During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host.

During routine monitoring, a security analyst discovers several suspicious websites that are communicating with a local host. The analyst queries for IP 192.168.50.2 for a 24-hour period: To further investigate, the analyst should request PCAP for SRC 192.168.50.2 and.A . DST 138.10.2.5.B . DST 138.10.25.5.C . DST 172.10.3.5.D . DST 172.10.45.5.E . DST 175.35.20.5....

Continue reading

An executive assistant wants to onboard a new cloud based product to help with business analytics and dashboarding. When of the following would be the BEST integration option for the service?

An executive assistant wants to onboard a new cloud based product to help with business analytics and dashboarding. When of the following would be the BEST integration option for the service?A . Manually log in to the service and upload data files on a regular basis.B . Have the internal development team script connectivity...

Continue reading

Which of the following configuration changes must be implemented to resolve this security issue while still allowing remote vendor access?

A new on-premises application server was recently installed on the network. Remote access to the server was enabled for vendor support on required ports, but recent security reports show large amounts of data are being sent to various unauthorized networks through those ports. Which of the following configuration changes must be implemented to resolve...

Continue reading

Which of the following BEST describes the primary role ol a risk assessment as it relates to compliance with risk-based frameworks?

Which of the following BEST describes the primary role ol a risk assessment as it relates to compliance with risk-based frameworks?A . It demonstrates the organization’s mitigation of risks associated with internal threats.B . It serves as the basis for control selection.C . It prescribes technical control requirements.D . It is an input to...

Continue reading

During a review of vulnerability scan results an analyst determines the results may be flawed because a control-baseline system which is used to evaluate a scanning tools effectiveness was reported as not vulnerable Consequently, the analyst verifies the scope of the scan included the control-baseline host which was available on the network during the scan. The use of a control-baseline endpoint in this scenario assists the analyst in confirming.

During a review of vulnerability scan results an analyst determines the results may be flawed because a control-baseline system which is used to evaluate a scanning tools effectiveness was reported as not vulnerable Consequently, the analyst verifies the scope of the scan included the control-baseline host which was available on the network during the...

Continue reading

Which of the following MOST likely explains how the clients’ accounts were compromised?

Because some clients have reported unauthorized activity on their accounts, a security analyst is reviewing network packet captures from the company’s API server. A portion of a capture file is shown below: POST /services/v1_0/Public/Members.svc/soap <s:Envelope+xmlns:s="http://schemas.s/soap/envelope/"><s:Body><GetIPLocation+xmlns="http://tempuri.org/"> <request+xmlns:a="http://schemas.somesite.org"+xmlns:i="http://www.w3.org/2001/XMLSchema-instance"></s:Body></s:Envelope> 192.168.1.22 – – api.somesite.com 200 0 1006 1001 0 192.168.1.22 POST /services/v1_0/Public/Members.svc/soap <<a:Password>Password123</a:Password><a:ResetPasswordToken+i:nil="true"/> <a:ShouldImpersonatedAuthenticationBePopulated+i:nil="true"/><a:Username>[email protected]</a:Username></request></Login></s:Body></s:Envelope> 192.168.5.66 – – api.somesite.com...

Continue reading

Which of the following changes should the security analyst make to BEST protect the environment?

A security analyst has discovered trial developers have installed browsers on all development servers in the company’s cloud infrastructure and are using them to browse the Internet. Which of the following changes should the security analyst make to BEST protect the environment?A . Create a security rule that blocks Internet access in the development...

Continue reading