Which of the following attacks specifically impacts data availability?

• A.DDoS
• B.Trojan
• C.MITM
• D.Rootkit

Comment: *

Name: *

Email: *

Verification: *

A forensic analyst is asked to respond to an ongoing network attack on a server. Place the items in the list below in the correct order in which the forensic analyst should preserve them.

Correct Answer:

Explanation

When dealing with multiple issues, address them in order of volatility (OOV); always deal with the most volatile first. Volatility can be thought of as the amount of time that you have to collect certain data before a window of opportunity is gone. Naturally, in an investigation you want to collect everything, but some data will exist longer than others, and you cannot possibly collect all of it once. As an example, the OOV in an investigation may be RAM, hard drive data, CDs/DVDs, and printouts.
Order of volatility: Capture system images as a snapshot of what exists, look at network traffic and logs, capture any relevant video/screenshots/hashes, record time offset on the systems, talk to witnesses, and track total man-hours and expenses associated with the investigation.

Comment: *

Name: *

Email: *

Verification: *

Which of the following reasons would explain why a vulnerability scanner is reporting a false negative? (Select TWO)

• A.The target's IDS is blocking the scanner
• B.The scanner reporting system is unavailable.
• C.The vulnerability scanner's definitions file is out of date
• D.The system was fully patched
• E.The vulnerability is present on the target system
• F.The vulnerability scanner's license limits were exceeded

Comment: *

Name: *

Email: *

Verification: *

Joe recently assumed the role of data custodian for this organization. While cleaning out an unused storage safe, he discovers several hard drives that are labeled "unclassified" and awaiting destruction. The hard drives are obsolete and cannot be installed in any of his current computing equipment. Which of the following is the BEST method for disposing of the hard drives?

• A.Wiping
• B.Purging
• C.Burning
• D.Pulverizing

Comment: *

Name: *

Email: *

Verification: *

A systems administrator recently issued a public/private key pair that will be used tor the company's DNSSEC implementation Which of the following configurations should the systems administrator implement NEXT?

• A.Point the OS record to the company authoritative servers
• B.instant private key using the RRSIG record
• C.Add TCP port 443 to the DNS listener
• D.Create DNSKEY resources with the public key.

Comment: *

Name: *

Email: *

Verification: *