Q1. Which technique is used to evade detection from security products by executing arbitrary code in the address space of a separate live operation?
A.process injection
B. privilege escalation
C. GPO modification
D. token manipulation
Correct Answer: A
Q2. An organization recovered from a recent ransomware outbreak that resulted in significant business damage. Leadership requested a report that identifies the problems that triggered the incident and the security team's approach to address these problems to prevent a reoccurrence. Which components of the incident should an engineer analyze first for this report?
A.impact and flow
B. cause and effect
C. risk and RPN
D. motive and factors
Correct Answer: D
Q3. An ''unknown error code'' is appearing on an ESXi host during authentication. An engineer checks the authentication logs but is unable to identify the issue. Analysis of the vCenter agent logs shows no connectivity errors. What is the next log file the engineer should check to continue troubleshooting this error?
A./var/log/syslog.log
B. /var/log/vmksummary.log
C. var/log/shell.log
D. var/log/general/log
Correct Answer: A
Q4. A network host is infected with malware by an attacker who uses the host to make calls for files and shuttle traffic to bots. This attack went undetected and resulted in a significant loss. The organization wants to ensure this does not happen in the future and needs a security solution that will generate alerts when command and control communication from an infected device is detected. Which network security solution should be recommended?
A.Cisco Secure Firewall ASA
B. Cisco Secure Firewall Threat Defense (Firepower)
C. Cisco Secure Email Gateway (ESA)
D. Cisco Secure Web Appliance (WSA)
Correct Answer: B
$ 39
Reviews
There are no reviews yet.