Which of the following is the BEST method for accomplishing this task?

A company's security administrator needs to automate several security processes related to testing for the existence of changes within the environment Conditionally other processes will need to be created based on input from prior processes Which of the following is the BEST method for accomplishing this task?A . Machine learning...

January 22, 2022 No Comments READ MORE +

Which of the following should the analyst investigate FIRST?

An analyst performs a routine scan of a host using Nmap and receives the following output: Which of the following should the analyst investigate FIRST?A . Port 21B . Port 22C . Port 23D . Port 80View AnswerAnswer: A

January 22, 2022 No Comments READ MORE +

Which of the following MOST likely explains how the clients' accounts were compromised?

Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company's API server. A portion of a capture file is shown below: POST /services/v1_0/Public/Members.svc/soap <s:Envelope+xmlns:s="http://schemas.s/soap/envelope/"><s:Body><GetIPLocation+xmlns="http://tempuri.org/"> <request+xmlns:a="http://schemas.somesite.org"+xmlns:i="http://www.w3.org/2001/XMLSchema-instance"></s:Body></s:Envelope> 192.168.1.22 --api.somesite.com 200 0 1006 1001 0 192.168.1.22 POST /services/v1_0/Public/Members.svc/soap <<a:Password>Password123</a:Password><a:ResetPasswordToken+i:nil="true"/> <a:ShouldImpersonatedAuthenticationBePopulated+i:nil="true"/><a:Username>[email protected]</a:Username></request></Login></s:Body></s:Envelope> 192.168.5.66 --api.somesite.com...

January 22, 2022 No Comments READ MORE +

Which of the following should the analyst do FIRST to evaluate the potential impact of this security incident?

During an investigation, an analyst discovers the following rule in an executive’s email client: IF * TO <[email protected]> THEN mailto: <[email protected]> SELECT FROM ‘sent’ THEN DELETE FROM <[email protected]> The executive is not aware of this rule. Which of the following should the analyst do FIRST to evaluate the potential impact...

January 22, 2022 No Comments READ MORE +

In which of the following phases is this APT MOST likely to leave discoverable artifacts?

A security analyst is attempting to utilize the blowing threat intelligence for developing detection capabilities: In which of the following phases is this APT MOST likely to leave discoverable artifacts?A . Data collection/exfiltrationB . Defensive evasionC . Lateral movementD . ReconnaissanceView AnswerAnswer: A

January 21, 2022 No Comments READ MORE +

Which of the following types of policies is used to regulate data storage on the network?

Which of the following types of policies is used to regulate data storage on the network?A . PasswordB . Acceptable useC . Account managementD . RetentionView AnswerAnswer: D Explanation: Reference: http://www.css.edu/administration/information-technologies/computing-policies/computer-and-network-policies.html

January 21, 2022 No Comments READ MORE +

Which of the following should the cybersecurity analyst do FIRST?

A network attack that is exploiting a vulnerability in the SNMP is detected. Which of the following should the cybersecurity analyst do FIRST?A . Apply the required patches to remediate the vulnerability.B . Escalate the incident to senior management for guidance.C . Disable all privileged user accounts on the network.D...

January 21, 2022 No Comments READ MORE +

Which of the following should a database administrator implement to BEST protect data from an untrusted server administrator?

Which of the following should a database administrator implement to BEST protect data from an untrusted server administrator?A . Data encryptionB . Data deidentificationC . Data maskingD . Data minimizationView AnswerAnswer: A

January 21, 2022 No Comments READ MORE +

Which of the following is the analyst MOST likely observing?

A security analyst is reviewing the network security monitoring logs listed below: Which of the following is the analyst MOST likely observing? (Select TWO).A . 10.1.1.128 sent malicious requests, and the alert is a false positive.B . 10.1.1.129 sent potential malicious requests to the web server.C . 10.1.1.129 sent non-malicious...

January 21, 2022 No Comments READ MORE +

Which of the following is the BEST recommendation to ensure proper error handling at runtime?

A security analyst is supporting an embedded software team. Which of the following is the BEST recommendation to ensure proper error handling at runtime?A . Perform static code analysis.B . Require application fuzzing.C . Enforce input validationD . Perform a code reviewView AnswerAnswer: B

January 21, 2022 No Comments READ MORE +