Which of the following must be in place before implementing a BCP?
Which of the following must be in place before implementing a BCP?A . SLAB . AUPC . NDAD . BIAView AnswerAnswer: D Explanation: A Business Impact Analysis (BIA) is a critical component of a Business Continuity Plan (BCP). It identifies and prioritizes critical business functions and determines the impact of...
Which of the following TCP ports should be blocked for all external inbound connections to the DMZ as a workaround to protect the servers?
A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned tf servers in the company's DMZ will be vulnerable to external attack; however, the administrator cannot disable the service on the...
Which of the following is the BEST technical implementation to prevent this from happening again?
A major clothing company recently lost a large amount of proprietary information. The security officer must find a solution to ensure this never happens again. Which of the following is the BEST technical implementation to prevent this from happening again?A . Configure DLP solutionsB . Disable peer-to-peer sharingC . Enable...
If a current private key is compromised, which of the following would ensure it cannot be used to decrypt ail historical data?
If a current private key is compromised, which of the following would ensure it cannot be used to decrypt ail historical data?A . Perfect forward secrecyB . Elliptic-curve cryptographyC . Key stretchingD . Homomorphic encryptionView AnswerAnswer: B Explanation: Perfect forward secrecy would ensure that it cannot be used to decrypt...
Which of the following types of attacks does this scenario describe?
A bad actor tries to persuade someone to provide financial information over the phone in order to gain access to funds. Which of the following types of attacks does this scenario describe?A . VishingB . PhishingC . Spear phishingD . WhalingView AnswerAnswer: A Explanation: Vishing is a social engineering attack...
Which of the following will the company MOST likely implement?
As part of a company's ongoing SOC maturation process, the company wants to implement a method to share cyberthreat intelligence data with outside security partners. Which of the following will the company MOST likely implement?A . TAXIIB . TLPC . TTPD . STIXView AnswerAnswer: A Explanation: Trusted Automated Exchange of...
To which of the following groups should the analyst report this real-world event?
The SIEM at an organization has detected suspicious traffic coming a workstation in its internal network. An analyst in the SOC the workstation and discovers malware that is associated with a botnet is installed on the device A review of the logs on the workstation reveals that the privileges of...
Which of the following would produce the closet experience of responding to an actual incident response scenario?
Which of the following would produce the closet experience of responding to an actual incident response scenario?A . Lessons learnedB . SimulationC . Walk-throughD . TabletopView AnswerAnswer: B Explanation: A simulation exercise is designed to create an experience that is as close as possible to a real-world incident response scenario....
Which of the following BEST explains what happened?
After a hardware incident, an unplanned emergency maintenance activity was conducted to rectify the issue. Multiple alerts were generated on the SIEM during this period of time. Which of the following BEST explains what happened?A . The unexpected traffic correlated against multiple rules, generating multiple alerts.B . Multiple alerts were...
Which of the following BEST represents the type of testing that is being used?
An enterprise has hired an outside security firm to facilitate penetration testing on its network and applications. The firm has agreed to pay for each vulnerability that ts discovered. Which of the following BEST represents the type of testing that is being used?A . White-boxB . Red-leamC . Bug bountyD...