- All Exams Instant Download
Based on the output of this Nmap scan, which of the following should the analyst investigate FIRST?
D18912E1457D5D1DDCBD40AB3BF70D5D A security analyst scanned an internal company subnet and discovered a host with the following Nmap output. Based on the output of this Nmap scan, which of the following should the analyst investigate FIRST?A . Port 22B . Port 135C . Port 445D . Port 3389View AnswerAnswer: B
As part of the management response phase of the audit, which of the following would BEST demonstrate senior management is appropriately aware of and addressing the issue?
An audit has revealed an organization is utilizing a large number of servers that are running unsupported operating systems. As part of the management response phase of the audit, which of the following would BEST demonstrate senior management is appropriately aware of and addressing the issue?A . Copies of prior...
Which of the following should the analyst do FIRST to evaluate the potential impact of this security incident?
During an investigation, an analyst discovers the following rule in an executive’s email client: IF * TO <[email protected]> THEN mailto: <[email protected]> SELECT FROM ‘sent’ THEN DELETE FROM <[email protected]> The executive is not aware of this rule. Which of the following should the analyst do FIRST to evaluate the potential impact...
Which of the following should the analyst do?
A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance software as identified from the firewall logs but the destination IP is blocked and not captured. Which of the following should the analyst do?A . Shut down the computerB . Capture live data...
Which of the following can the analyst conclude?
A security analyst is reviewing packet captures from a system that was compromised. The system was already isolated from the network, but it did have network access for a few hours after being compromised. When viewing the capture in a packet analyzer, the analyst sees the following: Which of the...
An incident response team is responding to a breach of multiple systems that contain PII and PHI.
An incident response team is responding to a breach of multiple systems that contain PII and PHI. Disclosing the incident to external entities should be based on:A . the responder’s discretionB . the public relations policyC . the communication planD . senior management’s guidanceView AnswerAnswer: A
Which of the following secure coding techniques can be used to prevent cross-site request forgery attacks?
Which of the following secure coding techniques can be used to prevent cross-site request forgery attacks?A . Input validationB . Output encodingC . Parameterized queriesD . TokenizationView AnswerAnswer: D
Which of the following commands should the administrator run NEXT to further analyze the compromised system?
A security analyst is investigating a compromised Linux server. The analyst issues the ps command and receives the following output. Which of the following commands should the administrator run NEXT to further analyze the compromised system?A . strace /proc/1301B . rpm -V openash-serverC . /bin/la -1 /proc/1301/exeD . kill -9...
Which of the following is the FIRST step the analyst should take?
A cyber-incident response analyst is investigating a suspected cryptocurrency miner on a company's server. Which of the following is the FIRST step the analyst should take?A . Create a full disk image of the server's hard drive to look for the file containing the malware.B . Run a manual antivirus...
An executive assistant wants to onboard a new cloud based product to help with business analytics and dashboarding. When of the following would be the BEST integration option for the service?
An executive assistant wants to onboard a new cloud based product to help with business analytics and dashboarding. When of the following would be the BEST integration option for the service?A . Manually log in to the service and upload data files on a regular basis.B . Have the internal...
