An information security officer is responsible for one secure network and one office network. Recent intelligence suggests there is an opportunity for attackers to gain access to the secure network due to similar login credentials across networks. To determine the users who should change their information, the information security officer uses a tool to scan a file with hashed values on both networks and receives the following data:

Which of the following tools was used to gather this information from the hashed values in the file?

• A.Password cracker
• B.MD5 generator
• C.Fuzzer
• D.Vulnerability scanner
• E.Protocol analyzer

Comment: *

Name: *

Email: *

Verification: *

The Chief Financial Officer (CFO) of an organization wants the IT department to add the CFO's account to the domain administrator group The IT department thinks this is risky and wants support from the security manager before proceeding. Which of the following BEST supports the argument against providing the CFO with domain administrator access?

• A.Separation of duties
• B.Discretionary access control
• C.Data classification
• D.Mandatory access control

Comment: *

Name: *

Email: *

Verification: *

A company has decided to lower costs by conducting an internal assessment on specific devices and various internal and external subnets. The assessment will be done during regular office hours, but it must not affect any production servers. Which of the following would MOST likely be used to complete the assessment? (Select two.)

• A.Black-box penetration testing
• B.Agent-based vulnerability scan
• C.Malware sandboxing
• D.Configuration review
• E.Tabletop exercise
• F.Social engineering

Comment: *

Name: *

Email: *

Verification: *

An organization has recently deployed an EDR solution across its laptops, desktops, and server infrastructure. The organization's server infrastructure is deployed in an IaaS environment. A database within the non-production environment has been misconfigured with a routable IP and is communicating with a command and control server.
Which of the following procedures should the security responder apply to the situation? (Choose two.)

• A.Contain the server.
• B.Initiate a legal hold.
• C.Perform a risk assessment.
• D.Determine the data handling standard.
• E.Disclose the breach to customers.
• F.Perform an IOC sweep to determine the impact.

Comment: *

Name: *

Email: *

Verification: *

A manufacturing company's security engineer is concerned a remote actor may be able to access the ICS that is used to monitor the factory lines. The security engineer recently proposed some techniques to reduce the attack surface of the ICS to the Chief Information Security Officer (CISO). Which of the following would BEST track the reductions to show the CISO the engineer's plan is successful during each phase?

• A.Contracting a third-party auditor after the project is finished
• B.Running frequent vulnerability scans during the project
• C.Performing pre- and post-implementation penetration tests
• D.Conducting tabletop exercises to evaluate system risk

Comment: *

Name: *

Email: *

Verification: *