which type of attack was Stuxnet in the situation that:The Stuxnet worm was identified in 2010 and used to collect sensitive information from Iran's industrial infrastructure. Before being identified, this worm was most likely active for around five years. The attacker had access to the target during this time.
APT
What are the rules and regulations defined and implemented by an organization known as?
Corporate policies
Which of the following cloud computing attacks is he using if an attacker's intent is to find out and then use sensitive data like passwords, session cookies, and other security configurations such as UDDI, SOAP, and WSDL?
Service hijacking through network sniffing.
A characteristic of the Advanced Encryption Standard (AES) symmetric block cipher is which of the following?
Uses the Rijndael block cipher.
Which of the following best describes the red team if Randy was just hired as a penetration tester for the red team?
Performs offensive security tasks to test the network's security.
Within a request for a certificate, which is an entity that accepts and validates information contained?
Registration authority
Which of the following network mapping tools should you use in the case that you are using an iOS device and you want to scan networks, websites, and ports to discover open network devices?
Scany
Typically, the username is thought to be the unique identifier behind the scenes, however, Windows really relies on the security identifier (SID). A SID, unlike a username, cannot be reused. You discovered an account ending in -501 when viewing data in Windows Security Account Manager (SAM). Which of the following account types have you discovered?
The built-in guest
What type of vulnerability must be present to make this remote attack possible in the following?Several unexpected files are discovered in the root directory of a network administrator's Linux FTP server. One file is a tarball, two are shell programs, and the third is a binary file called 'nc.' The anonymous user account logged in to the FTP server, uploaded the files, extracted the contents of the tarball, and ran the script using a feature offered by the FTP server's software, according to the access logs. The ps command indicates that the nc file is running as a process, and the netstat command indicates that the nc process is listening on a network port.
File system permissions
Which firewall rules meet this requirement: Workstation traffic must transit via a firewall to reach a bank's website. You have been instructed to check the firewall setup to verify that workstations in network 10.10.10.0/24 can only access the bank's website 10.20.20.1 through https.
if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permit
Tarpits, which sometimes operate at different levels of the OSI model depending on their function, are an earlier strategy for defeating honeypots. Tarpits operate at which of the following levels of the OSI model?
OSI layers 2 (DataLink), 4 (Transport), and 7 (Application)
If an LM hash you extracted contains a password that is less than 8 characters long, how can you determine ?
The right most portion of the hash is always the same
For cracking Windows login passwords using rainbow tables, which of the following is a tool?
Ophcrack
Comments