A cybersecurity analyst is currently checking a newly deployed server that has an access control list applied. When conducting the scan, the analyst received the following code snippet of results:

Which of the following describes the output of this scan?

• A.The analyst has discovered a False Positive, and the status code is incorrect providing an OK message.
• B.The analyst has discovered a True Positive, and the status code is incorrect providing a forbidden message.
• C.The analyst has discovered a True Positive, and the status code is correct providing a file not found error message.
• D.The analyst has discovered a False Positive, and the status code is incorrect providing a server error message.

Comment: *

Name: *

Email: *

Verification: *

An organization has a practice of running some administrative services on non-standard ports as a way of frustrating any attempts at reconnaissance. The output of the latest scan on host
192.168.1.13 is shown below:

Which of the following statements is true?

• A.Despite the results of the scan, the service running on port 23 is actually Telnet and not SSH, and creates an additional vulnerability
• B.Running SSH on the Telnet port will now be sent across an unencrypted port.
• C.Remote SSH connections will automatically default to the standard SSH port.
• D.The use of OpenSSH on its default secure port will supersede any other remote connection attempts.
• E.Running SSH on port 23 provides little additional security from running it on the standard port.

Comment: *

Name: *

Email: *

Verification: *

A network attack that is exploiting a vulnerability in the SNMP is detected.
Which of the following should the cybersecurity analyst do FIRST?

• A.Apply the required patches to remediate the vulnerability.
• B.Escalate the incident to senior management for guidance.
• C.Disable all privileged user accounts on the network.
• D.Temporarily block the attacking IP address.

Comment: *

Name: *

Email: *

Verification: *

A Chief Information Security Officer (CISO) is concerned the development team, which consists of contractors, has too much access to customer data. Developers use personal workstations, giving the company little to no visibility into the development activities.
Which of the following would be BEST to implement to alleviate the CISO's concern?

• A.NDA
• B.Test data
• C.DLP
• D.Encryption

Comment: *

Name: *

Email: *

Verification: *

A Chief Executive Officer (CEO) wants to implement BYOD in the environment. Which of the following options should the security analyst suggest to protect corporate data on these devices?
(Choose two.)

• A.Disable near-field communication on the device.
• B.Enable MDM/MAM capabilities.
• C.Disable VPN connectivity on the device.
• D.Disable Bluetooth on the device.
• E.Enable encryption on all devices.
• F.Enable email services on the device.

Comment: *

Name: *

Email: *

Verification: *