- All Exams Instant Download
Which of the following Nmap commands would BEST accomplish this goal?
A security analyst needs to assess the web server versions on a list of hosts to determine which are running a vulnerable version of the software and output that list into an XML file named webserverlist.xml. The host list is provided in a file named webserverlist.txt. Which of the following...
Which of the following is the analyst MOST likely executing?
A cybersecurity analyst is supporting an incident response effort via threat intelligence. Which of the following is the analyst MOST likely executing?A . Requirements analysis and collection planning B. Containment and eradication C. Recovery and post-incident review D. Indicator enrichment and research pivotingView AnswerAnswer: A
Which of the following commands would MOST likely indicate if the email is malicious?
A user receives a potentially malicious email that contains spelling errors and a PDF document. A security analyst reviews the email and decides to download the attachment to a Linux sandbox for review. Which of the following commands would MOST likely indicate if the email is malicious?A . sha256sum ~/Desktop/file.pdf...
Which of the following cloud recovery strategies would work BEST to attain the desired outcome?
An organization wants to move non-essential services into a cloud computing environment. Management has a cost focus and would like to achieve a recovery time objective of 12 hours. Which of the following cloud recovery strategies would work BEST to attain the desired outcome?A . Duplicate all services in another...
Which of the following attacks can be prevented by using output encoding?
Which of the following attacks can be prevented by using output encoding?A . Server-side request forgery B. Cross-site scripting C. SQL injection D. Command injection E. Cross-site request forgery F. Directory traversalView AnswerAnswer: B
Which of the following should the security analyst perform NEXT?
A security analyst discovered a specific series of IP addresses that are targeting an organization. None of the attacks have been successful. Which of the following should the security analyst perform NEXT?A . Begin blocking all IP addresses within that subnet. B. Determine the attack vector and total attack surface....
Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?
An analyst is performing penetration testing and vulnerability assessment activities against a new vehicle automation platform. Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?A . FaaS B. RTOS C. SoC D. GPS E. CAN busView AnswerAnswer: E
A security analyst has been alerted to several emails that snow evidence an employee is planning malicious activities that involve employee Pll on the network before leaving the organization.
A security analyst has been alerted to several emails that snow evidence an employee is planning malicious activities that involve employee Pll on the network before leaving the organization. The security analysis BEST response would be to coordinate with the legal department and:A . the public relations department B. senior...
Which of the following conclusions can be drawn with respect to the threat and impact?
An organization suspects it has had a breach, and it is trying to determine the potential impact. The organization knows the following: ✑ The source of the breach is linked to an IP located in a foreign country. ✑ The breach is isolated to the research and development servers. ✑...
Which of the following is the value of this risk?
A security analyst discovers a vulnerability on an unpatched web server that is used for testing machine learning on Bing Data sets. Exploitation of the vulnerability could cost the organization $1.5 million in lost productivity. The server is located on an isolated network segment that has a 5% chance of...
