Which of the following would be the BEST method of communication?
The computer incident response team at a multinational company has determined that a breach of sensitive data has occurred in which a threat actor has compromised the organization’s email system. Per the incident response procedures, this breach requires notifying the board immediately. Which of the following would be the BEST...
Which of the following would be the MAIN concern of the company?
A company just chose a global software company based in Europe to implement a new supply chain management solution. Which of the following would be the MAIN concern of the company?A . Violating national security policyB . Packet injectionC . Loss of intellectual propertyD . International labor lawsView AnswerAnswer: A
Which of the following malware analysis approaches is this?
A security analyst has a sample of malicious software and needs to know what the sample does. The analyst runs the sample in a carefully controlled and monitored virtual machine to observe the software behavior. Which of the following malware analysis approaches is this?A . White box testingB . FuzzingC...
Which of the following configuration changes to the existing controls would be the MOST appropriate to improve performance?
A company's blocklist has outgrown the current technologies in place. The ACLS are at maximum, and the IPS signatures only allow a certain amount of space for domains to be added, creating the need for multiple signatures. Which of the following configuration changes to the existing controls would be the...
In addition to technical response activities, which of the following is the main reason why communication must be addressed in an effective incident response program?
A Chief Security Officer (CSO) is working on the communication requirements (or an organization's incident response plan. In addition to technical response activities, which of the following is the main reason why communication must be addressed in an effective incident response program?A . Public relations must receive information promptly in...
Which of the following actions should the technician take to accomplish this task?
A security technician is testing a solution that will prevent outside entities from spoofing the company's email domain, which is comptiA.org. The testing is successful, and the security technician is prepared to fully implement the solution. Which of the following actions should the technician take to accomplish this task? A....
Which of the following is the BEST parameter mitigation rec?
A security analyst is generating a list of recommendations for the company's insecure API. Which of the following is the BEST parameter mitigation rec?A . Implement parameterized queries.B . Use effective authentication and authorization methods.C . Validate all incoming data.D . Use TLs for all data exchanges.View AnswerAnswer: D
Which of the following will MOST likely help the security analyst develop better controls?
A company recently experienced financial fraud, which included shared passwords being compromised and improper levels of access being granted. The company has asked a security analyst to help improve its controls. Which of the following will MOST likely help the security analyst develop better controls?A . An evidence summarizationB ....
Which of the following courses of action is appropriate?
A Chief Executive Officer (CEO) is concerned about the company’s intellectual property being leaked to competitors. The security team performed an extensive review but did not find any indication of an outside breach. The data sets are currently encrypted using the Triple Data Encryption Algorithm. Which of the following courses...
Which of the following technologies can be used to house the entropy keys for disk encryption on desktops and laptops?
Which of the following technologies can be used to house the entropy keys for disk encryption on desktops and laptops?A . Self-encrypting driveB . Bus encryptionC . TPMD . HSMView AnswerAnswer: A