- All Exams Instant Download
What is the next step in handling the incident?
A SIEM tool fires an alert about a VPN connection attempt from an unusual location. The incident response team validates that an attacker has installed a remote access tool on a user’s laptop while traveling. The attacker has the user’s credentials and is attempting to connect to the network. What...
What is the first action for the incident response team?
A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat. What is the first action for the incident response team?A . Assess the network for unexpected behaviorB . Isolate critical hosts from the networkC...
Which solution protects the application from being overloaded and ensures more equitable application access across the end-user community?
Refer to the exhibit. A threat actor behind a single computer exploited a cloud-based application by sending multiple concurrent API requests. These requests made the application unresponsive. Which solution protects the application from being overloaded and ensures more equitable application access across the end-user community?A . Limit the number of...
What is the next step?
The incident response team receives information about the abnormal behavior of a host. A malicious file is found being executed from an external USB flash drive. The team collects and documents all the necessary evidence from the computing resource. What is the next step?A . Conduct a risk assessment of...
Which two steps mitigate attacks on the webserver from the Internet?
Refer to the exhibit. Which two steps mitigate attacks on the webserver from the Internet? (Choose two.)A . Create an ACL on the firewall to allow only TLS 1.3B . Implement a proxy server in the DMZ networkC . Create an ACL on the firewall to allow only external connectionsD...
Drag and drop the threat from the left onto the scenario that introduces the threat on the right. Not all options are used
DRAG DROP Drag and drop the threat from the left onto the scenario that introduces the threat on the right. Not all options are used. View AnswerAnswer:
What results from this script?
Refer to the exhibit. What results from this script?A . Seeds for existing domains are checkedB . A search is conducted for additional seedsC . Domains are compared to seed rulesD . A list of domains as seeds is blockedView AnswerAnswer: B
What should be concluded from this report?
Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop has automatically submitted a low prevalence file to the Threat Grid analysis engine for further analysis. What should be concluded from this report?A . The prioritized behavioral indicators of compromise do not justify the execution of the...
Which standard must the company follow to safeguard the resting data?
A European-based advertisement company collects tracking information from partner websites and stores it on a local server to provide tailored ads. Which standard must the company follow to safeguard the resting data?A . HIPAAB . PCI-DSSC . Sarbanes-OxleyD . GDPRView AnswerAnswer: D Explanation: Reference: https://www.thesslstore.com/blog/10-data-privacy-and-encryption-laws-every-business-needsto-know/
Which step was missed according to the NIST incident handling guide?
The incident response team was notified of detected malware. The team identified the infected hosts, removed the malware, restored the functionality and data of infected systems, and planned a company meeting to improve the incident handling capability. Which step was missed according to the NIST incident handling guide?A . Contain...
