Which of the following defines the extent to which an interruption affects normal business operations and the amount of revenue lost due to that interruption?
Which command is used to change the permissions of a file or directory?
John, a network administrator, is configuring Amazon EC2 cloud service for his organization. Identify the type of cloud service modules his organization adopted.
Identify the type of event that is recorded when an application driver loads successfully in Windows.
Based on which of the following registry key, the Windows Event log audit configurations are recorded?
A.HKEY_LOCAL_MACHINE\SYSTEM\Services\EventLog\ < ErrDev >
B.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\EventLog\ < EntAppsvc >
C.HKEY_LOCAL_MACHINE\CurrentControlSet\Services\EventLog\< ESENT >
D.HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\ < Event Log >
Which of the following is an example of MAC model?
A.Chinese Waterfall model
B.Clark-Beason integrity model
C.Access control matrix model
How can a WAF validate traffic before it reaches a web application?
A.It uses a role-based filtering technique
B.It uses an access-based filtering technique
C.It uses a sandboxing filtering technique
D.It uses a rule-based filtering technique
Jason has set a firewall policy that allows only a specific list of network services and denies everything else. This strategy is known as a ____________.
Which of the following things need to be identified during attack surface visualization?
A.Attacker's tools, techniques, and procedures
B.Authentication, authorization, and auditing in networks
C.Regulatory frameworks, standards and, procedures for organizations
D.Assets, topologies, and policies of the organization
John is a senior network security administrator working at a multinational company. He wants to block specific syscalls from being used by container binaries. Which Linux kernel feature restricts actions within the container?
Which of the following is not part of the recommended first response steps for network defenders?
A.Restrict yourself from doing the investigation
B.Extract relevant data from the suspected devices as early as possible
C.Disable virus protection
D.Do not change the state of the suspected device
Which among the following tools can help in identifying IoEs to evaluate human attack surface?
In ______ method, event logs are arranged in the form of a circular buffer.
Which of the following indicators refers to potential risk exposures that attackers can use to breach the security of an organization?
A.Indicators of attack
B.Key risk indicators
C.Indicators of exposure
D.Indicators of compromise
Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system?
C.Internet zone rule
Which of the following helps prevent executing untrusted or untested programs or code from untrusted or unverified third-parties?
B.Deployment of WAFS
Who is an IR custodian?
A.An individual responsible for conveying company details after an incident
B.An individual who receives the initial IR alerts and leads the IR team in all the IR activities
C.An individual who makes a decision on the classifications and the severity of the incident identified
D.An individual responsible for the remediation and resolution of the incident that occurred
Which of the following attack surface increase when you keep USB ports enabled on your laptop unnecessarily?
A.Human attack surface
B.Network attack surface
C.Physical attack surface
D.Software attack surface
Which among the following filter is used to detect a SYN/FIN attack?
In _______ mechanism, the system or application sends log records either on the local disk or over the network.
Choose the correct order of steps to analyze the attack surface.
A.Identify the indicators of exposure->visualize the attack surface->simulate the attack->reduce the attack surface
B.Visualize the attack surface->simulate the attack->identify the indicators of exposure->reduce the attack surface
C.Identify the indicators of exposure->simulate the attack->visualize the attack surface->reduce the attack surface
D.Visualize the attack surface->identify the indicators of exposure->simulate the attack->reduce the attack surface
To provide optimum security while enabling safe/necessary services, blocking known dangerous services, and making employees accountable for their online activity, what Internet Access policy would Brian, the network administrator, have to choose?
Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which of the following script execution policy setting this?
Fargo, head of network defense at Globadyne Tech, has discovered an undesirable process in several Linux systems, which causes machines to hang every 1 hour. Fargo would like to eliminate it; what command should he execute?
A.# update-rc.d -f [service name] remove
B.# service [service name] stop
C.# ps ax | grep [Target Process]
D.# kill -9 [PID]
Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden's organization.
Albert works as a Windows system administrator at an MNC. He uses PowerShell logging to identify any suspicious scripting activity across the network. He wants to record pipeline execution details as PowerShell executes, including variable initialization and command invocations. Which PowerShell logging component records pipeline execution details as PowerShell executes?
B.Script block logging
Sophie has been working as a Windows network administrator at an MNC over the past 7 years. She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie to do so?
A.Get-WindowsOptionalFeatures -Online -FeatureNames SMB1Protocol
B.Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol
C.Get-WindowsOptionalFeature -Online -FeatureNames SMB1Protocol
D.Get-WindowsOptionalFeatures -Online -FeatureName SMB1Protocol
How is an "attack" represented?
A.Motive (goal) + method
B.Motive (goal) + method + vulnerability
C.Asset + Threat + Vulnerability
D.Asset + Threat
Identify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware.
B.Storage device virtualization
D.File system virtualization
Steven is a Linux system administrator at an IT company. He wants to disable unnecessary services in the system, which can be exploited by the attackers. Which among the following is the correct syntax for disabling a service?
A.$ sudo system-ctl disable [service]
B.$ sudo systemctl disable [service]
C.$ sudo system.ctl disable [service]
D.$ sudo system ctl disable [service]
Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?
2021 Latest Braindump2go 312-38 PDF and 312-38 VCE Dumps Free Share: