Question 21
A recent audit has uncovered several coding errors and a lack of input validation being used on a public portal. Due to the nature of the portal and the severity of the errors, the portal is unable to be patched. Which of the following tools could be used to reduce the risk of being compromised?
Question 22
A security analyst is reviewing packet captures to determine the extent of success during an attacker's reconnaissance phase following a recent incident.
The following is a hex and ASCII dump of one such packet:
Which of the following BEST describes this packet?
Question 23
While reviewing proxy logs, the security analyst noticed a suspicious traffic pattern. Several internal hosts
were observed communicating with an external IP address over port 80 constantly. An incident was
declared, and an investigation was launched. After interviewing the affected users, the analyst determined
the activity started right after deploying a new graphic design suite. Based on this information, which of the
following actions would be the appropriate NEXT step in the investigation?
Question 24
Company A's security policy states that only PKI authentication should be used for all SSH accounts. A security analyst from Company A is reviewing the following auth.log and configuration settings:
Which of the following changes should be made to the following sshd_config file to establish compliance with the policy?
Question 25
A cybersecurity analyst traced the source of an attack to compromised user credentials. Log analysis revealed that the attacker successfully authenticated from an unauthorized foreign country.
Management asked the security analyst to research and implement a solution to help mitigate attacks based on compromised passwords. Which of the following should the analyst implement?