A security analyst is concerned about traffic initiated to the dark web from the corporate LAN. Which of the
following networks should the analyst monitor?


A. SFTP
B. AIS
C. Tor
D. IoC

A company wants to deploy PKI on its internet-facing website. The applications that are currently deployed are:
www.company.com (main website)
contactus.company.com (for locating a nearby location)
quotes.company.com (for requesting a price quote)
The company wants to purchase one SSL certificate that will work for all the existing applications and any future
applications that follow the same naming conventions, such as store.company.com. Which of the following
certificate types would BEST meet the requirements?


A. SAN
B. Wildcard
C. Extended validation
D. Self-signed

A security administrator is working on a solution to protect passwords stored in a database against rainbow
table attacks. Which of the following should the administrator consider?


A. Hashing
B. Salting
C. Lightweight cryptography
D. Steganography

A third party asked a user to share a public key for secure communication. Which of the following file formats
should the user choose to share the key?


A. .pfx
B. .csr
C. .pvk
D. .cer

A host was infected with malware. During the incident response, Joe, a user, reported that he did not receive
any emails with links, but he had been browsing the internet all day. Which of the following would MOST likely
show where the malware originated?


A. The DNS logs
B. The web server logs
C. The SIP traffic logs
D. The SNMP logs

A security administrator is seeking a solution to prevent unauthorized access to the internal network. Which of
the following security solutions should the administrator choose?


A. MAC filtering
B. Anti-malware
C. Translation gateway
D. VPN

Which of the following would MOST likely be identified by a credentialed scan but would be missed by an
uncredentialed scan?


A. Vulnerabilities with a CVSS score greater than 6.9.
B. Critical infrastructure vulnerabilities on non-IP protocols.
C. CVEs related to non-Microsoft systems such as printers and switches.
D. Missing patches for third-party software on Windows workstations and servers.

Which of the following BEST describes the team that acts as a referee during a penetration-testing exercise?


A. White team
B. Purple team
C. Green team
D. Blue team
E. Red team

An organization's Chief Information Security Officer is creating a position that will be responsible for
implementing technical controls to protect data, including ensuring backups are properly maintained. Which of
the following roles would MOST likely include these responsibilities?


A. Data protection officer
B. Data owner
C. Backup administrator
D. Data custodian
E. Internal auditor

A security engineer obtained the following output from a threat intelligence source that recently performed an attack on the company's server:

Which of the following BEST describes this kind of attack?

A. Directory traversal
B. SQL injection
C. API
D. Request forgery