Topic 1: Exam Pool A
Someone who is fraudulently claiming to be from a reputable bank calls a company employee. Which of the following describes this incident?
A. Pretexting
B. Spoofing
C. Vishing
D. Scareware
Explanation:
Vishing is a type of social engineering attack where a fraudulent caller impersonates a
legitimate entity, such as a bank or financial institution, in order to gain access to sensitive
information. The caller will typically use a variety of techniques, such as trying to scare the
target or providing false information, in order to get the target to provide the information
they are after. Vishing is often used to gain access to usernames, passwords, bank
account information, and other sensitive data.
Which of the following file types allows a user to easily uninstall software from macOS by simply placing it in the trash bin? .exe
A. .dmg
B. . app
C. . rpm
D. .pkg
The network was breached over the weekend System logs indicate that a single user's account was successfully breached after 500 attempts with a dictionary attack. Which of the following would BEST mitigate this threat?
A. Encryption at rest
B. Account lockout
C. Automatic screen lock
D. Antivirus
Explanation:
Account lockout would best mitigate the threat of a dictionary attack1
Which of the following protocols supports fast roaming between networks?
A. WEP
B. WPA
C. WPA2
D. LEAP
E. PEAP
Explanation: WPA2 is the only protocol among the options that supports fast roaming between networks. Fast roaming, also known as IEEE 802.11r or Fast BSS Transition (FT), enables a client device to roam quickly in environments implementing WPA2 Enterprise security, by ensuring that the client device does not need to re-authenticate to the RADIUS server every time it roams from one access point to another1. WEP, WPA, LEAP, and PEAP do not support fast roaming and require the client device to perform the full authentication process every time it roams, which can cause delays and interruptions in the network service.
An organization is creating guidelines for the incorporation of generative Al solutions. In which of the following would these guidelines be published? Standard operating procedure
A. Acceptable use policy
B. Security protocols
C. Data flow diagram
A user's mobile phone has become sluggish A systems administrator discovered several malicious applications on the device and reset the phone. The administrator installed MDM software. Which of the following should the administrator do to help secure the device against this threat in the future? (Select TWO).
A. Prevent a device root
B. Disable biometric authentication
C. Require a PIN on the unlock screen
D. Enable developer mode
E. Block a third-party application installation
F. Prevent GPS spoofing
Explanation:
To help secure the device against this threat in the future, the administrator should require
a PIN on the unlock screen and block a third-party application installation. Requiring a PIN
on the unlock screen can help to prevent unauthorized access to the device, while blocking
third-party application installation can help to prevent malicious applications from being
installed on the device.
A technician needs to track evidence for a forensic investigation on a Windows computer. Which of the following describes this process?
A. Valid license
B. Data retention requirements
C. Material safety data sheet
D. Chain of custody
Explanation: Chain of custody is a legal term that refers to the chronological documentation or paper trail that records the sequence of custody, control, transfer, analysis, and disposition of materials, including physical or electronic evidence1. It is important in forensic investigations to establish that the evidence is in fact related to the case, and that it has not been tampered with or contaminated. A technician needs to track evidence for a forensic investigation on a Windows computer by following the proper procedures for collecting, handling, storing, and analyzing the evidence, and documenting every step of the process on a chain of custody form23
Which of the following is the most likely to use NTFS as the native filesystem?
A. macOS
B. Linux
C. Windows
D. Android
A user reports that antivirus software indicates a computer is infected with viruses. The user thinks this happened white browsing the internet. The technician does not recognize the interface with which the antivirus message is presented. Which of the following is the NEXT step the technician should take?
A. Shut down the infected computer and swap it with another computer
B. Investigate what the interface is and what triggered it to pop up
C. Proceed with initiating a full scan and removal of the viruses using the presented interface
D. Call the phone number displayed in the interface of the antivirus removal tool
Explanation:
The technician should not proceed with initiating a full scan and removal of the viruses
using the presented interface or call the phone number displayed in the interface of the
antivirus removal tool12.
Shutting down the infected computer and swapping it with another computer is not
necessary at this point12.
The technician should not immediately assume that the message is legitimate or perform
any actions without knowing what the interface is and what triggered it to pop up. It is
important to investigate the issue further, including checking the legitimacy of the antivirus
program and the message it is displaying.
A technician requires graphical remote access to various Windows, Linux, and macOS desktops on the company LAN. The security administrator asks the technician to utilize a single software solution that does not require an external internet connection. Which of the following remote access tools is the technician most likely to install?
A. VNC
B. RMM
C. RDP
D. SSH
| Page 10 out of 74 Pages |
| Previous |
Copyright © - All Rights Reserved