The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:
Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0
Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0
Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0
All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interface's MAC is 00-01-42-32-ab-1a A packet capture shows the following:
09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a (00:01:42:32:ab:1a)
09:08:10.937590 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2305, seq 1, length 65534
09:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2306, seq 2, length 65534
09:08:10.937592 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id 2307, seq 3, length 65534 Which of the following is occurring on the network?

• A.A man-in-the-middle attack is underway on the network.
• B.An ARP flood attack is targeting at the router.
• C.The default gateway is being spoofed on the network.
• D.A denial of service attack is targeting at the router.

Comment: *

Name: *

Email: *

Verification: *

Company XYZ has experienced a breach and has requested an internal investigation be conducted by the IT Department.
Which of the following represents the correct order of the investigation process?

• A.Identification, Preservation, Collection, Examination, Analysis, Presentation.
• B.Collection, Identification, Preservation, Examination, Analysis, Presentation.
• C.Identification, Examination, Preservation, Collection, Analysis, Presentation.
• D.Collection, Preservation, Examination, Identification, Analysis, Presentation.

Comment: *

Name: *

Email: *

Verification: *

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.
The information security team has been a part of the department meetings and come away with the following notes:
Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud- based SaaS application.
Sales is asking for easy order tracking to facilitate feedback to customers.
Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.
Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.
Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.
The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read- only access, kiosk automation, custom fields, and data encryption.
Which of the following departments' request is in contrast to the favored solution?

• A.Manufacturing
• B.Legal
• C.Sales
• D.Quality assurance
• E.Human resources

Comment: *

Name: *

Email: *

Verification: *

A security engineer has been hired to design a device that will enable the exfiltration of data from within a well-defended network perimeter during an authorized test. The device must bypass all firewalls and NIDS in place, as well as allow for the upload of commands from a centralized command and control answer.
The total cost of the device must be kept to a minimum in case the device is discovered during an assessment. Which of the following tools should the engineer load onto the device being designed?

• A.Custom firmware with rotating key generation
• B.Reverse shell endpoint listener
• C.TCP beacon broadcast software
• D.Automatic MITM proxy

Comment: *

Name: *

Email: *

Verification: *

The government is concerned with remote military missions being negatively being impacted by the use of technology that may fail to protect operational security. To remediate this concern, a number of solutions have been implemented, including the following:
* End-to-end encryption of all inbound and outbound communication, including personal email and chat sessions that allow soldiers to securely communicate with families.
* Layer 7 inspection and TCP/UDP port restriction, including firewall rules to only allow TCP port 80 and
443 and approved applications
* A host-based whitelist of approved websites and applications that only allow mission-related tools and sites
* The use of satellite communication to include multiple proxy servers to scramble the source IP address Which of the following is of MOST concern in this scenario?

• A.Malicious actors intercepting inbound and outbound communication to determine the scope of the mission
• B.The effect of communication latency that may negatively impact real-time communication with mission control
• C.The use of centrally managed military network and computers by soldiers when communicating with external parties
• D.Family members posting geotagged images on social media that were received via email from soldiers

Comment: *

Name: *

Email: *

Verification: *