- All Exams Instant Download
Which of the following is the BEST way to share incident-related artifacts to provide non-repudiation?
Which of the following is the BEST way to share incident-related artifacts to provide non-repudiation?A . Secure email B. Encrypted USB drives C. Cloud containers D. Network foldersView AnswerAnswer: B
Which of the following would BEST meet that goal?
An organization has not had an incident for several months. The Chief Information Security Officer (CISO) wants to move to a more proactive stance for security investigations . Which of the following would BEST meet that goal?A . Root-cause analysis B. Active response C. Advanced antivirus D. Information-sharing community E....
Which of the following BEST describes the security analyst's goal?
A security analyst on the threat-hunting team has developed a list of unneeded, benign services that are currently running as part of the standard OS deployment for workstations. The analyst will provide this list to the operations team to create a policy that will automatically disable the services for all...
Which of the following would be the MAIN concern of the company?
A company just chose a global software company based in Europe to implement a new supply chain management solution . Which of the following would be the MAIN concern of the company?A . Violating national security policy B. Packet injection C. Loss of intellectual property D. International labor lawsView AnswerAnswer:...
Which of the following models would BEST apply to the situation?
A cybersecurity analyst is responding to an incident. The company’s leadership team wants to attribute the incident to an attack group . Which of the following models would BEST apply to the situation?A . Intelligence cycle B. Diamond Model of Intrusion Analysis C. Kill chain D. MITRE ATT&CKView AnswerAnswer: B
Which of the following UEFI settings is the MOST likely cause of the infections?
Bootloader malware was recently discovered on several company workstations. All the workstations run Windows and are current models with UEFI capability. Which of the following UEFI settings is the MOST likely cause of the infections?A . Compatibility mode B. Secure boot mode C. Native mode D. Fast boot modeView AnswerAnswer:...
Which of the following is MOST likely to be a false positive?
An analyst is reviewing a list of vulnerabilities, which were reported from a recent vulnerability scan of a Linux server. Which of the following is MOST likely to be a false positive?A . OpenSSH/OpenSSL Package Random Number Generator Weakness B. Apache HTTP Server Byte Range DoS C. GDI+ Remote Code...
Which of the following would cause the analyst to further review the incident?
During an incident, a cybersecurity analyst found several entries in the web server logs that are related to an IP with a bad reputation. Which of the following would cause the analyst to further review the incident? A) B) C) D) E) A . Option A B. Option B C....
Which of the following is the MOST appropriate action to take in the situation?
A security analyst working in the SOC recently discovered Balances m which hosts visited a specific set of domains and IPs and became infected with malware . Which of the following is the MOST appropriate action to take in the situation?A . implement an IPS signature for the malware and...
Which of the following MOST accurately describes an HSM?
Which of the following MOST accurately describes an HSM?A . An HSM is a low-cost solution for encryption. B. An HSM can be networked based or a removable USB C. An HSM is slower at encrypting than software D. An HSM is explicitly used for MFAView AnswerAnswer: B
