- All Exams Instant Download
Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?
During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application. Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?A . Conduct regular red team exercises over the application in production B. Ensure that all implemented coding libraries are...
Which of the following solutions will assist in reducing the risk?
The Chief Information Security Officer wants to eliminate and reduce shadow IT in the enterprise. Several high-risk cloud applications are used that increase the risk to the organization. Which of the following solutions will assist in reducing the risk?A . Deploy a CASB and enable policy enforcement B. Configure MFA...
Which of the following implications should be considered on the new hybrid environment?
A company is implementing a vulnerability management program and moving from an on-premises environment to a hybrid IaaS cloud environment. Which of the following implications should be considered on the new hybrid environment?A . The current scanners should be migrated to the cloud B. Cloud-specific misconfigurations may not be detected...
Which of the following logs should the team review first?
An incident response team receives an alert to start an investigation of an internet outage. The outage is preventing all users in multiple locations from accessing external SaaS resources. The team determines the organization was impacted by a DDoS attack. Which of the following logs should the team review first?A...
Which of the following security operations tasks are ideal for automation?
Which of the following security operations tasks are ideal for automation?A . Suspicious file analysis: - Look for suspicious-looking graphics in a folder. - Create subfolders in the original folder based on category of graphics found. - Move the suspicious graphics to the appropriate subfolder B. Firewall IoC block actions:...
Which of the following security controls would best support the company in this scenario?
There are several reports of sensitive information being disclosed via file sharing services. The company would like to improve its security posture against this threat. Which of the following security controls would best support the company in this scenario?A . Implement step-up authentication for administrators B. Improve employee training and...
Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating in?
A malicious actor has gained access to an internal network by means of social engineering. The actor does not want to lose access in order to continue the attack. Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating...
Under the terms of PCI DSS, which of the following groups should the organization report the breach to?
An organization has experienced a breach of customer transactions. Under the terms of PCI DSS, which of the following groups should the organization report the breach to?A . PCI Security Standards Council B. Local law enforcement C. Federal law enforcement D. Card issuerView AnswerAnswer: D Explanation: Under the terms of...
Which of the following most likely describes the observed activity?
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...
Which of the following factors would an analyst most likely communicate as the reason for this escalation?
An older CVE with a vulnerability score of 7.1 was elevated to a score of 9.8 due to a widely available exploit being used to deliver ransomware. Which of the following factors would an analyst most likely communicate as the reason for this escalation?A . Scope B. Weaponization C. CVSS...
