On which of the following organizational resources is the lack of an enabled password or PIN a common vulnerability?

• A.VDI systems
• B.VPNs
• C.Mobile devices
• D.Enterprise server Oss
• E.VoIP phones

Comment: *

Name: *

Email: *

Verification: *

An analyst has initiated an assessment of an organization's security posture. As a part of this review, the analyst would like to determine how much information about the organization is exposed externally. Which of the following techniques would BEST help the analyst accomplish this goal? (Select two.)

• A.Fingerprinting
• B.Banner grabbing
• C.Internet searches
• D.DNS query log reviews
• E.Technical control audits
• F.Intranet portal reviews
• G.Sourcing social network sites

Comment: *

Name: *

Email: *

Verification: *

During a routine network scan, a security administrator discovered an unidentified service running on a new embedded and unmanaged HVAC controller, which is used to monitor the company's datacenter:

The enterprise monitoring service requires SNMP and SNMPTRAP connectivity to operate. Which of the following should the security administrator implement to harden the system?

• A.Disable TCP/UDP ports 161 through 163.
• B.Patch and restart the unknown service.
• C.Implement SNMPv3 to secure communication.
• D.Disable the unidentified service on the controller.
• E.Segment and firewall the controller's network.

Comment: *

Name: *

Email: *

Verification: *

A centralized tool for organizing security events and managing their response and resolution is known as:

• A.SIEM
• B.HIPS
• C.Syslog
• D.Wireshark

Comment: *

Name: *

Email: *

Verification: *

After running a packet analyzer on the network, a security analyst has noticed the following output:

Which of the following is occurring?

• A.A port scan
• B.A service discovery
• C.A ping sweep
• D.A network map

Comment: *

Name: *

Email: *

Verification: *