Which of the following scenarios describes a possible business email compromise attack?

Which of the following scenarios describes a possible business email compromise attack?A . An employee receives a gift card request in an email that has an executive's name in the display field of the email.B . Employees who open an email attachment receive messages demanding payment in order to access...

January 5, 2024 No Comments READ MORE +

Which of the following methods is most secure?

A company needs to provide administrative access to internal resources while minimizing the traffic allowed through the security boundary. Which of the following methods is most secure?A . Implementing a bastion hostB . Deploying a perimeter networkC . Installing a WAFD . Utilizing single sign-onView AnswerAnswer: A Explanation: A bastion...

January 5, 2024 No Comments READ MORE +

Which of the following logs should the analyst use as a data source?

A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee’s corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst...

January 5, 2024 No Comments READ MORE +

Which of the following should the administrator implement to prevent this type of attack from succeeding in the future?

An administrator notices that several users are logging in from suspicious IP addresses. After speaking with the users, the administrator determines that the employees were not logging in from those IP addresses and resets the affected users’ passwords. Which of the following should the administrator implement to prevent this type...

January 5, 2024 No Comments READ MORE +

Which of the following is the best option?

A technician wants to improve the situational and environmental awareness of existing users as they transition from remote to in-office work. Which of the following is the best option?A . Send out periodic security reminders.B . Update the content of new hire documentation.C . Modify the content of recurring training....

January 5, 2024 No Comments READ MORE +

Which of the following incident response activities describes this process?

During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?A . AnalysisB . Lessons learnedC . DetectionD . ContainmentView AnswerAnswer: A Explanation: Analysis is the incident response activity that describes the process of understanding the...

January 5, 2024 No Comments READ MORE +

Which of the following is the type of data these employees are most likely to use in day-to-day work activities?

Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day-to-day work activities?A . EncryptedB . Intellectual propertyC . CriticalD . Data...

January 4, 2024 No Comments READ MORE +

Which of the following roles, according to the shared responsibility model, is responsible for securing the company’s database in an IaaS model for a cloud environment?

Which of the following roles, according to the shared responsibility model, is responsible for securing the company’s database in an IaaS model for a cloud environment?A . ClientB . Third-party vendorC . Cloud providerD . DBAView AnswerAnswer: A Explanation: According to the shared responsibility model, the client and the cloud...

January 4, 2024 No Comments READ MORE +

Which of the following should be done next?

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Which of the following should be done next?A . Conduct an audit.B . Initiate a penetration test.C . Rescan the network.D . Submit a report.View AnswerAnswer: C Explanation: After completing...

January 4, 2024 No Comments READ MORE +

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?

Which of the following is used to add extra complexity before using a one-way data transformation algorithm?A . Key stretchingB . Data maskingC . SteganographyD . SaltingView AnswerAnswer: D Explanation: Salting is the process of adding extra random data to a password or other data before applying a one-way data...

January 4, 2024 No Comments READ MORE +