- All Exams Instant Download
Which term defines the initial event in the NIST SP800-61 r2?
An organization has recently adjusted its security stance in response to online threats made by a known hacktivist group. Which term defines the initial event in the NIST SP800-61 r2?A . instigatorB . precursorC . online assaultD . triggerView AnswerAnswer: B
Which type of analysis allows you to see how likely an exploit could affect your network?
Which type of analysis allows you to see how likely an exploit could affect your network?A . descriptiveB . casualC . probabilisticD . inferentialView AnswerAnswer: C
Which option is a possible reason that the customer cannot access the website?
Refer to the Exhibit. A customer reports that they cannot access your organization's website. Which option is a possible reason that the customer cannot access the website?A . The server at 10.33.1.5 is using up too much bandwidth causing a denial-of-service.B . The server at 10.67.10.5 has a virus.C ....
Which category best describes this activity?
A CMS plugin creates two files that are accessible from the Internet myplugin.html and exploitable.php. A newly discovered exploit takes advantage of an injection vulnerability in exploitable.php. To exploit the vulnerability, one must send an HTTP POST with specific variables to exploitable.php. You see traffic to your webserver that consists...
Which data type is protected under the PCI compliance framework?
Which data type is protected under the PCI compliance framework?A . credit card typeB . primary account numberC . health conditionsD . provision of individual careView AnswerAnswer: B
Which option creates a display filter on Wireshark on a host IP address or name?
Which option creates a display filter on Wireshark on a host IP address or name?A . ip.address == <address> or ip.network == <network>B . [tcp|udp] ip.[src|dst] port <port>C . ip.addr == <addr> or ip.name == <name>D . ip.addr == <addr> or ip.host == <host>View AnswerAnswer: D
According to NIST-SP800-61R2, which option should be contained in the issue tracking system?
According to NIST-SP800-61R2, which option should be contained in the issue tracking system?A . incidents related to the current incidentB . incident unrelated to the current incidentC . actions taken by nonincident handlersD . latest public virus signaturesView AnswerAnswer: A
What is the common artifact that is used to uniquely identify a detected file?
What is the common artifact that is used to uniquely identify a detected file?A . HashB . TimestampC . File sizeView AnswerAnswer: A
Which of the following is typically a responsibility of a PSIRT?
Which of the following is typically a responsibility of a PSIRT?A . Configure the organization's firewallB . Monitor security logsC . Investigate security incidents in a security operations center (SOC)D . Disclose vulnerabilities in the organization's products and servicesView AnswerAnswer: D
Which CVSSv3 metric value increases when the attacker is able to modify all files protected by the vulnerable component?
Which CVSSv3 metric value increases when the attacker is able to modify all files protected by the vulnerable component?A . confidentialityB . integrityC . availabilityD . complexityView AnswerAnswer: B
