Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which type of analysis assigns values to scenarios to see what the outcome might be in each scenario?
A. deterministic
B. exploratory
C. probabilistic
D. descriptive
Answer: D
Q2. Which identifies both the source and destination location?
A. IP address
B. URL
C. ports
D. MAC address
Answer: C
Q3. Which goal of data normalization is true?
A. Reduce data redundancy.
B. Increase data redundancy.
C. Reduce data availability.
D. Increase data availability
Answer: C
Q4. What mechanism does the Linux operating system provide to control access to files?
A. privileges required
B. user interaction
C. file permissions
D. access complexity
Answer: C
Q5. Which regular expression matches "color" and "colour"?
A. col[0-9]+our
B. colo?ur
C. colou?r
D. ]a-z]{7}
Answer: C
Q6. Which information must be left out of a final incident report?
A. server hardware configurations
B. exploit or vulnerability used
C. impact and/or the financial loss
D. how the incident was detected
Answer: B
Q7. Refer to the exhibit. You notice that the email volume history has been abnormally high. Which potential result is true?
A. Email sent from your domain might be filtered by the recipient.
B. Messages sent to your domain may be queued up until traffic dies down.
C. Several hosts in your network may be compromised.
D. Packets may be dropped due to network congestion.
Answer: C
Q8. Which description of a retrospective maKvare detection is true?
A. You use Wireshark to identify the malware source.
B. You use historical information from one or more sources to identify the affected host or file.
C. You use information from a network analyzer to identify the malware source.
D. You use Wireshark to identify the affected host or file.
Answer: B
Q9. Which CVSSv3 Attack Vector metric value requires the attacker to physically touch or manipulate the vulnerable component?
A. local
B. physical
C. network
D. adjacent
Answer: D
Q10. Which element can be used by a threat actor to discover a possible opening into a target network and can also be used by an analyst to determine the protocol of the malicious traffic?
A. TTLs
B. ports
C. SMTP replies
D. IP addresses
Answer: A
Q11. Which data type is protected under the PCI compliance framework?
A. credit card type
B. primary account number
C. health conditions
D. provision of individual care
Answer: C
Q12. Which two components are included in a 5-tuple? (Choose two.)
A. port number
B. destination IP address
C. data packet
D. user name
E. host logs
Answer: B,C
Q13. Which CVSSv3 metric value increases when attacks consume network bandwidth, processor cycles, or disk space?
A. confidentiality
B. integrity
C. availability
D. complexity
Answer: D
Q14. Which regular expression matches "color" and "colour"?
A. col[0-9]+our
B. colo?ur
C. colou?r
D. ]a-z]{7}
Answer: C
Q15. Refer to the Exhibit. A customer reports that they cannot access your organization's website. Which option is a possible reason that the customer cannot access the website?
A. The server at 10.33.1.5 is using up too much bandwidth causing a denial- of-service.
B. The server at 10.67.10.5 has a virus.
C. A vulnerability scanner has shown that 10.67.10.5 has been compromised.
D. Web traffic sent from 10.67.10.5 has been identified as malicious by Internet sensors.
Answer: C