Which of the following steps of an attack framework is the analyst witnessing?
An analyst finds that an IP address outside of the company network that is being used to run network and vulnerability scans across external-facing assets. Which of the following steps of an attack framework is the analyst witnessing?A . Exploitation B. Reconnaissance C. Command and control D. Actions on objectivesView...
Which of the following tuning recommendations should the security analyst share?
An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed: Which of the following tuning recommendations should the security analyst share?A . Set an HttpOnlvflaq to force communication by HTTPS B. Block requests without an X-Frame-Options header C. Configure an Access-Control-Allow-Origin header...
Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?
An incident response team found IoCs in a critical server. The team needs to isolate and collect technical evidence for further investigation. Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?A . Hard disk B. Primary boot partition...
Which of the following will produce the data needed for the briefing?
A new cybersecurity analyst is tasked with creating an executive briefing on possible threats to the organization. Which of the following will produce the data needed for the briefing?A . Firewall logs B. Indicators of compromise C. Risk assessment D. Access control listsView AnswerAnswer: B Explanation: Indicators of compromise (IoCs)...
Which of the following is the best way to begin preparation for a report titled "What We Learned" regarding a recent incident involving a cybersecurity breach?
Which of the following is the best way to begin preparation for a report titled "What We Learned" regarding a recent incident involving a cybersecurity breach?A . Determine the sophistication of the audience that the report is meant for B. Include references and sources of information on the first page...
Which of the following most accurately describes the result of the scan?
The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attempt B. The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...
Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating in?
A malicious actor has gained access to an internal network by means of social engineering. The actor does not want to lose access in order to continue the attack. Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating...