- All Exams Instant Download
What is the impact of false positive alerts on business compared to true positive?
What is the impact of false positive alerts on business compared to true positive?A . True positives affect security as no alarm is raised when an attack has taken place, while false positives are alerts raised appropriately to detect and further mitigate them. B. True-positive alerts are blocked by mistake...
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?
Which NIST IR category stakeholder is responsible for coordinating incident response among various business units, minimizing damage, and reporting to regulatory agencies?A . CSIRT B. PSIRT C. public affairs D. managementView AnswerAnswer: D
What are two social engineering techniques? (Choose two.)
What are two social engineering techniques? (Choose two.)A . privilege escalation B. DDoS attack C. phishing D. man-in-the-middle E. pharmingView AnswerAnswer: C,E
What is the next step the engineer should take according to the NIST SP 800-61 Incident handling guide?
An engineer discovered a breach, identified the threat’s entry point, and removed access. The engineer was able to identify the host, the IP address of the threat actor, and the application the threat actor targeted. What is the next step the engineer should take according to the NIST SP 800-61...
Which technology on a host is used to isolate a running application from other applications?
Which technology on a host is used to isolate a running application from other applications?A . sandbox B. application allow list C. application block list D. host-based firewallView AnswerAnswer: A Explanation: Reference: https://searchsecurity.techtarget.com/definition/sandbox#:~:text=Sandboxes%20can%20be%20used%20to,be%20run%20inside%20a%20sandbox
What did the attacker obtain from this scan?
Refer to the exhibit. An attacker scanned the server using Nmap. What did the attacker obtain from this scan?A . Identified a firewall device preventing the pert state from being returned. B. Identified open SMB ports on the server C. Gathered information on processes running on the server D. Gathered...
What is the difference between the ACK flag and the RST flag in the NetFlow log session?
What is the difference between the ACK flag and the RST flag in the NetFlow log session?A . The RST flag confirms the beginning of the TCP connection, and the ACK flag responds when the data for the payload is complete B. The ACK flag confirms the beginning of the...
What is the difference between the ACK flag and the RST flag?
What is the difference between the ACK flag and the RST flag?A . The RST flag approves the connection, and the ACK flag terminates spontaneous connections. B. The ACK flag confirms the received segment, and the RST flag terminates the connection. C. The RST flag approves the connection, and the...
Which vulnerability type is used to read, write, or erase information from a database?
Which vulnerability type is used to read, write, or erase information from a database?A . cross-site scripting B. cross-site request forgery C. buffer overflow D. SQL injectionView AnswerAnswer: D
How must the engineer interpret the results?
Refer to the exhibit. An engineer received a ticket about a slowed-down web application. The engineer runs the #netstat -an command. How must the engineer interpret the results?A . The web application is receiving a common, legitimate traffic B. The engineer must gather more data. C. The web application server...
