- (Exam Topic 3)
Against the recommendation of the IT security analyst, a company set all user passwords on a server as “P@)55wOrD". Upon review of the /etc/pesswa file,
an attacker found the following:
hich of the following BEST explains why the encrypted passwords do not match?
Correct Answer:
C
- (Exam Topic 2)
A security analyst is receiving several alerts per user and is trying to determine If various logins are malicious. The security analyst would like to create a baseline of normal operations and reduce noise. Which of the following actions should the security analyst perform?
Correct Answer:
D
- (Exam Topic 1)
Which of the following provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?
Correct Answer:
A
CVSS is maintained by the Forum of Incident Response and Security Teams (first.org/cvss). CVSS metrics generate a score from 0 to 10 based on characteristics of the vulnerability, such as whether it can be triggered remotely or needs local access, whether user intervention is required, and so on
- (Exam Topic 3)
A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?
Correct Answer:
B
- (Exam Topic 3)
A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?
Correct Answer:
C
