<< Prev Question Next Question >>

Question 253/630

What two statements about Linux are true? (Choose two.)

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (630q)
Question 1: In addition to discretionary, non-discretionary, and mandato...
Question 2: How many encryption key bits are needed to double the number...
Question 3: Which command is used to view the Windows Registry?...
Question 4: Which of the following is a type of vulnerability that attac...
Question 5: Which one of the following methods allows you to verify enti...
Question 6: How many broadcast domains are created if three hosts are co...
Question 7: What is a reason to run the msconfig command when investigat...
Question 8: What are two vulnerabilities that are present when using sta...
Question 9: Which two statements are true regarding IPS alerts? (Choose ...
Question 10: What are three valid fields in a DNS resource record? (Choos...
Question 11: Which is the best definition of a Windows process?...
Question 12: If a user wants to mount a drive, which command will work?...
Question 13: When attempting to reconstruct an incident from a packet cap...
Question 14: Regarding the Cisco CTA dashboard, what is the primary purpo...
Question 15: Referring to the sample URL below, what statement is correct...
Question 16: Which three are DNS vulnerabilities? (Choose three.)...
Question 17: What is DLP?
Question 18: What are the four characteristics of an SOC runbook? (Choose...
Question 19: Where is the UNIX log located?
Question 20: Which one of the following command strings are correct Snort...
Question 21: In what two ways does the pass-the-hash attack allow an atta...
Question 22: Which three statements are true about company data and data ...
Question 23: Which one of the following options is used to determine the ...
Question 24: DRAG DROP Match the NGFW requirement to its description. Sel...
Question 25: What does a digital certificate certify about an entity?...
Question 26: Which of the following is an example of a facility?...
Question 27: Which three are SMTP commands? (Choose three.)...
Question 28: Which Windows utility should be used to immediately stop a m...
Question 29: On which of the following can exploit kits be run from?...
Question 30: Referring to the output shown below, which statement is corr...
Question 31: When investigating Windows-based security incidents, which c...
Question 32: Cisco AVC uses which of the following technologies to provid...
Question 33: Which two statements are true about application logs? (Choos...
Question 34: Programs that are designed to interact with PowerShell are c...
Question 35: What are three characteristics of RADIUS? (Choose three.)...
Question 36: In the context of the X.500 standard, how is an entity uniqu...
Question 37: When you are researching a Windows operating system vulnerab...
Question 38: When Cisco AMP for Endpoints detects that an unknown file ha...
Question 39: What is an application blacklist?...
Question 40: DRAG DROP Match the following Windows registry hives to the ...
Question 41: Which of the following is an open source feed for threat dat...
Question 42: What does the chmod 766 command do to a file?...
Question 43: What is a practical usage of the diamond model?...
Question 44: Which five of the following options are components of the X....
Question 45: What common defense-in-depth method can help reduce the atta...
Question 46: What best describes a brute-force attack?...
Question 47: Which Windows directory stores the 64-bit applications?...
Question 48: Which statement identifies the primary difference between a ...
Question 49: In military and governmental organizations, what is the clas...
Question 50: Which one of the following statements best describes a comma...
Question 51: How does DNS security combat CnC callbacks?...
Question 52: What are three characteristics of scripting? (Choose three.)...
Question 53: What are worms?
Question 54: Which form of cryptography is used to protect passwords?...
Question 55: Which two countermeasures reduce the threat of CSRF? (Choose...
Question 56: Malware that can corrupt the virtual memory space of another...
Question 57: What is the best way to manage personally identifiable infor...
Question 58: Which three of the following best describe how a SIEM should...
Question 59: Which of the following are characteristics of next-generatio...
Question 60: Which of the following has the most storage requirements?...
Question 61: Which of the following describes a rainbow table?...
Question 62: Which two statements are true about packet captures and pack...
Question 63: What happens when a file hash has never been seen by Cisco's...
Question 64: Which three are reasons for using HTTPS? (Choose three.)...
Question 65: Which two statements are true about password hashing? (Choos...
Question 66: What is a runbook?
Question 67: Choose the most difficult stage of an endpoint attack....
Question 68: DRAG DROP Match the SMTP client reply codes with their funct...
Question 69: Referring to the figure that is shown below, why did the pin...
Question 70: What two describe how attackers obtain access to password ha...
Question 71: What is an advantage of network-based antimalware compared t...
Question 72: The Cisco OpenDNS dashboard page provides useful and importa...
Question 73: Which two network server services are supported natively wit...
Question 74: Which two statements about client-side web-based attacks are...
Question 75: Which system-wide Windows registry hive may be modified by a...
Question 76: Which two statements are true about DDNS? (Choose two.)...
Question 77: Which of the following describe what a threat is?...
Question 78: What two are triggers for an organization to perform a vulne...
Question 79: What is the Common Vulnerability Scoring System (CVSS)?...
Question 80: How can SOC analysts use the cyber kill chain?...
Question 81: Which net command option is used to mount a file share?...
Question 82: Which of the following are some useful attributes you should...
Question 83: What SQL command is used by attackers to exfiltrate sensitiv...
Question 84: Which language is used to describe the style and display pro...
Question 85: What condition does the size of the total addressable virtua...
Question 86: If your current directory location is /var/pcap/, which two ...
Question 87: What type of access control model is based on an individual'...
Question 88: Why would an attacker use Mimikatz once they gained access t...
Question 89: Who is generally responsible for reverse engineering malware...
Question 90: What is the attacker trying to gain by turning off the Windo...
Question 91: DRAG DROP The following is an example of an Angler exploit k...
Question 92: A group of Windows hosts can be managed by which central con...
Question 93: Which two best describe iFrames? (Choose two.)...
Question 94: Which three types of logs are available using the Windows Ev...
Question 95: Which type of ciphers rearrange or permute letters?...
Question 96: Which one of the following options was used by Diffie-Hellma...
Question 97: Which statement is true about the placement of an IPS?...
Question 98: How do UDP scans work?
Question 99: Which of the following is an example of a remote-access VPN ...
Question 100: Which one of the following is the reason that asymmetric enc...
Question 101: There are several differences between NetFlow and full-packe...
Question 102: Which two types of logs can you see on most typical email pr...
Question 103: Cisco AMP for Endpoints takes advantage of which of the foll...
Question 104: Which of the following features are implemented by a wireles...
Question 105: What is one result of placing an IPS on the untrusted (outsi...
Question 106: Cisco pxGrid has a unified framework with an open API design...
Question 107: Which of the following are benefits of encryption?...
Question 108: Which one of the following statements describes the risk of ...
Question 109: You suspect that a Windows host has been infected with malwa...
Question 110: Which one of the following options explains key space as it ...
Question 111: Which statement best describes how a network-based malware p...
Question 112: What is a key security benefit when using identity and acces...
Question 113: What NGFW feature supports inspection of SSL-based traffic?...
Question 114: Which two statements are true about application logs? (Choos...
Question 115: What function is performed by an attacker running"whoami fro...
Question 116: What is a graylist?
Question 117: Which method is a permissive security control in which only ...
Question 118: What is the main purpose of an exploit kit for malicious act...
Question 119: Which of the following is not a Windows Registry hive?...
Question 120: How does a network tap alter the data flow?...
Question 121: Which Windows netstat command options can be used to link th...
Question 122: Which statement best describes the difference between securi...
Question 123: Which five of the following options does the process of key ...
Question 124: What two are recommended authentication protocols? (Choose t...
Question 125: What uses the most resources on the DNS resolver?...
Question 126: What can a security analyst do to identify an attack if an i...
Question 127: Which two determine the speed at which a password can be cra...
Question 128: Typically, by which two methods are APTs often achieved? (Ch...
Question 129: Which three are valid SQL commands? (Choose three.)...
Question 130: Referring to the nslookup results that is shown below, which...
Question 131: Which three of the following statements best describe the li...
Question 132: What is the main advantage of using a mandatory access contr...
Question 133: Which part of the UDP header would attackers replace if they...
Question 134: Which one of these protocols requires a connection to be est...
Question 135: DRAG DROP Arrange the seven stages of the cyber kill chain i...
Question 136: Which statement about the Diffie-Hellman Key Agreement is tr...
Question 137: Which of the following are examples of next-generation firew...
Question 138: Once a user has established an SSH session, what command gra...
Question 139: What is a SQL injection vulnerability?...
Question 140: Referring to the following figure, which statement is correc...
Question 141: What is one of the primary benefits of a defense-in-depth st...
Question 142: What are the advantages of a full-duplex transmission mode c...
Question 143: What are two limitations to deploying a local SPAN to monito...
Question 144: One cryptanalysis method that is used to defeat a multi-step...
Question 145: Which two of the following statements are true regarding the...
Question 146: What is the primary reason to use a sandbox to analyze unkno...
Question 147: Which three are valid fields in the Set-Cookie HTTP header? ...
Question 148: In the Linux operating system, what command securely copies ...
Question 149: Which of the following is not a disadvantage of host-based a...
Question 150: Which one of the following options describes the concept of ...
Question 151: Which three statements indicate why an email proxy log would...
Question 152: After encryption has been applied to a message, what is the ...
Question 153: How many bits can be used for host IPv6 addresses assignment...
Question 154: VPN implementations are categorized into which of the follow...
Question 155: What type of information does CVSS provide for a vulnerabili...
Question 156: Which three options are valid reasons for tuning an IPS? (Ch...
Question 157: What is a Tor exit node?
Question 158: What is the main characteristic of a hub?...
Question 159: Which three apply to XSS? (Choose three.)...
Question 160: Which of the following hashing algorithms are used in IPsec?...
Question 161: What is an amplification attack?...
Question 162: Which layer of the TCP/IP model is concerned with end-to-end...
Question 163: What is the main difference between a Layer 2 switch and a m...
Question 164: What are two ways the IPv6 address 2345:0000:0000:0000:0000:...
Question 165: DRAG DROP Put the following SSH connection steps in order: S...
Question 166: Which of the following are examples of free antivirus softwa...
Question 167: What is the organizational benefit of incorporating CVSS int...
Question 168: Which two of the following pins are usually monitored by a n...
1 commentQuestion 169: Which of the following are examples of personally identifiab...
Question 170: Which of the following explains the file permissions for -rw...
Question 171: What is a phishing attack?
Question 172: What does the ed@labhost:~$ sudo parted -l command display?...
Question 173: Which one of the following statements is true about host-bas...
Question 174: What happens to the victim's browser during an HTTP 302 cush...
Question 175: Which process continues to be recorded in the process table ...
Question 176: Risk is a function of which three factors? (Choose three.)...
Question 177: Which two can be caused by a successful SQL injection attack...
Question 178: Host-based firewalls are often referred to as which of the f...
Question 179: What is a daemon?
Question 180: In dynamic DNS, the term "dynamic" refers to which two of th...
Question 181: What is the Security Group Tag Exchange (SXP) protocol used ...
Question 182: Who is ultimately responsible for security control of an ass...
Question 183: Which of the following describes the use of DMZs?...
Question 184: Chain of custody is the way you document and preserve eviden...
Question 185: Which four encryption protocols and protective algorithms ar...
Question 186: Which AAA protocol allows for capabilities exchange?...
Question 187: Which of the following protocols is typically used as the co...
Question 188: What type of attack occurs when the attacker spoofs the IP a...
Question 189: Which two statements are correct regarding NSA Suite B? (Cho...
Question 190: A foreign government attacks your defense weapons contractor...
Question 191: When using PKI which two of the following are true? (Choose ...
Question 192: If you are hosting a web site and getting a dynamic IP addre...
Question 193: What is one method of understanding how malware operates?...
Question 194: Which of the following attributes are exchanged in IKEv1 pha...
Question 195: What does WMI stand for?
Question 196: Which access control model uses environmental information to...
Question 197: What three threats are email-based? (Choose three.)...
Question 198: What is the best source of data for analysis of a system tha...
Question 199: Why can encryption be challenging to security monitoring?...
Question 200: What can a HIPS do that a NIPS cannot? (Choose two.)...
Question 201: What are two benefits of using a runbook? (Choose two.)...
Question 202: Which two of the following statements are true about host-ba...
Question 203: What additional command tool allows the user to filter outpu...
Question 204: What best describes an attack surface?...
Question 205: What type of attack describes malicious JavaScript, which re...
Question 206: Which of the following statements are true about application...
Question 207: Which three of the following statements are true about netwo...
Question 208: Which activity can be used to ensure data confidentiality?...
Question 209: How is malware that is not on the whitelist able to execute?...
Question 210: Why is a transparent firewall considered a "bump in the wire...
Question 211: Which two of the following options are other common names fo...
Question 212: Many legacy cipher suites available in TLS are deemed insecu...
Question 213: Which resource record type is used to display the mail serve...
Question 214: Which type of encryption algorithm uses the different but re...
Question 215: In which phase of the identity and account lifecycle are the...
Question 216: When are "point-in-time detection technologies" considered u...
Question 217: Chain of custody, in legal contexts, refers to the chronolog...
Question 218: If an attacker uses phishing to obtain user credentials for ...
Question 219: Which two attacks can be caused by a rogue DHCP server? (Cho...
Question 220: What input validation can a program perform to prevent buffe...
Question 221: Which is a correct of daemon permissions?...
Question 222: In order for an attacker to create an additional local user ...
Question 223: Which two are required to make SQL injection possible? (Choo...
Question 224: Which Linux component is being affected if the malware is al...
Question 225: You encountered malware that automatically runs upon bootup ...
Question 226: What is launched using the Windows msconfig command?...
Question 227: What is an IoC?
Question 228: Which statement is true about NetFlow?...
Question 229: What are three benefits of deploying Security Onion for netw...
Question 230: Which of the following is an example of an encoding mechanis...
Question 231: An end user's host becomes infected with a virus because the...
Question 232: What is ransomware?
Question 233: Referring to the sample URL below, #section1 is which part o...
Question 234: If a client connected to a server using SSHv1 previously, ho...
Question 235: Which one of the following options describes the concept of ...
Question 236: Which of the following are true regarding full packet captur...
Question 237: What are some of the characteristics of next-generation fire...
Question 238: Which three are valid HTTP request methods? (Choose three.)...
Question 239: Which three describe what happens when a compromised system ...
Question 240: Which of the following is an example of a data loss preventi...
Question 241: How does malware evade sandbox detection?...
Question 242: Which type of access list works better when implementing RBA...
Question 243: Within a Snort rule, which one of the following statements b...
Question 244: Which two statements are true about malvertisements? (Choose...
Question 245: Which statement about the difference between a denial-of-ser...
Question 246: What three are primary items that are tracked by a security ...
Question 247: What would be the IPv6 address of a host using SLAAC with 23...
Question 248: Access control entries (ACE), which are part of an access co...
Question 249: What are two benefits of cloud-based security services? (Cho...
Question 250: What is Tor?
Question 251: Which three technologies typically send traffic using clear ...
Question 252: DRAG DROP Match the access control type to its destination. ...
Question 253: What two statements about Linux are true? (Choose two.)...
Question 254: What two protocols are used to retrieve email? (Choose two.)...
Question 255: Which of the following statements are true about vulnerabili...
Question 256: What are examples of peer-to-peer (P2P) tools?...
Question 257: What are two goals of compliance regulations? (Choose two.)...
Question 258: Stateful and traditional firewalls can analyze packets and j...
Question 259: What is the purpose of an exploit kit in a client-side attac...
Question 260: What are the two primary purposes of the intrusion analysis ...
Question 261: Which component of the Windows operating system graphical us...
Question 262: Which of the following explains features of a traditional st...
Question 263: DRAG DROP Match the type of attack to its example. Select an...
Question 264: The OSSEC tool is which type of security tool?...
Question 265: Which one of the following best describes an NGFW versus a s...
Question 266: Which of the following are benefits of system-based sandboxi...
Question 267: What best describes a DoS attack?...
Question 268: What three elements can be configured in firewall polices to...
Question 269: Which two security control decisions indicate optimal securi...
Question 270: In most versions of Linux, there is a command that is called...
Question 271: Related to the chain of custody of forensic evidence, what t...
Question 272: Which two methods might be used by an analyst to detect SSL/...
Question 273: What entity that issues and signs digital certificates is tr...
Question 274: The vulnerability assessment process typically includes whic...
Question 275: Depending on the version of NetFlow, a network infrastructur...
Question 276: What is the primary purpose for using a hash algorithm for a...
Question 277: What is a limitation of application whitelisting?...
Question 278: Apache will send diagnostic information and record any error...
Question 279: In which technology is network level encrypted not natively ...
Question 280: What is an IIS parser log used for?...
Question 281: Which two of the following options are two key factors in de...
Question 282: What is CAPWAP used for?
Question 283: What is included in a capability table?...
Question 284: What best describes the ultimate goal of having proper secur...
Question 285: Which access control model originates from the military and ...
Question 286: What are two tools that are provided by Security Onion? (Cho...
Question 287: Which protocol is used to request a host MAC address given a...
Question 288: Which tab is available from the task manager and the msconfi...
Question 289: Which of the following is a password system that's based on ...
Question 290: How can an attacker who is using the Windows command line ru...
Question 291: Which of the following is software that can enable you to en...
Question 292: What are three key components of a threat-centric SOC? (Choo...
Question 293: Which of the following classful networks would allow at leas...
Question 294: What helps an analyst thoroughly respond to the complexity o...
Question 295: When investigating a malicious Windows application, which tw...
Question 296: Which two of the following options must be included in the C...
Question 297: Which Windows file attribute is used so that the file will n...
Question 298: Which of the following is true about handles?...
Question 299: What are decompilers?
Question 300: When a biometric authentication system rejects a valid user,...
Question 301: By default, what level of authority does the root-user have?...
Question 302: When an attacker modifies a system image that has been digit...
Question 303: When observing the directory file listing, what does the let...
Question 304: What three changes have occurred in modern networks that req...
Question 305: On a Linux system, where are application logs usually stored...
Question 306: The way you document and preserve evidence from the time you...
Question 307: Which of the following statements are true when referring to...
Question 308: Which of the following are examples of vulnerabilities?...
Question 309: DRAG DROP Match the four nodes of the diamond model for intr...
Question 310: Which of the following is not a true statement about TACACS+...
Question 311: When tuning an IPS, which three determinations should help y...
Question 312: To provide origin authentication, the sender encrypts the me...
Question 313: Which two of the following statements best describe the ways...
Question 314: What information may an attacker obtain with WMI access to t...
Question 315: When issuing the command ls -l (filename), what is the corre...
Question 316: Which of the following is a type of web application vulnerab...
Question 317: What are three pieces of information that NetFlow captures? ...
Question 318: You get an alert on your desktop computer showing that an at...
Question 319: DNS listens on which well-known ports?...
Question 320: What are two main goals of SQL injection attacks? (Choose tw...
Question 321: A feature of the Linux shell is the ability to run multiple ...
Question 322: Which three are true about the Cisco FirePower NGFW logging?...
Question 323: Which part of the NTFS formatted disk drive can be damaged b...
Question 324: Which type of control best describes an IPS dropping a malic...
Question 325: Who assigns a security classification to an asset?...
Question 326: What is the TCP window field used for?...
Question 327: What is a DNS iterative query used for?...
Question 328: Which two of the following statements best describe the reas...
Question 329: After a file disposition changes from unknown to malicious, ...
Question 330: What is a Trojan horse?
Question 331: Where is the information about ports and device Layer 2 addr...
Question 332: Which statement is true of advanced persistent threats (APTs...
Question 333: URL Redirect status codes all start with which digit?...
Question 334: What two are measures of posture compliance used by identity...
Question 335: Cisco ASA supports which of the following types of logging? ...
Question 336: Where is EAPoL traffic seen?
Question 337: What are five pieces of information that an analyst can lear...
Question 338: Which one of the following encryption methodologies allows y...
Question 339: What are two controls that the Cisco WSA can use to validate...
Question 340: What is the function of the exploit kit landing page?...
Question 341: What is a threat to the end user regarding web scripting?...
Question 342: To facilitate encrypted bulk data transfer using the TLS pro...
Question 343: What are two ways that packet fragmentation can allow an att...
Question 344: What option does not contain a security risk?...
Question 345: Which IDS system can detect attacks using encryption?...
Question 346: Which security technology would be best for detecting a pivo...
Question 347: RAM is an example of which of the following?...
Question 348: Which statement is correct regarding the web page source cod...
Question 349: Which two of the following statements are correct about blac...
Question 350: Of the following, in which type of an attack does the attack...
Question 351: Which two statements are true regarding an attacker who is p...
Question 352: What is the security property that guarantees that sensitive...
Question 353: What are two benefits to deploying a threat-monitoring appli...
Question 354: Which is a true statement about a symlink?...
Question 355: In what location (directory) do Linux-based systems store mo...
Question 356: What is an example of a Cisco solution for endpoint protecti...
Question 357: Which of the following are provided by threat intelligence f...
Question 358: A zombie process occurs when which of the following happens?...
Question 359: What is a DNS server that is responsible for the RRs for its...
Question 360: Which statement about virtual address space is true?...
Question 361: Which three of the following options are uses for the utilit...
Question 362: What is the command to bring up the Windows Services Control...
Question 363: Which statement is true about sandboxing?...
Question 364: Which protocols use the well-known TCP port 110?...
Question 365: Which one of the following encryption algorithms is the pref...
Question 366: What information is included in a network socket? (Select al...
Question 367: What Linux command allows a user to view the IP route table?...
Question 368: What are three characteristics of an advanced persistent thr...
Question 369: Why are reputation filters typically the first filters that ...
Question 370: Which two examples are command injection attacks? (Choose tw...
Question 371: How can an organization protect against a privilege escalati...
Question 372: What TCP port does SSL/TLS use for HTTPS communications?...
Question 373: Which protocol or diagnostic tool helps you determine how ma...
Question 374: DNS logging can capture URL resolution requests and response...
Question 375: What command is used to list the content of the current work...
Question 376: What is the purpose of a DLP policy?...
Question 377: What is the functional purpose of the HTTP 302 response code...
Question 378: What are two data items that an analyst can learn about a da...
Question 379: What does the chmod go+r-w MyFile.txt command string do to a...
Question 380: Which option can lead to an SQL injection attack?...
Question 381: Which endpoint security technology should be used to prevent...
Question 382: Which type of encryption algorithm uses the same key to encr...
Question 383: What type of data can be learned about a server by performin...
Question 384: Which two languages are commonly used in client scripting? (...
Question 385: How many host IPv4 addresses are possible in a /25 network?...
Question 386: Which statement is true about a SIEM system?...
Question 387: Which statement is true concerning a link working in Etherne...
Question 388: File integrity checking tools work by calculating hash value...
Question 389: To communicate that a document is using a digital signature,...
Question 390: What is an advantage of a system-generated password?...
Question 391: What policy change could limit the ability of attackers to e...
Question 392: Why are DNS open resolvers the focus of so many malicious ac...
Question 393: What type of password attack is characterized by trying ever...
Question 394: What is a Tor exit node?
Question 395: What is a buffer overflow?
Question 396: What is the main advantage of an SIEM compared to a normal l...
Question 397: Referring to the sample URL below, what statement is correct...
Question 398: Which of the following is not true about symlinks?...
Question 399: Which one of the following statements best describes the pri...
Question 400: What is one result of placing an IPS on the trusted (inside)...
Question 401: Which one of the following options is the block cipher mode ...
Question 402: Implementing a "threat-centric" security strategy means to f...
Question 403: What is a chronological documentation of evidence also known...
Question 404: Which one of the following options is the attack that can be...
Question 405: DRAG DROP Match the DNS resource records with the proper des...
Question 406: DRAG DROP Match the security control term with its descripti...
Question 407: Which of the following services are provided by a lightweigh...
Question 408: Which of the following network security data types requires ...
Question 409: Which type of access controls are used to protect an asset b...
Question 410: What is the reason that a digital signature can be used to p...
Question 411: Which of the following are open source packet-capture softwa...
Question 412: Which one of the following statements is considered a DNS "b...
Question 413: Which three statements best describe password attack counter...
Question 414: Which access control model uses the function of a subject in...
Question 415: What is an advantage to using HTTPS?...
Question 416: Which two of the following options are impacts of cryptograp...
Question 417: Which three are considered personally identifiable informati...
Question 418: Why would an attacker use a proxy server in front of the exp...
Question 419: What is SLAAC used for?
Question 420: Which of the following are examples of vulnerability and por...
Question 421: Which three are considered best practices for passwords? (Ch...
Question 422: Which one of the following algorithms is most susceptible to...
Question 423: Which two statements are true about firewall logs? (Choose t...
Question 424: What protocol uses TCP port 143?...
Question 425: Which statement best describes how Cisco CTA identifies secu...
Question 426: What HTTP feature is a small piece of data that is sent from...
Question 427: Malicious Windows operating system codes that share a single...
Question 428: What portion of the following URI is known as the query? htt...
Question 429: What type of encryption mode is used to secure point-to-poin...
Question 430: What tool can be used in Windows to format a log for a SQL s...
Question 431: Which one of the following parts of the Diffie-Hellman calcu...
Question 432: Which best describes how a DNS amplification and reflection ...
Question 433: The process that is known as piping performs which of the fo...
Question 434: What are three examples of PII? (Choose three.)...
Question 435: Networks and computer systems employ defense-in-depth strate...
Question 436: Why are open DNS resolvers vulnerable to attacks?...
Question 437: An attacker used social engineering to gain administrative a...
Question 438: Which one of the following methods of cryptanalysis should y...
Question 439: The Cisco CWS service uses web proxies in the Cisco cloud en...
Question 440: Which node of the diamond model refers to the tools or techn...
Question 441: What is Tor?
Question 442: In the Windows OS, what is an important function of the winl...
Question 443: Which one of the following statements best describes the ben...
Question 444: Which one of the following is the purpose of the content opt...
Question 445: What are three common core directories for almost all Linux ...
Question 446: If an engineering server's risk of being hacked is assigned ...
Question 447: Which is not a valid Windows operating system version?...
Question 448: What would be the maximum length of the network mask for a n...
Question 449: What is a disadvantage of using an IPS compared to an IDS?...
Question 450: What is the severity level of the ASA syslog message "%ASA-2...
Question 451: What is the best of a fork (system call) in UNIX?...
Question 452: What are the three basic security requirements of network se...
Question 453: Which three of the following options does the client validat...
Question 454: How can you protect an organization from pivoting attacks? (...
Question 455: What kind of response message can a root name server send to...
Question 456: Which of the following are examples of DNS tunneling tools? ...
Question 457: What basic benchmark of an SOC is related to the cyber kill ...
Question 458: How can the SMB worm self-propagate throughout the network?...
Question 459: Why can encryption cause problems when you're analyzing data...
Question 460: The ECDHE_ECDSA part of the cipher list identifies which one...
Question 461: What is a byproduct when defense-in-depth strategies are not...
Question 462: What type of attack occurs when an attacker sends a flood of...
Question 463: Which regulation compliancy measure focuses on personal heal...
Question 464: In addition to helping secure and control web traffic, web c...
Question 465: What type of spoofing attack uses fake source IP addresses t...
Question 466: Which log type would be used for recording changes in a SQL ...
Question 467: Of the two types of attacks that analysts investigate, estab...
Question 468: Which of the following is a big data analytics technology th...
Question 469: What best describes domain shadowing?...
Question 470: Which four of the following information is included in sets ...
Question 471: An analyst may run the Windows Task Manager to perform which...
Question 472: Which Windows component is used by the applications to modif...
Question 473: What are two reasons that AAA server logs are useful in prot...
Question 474: Which TCP header flag is used by TCP to establish a connecti...
Question 475: What is a key reason that enterprises are reluctant to move ...
Question 476: Which SQL command is used to modify the database structure?...
Question 477: What is the difference between IPsec tunnel and transport mo...
Question 478: Referring to the figure below, what do you need to select in...
Question 479: What is a countermeasure that an organization can employ to ...
Question 480: What method can be used to reduce the complexity of SOC oper...
Question 481: What is one of the ways in which the cyber kill chain is use...
Question 482: When you execute the sudo command, you will be prompted for ...
Question 483: Which two statements are true about Windows operating system...
Question 484: Host-based firewalls are often referred to as which of the f...
Question 485: Which routing protocol exchanges link state information?...
Question 486: What is the primary difference between a host-based firewall...
Question 487: Which of the following is true when describing threat intell...
Question 488: What is a characteristic of SQL?...
Question 489: What does the syslog on a Cisco ASA firewall offer a securit...
Question 490: Which Linux security control should be used with a personal ...
Question 491: In a discretionary access control (DAC) model, who can autho...
Question 492: Which process has a PID of 1?
Question 493: Which two of the following statements are true about malware...
Question 494: Which of the following is a methodology used by attackers to...
Question 495: The Cisco Web Security Appliance (Cisco WSA) can be both a p...
Question 496: What is an advantage of using OSPF instead of RIPv2?...
Question 497: Why you should enable Network Time Protocol (NTP) when you c...
Question 498: Which of the following describes a traditional IPS?...
Question 499: What kind of names are used to uniquely identify servers tha...
Question 500: What best describes the Security Operations Center (SOC)?...
Question 501: Which two best describe the difference between XSS and CSRF?...
Question 502: Which two of the following protocols are most commonly found...
Question 503: You are investigating IPS alerts and finding that many of th...
Question 504: DRAG DROP Match the action to the stage of the web attack. S...
Question 505: What is the reason that most anti-virus solutions cannot det...
Question 506: To effectively protect your emails, you should make sure of ...
Question 507: Which of the following is an example of a host-based encrypt...
Question 508: When performing disk forensics on a Windows machine, which f...
Question 509: Where does the RADIUS exchange happen?...
Question 510: What is used in the Cisco TrustSec architecture to provide l...
Question 511: Which of the following shows giving permissions to the group...
Question 512: Which one of the following options describes the steps to en...
Question 513: Which one of the following actions should be taken by a clie...
Question 514: Which of the following authentication methods is considered ...
Question 515: Which one of the following statements best describes crypto ...
Question 516: Which two IT security control frameworks offer good starting...
Question 517: If the date and time are not synchronized among network and ...
Question 518: What is the primary purpose for using an encryption algorith...
Question 519: Which one of the following best describes the limitations of...
Question 520: What characteristic differentiates a server from a client?...
Question 521: Which of the following are examples of sandboxing implementa...
Question 522: Why is using ECDHE_ECDSA stronger than using RSA?...
Question 523: Which of the following planes is important to understand for...
Question 524: Referring to the figure that is shown below, how can you det...
Question 525: Which one of the following is the PKI operation that would l...
Question 526: Which Security Onion tool should the security analyst use to...
Question 527: Which of the following statements is not true about a daemon...
Question 528: What is a cross-site scripting (XSS) vulnerability?...
Question 529: Which three security services do digital signatures provide?...
Question 530: Which of the following is something WMI can't be used for?...
Question 531: What is the difference between spear phishing and whaling?...
Question 532: Which of the following is true about Windows services?...
Question 533: Which two are uses for DNS covert tunnels? (Choose two.)...
Question 534: Which of the following are examples of network security devi...
Question 535: What is the order in which reconnaissance scanning typically...
Question 536: What best describes an amplification attack?...
Question 537: Which type of controls best describe a fence?...
Question 538: What is the Windows eventvwr command used for?...
Question 539: What are two characteristics of an advanced persistent threa...
Question 540: What can cause a handle leak?
Question 541: DRAG DROP Match the operation to its correct order in the em...
Question 542: In IPv6, what is used to replace ARP?...
Question 543: Which two are software vulnerability scanners? (Choose two.)...
Question 544: What is the Common Vulnerabilities and Exposures (CVE)?...
Question 545: What are three similarities between IDS and IPS sensors? (Ch...
Question 546: What is a SQL injection vulnerability?...
Question 547: Why can't ESP packets be transferred by NAT devices?...
Question 548: Which of the following is true about NetFlow?...
Question 549: Which is a key requirement for the RSPAN feature to work acr...
Question 550: Which two are countermeasures that an administrator should e...
Question 551: What is an example of a reconnaissance attack tool that will...
Question 552: What is a backdoor?
Question 553: In IKEv1 phase 2, each security association (SA) is assigned...
Question 554: A host on an isolated port can communicate with which of the...
Question 555: Which statement best describes VPNs?...
Question 556: Which two statements best explain why domain shadowing is di...
Question 557: What are the three main layers of the Linux OS architecture?...
Question 558: Which of the following are characteristics of a secure ident...
Question 559: Regarding outbound email security policies, which one of the...
Question 560: What two types of information are encrypted by the HTTPS pro...
Question 561: A ping attack that exploits the broadcast IP address in a su...
Question 562: What is an advantage when deploying the Talos Intelligence G...
Question 563: Which of the following is an example of a DNS tunneling tool...
Question 564: Referring to the screenshot below, which area of the Windows...
Question 565: NBAR works with which of the following technologies to help ...
Question 566: Which statement best describes malware reverse engineering?...
Question 567: What HTTP method is used to request a response without the r...
Question 568: What three factors contribute to a CVSS score? (Choose three...
Question 569: What is the default port for HTTPS?...
Question 570: What is the main advantage of single sign-on?...
Question 571: What industry regulation criminalizes production and dissemi...
Question 572: SIEM solutions can collect logs from popular host security p...
Question 573: Why does NAT present a challenge to security monitoring?...
Question 574: After attackers gain access to a system, what method can the...
Question 575: Malware infecting which Windows registry hive can alter the ...
Question 576: Which of the following explains Linux daemon permissions?...
Question 577: Which of the following statements are true about the princip...
Question 578: What are two examples of the impacts of cryptography on secu...
Question 579: A malicious file was executed on a host but it was not detec...
Question 580: Which part of the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P3...
Question 581: What is Cisco Prime Infrastructure?...
Question 582: Which process type occurs when a parent process is terminate...
Question 583: What security management software/process is used to manage ...
Question 584: What method is used by Cisco OpenDNS to help prevent attacks...
Question 585: What are three goals of OpenSOC? (Choose three.)...
Question 586: Which Cisco AMP for endpoints feature is used during post-in...
Question 587: In which phase of the access control does a user need to pro...
Question 588: During incident investigations, what does the AMP for endpoi...
Question 589: Which best describes a fast flux service network?...
Question 590: Which of the following are some useful reports you can colle...
Question 591: What is the primary goal of an attacker when using an iFrame...
Question 592: PHP is an example of what type of scripting languages?...
Question 593: Which port access control technology allows dynamic authoriz...
Question 594: Which of the following are part of a security label used in ...
Question 595: Which priority level of logging will be sent if the priority...
Question 596: What is a common way to protect "data at rest"?...
Question 597: Which technique ensures protection against simple and noninv...
Question 598: Which type of Windows processes operate within the confines ...
Question 599: Why should NTP be enabled in infrastructure devices and for ...
Question 600: Referring to the figure below, which statement is correct? (...
Question 601: Traditional Cisco NetFlow records are usually exported via w...
Question 602: What should be configured on the source switch as the destin...
Question 603: Why are encryption and protocol tunneling effective techniqu...
Question 604: Which net command option is used to start a service?...
Question 605: Which of the following are examples of exploit kits?...
Question 606: Which statement is correct?
Question 607: Which method allows a space in a file name to be correctly i...
Question 608: Given the scenario where the Downloads directory is in the h...
Question 609: Network address translation (NAT) introduces challenges in t...
Question 610: Which type of control includes security training?...
Question 611: Which of the following is not a NetFlow version?...
1 commentQuestion 612: What is a DNS tunnel?
Question 613: Which of the following authentication methods can be conside...
Question 614: Which of the following are some of the commonly used SSL VPN...
Question 615: Which three are important distinctions of HTTP? (Choose thre...
Question 616: Which of the following are examples of cloud-based security ...
Question 617: Which two statements best describe why it is important to de...
Question 618: In which phase of access control is access granted to a reso...
Question 619: Cisco ASA firewalls are advanced stateful firewalls. Which t...
Question 620: Which of the following are examples of application file and ...
Question 621: What entity requests access to a resource?...
Question 622: Which IP header field is used to recognize fragments from th...
Question 623: Which regulation specifically addresses credit card complian...
Question 624: Which statement explains the primary difference between repu...
Question 625: Which three of the following statements are benefits of RSPA...
Question 626: Which of the following statements is true about clientless S...
Question 627: DRAG DROP Match the following characteristics with the appro...
Question 628: Which one of the following is the first exchange during SSHv...
Question 629: What two options are contained in the SMTP envelope? (Choose...
Question 630: Referring to the figure that is shown below, if you are logg...