| Question.86 Which of the following is a benefit of using steganalysis techniques in forensic response? (A) Breaking a symmetric cipher used in secure voice communications (B) Determining the frequency of unique attacks against DRM-protected media (C) Maintaining chain of custody for acquired evidence (D) Identifying least significant bit encoding of data in a .wav file |
86. Click here to View Answer
Answer: D
eference:
https://www.garykessler.net/library/fsc_stego.html
| Question.87 A server in a manufacturing environment is running an end-of-life operating system. The vulnerability management team is recommending that the server be upgraded to a supported operating system, but the ICS software running on the server is not compatible with modem operating systems. Which of the following compensating controls should be implemented to BEST protect the server? (A) Application allow list (B) Antivirus (C) HIPS (D) Host-based firewall |
87. Click here to View Answer
Answer: D
| Question.88 A systems administrator was given the following IOC to detect the presence of a malicious piece of software communicating with its command-and-control server: POST /malicious.php User-Agent: Malicious Tool V 1.0 Host: www.malicious.com The IOC documentation suggests the URL is the only part that could change. Which of the following regular expressions would allow the systems administrator to determine if any of the company hosts are compromised, while reducing false positives? (A) User-Agent: Malicious Tool.* (B) www\.malicious\.com\/malicious.php (C) Post /malicious\.php (D) Host: [a-z]*\.malicious\.com (E) malicious.* |
88. Click here to View Answer
Answer: D
| Question.89 A software development company makes its software version available to customers from a web portal. On several occasions, hackers were able to access the software repository to change the package that is automatically published on the website. Which of the following would be the technique to ensure the software the users download is the official software released by the company? (A) Distribute the software via a third-party repository. (B) Close the web repository and deliver the software via email. (C) Email the software link to all customers. (D) Display the SHA checksum on the website. |
89. Click here to View Answer
Answer: D
| Question.90 A security analyst is researching containerization concepts for an organization. The analyst is concerned about potential resource exhaustion scenarios on the Docker host due to a single application that is overconsuming available resources. Which of the following core Linux concepts BEST reflects the ability to limit resource allocation to containers? (A) Union filesystem overlay (B) Cgroups (C) Linux namespaces (D) Device mapper |
90. Click here to View Answer
Answer: B
Reference:
https://www.ibm.com/support/pages/deep-dive-yarn-cgroups-hadoop-dev
