An advanced threat emulation engineer is conducting testing against a client's network. The engineer
conducts the testing in as realistic a manner as possible. Consequently, the engineer has been gradually
ramping up the volume of attacks over a long period of time. Which of the following combinations of
techniques would the engineer MOST likely use in this testing? (Choose three.)

• A.Self-assessment
• B.White teaming
• C.Code review
• D.Vulnerability assessment
• E.Pivoting
• F.Black box testing
• G.Social engineering
• H.External auditing
• I.Gray box testing

Comment: *

Name: *

Email: *

Verification: *

Following a merger, the number of remote sites for a company has doubled to 52. The company has decided to secure each remote site with an NGFW to provide web filtering, NIDS/NIPS, and network antivirus. The Chief Information Officer (CIO) has requested that the security engineer provide recommendations on sizing for the firewall with the requirements that it be easy to manage and provide capacity for growth.
The tables below provide information on a subset of remote sites and the firewall options:


Which of the following would be the BEST option to recommend to the CIO?

• A.Vendor C for all remote sites
• B.Vendor C for small remote sites, and Vendor B for large sites.
• C.Vendor D for all remote sites
• D.Vendor A for all remote sites
• E.Vendor B for all remote sites

Comment: *

Name: *

Email: *

Verification: *

A human resources manager at a software development company has been tasked with recruiting personnel for a new cyber defense division in the company. This division will require personnel to have high technology skills and industry certifications. Which of the following is the BEST method for this manager to gain insight into this industry to execute the task?

• A.Interview candidates, attend training, and hire a staffing company that specializes in technology jobs
• B.Interview employees and managers to discover the industry hot topics and trends
• C.Attend meetings with staff, internal training, and become certified in software management
• D.Attend conferences, webinars, and training to remain current with the industry and job requirements

Comment: *

Name: *

Email: *

Verification: *

An online bank has contracted with a consultant to perform a security assessment of the bank's web portal.
The consultant notices the login page is linked from the main page with HTTPS, but when the URL is changed to HTTP, the browser is automatically redirected back to the HTTPS site. Which of the following is a concern for the consultant, and how can it be mitigated?

• A.The consultant is concerned the site is using an older version of the SSL 3.0 protocol that is vulnerable to a variety of attacks. Upgrading the site to TLS 1.0 would mitigate this issue.
• B.The HTTP traffic is vulnerable to network sniffing, which could disclose usernames and passwords to an attacker. The consultant should recommend disabling HTTP on the web server.
• C.A successful MITM attack Could intercept the redirect and use sslstrip to decrypt further HTTPS traffic.
  Implementing HSTS on the web server would prevent this.
• D.XSS could be used to inject code into the login page during the redirect to the HTTPS site. The consultant should implement a WAF to prevent this.

Comment: *

Name: *

Email: *

Verification: *

A systems administrator has installed a disk wiping utility on all computers across the organization and configured it to perform a seven-pass wipe and an additional pass to overwrite the disk with zeros. The company has also instituted a policy that requires users to erase files containing sensitive information when they are no longer needed.
To ensure the process provides the intended results, an auditor reviews the following content from a randomly selected decommissioned hard disk:

Which of the following should be included in the auditor's report based on the above findings?

• A.The disk has been degaussed.
• B.The data represents part of the disk BIOS.
• C.The hard disk contains bad sectors
• D.Sensitive data might still be present on the hard drives.

Comment: *

Name: *

Email: *

Verification: *