Which of the following existing technical controls should a security analyst recommend to best meet all the requirements?

A Chief Information Officer wants to implement a BYOD strategy for all company laptops and mobile phones. The Chief Information Security Officer is concerned with ensuring all devices are patched and running some sort of protection against malicious software. Which of the following existing technical controls should a security analyst...

April 5, 2024 No Comments READ MORE +

Which of the following describes what the analyst has noticed?

An analyst notices there is an internal device sending HTTPS traffic with additional characters in the header to a known-malicious IP in another country. Which of the following describes what the analyst has noticed?A . BeaconingB . Cross-site scriptingC . Buffer overflowD . PHP traversalView AnswerAnswer: A Explanation:

April 5, 2024 No Comments READ MORE +

Which of the following systems should be prioritized for patching first?

An analyst is reviewing a vulnerability report for a server environment with the following entries: Which of the following systems should be prioritized for patching first?A . 10.101.27.98B . 54.73.225.17C . 54.74.110.26D . 54.74.110.228View AnswerAnswer: D Explanation: The system that should be prioritized for patching first is 54.74.110.228, as it...

April 5, 2024 No Comments READ MORE +

Which of the following most accurately describes the result of the scan?

The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attemptB . The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...

April 4, 2024 No Comments READ MORE +

Which of the following is the best option to protect the data on the remote users' laptops?

An organization supports a large number of remote users. Which of the following is the best option to protect the data on the remote users' laptops? A. Require the use of VPNs. B. Require employees to sign an NDA. C. Implement a DLP solution. D. Use whole disk encryption.View AnswerAnswer:...

April 4, 2024 No Comments READ MORE +

Which of the following has the user become?

A user downloads software that contains malware onto a computer that eventually infects numerous other systems. Which of the following has the user become?A . HacklivistB . Advanced persistent threatC . Insider threatD . Script kiddieView AnswerAnswer: C Explanation: The user has become an insider threat by downloading software that...

April 4, 2024 No Comments READ MORE +

Which of the following describes the most likely cause of the issue?

A security analyst responds to a series of events surrounding sporadic bandwidth consumption from an endpoint device. The security analyst then identifies the following additional details: • Bursts of network utilization occur approximately every seven days. • The content being transferred appears to be encrypted or obfuscated. • A separate...

April 4, 2024 No Comments READ MORE +

Which of the following is the most likely reason to include lessons learned?

An incident response team finished responding to a significant security incident. The management team has asked the lead analyst to provide an after-action report that includes lessons learned. Which of the following is the most likely reason to include lessons learned?A . To satisfy regulatory requirements for incident reportingB ....

April 4, 2024 No Comments READ MORE +

Which of the following tools would work best to prevent the exposure of PII outside of an organization?

Which of the following tools would work best to prevent the exposure of PII outside of an organization?A . PAMB . IDSC . PKID . DLPView AnswerAnswer: D Explanation: Data loss prevention (DLP) is a tool that can prevent the exposure of PII outside of an organization by monitoring, detecting,...

April 4, 2024 No Comments READ MORE +

Which of the following implications should be considered on the new hybrid environment?

A company is implementing a vulnerability management program and moving from an on-premises environment to a hybrid IaaS cloud environment. Which of the following implications should be considered on the new hybrid environment?A . The current scanners should be migrated to the cloudB . Cloud-specific misconfigurations may not be detected...

April 4, 2024 No Comments READ MORE +