- (Exam Topic 1)
A new plug-and-play storage device was installed on a PC in the corporate environment. Which of the following safeguards will BEST help to protect the PC from malicious files on the storage device?
Correct Answer:
A
The best option that will help to protect the PC from malicious files on the storage device would be A. Change the default settings on the PC. Changing the default settings on the PC can include disabling the autorun or autoplay feature, which can prevent malicious files from executing automatically when the storage device is plugged in. Changing the default settings can also include enabling antivirus software, updating the operating system and applications, and configuring user account control and permissions.
- (Exam Topic 4)
A secondly administration is trying to determine whether a server is vulnerable to a range of attacks After using a tool, the administrator obtains the following output.
Which of the following attacks was successfully implemented based on the output?
Correct Answer:
D
The directory traversal attack was successfully implemented based on the output. The output shows that the administrator used a tool called Nikto, which is a web server scanner that can detect vulnerabilities and misconfigurations3. The output also shows that Nikto found several files and directories that should not be accessible by web users, such as “/etc/passwd”, “/var/log”, “/etc/shadow”, etc. This indicates that the web server or application has a vulnerability that allows an attacker to manipulate the file path and access arbitrary files on the server. This is a type of attack known as directory traversal, which can lead to information disclosure, privilege escalation, or remote code execution.
- (Exam Topic 4)
A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?
Correct Answer:
D
Off boarding is a security practice that involves revoking access rights and privileges from employees who leave an organization or change their roles. Off boarding can help address the issue of successful logon attempts to access the departed executive’s accounts by disabling or deleting their accounts, changing passwords, collecting devices, etc., as soon as they leave the organization.
- (Exam Topic 3)
A company has installed badge readers for building access but is finding unau-thorized individuals roaming the hallways Of the following is the most likely cause?
Correct Answer:
C
Tailgating is a physical security threat that occurs when an unauthorized person follows an authorized person into a restricted area without proper identification or authorization. It can cause unauthorized individuals to roam the hallways after gaining access through badge readers installed for building access.
- (Exam Topic 2)
A company recently added a DR site and is redesigning the network. Users at the DR site are having issues browsing websites.
INSTRUCTIONS
Click on each firewall to do the following:
* 1. Deny cleartext web traffic
* 2. Ensure secure management protocols are used.
* 3. Resolve issues at the DR site.
The ruleset order cannot be modified due to outside constraints.
Hat any time you would like to bring back the initial state of the simulation, please dick the Reset All button.
Solution:
In Firewall 1, HTTP inbound Action should be DENY. As shown below
In Firewall 2, Management Service should be DNS, As shown below.
In Firewall 3, HTTP Inbound Action should be DENY, as shown below
Does this meet the goal?
Correct Answer:
A