Widespread fraud ac Enron. WorldCom, and Tyco led to the creation of a law that was designed to improve the accuracy and accountability of corporate disclosures. It covers accounting firms and third parties that provide financial services to some organizations and came into effect in 2002. This law is known by what acronym?

1. A. Fed RAMP
2. B. PCIDSS
3. C. SOX
4. D. HIPAA

Correct Answer: C
The Sarbanes-Oxley Act of 2002 could be a law the U.S. Congress passed on July thirty of that year to assist defend investors from fallacious money coverage by companies.Also called the SOX Act of 2002 and also the company Responsibility Act of 2002, it mandated strict reforms to existing securities rules and obligatory powerful new penalties on law breakers.
The Sarbanes-Oxley law Act of 2002 came in response to money scandals within the early 2000s involving in public listed corporations like Enron Corporation, Tyco International plc, and WorldCom. The high-profile frauds cask capitalist confidence within the trustiness of company money statements Associate in Nursingd light-emitting diode several to demand an overhaul of decades-old restrictive standards.

When discussing passwords, what is considered a brute force attack?

1. A. You attempt every single possibility until you exhaust all possible combinations or discover the password
2. B. You threaten to use the rubber hose on someone unless they reveal their password
3. C. You load a dictionary of words into your cracking program
4. D. You create hashes of a large number of words and compare it with the encrypted passwords
5. E. You wait until the password expires

Correct Answer: A

A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he suspects that he may have installed a trojan on his computer.
what tests would you perform to determine whether his computer Is Infected?

1. A. Use ExifTool and check for malicious content.
2. B. You do not check; rather, you immediately restore a previous snapshot of the operating system.
3. C. Upload the file to VirusTotal.
4. D. Use netstat and check for outgoing connections to strange IP addresses or domains.

Correct Answer: D

Which among the following is the best example of the third step (delivery) in the cyber kill chain?

1. A. An intruder sends a malicious attachment via email to a target.
2. B. An intruder creates malware to be used as a malicious attachment to an email.
3. C. An intruder's malware is triggered when a target opens a malicious email attachment.
4. D. An intruder's malware is installed on a target's machine.

Correct Answer: A

Why is a penetration test considered to be more thorough than vulnerability scan?

1. A. Vulnerability scans only do host discovery and port scanning by default.
2. B. A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.
3. C. It is not – a penetration test is often performed by an automated tool, while a vulnerability scan requiresactive engagement.
4. D. The tools used by penetration testers tend to have much more comprehensive vulnerability databases.

Correct Answer: B