Which of the following is a component of a risk assessment?


A. Administrative safeguards
B. Physical security
C. Logical interface
D. DMZ

Why containers are less secure than virtual machines?


A. Host OS on containers has a larger surface attack.
B. Containers are attached to the same virtual network.
C. Containers may fulfill disk space of the host.
D. A compromise container may cause a CPU starvation of the host.

A common cryptographical tool is the use of XOR. XOR the following binary values: 10110001 00111010


A. 10011101
B. 10001011
C. 10111100
D. 11011000

Which of the following statements regarding ethical hacking is incorrect?


A. An organization should use ethical hackers who do not sell vendor hardware/software or other consulting services
B. Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organizations systems
C. Ethical hacking should not involve writing to or modifying the target systems.
D. Testing should be remotely performed offsite.

Which utility will tell you in real time which ports are listening or in another state?


A. Netsat
B. Loki
C. Nmap
D. TCPView

Which security strategy requires using several, varying methods to protect IT systems against attacks?


A. Defense in depth
B. Covert channels
C. Exponential backoff algorithm
D. Three-way handshake

Which of these options is the most secure procedure for storing backup tapes?


A. In a climate controlled facility offsite
B. In a cool dry environment
C. On a different floor in the same building
D. Inside the data center for faster retrieval in a fireproof safe

What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally its made on the providers environment?


A. Behavioral based
B. Heuristics based
C. Honypot based
D. Cloud based

Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits. What type of attack is outlined in the scenario?


A. Heartbeat Attack
B. Spear Phishing Attack
C. Shellshock Attack
D. Watering Hole Attack

You are analyzing a traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs. 192.168.8.0/24. What command you would use?


A. tshark net 192.255.255.255 mask 192.168.8.0
B. wireshark capture local masked 192.168.8.0 range 24
C. sudo tshark f net 192.168.8.0/24
D. wireshark fetch 192.168.8/*