Forming a hypothesis, looking for indicators of compromise, and using the findings to proactively improve detection capabilities are examples of the value of:
Forming a hypothesis, looking for indicators of compromise, and using the findings to proactively improve detection capabilities are examples of the value of:A . vulnerability scanning.B . threat hunting.C . red learning.D . penetration testing.View AnswerAnswer: B Explanation: Threat hunting is a proactive process of searching for signs of malicious...
Which of the following, should the analyst use to extract human-readable content from the partition?
During an incident response procedure, a security analyst collects a hard drive to analyze a possible vector of compromise. There is a Linux swap partition on the hard drive that needs to be checked. Which of the following, should the analyst use to extract human-readable content from the partition?A ....
Which of the following courses of action is appropriate?
A Chief Executive Officer (CEO) is concerned about the company’s intellectual property being leaked to competitors. The security team performed an extensive review but did not find any indication of an outside breach. The data sets are currently encrypted using the Triple Data Encryption Algorithm. Which of the following courses...
Which of the following would be the BEST method to protect the company's data?
A company stores all of its data in the cloud. All company-owned laptops are currently unmanaged, and all users have administrative rights. The security team is having difficulty identifying a way to secure the environment. Which of the following would be the BEST method to protect the company's data?A ....
Which of the following would allow the analyst to perform the task?
A security analyst needs to provide a copy of a hard drive for forensic analysis. Which of the following would allow the analyst to perform the task? A) B) C) D) A . Option AB . Option BC . Option CD . Option DView AnswerAnswer: C Explanation: Option C shows...
Which of the following BEST describes this type of control?
A small business does not have enough staff in the accounting department to segregate duties. The controller writes the checks for the business and reconciles them against the ledger. To ensure there is no fraud occurring, the business conducts quarterly reviews in which a different officer in the business compares...
Which of the following should a security analyst recommend to BEST meet the requirements outlined by the IT Department?
The IT department is concerned about the possibility of a guest device infecting machines on the corporate network or taking down the company's singe internet connection. Which of the following should a security analyst recommend to BEST meet the requirements outlined by the IT Department?A . Require the guest machines...
A code review reveals a web application is using lime-based cookies for session management.
A code review reveals a web application is using lime-based cookies for session management. This is a security concern because lime-based cookies are easy to:A . parameterize.B . decode.C . guess.D . decrypt.View AnswerAnswer: B Explanation: Lime-based cookies are a type of cookies that use lime encoding to store data...
Which of the following BEST explains the function of a managerial control?
Which of the following BEST explains the function of a managerial control?A . To help design and implement the security planning, program development, and maintenance of the security life cycleB . To guide the development of training, education, security awareness programs, and system maintenanceC . To create data classification, risk...
Which of the following are considered PII by themselves? (Select TWO).
Which of the following are considered PII by themselves? (Select TWO).A . Government IDB . Job titleC . Employment start dateD . Birth certificateE . Employer addressF . Mother's maiden nameView AnswerAnswer: A, D Explanation: PII (Personally Identifiable Information) is any information that can be used to identify, contact, or...