- All Exams Instant Download
Which of the following would BEST satisfy the objectives defined by the compliance officer?
A compliance officer of a large organization has reviewed the firm's vendor management program but has discovered there are no controls defined to evaluate third-party risk or hardware source authenticity. The compliance officer wants to gain some level of assurance on a recurring basis regarding the implementation of controls by...
Which of the following actions should be taken to BEST mitigate the effects of this type of threat in the future?
A security analyst received a series of antivirus alerts from a workstation segment, and users reported ransomware messages. During lessons- learned activities, the analyst determines the antivirus was able to alert to abnormal behavior but did not stop this newest variant of ransomware. Which of the following actions should be...
Which of the following is a collaborative resource that would MOST likely be used for this purpose?
A cybersecurity analyst is establishing a threat hunting and intelligence group at a growing organization. Which of the following is a collaborative resource that would MOST likely be used for this purpose?A . ScrumB . loC feedsC . ISACD . VSS scoresView AnswerAnswer: C
Which of the following would be the MAIN concern of the company?
A company just chose a global software company based in Europe to implement a new supply chain management solution. Which of the following would be the MAIN concern of the company?A . Violating national security policyB . Packet injectionC . Loss of intellectual propertyD . International labor lawsView AnswerAnswer: A
Which of the following procedures is the BEST approach to perform a further analysis of the malware's capabilities?
A malicious artifact was collected during an incident response procedure. A security analyst is unable to run it in a sandbox to understand its features and method of operation. Which of the following procedures is the BEST approach to perform a further analysis of the malware's capabilities?A . Reverse engineeringB...
Based on the output of this Nmap scan, which of the following should the analyst investigate FIRST?
A security analyst scanned an internal company subnet and discovered a host with the following Nmap output. Based on the output of this Nmap scan, which of the following should the analyst investigate FIRST?A . Port 22B . Port 135C . Port 445D . Port 3389View AnswerAnswer: B
Which of the following would cause the analyst to further review the incident?
During an incident, a cybersecurity analyst found several entries in the web server logs that are related to an IP with a bad reputation. Which of the following would cause the analyst to further review the incident? A) B) C) D) E) A . Option AB . Option BC ....
Which of the following should be the team's NEXT step during the detection phase of this response process?
A team of security analysis has been alerted to potential malware activity. The initial examination indicates one of the affected workstations on beaconing on TCP port 80 to five IP addresses and attempting to spread across the network over port 445. Which of the following should be the team's NEXT...
Which of the following commands will allow the security analyst to confirm the incident?
An analyst is searching a log for potential credit card leaks. The log stores all data encoded in hexadecimal. Which of the following commands will allow the security analyst to confirm the incident?A . cat log xxd -r -p | egrep ' [0-9] {16}B . egrep '(3(0-9)) (16) ' logC...
Which of the following BEST represents the technique in use?
An information security analyst on a threat-hunting team Is working with administrators to create a hypothesis related to an internally developed web application. The working hypothesis is as follows: • Due to the nature of the industry, the application hosts sensitive data associated with many clients and Is a significant...
