Which of the following is the BEST action for the security analyst to take?
While conducting a network infrastructure review, a security analyst discovers a laptop that is plugged into a core switch and hidden behind a desk. The analyst sees the following on the laptop's screen: Which of the following is the BEST action for the security analyst to take?A . Initiate a...
Which of the following can the analyst conclude?
A security analyst is reviewing packet captures from a system that was compromised. The system was already isolated from the network, but it did have network access for a few hours after being compromised. When viewing the capture in a packet analyzer, the analyst sees the following: Which of the...
Which of the following frameworks or models did the security team MOST likely use to identify the tactics and techniques'?
A security team identified some specific known tactics and techniques to help mitigate repeated credential access threats, such as account manipulation and brute forcing. Which of the following frameworks or models did the security team MOST likely use to identify the tactics and techniques'?A . Kill chainB . Diamond Model...
An incident response team is responding to a breach of multiple systems that contain PII and PHI.
An incident response team is responding to a breach of multiple systems that contain PII and PHI. Disclosing the incident to external entities should be based on:A . the responder’s discretionB . the public relations policyC . the communication planD . senior management’s guidanceView AnswerAnswer: A
Which of the following is the MOST likely cause of this issue?
A security analyst received an alert from the SIEM indicating numerous login attempts from users outside their usual geographic zones, all of which were initiated through the web-based mail server. The logs indicate all domain accounts experienced two login attempts during the same time frame. Which of the following is...
A hybrid control is one that:
A hybrid control is one that:A . is implemented differently on individual systemsB . is implemented at the enterprise and system levelsC . has operational and technical componentsD . authenticates using passwords and hardware tokensView AnswerAnswer: B
Which of the following email protection technologies is the analyst MOST likely validating?
A security analyst is reviewing a suspected phishing campaign that has targeted an organisation. The organization has enabled a few email security technologies in the last year: however, the analyst believes the security features are not working. The analyst runs the following command: > dig domain._domainkey.comptia.orq TXT Which of the...
Which of the following updates to the SPF record will work BEST to prevent the emails from being marked as spam or blocked?
A company's marketing emails are either being found in a spam folder or not being delivered at all. The security analyst investigates the issue and discovers the emails in question are being sent on behalf of the company by a third party in1marketingpartners.com. Below is the exiting SPP word: Which...
Which of the following is the MOST appropriate product category for this purpose?
A security engineer is reviewing security products that identify malicious actions by users as part of a company's insider threat program. Which of the following is the MOST appropriate product category for this purpose?A . SOARB . WAFC . SCAPD . UEBAView AnswerAnswer: D
Which of the following is the BEST solution?
A small organization has proprietary software that is used internally. The system has not been well maintained and cannot be updated with the rest of the environment. Which of the following is the BEST solution?A . Virtualize the system and decommission the physical machine.B . Remove it from the network...