- All Exams Instant Download
In which of the following phases is this APT MOST likely to leave discoverable artifacts?
A security analyst is attempting to utilize the blowing threat intelligence for developing detection capabilities: In which of the following phases is this APT MOST likely to leave discoverable artifacts?A . Data collection/exfiltration B. Defensive evasion C. Lateral movement D. ReconnaissanceView AnswerAnswer: A
Which of the following solutions would meet this requirement?
A development team signed a contract that requires access to an on-premises physical server. Access must be restricted to authorized users only and cannot be connected to the Internet. Which of the following solutions would meet this requirement?A . Establish a hosted SSO. B. Implement a CASB. C. Virtualize the...
Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?
Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?A . Human resources B. Public relations C. Marketing D. Internal network operations centerView AnswerAnswer: B
During a cyber incident, which of the following is the BEST course of action?
During a cyber incident, which of the following is the BEST course of action?A . Switch to using a pre-approved, secure, third-party communication system. B. Keep the entire company informed to ensure transparency and integrity during the incident. C. Restrict customer communication until the severity of the breach is confirmed....
Which of the following tools is the malicious hacker going to use to gain access to information found on the hotel network?
A malicious hacker wants to gather guest credentials on a hotel 802.11 network. Which of the following tools is the malicious hacker going to use to gain access to information found on the hotel network?A . Nikto B. Aircrak-ng C. Nessus D. tcpdumpView AnswerAnswer: B
Which of the following data sources will BEST help the analyst to determine whether this event constitutes an incident?
An analyst is investigating an anomalous event reported by the SOC. After reviewing the system logs the analyst identifies an unexpected addition of a user with root-level privileges on the endpoint. Which of the following data sources will BEST help the analyst to determine whether this event constitutes an incident?A...
Which of the following would be the MOST effective way for the security team to meet these objectives?
The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance audit and meet the following objectives: ✑ Reduce the number of potential findings by the auditors. ✑ Limit the scope of the audit to only devices used by the payment-processing team for...
Which of the following would be the MOST appropriate recommendation to prevent the activity from happening in the future?
During an investigation, a security analyst determines suspicious activity occurred during the night shift over the weekend. Further investigation reveals the activity was initiated from an internal IP going to an external website. Which of the following would be the MOST appropriate recommendation to prevent the activity from happening in...
Which of the following BEST describes the reason why the email was blocked?
A security analyst is reviewing the following log from an email security service. Which of the following BEST describes the reason why the email was blocked? A. The To address is invalid. B. The email originated from the www.spamfilter.org URL. C. The IP address and the remote server name are...
Which of the following should the architect as the MOST secure and manageable option?
A security architect is reviewing the options for performing input validation on incoming web form submissions. Which of the following should the architect as the MOST secure and manageable option?A . Client-side whitelisting B. Server-side whitelisting C. Server-side blacklisting D. Client-side blacklistingView AnswerAnswer: B
