Question 81
Which two components reduce the attack surface on an endpoint? (Choose two.)
A. secure boot
B. load balancing
C. increased audit log levels
D. restricting USB ports
E. full packet captures at the endpoint
Question 82
What is an attack surface as compared to a vulnerability?
A. any potential danger to an asset
B. the sum of all paths for data into and out of the environment
C. an exploitable weakness in a system or its design
D. the individuals who perform an attack
Question 83
An intruder attempted malicious activity and exchanged emails with a user and received corporate information, including email distribution lists. The intruder asked the user to engage with a link in an email. When the fink launched, it infected machines and the intruder was able to access the corporate network.
Which testing method did the intruder use?
A. social engineering
B. eavesdropping
C. piggybacking
D. tailgating
Question 84
A. privilege escalation
B. DDoS attack
C. phishing
D. man-in-the-middle
E. pharming
Question 85
Refer to the exhibit. What does the output indicate about the server with the IP address 172.18.104.139?
A. open ports of a web server
B. open port of an FTP server
C. open ports of an email server
D. running processes of the server
Question 86
How does certificate authority impact a security system?
A. It authenticates client identity when requesting SSL certificate
B. It validates domain identity of a SSL certificate
C. It authenticates domain identity when requesting SSL certificate
D. It validates client identity when communicating with the server
Question 87
An engineer needs to configure network systems to detect command and control communications by decrypting ingress and egress perimeter traffic and allowing network security devices to detect malicious outbound communications Which technology should be used to accomplish the task?
A. static IP addresses
B. cipher suite
C. digital certificates
D. signatures
Question 88
What is indicated by an increase in IPv4 traffic carrying protocol 41?
A. deployment of a GRE network on top of an existing Layer 3 network
B. attempts to tunnel IPv6 traffic through an IPv4 network
C. unauthorized peer-to-peer traffic
D. additional PPTP traffic due to Windows clients
Question 89
When an event is investigated, which type of data provides the investigate capability to determine if data exfiltration has occurred?
A. firewall logs
B. full packet capture
C. session data
D. NetFlow data
Question 90
Which attack represents the evasion technique of resource exhaustion?
A. SQL injection
B. bluesnarfing
C. denial-of-service
D. man-in-the-middle
