- All Exams Instant Download
Which of the following is MOST likely a false positive?
A security analyst, who is working for a company that utilizes Linux servers, receives the following results from a vulnerability scan: Which of the following is MOST likely a false positive?A . ICMP timestamp request remote date disclosure B. Windows SMB service enumeration via srvsvc C. Anonymous FTP enabled D....
Which of the following would explain the difference in results?
A security analyst is trying to determine if a host is active on a network. The analyst first attempts the following: The analyst runs the following command next: Which of the following would explain the difference in results?A . ICMP is being blocked by a firewall. B. The routing tables...
Which of the following should the analyst do FIRST?
A cybersecurity analyst is contributing to a team hunt on an organization's endpoints. Which of the following should the analyst do FIRST?A . Write detection logic. B. Establish a hypothesis. C. Profile the threat actors and activities. D. Perform a process analysis.View AnswerAnswer: C Explanation: Reference: https://www.cybereason.com/blog/blog-the-eight-steps-to-threat-hunting
Which of the following is MOST likely a false positive?
A security analyst, who is working for a company that utilizes Linux servers, receives the following results from a vulnerability scan: Which of the following is MOST likely a false positive?A . ICMP timestamp request remote date disclosure B. Windows SMB service enumeration via srvsvc C. Anonymous FTP enabled D....
Which of the following describes the output of this scan?
A cybersecurity analyst is currently checking a newly deployed server that has an access control list applied. When conducting the scan, the analyst received the following code snippet of results: Which of the following describes the output of this scan?A . The analyst has discovered a False Positive, and the...
Which of the following would BEST mitigate and improve the security posture of the wireless network for this type of attack?
A security analyst recently discovered two unauthorized hosts on the campus's wireless network segment from a man-m-the-middle attack. The security analyst also verified that privileges were not escalated, and the two devices did not gain access to other network devices. Which of the following would BEST mitigate and improve the...
Which of the following would BEST identify potential indicators of compromise?
An information security analyst observes anomalous behavior on the SCADA devices in a power plant. This behavior results in the industrial generators overheating and destabilizing the power supply. Which of the following would BEST identify potential indicators of compromise?A . Use Burp Suite to capture packets to the SCADA device's...
Which of the following technologies can be used to house the entropy keys for disk encryption on desktops and laptops?
Which of the following technologies can be used to house the entropy keys for disk encryption on desktops and laptops?A . Self-encrypting drive B. Bus encryption C. TPM D. HSMView AnswerAnswer: A
The inability to do remote updates of certificates. keys software and firmware is a security issue commonly associated with:
The inability to do remote updates of certificates. keys software and firmware is a security issue commonly associated with:A . web servers on private networks. B. HVAC control systems C. smartphones D. firewalls and UTM devicesView AnswerAnswer: B
Which of the following roles is ultimately responsible for determining the classification levels assigned to specific data sets?
Which of the following roles is ultimately responsible for determining the classification levels assigned to specific data sets?A . Data custodian B. Data owner C. Data processor D. Senior managementView AnswerAnswer: B Explanation: Reference: https://www.pearsonitcertification.com/articles/article.aspx?p=2731933&seqNum=3
