Which of the following BEST describes the attack?
A SIEM analyst receives an alert containing the following URL: Which of the following BEST describes the attack?A . Password sprayingB . Buffer overflowC . insecure object accessD . Directory traversalView AnswerAnswer: D Explanation: A directory traversal attack is a type of web application attack that exploits insufficient input validation...
Which of the following is the BEST solution?
A small organization has proprietary software that is used internally. The system has not been wen maintained and cannot be updated with the rest or the environment. Which of the following is the BEST solution?A . virtualize the system and decommission the physical machine.B . Remove it from the network...
As part of the detection and analysis procedures, which of the following should the analyst do NEXT?
A security is reviewing a vulnerability scan report and notes the following finding: As part of the detection and analysis procedures, which of the following should the analyst do NEXT?A . Patch or reimage the device to complete the recoveryB . Restart the antiviruses running processesC . Isolate the host...
Which of the following should be completed FIRST?
A company has alerted planning the implemented a vulnerability management procedure. However, to security maturity level is low, so there are some prerequisites to complete before risk calculation and prioritization. Which of the following should be completed FIRST?A . A business Impact analysisB . A system assessmentC . Communication of...
Which of the following entries should cause the analyst the MOST concern?
An organization has a strict policy that if elevated permissions are needed, users should always run commands under their own account, with temporary administrator privileges if necessary. A security analyst is reviewing syslog entries and sees the following: Which of the following entries should cause the analyst the MOST concern?A...
Which of the following is the BEST approach for configuring and scheduling the scan?
A security analyst is scanning the network to determine if a critical security patch was applied to all systems in an enterprise. The Organization has a very low tolerance for risk when it comes to resource availability. Which of the following is the BEST approach for configuring and scheduling the...
Which of the following BEST Describes this type of actor?
White reviewing incident reports from the previous night, a security analyst notices the corporate websites were defaced with po mcai propaganda. Which of the following BEST Describes this type of actor?A . HacktivistB . Nation-stateC . insider threatD . Organized crimeView AnswerAnswer: A Explanation: A hacktivist is a type of...
Which of the following actions should be taken FIRST to prevent server compromise and business disruption at the same time?
After detecting possible malicious external scanning, an internal vulnerability scan was performed, and a critical server was found with an outdated version of JBoss. A legacy application that is running depends on that version of JBoss. Which of the following actions should be taken FIRST to prevent server compromise and...
Which of the following can the manufacturing company implement to ensure the third-party service provider meets this requirement?
A manufacturing company uses a third-party service provider for Tier 1 security support. One of the requirements is that the provider must only source talent from its own country due to geopolitical and national security interests. Which of the following can the manufacturing company implement to ensure the third-party service...
Which of the following technologies would MOST likely be used to prevent this phishing attempt?
A security analyst is looking at the headers of a few emails that appear to be targeting all users at an organization: Which of the following technologies would MOST likely be used to prevent this phishing attempt?A . DNSSECB . DMARCC . STPD . S/IMAPView AnswerAnswer: B Explanation: DMARC stands...