The safer , easier way to help you pass any IT exams.
1 / 12
1.Which of the following will MOST likely adversely impact the operations of unpatched traditional
programmable-logic controllers, running a back-end LAMP server and OT systems with
human-management interfaces that are accessible over the Internet via a web interface? (Choose two.)
A. Cross-site scripting
B. Data exfiltration
C. Poor system logging
D. Weak encryption
E. SQL injection
F. Server-side request forgery
2.A small business just recovered from a ransomware attack against its file servers by purchasing the
decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator
wants to ensure it does not happen again.
Which of the following should the IT administrator do FIRST after recovery?
A. Scan the NAS for residual or dormant malware and take new daily backups that are tested on a frequent
B. Restrict administrative privileges and patch ail systems and applications.
C. Rebuild all workstations and install new antivirus software
D. Implement application whitelisting and perform user application hardening
3.An attacked is attempting to exploit users by creating a fake website with the URL www.validwebsite.com.
The attacker's intent is to imitate the look and feel of a legitimate website to obtain personal information
from unsuspecting users.
Which of the following social-engineering attacks does this describe?
A. Information elicitation
B. Typo squatting
D. Watering-hole attack
4.Which of the following is a team of people dedicated testing the effectiveness of organizational security
programs by emulating the techniques of potential attackers?
A. Red team
B. While team
C. Blue team
D. Purple team
5.To reduce costs and overhead, an organization wants to move from an on-premises email solution to a
cloud-based email solution. At this time, no other services will be moving.
Which of the following cloud models would BEST meet the ne