Question 331
A penetration tester is conducting an assessment on Comptia.org and runs the following command from a coffee shop while connected to the public Internet:
Which of the following should the penetration tester conclude about the command output?
Which of the following should the penetration tester conclude about the command output?
Question 332
A recent assessment identified that several users' mobile devices are running outdated versions of endpoint security software that do not meet the company's security policy. Which of the following should be performed to ensure the users can access the network and meet the company's security requirements?
Question 333
An external red team is brought into an organization to perform a penetration test of a new network-based application. The organization deploying the network application wants the red team to act like remote, external attackers, and instructs the team to use a black-box approach.
Which of the following is the BEST methodology for the red team to follow?
Which of the following is the BEST methodology for the red team to follow?
Question 334
A Chief Security Officer (CSO) is reviewing the organization's incident response report from a recent incident. The details of the event indicate:
1. A user received a phishing email that appeared to be a report from the organization's CRM tool.
2. The user attempted to access the CRM tool via a fraudulent web page but was unable to access the tool.
3. The user, unaware of the compromised account, did not report the incident and continued to use the CRM tool with the original credentials.
4. Several weeks later, the user reported anomalous activity within the CRM tool.
5. Following an investigation, it was determined the account was compromised and an attacker in another country has gained access to the CRM tool.
6. Following identification of corrupted data and successful recovery from the incident, a lessons learned activity was to be led by the CSO.
Which of the following would MOST likely have allowed the user to more quickly identify the unauthorized use of credentials by the attacker?
1. A user received a phishing email that appeared to be a report from the organization's CRM tool.
2. The user attempted to access the CRM tool via a fraudulent web page but was unable to access the tool.
3. The user, unaware of the compromised account, did not report the incident and continued to use the CRM tool with the original credentials.
4. Several weeks later, the user reported anomalous activity within the CRM tool.
5. Following an investigation, it was determined the account was compromised and an attacker in another country has gained access to the CRM tool.
6. Following identification of corrupted data and successful recovery from the incident, a lessons learned activity was to be led by the CSO.
Which of the following would MOST likely have allowed the user to more quickly identify the unauthorized use of credentials by the attacker?
Question 335
A company is implementing a new secure identity application, given the following requirements
* The cryptographic secrets used in the application must never be exposed to users or the OS
* The application must work on mobile devices.
* The application must work with the company's badge reader system
Which of the following mobile device specifications are required for this design? (Select TWO).
* The cryptographic secrets used in the application must never be exposed to users or the OS
* The application must work on mobile devices.
* The application must work with the company's badge reader system
Which of the following mobile device specifications are required for this design? (Select TWO).