A cybersecurity administrator needs to add disk redundancy for a critical server. The solution must have a two-drive failure for better fault tolerance.
Which of the following RAID levels should the administrator select?

• A.0
• B.1
• C.5
• D.6

Comment: *

Name: *

Email: *

Verification: *

Which of the following types of controls is a CCTV camera that is not being monitored?

• A.Preventive
• B.Deterrent
• C.Physical
• D.Detective

Comment: *

Name: *

Email: *

Verification: *

Security analysts notice a server login from a user who has been on vacation for two weeks The analysts confirm that the user did not log in to the system while on vacation After reviewing packet capture logs, the analysts notice the following:

Which of the following occurred?

• A.The user's account was compromised, and an attacker changed the login credentials
• B.A buffer overflow was exploited to gain unauthorized access
• C.An attacker used a pass-the-hash attack to gain access
• D.An insider threat with username smithJA logged in to the account

Comment: *

Name: *

Email: *

Verification: *

You are security administrator investigating a potential infection on a network.
Click on each host and firewall. Review all logs to determine which host originated the Infecton and then deny each remaining hosts clean or infected.

Correct Answer:

Explanation

Based on the logs, it seems that the host that originated the infection is 192.168.10.22. This host has a suspicious process named svchost.exe running on port 443, which is unusual for a Windows service. It also has a large number of outbound connections to different IP addresses on port 443, indicating that it is part of a botnet.
The firewall log shows that this host has been communicating with 10.10.9.18, which is another infected host on the engineering network. This host also has a suspicious process named svchost.exe running on port 443, and a large number of outbound connections to different IP addresses on port 443.
The other hosts on the R&D network (192.168.10.37 and 192.168.10.41) are clean, as they do not have any suspicious processes or connections.

Comment: *

Name: *

Email: *

Verification: *

During a security audit of a company's network, unsecure protocols were found to be in use.
A network administrator wants to ensure browser-based access to company switches is using the most secure protocol. Which of the following protocols should be implemented?

• A.SSL1.3
• B.TLS1.2
• C.SNMPv3
• D.SSH2

Comment: *

Name: *

Email: *

Verification: *