The Chief Information Officer (CISO) is concerned that certain systems administrators will privileged access may be reading other user's emails. Review of a tool's output shows the administrators have used web mail to log into other users' inboxes.
Which of the following tools would show this type of output?

• A.File integrity monitoring tool
• B.Password cracker
• C.Log analysis tool
• D.Command-line tool

Comment: *

Name: *

Email: *

Verification: *

A company's Chief Operating Officer (COO) is concerned about the potential for competitors to infer proprietary information gathered from employees' social media accounts.
Which of the following methods should the company use to gauge its social media threat level without targeting individual employees?

• A.Utilize insider threat consultants to provide expertise.
• B.Leverage Big Data analytical algorithms.
• C.Perform social engineering tests to evaluate employee awareness.
• D.Require that employees divulge social media accounts.

Comment: *

Name: *

Email: *

Verification: *

A human resources manager at a software development company has been tasked with recruiting personnel for a new cyber defense division in the company. This division will require personnel to have high technology skills and industry certifications. Which of the following is the BEST method for this manager to gain insight into this industry to execute the task?

• A.Interview candidates, attend training, and hire a staffing company that specializes in technology jobs
• B.Interview employees and managers to discover the industry hot topics and trends
• C.Attend meetings with staff, internal training, and become certified in software management
• D.Attend conferences, webinars, and training to remain current with the industry and job requirements

Comment: *

Name: *

Email: *

Verification: *

The helpdesk is receiving multiple calls about slow and intermittent Internet access from the finance department. The following information is compiled:
Caller 1, IP 172.16.35.217, NETMASK 255.255.254.0
Caller 2, IP 172.16.35.53, NETMASK 255.255.254.0
Caller 3, IP 172.16.35.173, NETMASK 255.255.254.0
All callers are connected to the same switch and are routed by a router with five built-in interfaces. The upstream router interface's MAC is 00-01-42-32-ab-1a A packet capture shows the following:
09:05:15.934840 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a
(00:01:42:32:ab:1a)
09:06:16.124850 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a
(00:01:42:32:ab:1a)
09:07:25.439811 arp reply 172.16.34.1 is-at 00:01:42:32:ab:1a
(00:01:42:32:ab:1a)
09:08:10.937590 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id
2305, seq 1, length 65534
09:08:10.937591 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id
2306, seq 2, length 65534
09:08:10.937592 IP 172.16.35.1 > 172.16.35.255: ICMP echo request, id
2307, seq 3, length 65534
Which of the following is occurring on the network?

• A.A man-in-the-middle attack is underway on the network.
• B.An ARP flood attack is targeting at the router.
• C.The default gateway is being spoofed on the network.
• D.A denial of service attack is targeting at the router.

Comment: *

Name: *

Email: *

Verification: *

In a situation where data is to be recovered from an attacker's location, which of the following are the FIRST things to capture? (Select TWO).

• A.Removable media
• B.Passwords written on scrap paper
• C.Snapshots of data on the monitor
• D.Documents on the printer
• E.Volatile system memory
• F.System hard drive

Comment: *

Name: *

Email: *

Verification: *