Question 91
During a recent penetration test, the tester discovers large amounts of data were exfiltrated over the course of 12 months via the internet. The penetration tester stops the test to inform the client of the findings. Which of the following should be the client's NEXT step to mitigate the issue?
A. Conduct a full vulnerability scan to identify possible vulnerabilities.
B. Perform containment on the critical servers and resources.
C. Review the firewall and identify the source of the active connection.
D. Disconnect the entire infrastructure from the internet.
Question 92
A security analyst is designing the appropriate controls to limit unauthorized access to a physical site. The analyst has a directive to utilize the lowest possible budget. Which of the following would BEST meet the requirements?
A. Preventive controls
B. Compensating controls
C. Deterrent controls
D. Detective controls
Question 93
A company is looking to migrate some servers to the cloud to minimize its technology footprint. The company has 100 databases that are on premises. Which of the following solutions will require the LEAST management and support from the company?
A. SaaS
B. IaaS
C. PaaS
D. SDN
Question 94
Which of the following employee roles is responsible for protecting an organization's collected personal information?
A. CTO
B. DPO
C. CEO
D. DBA
Question 95
Against the recommendation of the IT security analyst, a company set all user passwords on a server as `P@55w0rD`. Upon review of the /etc/passwd file, an attacker found the following: alice:a8df3b6c4fd75f0617431fd248f35191df8d237f bob:2d250c5b2976b03d757f324ebd59340df96aa05e chris:ea981ec3285421d014108089f3f3f997ce0f4150
Which of the following BEST explains why the encrypted passwords do not match?
A. Perfect forward secrecy
B. Key stretching
C. Salting
D. Hashing
Question 96
After gaining access to a dual-homed (i.e., wired and wireless) multifunction device by exploiting a vulnerability in the device's firmware, a penetration tester then gains shell access on another networked asset. This technique is an example of:
A. privilege escalation.
B. footprinting.
C. persistence.
D. pivoting.
Question 97
Which of the following should be monitored by threat intelligence researchers who search for leaked credentials?
A. Common Weakness Enumeration
B. OSINT
C. Dark web
D. Vulnerability databases
Question 98
A security analyst needs to be able to search and correlate logs from multiple sources in a single tool. Which of the following would BEST allow a security analyst to have this ability?
A. SOAR
B. SIEM
C. Log collectors
D. Network-attached storage
Question 99
A security analyst is investigating suspicious traffic on the web server located at IP address 10.10.1.1. A search of the WAF logs reveals the following output:
Which of the following is MOST likely occurring?
A. XSS attack
B. SQLi attack
C. Replay attack
D. XSRF attac
Question 100
Which of the following components can be used to consolidate and forward inbound internet traffic to multiple cloud environments though a single firewall?
A. Transit gateway
B. Cloud hot site
C. Edge computing
D. DNS sinkhole
