- All Exams Instant Download
Which of the following will most likely ensure that mission-critical services are available in the event of an incident?
Which of the following will most likely ensure that mission-critical services are available in the event of an incident?A . Business continuity plan B. Vulnerability management plan C. Disaster recovery plan D. Asset management planView AnswerAnswer: C Explanation:
Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?
An incident response team found IoCs in a critical server. The team needs to isolate and collect technical evidence for further investigation. Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?A . Hard disk B. Primary boot partition...
Which of the following most likely describes the observed activity?
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...
According to the security policy, which of the following vulnerabilities should be the highest priority to patch?
The Company shall prioritize patching of publicly available systems and services over patching of internally available system. According to the security policy, which of the following vulnerabilities should be the highest priority to patch? A) B) C) D) A . Option A B. Option B C. Option C D. Option...
Which of the following steps of an attack framework is the analyst witnessing?
An analyst finds that an IP address outside of the company network that is being used to run network and vulnerability scans across external-facing assets. Which of the following steps of an attack framework is the analyst witnessing?A . Exploitation B. Reconnaissance C. Command and control D. Actions on objectivesView...
Which of the following choices should the analyst look at first?
Due to reports of unauthorized activity that was occurring on the internal network, an analyst is performing a network discovery. The analyst runs an Nmap scan against a corporate network to evaluate which devices were operating in the environment. Given the following output: Which of the following choices should the...
Which of the following inhibitors to remediation do these systems and associated vulnerabilities best represent?
An analyst is reviewing a vulnerability report and must make recommendations to the executive team. The analyst finds that most systems can be upgraded with a reboot resulting in a single downtime window. However, two of the critical systems cannot be upgraded due to a vendor appliance that the company...
Which of the following should be the next step in the remediation process?
A technician identifies a vulnerability on a server and applies a software patch. Which of the following should be the next step in the remediation process?A . Testing B. Implementation C. Validation D. RollbackView AnswerAnswer: C Explanation: The next step in the remediation process after applying a software patch is...
Which of the following logs should the team review first?
An incident response team receives an alert to start an investigation of an internet outage. The outage is preventing all users in multiple locations from accessing external SaaS resources. The team determines the organization was impacted by a DDoS attack. Which of the following logs should the team review first?A...
Which of the following security operations tasks are ideal for automation?
Which of the following security operations tasks are ideal for automation?A . Suspicious file analysis: - Look for suspicious-looking graphics in a folder. - Create subfolders in the original folder based on category of graphics found. - Move the suspicious graphics to the appropriate subfolder B. Firewall IoC block actions:...
