- All Exams Instant Download
Which of the following is the FIRST step the analyst should take to evaluate this potential indicator of compromise'?
A security analyst is responding to an incident on a web server on the company network that is making a large number of outbound requests over DNS. Which of the following is the FIRST step the analyst should take to evaluate this potential indicator of compromise'?A . Run an anti-malware...
Which of the following is the BEST technology for the analyst to recommend?
An analyst needs to provide a recommendation that will allow a custom-developed application to have full access to the system's processors and peripherals but still be contained securely from other applications that will be developed. Which of the following is the BEST technology for the analyst to recommend?A . Software-based...
Which of the following is MOST closely related to the concept of privacy?
Which of the following is MOST closely related to the concept of privacy?A . An individual's control over personal informationB . A policy implementing strong identity management processesC . A system's ability to protect the confidentiality of sensitive informationD . The implementation of confidentiality, integrity, and availabilityView AnswerAnswer: A
Which of the following would be the BEST solution to recommend to the director?
A human resources employee sends out a mass email to all employees that contains their personnel records. A security analyst is called in to address the concern of the human resources director on how to prevent this from happening in the future. Which of the following would be the BEST...
Which of the following conclusions is supported by the application log?
An application server runs slowly and then triggers a high CPU alert. After investigating, a security analyst finds an unauthorized program is running on the server. The analyst reviews the application log below. Which of the following conclusions is supported by the application log?A . An attacker was attempting to...
Which of the following is MOST likely inhibiting the remediation efforts?
A security analyst at a technology solutions firm has uncovered the same vulnerabilities on a vulnerability scan for a long period of time. The vulnerabilities are on systems that are dedicated to the firm's largest client. Which of the following is MOST likely inhibiting the remediation efforts?A . The parties...
Which of the following types of attacks will this configuration mitigate?
A security analyst is reviewing the following requirements (or new time clocks that will be installed in a shipping warehouse: • The clocks must be configured so they do not respond to ARP broadcasts. • The server must be configured with static ARP entries for each clock. Which of the...
Which of the following is inconsistent with the rest of the header and should be treated as suspicious?
A security analyst inspects the header of an email that is presumed to be malicious and sees the following: Which of the following is inconsistent with the rest of the header and should be treated as suspicious?A . The subject lineB . The sender's email addressC . The destination email...
Which of the following actions would work BEST to prevent against this type of attack?
The Cruel Executive Officer (CEO) of a large insurance company has reported phishing emails that contain malicious links are targeting the entire organza lion. Which of the following actions would work BEST to prevent against this type of attack?A . Turn on full behavioral analysis to avert an infectionB ....
Which of the following malware analysis approaches is this?
A security analyst has a sample of malicious software and needs to know what the sample does? The analyst runs the sample in a carefully controlled and monitored virtual machine to observe the software behavior. Which of the following malware analysis approaches is this?A . White box testingB . FuzzingC...
