212-82 Practice Questions

Charlie, a security professional in an organization, noticed unauthorized access and eavesdropping on the WLAN. To thwart such attempts, Charlie employed an encryption mechanism that used the RC4 algorithm to encrypt information in the data link layer. Identify the type of wireless encryption employed by Charlie in the above scenario.

Perform vulnerability analysis of a web application, www.luxurytreats.com. and determine the name of the alert with WASC ID 9. (Practical Question)

Tristan, a professional penetration tester, was recruited by an organization to test its network infrastructure. The organization wanted to understand its current security posture and its strength in defending against external threats. For this purpose, the organization did not provide any information about their IT infrastructure to Tristan. Thus, Tristan initiated zero-knowledge attacks, with no information or assistance from the organization.

Which of the following types of penetration testing has Tristan initiated in the above scenario?

Sam, a software engineer, visited an organization to give a demonstration on a software tool that helps in business development. The administrator at the organization created a least privileged account on a system and allocated that system to Sam for the demonstration. Using this account, Sam can only access the files that are required for the demonstration and cannot open any other file in the system.

Which of the following types of accounts the organization has given to Sam in the above scenario?

Calvin spotted blazing flames originating from a physical file storage location in his organization because of a Short circuit. In response to the incident, he used a fire suppression system that helped curb the incident in the initial stage and prevented it from spreading over a large area. Which of the following firefighting systems did Calvin use in this scenario?

As a Virtualization Software Engineer/Analyst, you are employed on a Project with Alpha Inc. Company, the OS Virtualization is used for isolation of Physical/Base OS with the Hypervisor OS. What is the security benefit of OS virtualization in terms of isolation?

GlobalTech, a multinational tech conglomerate, has been operating across 50 countries for the past two decades. Recently, it faced a significant data breach that affected Its reputation and bottom line. As a result, the board of directors decided to overhaul its existing corporate strategy, with a pronounced focus on enhancing its Information Security Governance. The company believes that a robust governance structure would not only prevent future breaches but would also align with its long-term business objectives of expansion and dominance in the tech market. It has called upon several third-party consultants to pitch an optimal strategy for the conglomerate's unique position.

Which strategy best aligns with GlobalTech's requirement?

in a security incident, the forensic investigation has isolated a suspicious file named "security_update.exe". You are asked to analyze the file in the Documents folder of the"Attacker Machine-1" to determine whether it is malicious. Analyze the suspicious file and identify the malware signature. (Practical Question)

The incident handling and response (IH&R) team of an organization was handling a recent cyberattack on the organization's web server. Fernando, a member of the IH&P team, was tasked with eliminating the root cause of the incident and closing all attack vectors to prevent similar incidents in future. For this purpose. Fernando applied the latest patches to the web server and installed the latest security mechanisms on it. Identify the IH&R step performed by Fernando in this scenario.

A large multinational corporation is In the process of upgrading its network infrastructure to enhance security and protect sensitive data. As part of the upgrade, the IT team is considering implementing stateful multilayer inspection firewalls and application-level gateway firewalls.

How do stateful multilayer inspection firewalls differ from application-level gateway firewalls in terms of their packet filtering capabilities and the layers of the OSI model they inspect?