Which of the following statements is appropriate in an incident response report?

A. There had been a storm on September 27th that may have caused a power surge

B. The registry entry was modified on September 29th at 22:37

C. The attacker may have been able to access the systems due to missing KB2965111

D. The backup process may have failed at 2345 due to lack of available bandwidth

An organization wants to test its procedure for data recovery. Which of the following will be most effective?

A. Verifying a file can be recovered from backup media

B. Verifying that backup process is running when it should

C. Verifying that network backups can't be read in transit

D. Verifying there are no errors in the backup server logs

An organization is implementing a control for the Account Monitoring and Control CIS Control, and have set the Account Lockout Policy as shown below. What is the risk presented by these settings?

A. Brute-force password attacks could be more effective.

B. Legitimate users could be unable to access resources.

C. Password length and complexity will be automatically reduced.

D. Once accounts are locked, they cannot be unlocked.

Which of the following actions will assist an organization specifically with implementing web application software security?

A. Making sure that all hosts are patched during regularly scheduled maintenance

B. Providing end-user security training to both internal staff and vendors

C. Establishing network activity baselines among public-facing servers

D. Having a plan to scan vulnerabilities of an application prior to deployment

Allied services have recently purchased NAC devices to detect and prevent non-company owned devices from attaching to their internal wired and wireless network. Corporate devices will be automatically added to the approved device list by querying Active Directory for domain devices. Non-approved devices will be placed on a protected VLAN with no network access. The NAC also offers a web portal that can be integrated with Active Directory to allow for employee device registration which will not be utilized in this deployment. Which of the following recommendations would make NAC installation more secure?

A. Enforce company configuration standards for personal mobile devices

B. Configure Active Directory to push an updated inventory to the NAC daily

C. Disable the web portal device registration service

D. Change the wireless password following the NAC implementation

What tool creates visual network topology output and results that can be analyzed by Ndiff to determine if a service or network asset has changed?

A. Ngrep

B. CIS-CAT

C. Netscreen

D. Zenmap

Which of the following CIS Controls is used to manage the security lifecycle by validating that the documented controls are in place?

A. Controlled Use of Administrative Privilege

B. Account Monitoring and Control

C. Data Protection

D. Penetration Tests and Red Team Exercises

Below is a screenshot from a deployed next-generation firewall. These configuration settings would be a defensive measure for which CIS Control?

A. Controlled Access Based on the Need to Know

B. Limitation and Control of Network Ports, Protocols and Services

C. Email and Web Browser Protections

D. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches.

An organization has implemented a policy to continually detect and remove malware from its network. Which of the following is a detective control needed for this?

A. Host-based firewall sends alerts when packets are sent to a closed port

B. Network Intrusion Prevention sends alerts when RST packets are received

C. Network Intrusion Detection devices sends alerts when signatures are updated

D. Host-based anti-virus sends alerts to a central security console

What is a zero-day attack?

A. An attack that has a known attack signature but no available patch

B. An attack that utilizes a vulnerability unknown to the software developer

C. An attack that deploys at the end of a countdown sequence

D. An attack that is launched the day the patch is released