- All Exams Instant Download
Which of the following incident response activities describes this process?
During an investigation, an incident response team attempts to understand the source of an incident. Which of the following incident response activities describes this process?A . AnalysisB . Lessons learnedC . DetectionD . ContainmentView AnswerAnswer: A Explanation: Analysis is the incident response activity that describes the process of understanding the...
Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?
Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?A . Risk toleranceB . Risk transferC . Risk registerD . Risk analysisView AnswerAnswer: C Explanation: A risk register is a document that records and tracks the risks associated with a project, system,...
Which of the following describes the reason root cause analysis should be conducted as part of incident response?
Which of the following describes the reason root cause analysis should be conducted as part of incident response?A . To gather loCs for the investigationB . To discover which systems have been affectedC . To eradicate any trace of malware on the networkD . To prevent future incidents of the...
Which of the following reconnaissance types is the tester performing?
A penetration tester begins an engagement by performing port and service scans against the client environment according to the rules of engagement. Which of the following reconnaissance types is the tester performing?A . ActiveB . PassiveC . DefensiveD . OffensiveView AnswerAnswer: A Explanation: Active reconnaissance is a type of reconnaissance...
Which of the following security benefits do these actions provide?
A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs. Which of the following security benefits do these actions provide? (Choose two.)A . If a security incident occurs on the device, the correct employee can be notified.B . The security team will be...
Which of the following steps should be taken first?
A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?A . Air gap the system.B . Move the system to a different network segment.C . Create a change control request.D . Apply the patch to the system.View AnswerAnswer: C...
Which of the following would be the best solution?
An engineer needs to find a solution that creates an added layer of security by preventing unauthorized access to internal company resources. Which of the following would be the best solution?A . RDP serverB . Jump serverC . Proxy serverD . HypervisorView AnswerAnswer: B Explanation: = A jump server is...
Which of the following should the hosting provider consider first?
A U.S.-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider consider first?A . Local data protection regulationsB . Risks from hackers residing in other countriesC . Impacts to existing contractual obligationsD . Time zone differences in log correlationView...
Which of the following is the type of data these employees are most likely to use in day-to-day work activities?
Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day-to-day work activities?A . EncryptedB . Intellectual propertyC . CriticalD . Data...
Which of the following should the systems administrator use?
A newly appointed board member with cybersecurity knowledge wants the board of directors to receive a quarterly report detailing the number of incidents that impacted the organization. The systems administrator is creating a way to present the data to the board of directors. Which of the following should the systems...
