An analyst generates the following color-coded table shown in the exhibit to help explain the risk of potential incidents in the company. The vertical axis indicates the likelihood or an incident, while the horizontal axis indicates the impact.

Which of the following is this table an example of?

• A.Internal threat assessment
• B.Qualitative risk assessment
• C.Supply chain assessment
• D.Privacy impact assessment

Comment: *

Name: *

Email: *

Verification: *

An organization wants to implement a method to correct risks at the system/application layer. Which of the following is the BEST method to accomplish this goal?

• A.IP tunneling
• B.IDS/IPS
• C.Patch management
• D.Web application firewall

Comment: *

Name: *

Email: *

Verification: *

An auditor wants to test the security posture of an organization by running a tool that will display the following:

Which of the following commands should be used?

• A.arp
• B.ipconfig
• C.nc
• D.nbtstat

Comment: *

Name: *

Email: *

Verification: *

Which of the following methods minimizes the system interaction when gathering information to conduct a vulnerability assessment of a router?

• A.Run a credentialed scan.
• B.Download the configuration
• C.Change the routing to bypass the router.
• D.Conduct the assessmenet during downtime

Comment: *

Name: *

Email: *

Verification: *

A system's administrator has finished configuring firewall ACL to allow access to a new web server.

The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server:

The company's internal auditor issues a security finding and requests that immediate action be taken. With which of the following is the auditor MOST concerned?

• A.Implicit deny
• B.Clear text credentials
• C.Default configuration
• D.Misconfigured firewall

Comment: *

Name: *

Email: *

Verification: *