Which of the following vulnerabilities can lead to unexpected system behavior, including the bypassing of security controls, due to differences between the time of commitment and the time of execution?
A. Race condition
B. DLL injection
C. Buffer overflow
D. Pointer dereference
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
A company help desk as received several reports that employees have experienced identify theft and compromised accounts. This occurred several days after receiving an email asking them to update their personal bank information. Which of the following is a vulnerability that has been exploited?
A. Untrained users
B. Phishing
C. Trojan horses
D. Forged certificates
E. Improperly configured accounts
正解:A
質問 3:
A highly complex password policy has made it nearly impossible to crack account passwords. Which of the following might a hacker still be able to perform?
A. Brute-force attack
B. Pass-the-hash attack
C. ARP poisoning attack
D. Birthday attack
正解:B
質問 4:
A new PKI is being built at a company, but the network administrator has concerns about spikes of traffic occurring twice a day due to clients checking the status of the certificates. Which of the following should be implemented to reduce the spikes in traffic?
A. OCSP
B. OID
C. SAN
D. CRL
正解:A
質問 5:
A user's laptop is experiencing general slowness following the user's return from an extended time out of the office. After a week, the security team looks at the laptop, but nothing appears out of order. The only noticeable issue is that svchost.exe keeps launching even after the security team kills the process. After running netstat, the team notes svchost.exe is listening on port 443. Using an IoC creation tool, a security analyst does the following:
OR--
AND AND
file MD5 contains adf321122abce28873aad3e12f262a12c
PROCESS name contains svchost.exe PROCESS arguments does not contain -k fiLENAME contains svchost.exe fiLE DIRECTORY is not %system32% Based on the IoCs created and the netstat output, which of the following types of malware is present?
A. Rootkit
B. Crypto-malware
C. Logic bomb
D. Backdoor
正解:A
質問 6:
A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Select Two)
A. Scan for rogue access points.
B. Perform a site survey.
C. Install a captive portal
D. Upgrade the security protocols.
E. Create a heat map.
F. Deploy an FTK Imager.
正解:A,B
質問 7:
A user loses a COPE device. Which of the following should the user do NEXT to protect the data on the device?
A. Report the loss to authorities
B. Identify files that are potentially missing on the device.
C. Check with corporate physical security for the device.
D. Call the company help desk to remotely wipe the device.
正解:D