A company is moving to new location. The systems administrator has provided the following server room
requirements to the facilities staff:
Consistent power levels in case of brownouts or voltage spikes
A minimum of 30 minutes runtime following a power outage
Ability to trigger graceful shutdowns of critical systems
Which of the following would BEST meet the requirements?


A. Maintaining a standby, gas-powered generator
B. Using large surge suppressors on computer equipment
C. Configuring managed PDUs to monitor power levels
D. Deploying an appropriately sized, network-connected UPS device

During a forensic investigation, a security analyst discovered that the following command was run on a
compromised host:
crackmapexec smb 192.168.10.232 -u localadmin -H 0A3CE8D07A46E5C51070F03593E0A5E6
Which of the following attacks occurred?


A. Buffer overflow
B. Pass the hash
C. SQL injection
D. Replay attack

Which of the following is a physical security control that ensures only the authorized user is present when
gaining access to a secured area?


A. A biometric scanner
B. A smart card reader
C. A PKI token
D. A PIN pad

A user is having network connectivity issues when working from a coffee shop. The user has used the coffee shop as a workspace for several months without any issues. None of the other customers at the coffee shop are experiencing these issues. A help desk analyst at the user's company reviews the following Wi-Fi log:

Which of the following best describes what is causing this issue?

A. Another customer has configured a rogue access point.
B. The coffee shop network is using multiple frequencies.
C. A denial-of-service attack by disassociation is occurring.
D. An evil twin access point is being utilized.

A security analyst reviews web server logs and notices the following line:

Which of the following vulnerabilities is the attacker trying to exploit?


A. SSRF
B. CSRF
C. XSS
D. SQLi

A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the
following should the analyst include in this documentation? (Choose two).


A. The order of volatility
B. A forensics NDA
C. The provenance of the artifacts
D. The vendor's name
E. The date and time
F. A warning banner

An organization needs to implement more stringent controls over administrator/root credentials and service
accounts. Requirements for the project include:
Check-in/checkout of credentials
The ability to use but not know the password
Automated password changes
Logging of access to credentials
Which of the following solutions would meet the requirements?


A. OAuth 2.0
B. Secure Enclave
C. A privileged access management system
D. An OpenID Connect authentication system

A security analyst is reviewing packet capture data from a compromised host on the network. In the packet
capture, the analyst locates packets that contain large amounts of text. Which of the following is most likely
installed on the compromised host?


A. Keylogger
B. Spyware
C. Trojan
D. Ransomware

A security administrator wants to implement a program that tests a user's ability to recognize attacks over the
organization's email system. Which of the following would be best suited for this task?


A. Social media analysis
B. Annual information security training
C. Gamification
D. Phishing campaign

An employee used a corporate mobile device during a vacation. Multiple contacts were modified in the device
during the employee's vacation. Which of the following attack methods did an attacker use to insert the
contacts without having physical access to the device?


A. Jamming
B. Bluejacking
C. Disassociation
D. Evil twin