An attacker has exfiltrated the SAM file from a Windows workstation. Which of the following attacks is MOST likely being perpetrated?
An incident responder has captured packets associated with malware. The source port is 8765 and the destination port is 7653. Which of the following commands should be used on the source computer to help determine which program is responsible for the connection?
When determining the threats/vulnerabilities to migrate, it is important to identify which are applicable. Which of the following is the FIRST step to determine applicability?
An alert on user account activity outside of normal business hours returns Windows even IDs 540 and 4624. In which of the following locations will these events be found?
A file is discovered in the /etc directory of an internal server by an automated file integrity checker. A security analyst determines the file is a bash script. The contents are as follows:
---
#/bin/bash
IFS=:
[[-f/etc/passwd]] && cat/etc/passwd |
while read a b c d e f g
do
echo “$e ($a)”
done
---
Which of the following was the author of the script attempting to gather?
Which of the following types of logs is shown below, and what can be discerned from its contents?
2015-07-19 12:33:31 reject UDP 146.64.21.212 192.141.173.72 1234 80
2015-07-19 12:33:31 reject UDP 166.32.22.12 192.141.173.72 1234 80
2015-07-19 12:33:31 reject UDP 123.56.71.145 192.141.173.72 1234 80
2015-07-19 12:33:31 reject UDP 146.64.21.212 192.141.173.72 1234 80
2015-07-19 12:33:32 reject UDP 166.32.22.12 192.141.173.72 1234 80
2015-07-19 12:33:32 reject UDP 123.56.71.145 192.141.173.72 1234 80
2015-07-19 12:33:32 reject UDP 146.64.21.212 192.141.173.72 1234 80
2015-07-19 12:33:33 reject UDP 166.32.22.12 192.141.173.72 1234 80
2015-07-19 12:33:33 reject UDP 123.56.71.145 192.141.173.72 1234 80
2015-07-19 12:33:33 reject UDP 146.64.21.212 192.141.173.72 1234 80
2015-07-19 12:33:34 reject UDP 166.32.22.12 192.141.173.72 1234 80
2015-07-19 12:33:34 reject UDP 123.56.71.145 192.141.173.72 1234 80
2015-07-19 12:33:34 reject UDP 146.64.21.212 192.141.173.72 1234 80
2015-07-19 12:33:35 reject UDP 166.32.22.12 192.141.173.72 1234 80
2015-07-19 12:33:35 reject UDP 123.56.71.145 192.141.173.72 1234 80
An attacker has decided to attempt a brute force attack on a UNIX server. In order to accomplish this, which of the following steps must be performed?
The Chief Information Officer (CIO) of a company asks the incident responder to update the risk management plan. Which of the following methods can BEST help the incident responder identify the risks that require in-depth analysis?
Which of the following describes pivoting?
An incident responder needs to quickly locate specific data in a large data repository. Which of the following Linux tool should be used?
PDF + Testing Engine
|
---|
$57.75 |
Testing Engine
|
---|
$43.75 |
PDF (Q&A)
|
---|
$36.75 |
Logical Operations Free Exams |
---|
|