During which phase of the incident response process does an organization assemble an incident response toolkit?

• Detection and analysis
• Containment, eradication, and recovery
• Preparation
• Post-incident activity

Which of the following is the LEAST secure wireless security and encryption protocol?

• WEP
• WPA2
• AES
• WPA

Karen lives in an area that is prone to hurricanes and other extreme weather conditions. She asks you to recommend an electrical conditioning device that will prevent her files from being corrupted if the power to the building is unstable or lost. Additionally, she would like the computer to maintain power for up to an hour of uptime to allow for a graceful shutdown of her programs and computer. Which of the following should you recommend?

• Surge protector
• Power distribution unit
• Line conditioner
• Uninterruptible power supply

An employee contacts the service desk because they are unable to open an attachment they receive in their email. The service desk agent conducts a screen sharing session with the user and investigates the issue. The agent notices that the attached file is named Invoice1043.pdf, and a black pop-up window appears and then disappears quickly when the attachment was double-clicked. Which of the following is most likely causing this issue?

• The user doesn't have a PDF reader installed on their computer
• The attachment is using a double file extension to mask its identity
• The file contains an embedded link to a malicious website
• The email is a form of spam and should be deleted

What role does the red team perform during a tabletop exercise (TTX)?

• Adversary
• Network defender
• Cybersecurity analyst
• System administrator

You have been asked to install a computer in a public workspace. The computer should only be used by an authorized user. Which of the following security requirements should you implement to prevent unauthorized users from accessing the network with this computer?

• Remove the guest account from the administrator group
• Require authentication on wake-up
• Disable single sign-on
• Issue the same strong and complex password for all users

Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password, the email client generates an error messaging stating that "Invalid credentials" were entered. Chris assumes he must have forgotten his password, so he resets his email's username and password and then reenters them into the email client. Again, Chris receives an "Invalid credentials" error. What is MOST likely causing the "Invalid credentials" error in regard to Chris's email client?

• His email account is locked out
• His smartphone has full device encryption enabled
• His email account requires a strong password to be used
• His email account requires multifactor authentication

A cybersecurity analyst is reviewing the logs of a proxy server and saw the following URL, http://test.diontraining.com/../../../../etc/shadow. What type of attack has likely occurred?

• XML injection
• Buffer overflow
• Directory traversal
• SQL injection