1072 お客様のコメント
質問 1:
Before re-assigning a computer to a new employee, what data security technique does the IT department use to make sure no data is left behind by the previous user?
A. Baselining
B. Wiping
C. Fingerprinting
D. Digital watermarking
正解:B
質問 2:
How does data classification help protect against data loss?
A. Digital watermarks can be applied to sensitive data
B. DLP systems require classification in order to protect data
C. Data at rest is easier to protect than data in transit
D. Resources and controls can be appropriately allocated
正解:B
質問 3:
Which of the following attacks would use ".." notation as part of a web request to access restricted files and directories, and possibly execute code on the web server?
A. IDS evasion
B. SQL injection
C. Cross site scripting
D. HTTP header attack
E. URL directory
正解:E
質問 4:
The security team wants to detect connections that can compromise credentials by sending them in plaintext across the wire. Which of the following rules should they enable on their IDS sensor?
A. alert udp any any <> any 5060 (msg:VOIP message; classtype:misc-attack;sid:113; rev:2;)
B. alert tcp any any <> any 6000: (msg:X-Windows session; flow:from_server,established;nocase;classtype:misc-attack;sid:101;rev:1;)
C. alert tcp any 23 <> any 23 (msg:Telnet shell; class type:misc-attack;sid:100; rev:1;)
D. alert tcp any 22 <> any 22 (msg:SSH connection; class type:misc-attack;sid: 122:rev:1;)
正解:C
質問 5:
In order to determine if network traffic adheres to expected usage and complies with technical standards, an organization would use a device that provides which functionality?
A. CRC checking
B. Stateful packet filtering
C. Protocol anomaly detection
D. Signature matching
E. Forward error correction
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
What piece of information would be recorded by the first responder as part of the initial System Description?
A. System serial number
B. Hash of each hard drive
C. List of system directories
D. Copies of log files
正解:A
質問 7:
To detect worms and viruses buried deep within a network packet payload, Gigabytes worth of traffic content entering and exiting a network must be checked with which of the following technologies?
A. Irregular expression matching
B. Object matching
C. Packet matching
D. Signature matching
E. Proxy matching
正解:C
質問 8:
What should happen before acquiring a bit-for-bit copy of suspect media during incident response?
A. Encrypt the original media to protect the data
B. Decrypt the original media
C. Create a one-way hash of the original media
D. Decompress files on the original media
正解:C
質問 9:
Which control would BEST help detect a potential insider threat?
A. Requiring more than one employee to be trained on each task or job duty.
B. Providing the same access to all employees and monitoring sensitive file access.
C. Multiple scheduled log reviews of all employee access levels throughout the year
D. Mandatory approval process for executive and administrative access requests.
正解:D
Before re-assigning a computer to a new employee, what data security technique does the IT department use to make sure no data is left behind by the previous user?
A. Baselining
B. Wiping
C. Fingerprinting
D. Digital watermarking
正解:B
質問 2:
How does data classification help protect against data loss?
A. Digital watermarks can be applied to sensitive data
B. DLP systems require classification in order to protect data
C. Data at rest is easier to protect than data in transit
D. Resources and controls can be appropriately allocated
正解:B
質問 3:
Which of the following attacks would use ".." notation as part of a web request to access restricted files and directories, and possibly execute code on the web server?
A. IDS evasion
B. SQL injection
C. Cross site scripting
D. HTTP header attack
E. URL directory
正解:E
質問 4:
The security team wants to detect connections that can compromise credentials by sending them in plaintext across the wire. Which of the following rules should they enable on their IDS sensor?
A. alert udp any any <> any 5060 (msg:VOIP message; classtype:misc-attack;sid:113; rev:2;)
B. alert tcp any any <> any 6000: (msg:X-Windows session; flow:from_server,established;nocase;classtype:misc-attack;sid:101;rev:1;)
C. alert tcp any 23 <> any 23 (msg:Telnet shell; class type:misc-attack;sid:100; rev:1;)
D. alert tcp any 22 <> any 22 (msg:SSH connection; class type:misc-attack;sid: 122:rev:1;)
正解:C
質問 5:
In order to determine if network traffic adheres to expected usage and complies with technical standards, an organization would use a device that provides which functionality?
A. CRC checking
B. Stateful packet filtering
C. Protocol anomaly detection
D. Signature matching
E. Forward error correction
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
What piece of information would be recorded by the first responder as part of the initial System Description?
A. System serial number
B. Hash of each hard drive
C. List of system directories
D. Copies of log files
正解:A
質問 7:
To detect worms and viruses buried deep within a network packet payload, Gigabytes worth of traffic content entering and exiting a network must be checked with which of the following technologies?
A. Irregular expression matching
B. Object matching
C. Packet matching
D. Signature matching
E. Proxy matching
正解:C
質問 8:
What should happen before acquiring a bit-for-bit copy of suspect media during incident response?
A. Encrypt the original media to protect the data
B. Decrypt the original media
C. Create a one-way hash of the original media
D. Decompress files on the original media
正解:C
質問 9:
Which control would BEST help detect a potential insider threat?
A. Requiring more than one employee to be trained on each task or job duty.
B. Providing the same access to all employees and monitoring sensitive file access.
C. Multiple scheduled log reviews of all employee access levels throughout the year
D. Mandatory approval process for executive and administrative access requests.
正解:D
Hyuuga -
最重要用語や問題傾向を掲載しているから気に入ってます。とても読みやすくて5日で読み終わることができました。