- All Exams Instant Download
What is vulnerability management?
What is vulnerability management?A . A security practice focused on clarifying and narrowing intrusion points. B. A security practice of performing actions rather than acknowledging the threats. C. A process to identify and remediate existing weaknesses. D. A process to recover from service interruptions and restore business-critical applicationsView AnswerAnswer: C...
How does an attack surface differ from an attack vector?
How does an attack surface differ from an attack vector?A . An attack vector recognizes the potential outcomes of an attack, and the attack surface is choosing a method of an attack. B. An attack surface identifies vulnerable parts for an attack, and an attack vector specifies which attacks are...
Where is the executable file?
Refer to the exhibit. Where is the executable file?A . info B. tags C. MIME D. nameView AnswerAnswer: C
When an event is investigated, which type of data provides the investigate capability to determine if data exfiltration has occurred?
When an event is investigated, which type of data provides the investigate capability to determine if data exfiltration has occurred?A . full packet capture B. NetFlow data C. session data D. firewall logsView AnswerAnswer: A
What is occurring?
Refer to the exhibit. What is occurring?A . Cross-Site Scripting attack B. XML External Entitles attack C. Insecure Deserialization D. Regular GET requestsView AnswerAnswer: B
Which technology prevents end-device to end-device IP traceability?
Which technology prevents end-device to end-device IP traceability?A . encryption B. load balancing C. NAT/PAT D. tunnelingView AnswerAnswer: C
A security incident occurred with the potential of impacting business services. Who performs the attack?
A security incident occurred with the potential of impacting business services. Who performs the attack?A . malware author B. threat actor C. bug bounty hunter D. direct competitorView AnswerAnswer: B Explanation: Reference: https://www.paubox.com/blog/what-is-threat-actor/#:~:text=The%20term%20threat%20actor%20refers,CTA)%20when%20referencing% 20cybersecurity%20issues
Which process is used when IPS events are removed to improve data integrity?
Which process is used when IPS events are removed to improve data integrity?A . data availability B. data normalization C. data signature D. data protectionView AnswerAnswer: B
Which security principle is violated by running all processes as root or administrator?
Which security principle is violated by running all processes as root or administrator?A . principle of least privilege B. role-based access control C. separation of duties D. trusted computing baseView AnswerAnswer: A
Which metric should be used when evaluating the effectiveness and scope of a Security Operations Center?
Which metric should be used when evaluating the effectiveness and scope of a Security Operations Center?A . The average time the SOC takes to register and assign the incident. B. The total incident escalations per week. C. The average time the SOC takes to detect and resolve the incident. D....
