Company policy requires that all unsupported operating systems be removed from the network. The security administrator is using a combination of network based tools to identify such systems for the purpose of disconnecting them from the network. Which of the following tools, or outputs from the tools in use, can be used to help the security administrator make an approximate determination of the operating system in use on the local company network? (Select THREE).

• A.Passive banner grabbing
• B.Password cracker
• C.http://www.company.org/documents_private/index.php?search=string#&topic=windows&tcp
  = packet%20capture&cookie=wokdjwalkjcnie61lkasdf2aliser4
• D.443/tcp open http
• E.dig host.company.com
• F.09:18:16.262743 IP (tos 0x0, ttl 64, id 9870, offset 0, flags [none], proto TCP (6), length
  40)
  192.168.1.3.1051 > 10.46.3.7.80: Flags [none], cksum 0x1800 (correct), win 512, length 0
• G.Nmap

Comment: *

Name: *

Email: *

Verification: *

First responders, who are part of a core incident response team, have been working to contain an outbreak of ransomware that also led to data loss in a rush to isolate the three hosts that were calling out to the NAS to encrypt whole directories, the hosts were shut down immediately without investigation and then isolated. Which of the following were missed? (Choose two.)

• A.Essentialinformationneeded to performdatarestoration to a known cleanstate
• B.Indicatorsofcompromiseto determine ransomwareencryption
• C.Chainofcustodyinformationneeded forinvestigation
• D.CPU,processstatetables,andmain memorydumps
• E.Temporaryfilesystemandswapspace

Comment: *

Name: *

Email: *

Verification: *

A systems administrator establishes a CIFS share on a UNIX device to share data to Windows systems. The security authentication on the Windows domain is set to the highest level. Windows users are stating that they cannot authenticate to the UNIX share. Which of the following settings on the UNIX server would correct this problem?

• A.Refuse LM and only accept NTLMv2
• B.Accept only LM
• C.Refuse NTLMv2 and accept LM
• D.Accept only NTLM

Comment: *

Name: *

Email: *

Verification: *

A corporation with a BYOO policy is very concerned about issues that may arise from data ownership. The corporation is investigating a new MOM solution and has gathered the following requirements as part of the requirements-gathering phase
* Each device must be issued a secure token of trust from the corporate PKl
* Al corporate applications and local data must be able to be deleted from a central console.
* Access to corporate data must be restricted on international travel
* Devices must be on the latest OS version within three weeks of an OS release Which of the following should be features in the new MDM solution to meet these requirements? (Select TWO)

• A.Application-based containerization
• B.Application allow listing
• C.Over-the-air update restriction
• D.Biometric requirement to unlock device
• E.Enforced full-device encryption
• F.Geofencing

Comment: *

Name: *

Email: *

Verification: *

A company wants to implement a cloud-based security solution that will sinkhole malicious DNS requests.
The security administrator has implemented technical controls to direct DNS requests to the cloud servers but wants to extend the solution to all managed and unmanaged endpoints that may have user-defined DNS manual settings Which of the following should the security administrator implement to ensure the solution will protect all connected devices?
A) Implement firewall ACLs as follows

B) Implement NAT as follows:

C) Implement DHCP options as follows:

D) Implement policy routing as follows:

• A.Option B
• B.Option D
• C.Option C
• D.Option A

Comment: *

Name: *

Email: *

Verification: *