Cards you may also be interested in
[September-2021]Braindump2go New MS-101 PDF and VCE Dumps Free Share(Q336-Q347)
QUESTION 336 You plan to use Azure Sentinel and Microsoft Cloud App Security. You need to connect Cloud App Security to Azure Sentinel. What should you do in the Cloud App Security admin center? A.From Automatic log upload, add a log collector. B.From Automatic log upload, add a data source. C.From Connected apps, add an app connector. D.From Security extension, add a SIEM agent. Answer: D QUESTION 337 You have a Microsoft 365 E5 tenant. You need to evaluate the tenant based on the standard industry regulations require that the tenant comply with the ISO 27001 standard. What should you do? A.From Policy in the Azure portal, select Compliance, and then assign a pokey B.From Compliance Manager, create an assessment C.From the Microsoft J6i compliance center, create an audit retention pokey. D.From the Microsoft 365 admin center enable the Productivity Score. Answer: B QUESTION 338 You have a Microsoft 365 E5 tenant that has sensitivity label support enabled for Microsoft and SharePoint Online. You need to enable unified labeling for Microsoft 365 groups. Which cmdlet should you run? A.set-unifiedGroup B.Set-Labelpolicy C.Execute-AzureAdLebelSync D.Add-UnifiedGroupLinks Answer: B QUESTION 339 You have a Microsoft 365 E5 tenant. You configure sensitivity labels. Users report that the Sensitivity button is unavailability in Microsoft Word for the web. The sensitivity button is available in Word for Microsoft 365. You need to ensure that the users can apply the sensitivity labels when they use Word for the web. What should you do? A.Copy policies from Azure information Protection to the Microsoft 365 Compliance center B.Publish the sensitivity labels. C.Create an auto-labeling policy D.Enable sensitivity labels for files in Microsoft SharePoint Online and OneDrive. Answer: B QUESTION 340 You have a Microsoft 365 E5 tenant. You plan to deploy a monitoring solution that meets the following requirements: - Captures Microsoft Teams channel messages that contain threatening or violent language. - Alerts a reviewer when a threatening or violent message is identified. What should you include in the solution? A.Data Subject Requests (DSRs) B.Insider risk management policies C.Communication compliance policies D.Audit log retention policies Answer: C QUESTION 341 Your company has a Microsoft 365 subscription. you implement sensitivity Doris for your company. You need to automatically protect email messages that contain the word Confidential m the subject line. What should you create? A.a sharing policy from the Exchange admin center B.a mall flow rule from the Exchange admin center C.a message Dace from the Microsoft 365 security center D.a data loss prevention (DLP) policy from the Microsoft 365 compliance center Answer: B QUESTION 342 You have a Microsoft 365 tenant that contains two groups named Group1 and Group2. You need to prevent the members or Group1 from communicating with the members of Group2 by using Microsoft Teams. The solution must comply with regulatory requirements and must not affect other user in the tenant. What should you use? A.information barriers B.communication compliance policies C.moderated distribution groups D.administrator units in Azure Active Directory (Azure AD) Answer: A QUESTION 343 You have a Microsoft 365 tenant that contains devices registered for mobile device management. The devices are configured as shown in the following table. You plan to enable VPN access for the devices. What is the minimum number of configuration policies required? A.3 B.5 C.4 D.1 Answer: D QUESTION 344 You have a Microsoft 365 E5 tenant that contains 500 Windows 10 devices. The devices are enrolled in Microsoft intune. You plan to use Endpoint analytics to identify hardware issues. You need to enable Window health monitoring on the devices to support Endpoint analytics What should you do? A.Configure the Endpoint analytics baseline regression threshold. B.Create a configuration profile. C.Create a Windows 10 Security Baseline profile D.Create a compliance policy. Answer: B QUESTION 345 You have a Microsoft 365 tenant. You plan to implement Endpoint Protection device configuration profiles. Which platform can you manage by using the profile? A.Android B.CentOS Linux C.iOS D.Window 10 Answer: C QUESTION 346 You purchase a new computer that has Windows 10, version 2004 preinstalled. You need to ensure that the computer is up-to-date. The solution must minimize the number of updates installed. What should you do on the computer? A.Install all the feature updates released since version 2004 and all the quality updates released since version 2004 only. B.install the West feature update and the latest quality update only. C.install all the feature updates released since version 2004 and the latest quality update only. D.install the latest feature update and all the quality updates released since version 2004. Answer: B QUESTION 347 Hotspot Question You have a Microsoft 365 ES tenant. You have the alerts shown in the following exhibit. Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic. NOTE: Each correct selection is worth one point. Answer: 2021 Latest Braindump2go MS-101 PDF and MS-101 VCE Dumps Free Share: https://drive.google.com/drive/folders/1KVZ6uvgke0CyiKN6s3PCc3F5LsZZYt7A?usp=sharing
Launch a full-fledged Practo Clone app to gain profits shortly
Technology makes everyone’s lives easier, having positive as well as negative impacts. The most suitable saying for it is “Every coin has two sides.” Straight to the point of positive impacts, people get everything they need with the help of mobile apps. In the digital era, everyone has smartphones in their hands. So, it is easy for everyone to avail of any services hassle-free. For instance, Practo is a doctor appointment booking app that facilitates users to book appointments and even get video consultations with doctors (virtually). Undoubtedly, doctor consultation apps like Practo get well noticed among many over the past few years, especially amidst the Covid-19 pandemic. This app helped the patients to connect with the doctors even during the crisis. Yes, a big thanks to technology! Without it, it is hard for everyone to survive the tough times. Entrepreneurs aspire to launch an app like Practo: Do you know why? An app like Practo is only helped patients but also cultivated the idea of launching a similar app for entrepreneurs. Recently, the healthcare industry has been revolutionizing with the emergence of one such app. Even so, there will be room for new apps, which inspires new-age entrepreneurs to launch their doctor consultation apps. A proven statistics of Practo that inspires you to have a thought of entering the on-demand industry with a doctor consultation app are explained here. After a three-year gap, Practo has secured $32 million in funding from investors like Chinese life insurance conglomerate A1A company, Sequoia Capital, Tencent, Sofina Ventures, and Matrix Partners. From March 2020 to May 2020, there is a significant rise in the demand for online doctor consultation apps. This app is handling more than 50 million appointments with more healthcare professionals registered with it. In 2020, the revenue generated by Practo was nearly $2 billion. Moreover, the online healthcare industry’s net value is expected to touch US$270.3 billion by the end of 2021. It is a 23.6% surge when compared to the previous years. Launch a Practo Clone app packed with significant features Practo Clone is a mimic of the original version of Practo in terms of functionality and features. Replicating the success concept will ensure the possibilities for business success. The most common features of the on-demand doctor consultation app you could consider incorporating into your Practo Clone are listed here. Practo Clone app comprises Doctor app, Patient app, and Admin panel. Features of Doctor app In-app chat Multiple payment options Search filter Health records Features of Patient app Digital prescriptions Availability toggle Edit appointment bookings Feedback Features of Admin panel Maintain records Create sub-admins Ad management Manage users details Apart from the general features, add advanced & innovative features to make your app unique. Stand out from the crowd! How can you make revenue out of it? You can implement multiple revenue streams based on the business model you choose. You would get considerable revenue only when your app has a larger user base. Perform effective marketing campaigns to reach out to your target audience. Thereby, you can make more revenue from your app. Three effective monetization strategies are as follows. Commission charges In-app advertising Featured listings Final note It is high time to enter the on-demand industry. Utilize a readily available Practo Clone app loaded with user-friendly features. Launch your on-demand doctor consultation app and make earnings.
[September-2021]Braindump2go New AZ-900 PDF and VCE Dumps Free Share(Q294-Q306)
QUESTION 294 What should you use to evaluate whether your company's Azure environment meets regulatory requirements? A.Azure Security Center B.Azure Advisor C.Azure Service Health D.Azure Knowledge Center Answer: A QUESTION 295 You have an azure virtual machine named VM1. You plan to encrypt VM1 by using Azure Disk Encryption. Which Azure resource must you create first? A.An Azure Storage account B.An Azure Information Protection policy C.An Encryption Key D.An Azure Key Vault Answer: D QUESTION 296 You need to be notified when Microsoft plans to perform maintenance that can affect the resources deployed to an Azure subscription. What should you use? A.Azure Monitor B.Azure Service Health C.Azure Advisor D.Microsoft Trust Center Answer: B QUESTION 297 What can you use to identify underutilized or unused Azure virtual machines? A.Azure Advisor B.Azure Cost Management + Billing C.Azure reservations D.Azure Policy Answer: A QUESTION 298 Your company has an Azure subscription that contains resources in several regions. You need to ensure that administrators can only create resources in those regions. What should you use? A.a read-only lock B.an Azure policy C.a management group D.a reservation Answer: B QUESTION 299 Your company has a Software Assurance agreement that includes Microsoft SQL Server licenses. You plan to deploy SQL Server on Azure virtual machines. What should you do to minimize licensing costs for the deployment? A.Deallocate the virtual machines during off hours. B.Use Azure Hybrid Benefit. C.Configure Azure Cost Management budgets. D.Use Azure reservations. Answer: B QUESTION 300 Who can use the Azure Total Cost of Ownership (TCO) calculator? A.billing readers for an Azure subscription only B.owners for an Azure subscription only C.anyone D.all users who have an account in Azure Active Directory (Azure AD) that is linked to an Azure subscription only Answer: C QUESTION 301 Hotspot Question For each of the following statements, select Yes if the statement is true, Otherwise, select No. NOTE: Each correct match is worth one point. Answer: QUESTION 302 Hotspot Question To complete the sentence, select the appropriate option in the answer area. Answer: QUESTION 303 Drag and Drop Question Match the term to the appropriate description. To answer, drag the appropriate term from the column on the left to its description on the right. Each term may be used once, more than once, or not at all. NOTE: Each correct match is worth one point. Answer: QUESTION 304 Hotspot Question To complete the sentence, select the appropriate option in the answer area. Answer: QUESTION 305 Hotspot Question For each of the following statements, select Yes if the statement is true, Otherwise, select No. NOTE: Each correct match is worth one point. Answer: QUESTION 306 Drag and Drop Question Match the cloud computing benefits to the correct descriptions. To answer, drag the appropriate service from the column on the left to its description on the right. Each service may be used once, more than once, or not at all. NOTE: Each correct match is worth one point Answer: 2021 Latest Braindump2go AZ-900 PDF and AZ-900 VCE Dumps Free Share: https://drive.google.com/drive/folders/13_1lErEE0LMey9KuTE7W2HPiiIw3ymgP?usp=sharing
Best blogging niche for 2021 | Low competition and high search volume | Ultimate traffic
Best blogging niche for 2021 with low competition and high search volume. Get unlimited traffic directly to your website. Get highest level of traffic with very low amount of work and gain high profit. best blogging ideas Not All Blog Topics Have The Same Earning Power While it is exceptionally evident that you can blog about anything, it is additionally obvious that not all points have the equivalent procuring power. Therefore, if you will probably bring in cash, you need a theme that can do it. For instance, you might be keen on submerged bin weaving, however I can guarantee you that it has definitely less acquiring power than different themes. Nonetheless, picking the correct point to seek after isn't something that is not difficult to reply. Truth be told, it might simply be unthinkable on the grounds that what individuals look for changes step by step. 14 of the Best Blogging Niches to Make Money With14 of the Best Blogging Niches to Make Money With It is vital to understand that the most beneficial contributing to a blog specialties are continually evolving. Consequently, you might have the option to discover other blog specialty thoughts, yet this rundown ought to stay exact for quite a long time. 1. Making Money Everybody needs to bring in cash, accordingly it is just normal for a blog zeroed in on bringing in cash to be productive. Require a moment and think for what reason would you say you are understanding this? You are attempting to bring in cash with a blog. What's more, fortunately, there is an interminable measure of substance that can be delivered. Truth be told, there are countless points you can zero in on bringing in cash that are largely one of a kind enough to have separate web journals. For instance, a blog on the best way to bring in cash by publishing content to a blog is totally unique in relation to a blog on the best way to bring in cash in the securities exchange. Furthermore, fortunately individuals will consistently be searching for the following pyramid scheme and you can utilize it to make yourself "rich." 2. Diet & Fitness Just subsequent to bringing in cash, is remaining sound. Diets and wellness have stayed probably the most mainstream look on the web. What's more, the uplifting news for you is there is consistently another wellness craze to examine. Wellness web journals are an extraordinary decision since it has a ton of potential with regards to selling items and partner advertising. For instance, you could compose different web journals about running and bicycling. What's more, simultaneously, suggest some extraordinary frill like a pulse screen, water bottle, running shoes, and then some. Nonetheless, as the vast majority realize it isn't exactly what you do, yet in addition what you eat. Diets go connected at the hip with wellness sites and there are many alternatives to browse. As a substance maker, it's difficult to request a superior subject.3. Movie & TV Reviews movie and tv review And wouldn’t you know it, right after money and health, entertainment is next. Movie and TV reviews have had great success throughout the history of the internet, and there is always something new coming out. Thanks to the current streaming war, just about every service is delivering huge shows. In 2019, we saw the launch of The Witcher on Netflix and the Mandalorian on Disney+, which both generated millions of reviews for each. Being able to review the most popular shows is a great way to get traffic. However, it is very important to realize this is a crowded market. While you can do some really good numbers, you need to make it unique. 4. Fashion Everybody is continually hoping to jump onto the following design craze, and as a style blogger, you could be the individual that assists them with discovering it. Design websites can be run in various manners. One approach to move toward it is to flaunt your own style to set up yourself as a name in the design world. While this can require some serious energy, the prize toward the end merits the exertion. The other methodology is to attempt to cover an assortment of design styles and how to make every one work. In any case, style is a well known point and you can rake in boatloads of cash from it as a blog. 5. Politics Governmental issues will consistently stay at the center of attention, and there is breaking news each and every day that you can investigate. You don't have to zero in on the governmental issues of your own country. Truth be told, you may discover more achievement zeroing in on worldwide legislative issues. Pretty much all that occurs on a worldwide scale is a potential blog with regards to legislative issues. Obviously, you could attempt to zero in on one specific sort of information. For instance, maybe you truly need to feature how every administration is doing battle environmental change. The reality is you have a limitless measure of substance to make with ensured news consistently on the point. 6. Social Media Its an obvious fact that web-based media is well known, in any case, not every person realizes how to utilize it. From the grandmother who is utilizing Facebook interestingly to the entrepreneur hoping to make a business page, everybody is posing inquiries. In any case, it isn't even exactly how to utilize online media that is the unavoidable issue, it's the means by which to utilize it productively. While you may require a couple of pointers setting up a record and posting interestingly, it's quite simple. The critical step is really standing out enough to be noticed your posts merit, and that is an exceptionally huge crowd. There is a ton of space for development potential, content, and above all benefit with a blog zeroed in via online media. 7. Gaming News Video games have become the most prevailing type of diversion and keep on developing each year. Also, as you can likely envision, there is a ton of cash to be made in anything identified with them. Contributing to a blog about gaming news is a surefire approach to get a constant flow of snaps each day. The business is immense and there is breaking news consistently. Truth be told, at the present time might just be the best an ideal opportunity to hop in on the grounds that the up and coming age of consoles is close to the corner. Investigating each break, talk, trailer, meeting, and all the other things gaming-related permits you to make an interminable measure of substance.8. Cooking Cooking is a very wide subject. Preparing, barbecuing, homebrewing lager, are only a couple of the themes you could construct a whole blog around. Specifying the cooking cycle, decision of preparing and fixings you will require are all essential for a formula for progress. You could even make a blog about the historical backdrop of specific dishes or spotlight on social importance. Regardless, you won't discover a lack of substance thoughts here, however you will discover a great deal of achievement. Figuring out how to cook stays perhaps the most mainstream points on the web, and a cooking blog is an incredible method to focus on that crowd. 9. Weddings Wedding sites have truly been acquiring notoriety over the most recent couple of years, and there is a lot of time to make a name for your site. Picking a wedding dress, improvements, picking the ideal ring, and whatever else identified with the wedding is the ideal material for a blog. Fortunately, there are a large number of various wedding thoughts and styles to browse. Furthermore, as somebody suggesting these styles and thoughts, there is a lot of space for partner joins. Therefore, it is certainly quite possibly the most productive publishing content to a blog specialties accessible. read full article
[September-2021]Braindump2go New 312-50v11 PDF and VCE Dumps Free Share(Q946-Q976)
QUESTION 946 Geena, a cloud architect, uses a master component in the Kubernetes cluster architecture that scans newly generated pods and allocates a node to them. This component can also assign nodes based on factors such as the overall resource requirement, data locality, software/hardware/policy restrictions, and internal workload interventions. Which of the following master components is explained in the above scenario? A.Kube-controller-manager B.Kube-scheduler C.Kube-apiserver D.Etcd cluster Answer: B QUESTION 947 _________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and celebrities who have access to confidential and highly valuable information. A.Spear phishing B.Whaling C.Vishing D.Phishing Answer: B QUESTION 948 Peter, a system administrator working at a reputed IT firm, decided to work from his home and login remotely. Later, he anticipated that the remote connection could be exposed to session hijacking. To curb this possibility, he implemented a technique that creates a safe and encrypted tunnel over a public network to securely send and receive sensitive information and prevent hackers from decrypting the data flow between the endpoints. What is the technique followed by Peter to send files securely through a remote connection? A.DMZ B.SMB signing C.VPN D.Switch network Answer: C QUESTION 949 An attacker can employ many methods to perform social engineering against unsuspecting employees, including scareware. What is the best example of a scareware attack? A.A pop-up appears to a user stating, "You have won a free cruise! Click here to claim your prize!" B.A banner appears to a user stating, "Your account has been locked. Click here to reset your password and unlock your account." C.A banner appears to a user stating, "Your Amazon order has been delayed. Click here to find out your new delivery date." D.A pop-up appears to a user stating, "Your computer may have been infected with spyware. Click here to install an anti-spyware tool to resolve this issue." Answer: D QUESTION 950 Bill has been hired as a penetration tester and cyber security auditor for a major credit card company. Which information security standard is most applicable to his role? A.FISMA B.HITECH C.PCI-DSS D.Sarbanes-OxleyAct Answer: C QUESTION 951 Tony wants to integrate a 128-bit symmetric block cipher with key sizes of 128,192, or 256 bits into a software program, which involves 32 rounds of computational operations that include substitution and permutation operations on four 32-bit word blocks using 8-variable S-boxes with 4-bit entry and 4-bit exit. Which of the following algorithms includes all the above features and can be integrated by Tony into the software program? A.TEA B.CAST-128 C.RC5 D.serpent Answer: D QUESTION 952 Morris, an attacker, wanted to check whether the target AP is in a locked state. He attempted using different utilities to identify WPS-enabled APs in the target wireless network. Ultimately, he succeeded with one special command-line utility. Which of the following command-line utilities allowed Morris to discover the WPS-enabled APs? A.wash B.ntptrace C.macof D.net View Answer: A QUESTION 953 What type of virus is most likely to remain undetected by antivirus software? A.Cavity virus B.Stealth virus C.File-extension virus D.Macro virus Answer: B QUESTION 954 Ben purchased a new smartphone and received some updates on it through the OTA method. He received two messages: one with a PIN from the network operator and another asking him to enter the PIN received from the operator. As soon as he entered the PIN, the smartphone started functioning in an abnormal manner. What is the type of attack performed on Ben in the above scenario? A.Advanced SMS phishing B.Bypass SSL pinning C.Phishing D.Tap 'n ghost attack Answer: A QUESTION 955 Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfigurations. In this process, Jack uses an automated tool that eases his work and performs vulnerability scanning to find hosts, services, and other vulnerabilities in the target server. Which of the following tools is used by Jack to perform vulnerability scanning? A.Infoga B.WebCopier Pro C.Netsparker D.NCollector Studio Answer: C QUESTION 956 Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim's system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components. What is the attack technique used by Stephen to damage the industrial systems? A.Spear-phishing attack B.SMishing attack C.Reconnaissance attack D.HMI-based attack Answer: A QUESTION 957 Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running services and their versions on a target system. Which of the following Nmap options must she use to perform service version discovery on the target host? A.-SN B.-SX C.-sV D.-SF Answer: C QUESTION 958 Kate dropped her phone and subsequently encountered an issue with the phone's internal speaker. Thus, she is using the phone's loudspeaker for phone calls and other activities. Bob, an attacker, takes advantage of this vulnerability and secretly exploits the hardware of Kate's phone so that he can monitor the loudspeaker's output from data sources such as voice assistants, multimedia messages, and audio files by using a malicious app to breach speech privacy. What is the type of attack Bob performed on Kate in the above scenario? A.Man-in-the-disk attack B.aLTEr attack C.SIM card attack D.ASpearphone attack Answer: B QUESTION 959 Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network. What is the type of vulnerability assessment that Jude performed on the organization? A.External assessment B.Passive assessment C.A Host-based assessment D.Application assessment Answer: C QUESTION 960 Roma is a member of a security team. She was tasked with protecting the internal network of an organization from imminent threats. To accomplish this task, Roma fed threat intelligence into the security devices in a digital format to block and identify inbound and outbound malicious traffic entering the organization's network. Which type of threat intelligence is used by Roma to secure the internal network? A.Technical threat intelligence B.Operational threat intelligence C.Tactical threat intelligence D.Strategic threat intelligence Answer: B QUESTION 961 Becky has been hired by a client from Dubai to perform a penetration test against one of their remote offices. Working from her location in Columbus, Ohio, Becky runs her usual reconnaissance scans to obtain basic information about their network. When analyzing the results of her Whois search, Becky notices that the IP was allocated to a location in Le Havre, France. Which regional Internet registry should Becky go to for detailed information? A.ARIN B.APNIC C.RIPE D.LACNIC Answer: C QUESTION 962 Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel waits for the victim to access the infected web application so as to compromise the victim's machine. Which of the following techniques is used by Joel in the above scenario? A.DNS rebinding attack B.Clickjacking attack C.MarioNet attack D.Watering hole attack Answer: B QUESTION 963 Juliet, a security researcher in an organization, was tasked with checking for the authenticity of images to be used in the organization's magazines. She used these images as a search query and tracked the original source and details of the images, which included photographs, profile pictures, and memes. Which of the following footprinting techniques did Rachel use to finish her task? A.Reverse image search B.Meta search engines C.Advanced image search D.Google advanced search Answer: C QUESTION 964 A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related to the current time from the target host machine. Which of the following Zenmap options must the analyst use to perform the ICMP timestamp ping scan? A.-PY B.-PU C.-PP D.-Pn Answer: C QUESTION 965 Elante company has recently hired James as a penetration tester. He was tasked with performing enumeration on an organization's network. In the process of enumeration, James discovered a service that is accessible to external sources. This service runs directly on port 21. What is the service enumerated byjames in the above scenario? A.Border Gateway Protocol (BGP) B.File Transfer Protocol (FTP) C.Network File System (NFS) D.Remote procedure call (RPC) Answer: B QUESTION 966 Given below are different steps involved in the vulnerability-management life cycle. 1) Remediation 2) Identify assets and create a baseline 3) Verification 4) Monitor 5) Vulnerability scan 6) Risk assessment Identify the correct sequence of steps involved in vulnerability management. A.2-->5-->6-->1-->3-->4 B.2-->1-->5-->6-->4-->3 C.2-->4-->5-->3-->6--> 1 D.1-->2-->3-->4-->5-->6 Answer: A QUESTION 967 Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following tools would not be useful for cracking the hashed passwords? A.John the Ripper B.Hashcat C.netcat D.THC-Hydra Answer: A QUESTION 968 Which Nmap switch helps evade IDS or firewalls? A.-n/-R B.-0N/-0X/-0G C.-T D.-D Answer: D QUESTION 969 Harper, a software engineer, is developing an email application. To ensure the confidentiality of email messages. Harper uses a symmetric-key block cipher having a classical 12- or 16-round Feistel network with a block size of 64 bits for encryption, which includes large 8 x 32-bit S-boxes (S1, S2, S3, S4) based on bent functions, modular addition and subtraction, key-dependent rotation, and XOR operations. This cipher also uses a masking key(Km1)and a rotation key (Kr1) for performing its functions. What is the algorithm employed by Harper to secure the email messages? A.CAST-128 B.AES C.GOST block cipher D.DES Answer: C QUESTION 970 Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL? A.[inurl:] B.[related:] C.[info:] D.[site:] Answer: D QUESTION 971 The security team of Debry Inc. decided to upgrade Wi-Fi security to thwart attacks such as dictionary attacks and key recovery attacks. For this purpose, the security team started implementing cutting-edge technology that uses a modern key establishment protocol called the simultaneous authentication of equals (SAE), also known as dragonfly key exchange, which replaces the PSK concept. What is the Wi-Fi encryption technology implemented by Debry Inc.? A.WEP B.WPA C.WPA2 D.WPA3 Answer: C QUESTION 972 Stella, a professional hacker, performs an attack on web services by exploiting a vulnerability that provides additional routing information in the SOAP header to support asynchronous communication. This further allows the transmission of web-service requests and response messages using different TCP connections. Which of the following attack techniques is used by Stella to compromise the web services? A.XML injection B.WS-Address spoofing C.SOAPAction spoofing D.Web services parsing attacks Answer: B QUESTION 973 James is working as an ethical hacker at Technix Solutions. The management ordered James to discover how vulnerable its network is towards footprinting attacks. James took the help of an open- source framework for performing automated reconnaissance activities. This framework helped James in gathering information using free tools and resources. What is the framework used by James to conduct footprinting and reconnaissance activities? A.WebSploit Framework B.Browser Exploitation Framework C.OSINT framework D.SpeedPhish Framework Answer: C QUESTION 974 Thomas, a cloud security professional, is performing security assessment on cloud services to identify any loopholes. He detects a vulnerability in a bare-metal cloud server that can enable hackers to implant malicious backdoors in its firmware. He also identified that an installed backdoor can persist even if the server is reallocated to new clients or businesses that use it as an laaS. What is the type of cloud attack that can be performed by exploiting the vulnerability discussed in the above scenario? A.Man-in-the-cloud (MITC) attack B.Cloud cryptojacking C.Cloudborne attack D.Metadata spoofing attack Answer: C QUESTION 975 Which among the following is the best example of the third step (delivery) in the cyber kill chain? A.An intruder sends a malicious attachment via email to a target. B.An intruder creates malware to be used as a malicious attachment to an email. C.An intruder's malware is triggered when a target opens a malicious email attachment. D.An intruder's malware is installed on a target's machine. Answer: C QUESTION 976 Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to a normal computer and the response of a honeypot to a manual SYN request. Which of the following techniques is employed by Dayn to detect honeypots? A.Detecting honeypots running on VMware B.Detecting the presence of Honeyd honeypots C.A Detecting the presence of Snort_inline honeypots D.Detecting the presence of Sebek-based honeypots Answer: C 2021 Latest Braindump2go 312-50v11 PDF and 312-50v11 VCE Dumps Free Share: https://drive.google.com/drive/folders/13uhEZnrNlkAP8a1O5NNI-yHndoWuz7Cj?usp=sharing
[September-2021]Braindump2go New 200-201 PDF and VCE Dumps Free Share(Q172-Q191)
QUESTION 172 The SOC team has confirmed a potential indicator of compromise on an endpoint. The team has narrowed the executable file's type to a new trojan family. According to the NIST Computer Security Incident Handling Guide, what is the next step in handling this event? A.Isolate the infected endpoint from the network. B.Perform forensics analysis on the infected endpoint. C.Collect public information on the malware behavior. D.Prioritize incident handling based on the impact. Answer: C QUESTION 173 Which technology on a host is used to isolate a running application from other applications? A.sandbox B.application allow list C.application block list D.host-based firewall Answer: A QUESTION 174 An analyst received a ticket regarding a degraded processing capability for one of the HR department's servers. On the same day, an engineer noticed a disabled antivirus software and was not able to determine when or why it occurred. According to the NIST Incident Handling Guide, what is the next phase of this investigation? A.Recovery B.Detection C.Eradication D.Analysis Answer: B QUESTION 175 Which data type is necessary to get information about source/destination ports? A.statistical data B.session data C.connectivity data D.alert data Answer: C QUESTION 176 Refer to the exhibit. Which type of attack is being executed? A.SQL injection B.cross-site scripting C.cross-site request forgery D.command injection Answer: A QUESTION 177 Which attack represents the evasion technique of resource exhaustion? A.SQL injection B.man-in-the-middle C.bluesnarfing D.denial-of-service Answer: D QUESTION 178 A threat actor penetrated an organization's network. Using the 5-tuple approach, which data points should the analyst use to isolate the compromised host in a grouped set of logs? A.event name, log source, time, source IP, and host name B.protocol, source IP, source port, destination IP, and destination port C.event name, log source, time, source IP, and username D.protocol, log source, source IP, destination IP, and host name Answer: B QUESTION 179 Which event is a vishing attack? A.obtaining disposed documents from an organization B.using a vulnerability scanner on a corporate network C.setting up a rogue access point near a public hotspot D.impersonating a tech support agent during a phone call Answer: D QUESTION 180 What is indicated by an increase in IPv4 traffic carrying protocol 41 ? A.additional PPTP traffic due to Windows clients B.unauthorized peer-to-peer traffic C.deployment of a GRE network on top of an existing Layer 3 network D.attempts to tunnel IPv6 traffic through an IPv4 network Answer: D QUESTION 181 What is the impact of false positive alerts on business compared to true positive? A.True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them. B.True-positive alerts are blocked by mistake as potential attacks, while False-positives are actual attacks Identified as harmless. C.False-positive alerts are detected by confusion as potential attacks, while true positives are attack attempts identified appropriately. D.False positives alerts are manually ignored signatures to avoid warnings that are already acknowledged, while true positives are warnings that are not yet acknowledged. Answer: C QUESTION 182 An organization's security team has detected network spikes coming from the internal network. An investigation has concluded that the spike in traffic was from intensive network scanning How should the analyst collect the traffic to isolate the suspicious host? A.by most active source IP B.by most used ports C.based on the protocols used D.based on the most used applications Answer: C QUESTION 183 What is an incident response plan? A.an organizational approach to events that could lead to asset loss or disruption of operations B.an organizational approach to security management to ensure a service lifecycle and continuous improvements C.an organizational approach to disaster recovery and timely restoration ot operational services D.an organizational approach to system backup and data archiving aligned to regulations Answer: C QUESTION 184 An engineer is addressing a connectivity issue between two servers where the remote server is unable to establish a successful session. Initial checks show that the remote server is not receiving an SYN-ACK while establishing a session by sending the first SYN. What is causing this issue? A.incorrect TCP handshake B.incorrect UDP handshake C.incorrect OSI configuration D.incorrect snaplen configuration Answer: A QUESTION 185 A security incident occurred with the potential of impacting business services. Who performs the attack? A.malware author B.threat actor C.bug bounty hunter D.direct competitor Answer: A QUESTION 186 Refer to the exhibit. An analyst received this alert from the Cisco ASA device, and numerous activity logs were produced. How should this type of evidence be categorized? A.indirect B.circumstantial C.corroborative D.best Answer: D QUESTION 187 W[^t is vulnerability management? A.A security practice focused on clarifying and narrowing intrusion points. B.A security practice of performing actions rather than acknowledging the threats. C.A process to identify and remediate existing weaknesses. D.A process to recover from service interruptions and restore business-critical applications Answer: C QUESTION 188 A user received an email attachment named "Hr405-report2609-empl094.exe" but did not run it. Which category of the cyber kill chain should be assigned to this type of event? A.installation B.reconnaissance C.weaponization D.delivery Answer: A QUESTION 189 An engineer needs to configure network systems to detect command and control communications by decrypting ingress and egress perimeter traffic and allowing network security devices to detect malicious outbound communications. Which technology should be used to accomplish the task? A.digital certificates B.static IP addresses C.signatures D.cipher suite Answer: D QUESTION 190 What is a difference between data obtained from Tap and SPAN ports? A.Tap mirrors existing traffic from specified ports, while SPAN presents more structured data for deeper analysis. B.SPAN passively splits traffic between a network device and the network without altering it, while Tap alters response times. C.SPAN improves the detection of media errors, while Tap provides direct access to traffic with lowered data visibility. D.Tap sends traffic from physical layers to the monitoring device, while SPAN provides a copy of network traffic from switch to destination Answer: A QUESTION 191 Which metric in CVSS indicates an attack that takes a destination bank account number and replaces it with a different bank account number? A.availability B.confidentiality C.scope D.integrity Answer: D 2021 Latest Braindump2go 200-201 PDF and 200-201 VCE Dumps Free Share: https://drive.google.com/drive/folders/1fTPALtM-eluHFw8sUjNGF7Y-ofOP3s-M?usp=sharing