- All Exams Instant Download
Which of the following is the MOST appropriate product category for this purpose?
A security engineer is reviewing security products that identify malicious actions by users as part of a company's insider threat program. Which of the following is the MOST appropriate product category for this purpose?A . SOARB . WAFC . SCAPD . UEBAView AnswerAnswer: D
Which of the following is the BEST solution?
A small organization has proprietary software that is used internally. The system has not been well maintained and cannot be updated with the rest of the environment. Which of the following is the BEST solution?A . Virtualize the system and decommission the physical machine.B . Remove it from the network...
Which of the following BEST describes the rationale for integration intelligence into hunt operations?
A company wants to establish a threat-hunting team. Which of the following BEST describes the rationale for integration intelligence into hunt operations?A . It enables the team to prioritize the focus area and tactics within the company’s environment.B . It provide critically analyses for key enterprise servers and services.C ....
Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?
An analyst is performing penetration testing and vulnerability assessment activities against a new vehicle automation platform. Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?A . FaaSB . RTOSC . SoCD . GPSE . CAN busView AnswerAnswer: E
Which of the following should the security analyst perform NEXT?
A security analyst discovered a specific series of IP addresses that are targeting an organization. None of the attacks have been successful. Which of the following should the security analyst perform NEXT?A . Begin blocking all IP addresses within that subnet.B . Determine the attack vector and total attack surface.C...
Which of the following should be the NEXT step in this incident response?
The SOC has received reports of slowness across all workstation network segments. The currently installed antivirus has not detected anything, but a different anti-malware product was just downloaded and has revealed a worm is spreading Which of the following should be the NEXT step in this incident response?A . Enable...
Which of the following is the BEST approach for supply chain assessment when selecting a vendor?
An analyst is participating in the solution analysis process for a cloud-hosted SIEM platform to centralize log monitoring and alerting capabilities in the SOC. Which of the following is the BEST approach for supply chain assessment when selecting a vendor?A . Gather information from providers, including datacenter specifications and copies...
In addition to retraining the employee, which of the following would prevent this from happening in the future?
An employee in the billing department accidentally sent a spreadsheet containing payment card data to a recipient outside the organization. The employee intended to send the spreadsheet to an internal staff member with a similar name and was unaware of the mistake until the recipient replied to the message. In...
Which of the following types of vulnerabilities does this MOST likely represent?
An analyst is reviewing the following code output of a vulnerability scan: if (search name ! = null ) { %> employee <%search names%> not found } Which of the following types of vulnerabilities does this MOST likely represent?A . A insecure direct object reference vulnerabilityB . An HTTP response...
Which of the following BEST describes the reason why the email was blocked?
A security analyst is reviewing the following log from an email security service. Which of the following BEST describes the reason why the email was blocked? A. The To address is invalid. B. The email originated from the www.spamfilter.org URL. C. The IP address and the remote server name are...
