- All Exams Instant Download
Which of the following would BEST provide this solution?
Risk management wants IT to implement a solution that will permit an analyst to intercept, execute, and analyze potentially malicious files that are downloaded from the Internet. Which of the following would BEST provide this solution?A . File fingerprintingB . Decomposition of malwareC . Risk evaluationD . SandboxingView AnswerAnswer: D
Which of the following policies would state an employee should not disable security safeguards, such as host firewalls and antivirus on company systems?
Which of the following policies would state an employee should not disable security safeguards, such as host firewalls and antivirus on company systems?A . Code of conduct policyB . Account management policyC . Password policyD . Acceptable use policyView AnswerAnswer: D
Which of the following rules is the BEST solution?
A security administrator needs to create an IDS rule to alert on FTP login attempts by root. Which of the following rules is the BEST solution? A . Option AB . Option BC . Option CD . Option DView AnswerAnswer: B
Which of the following BEST describes the security analyst's goal?
A security analyst on the threat-hunting team has developed a list of unneeded, benign services that are currently running as part of the standard OS deployment for workstations. The analyst will provide this list to the operations team to create a policy that will automatically disable the services for all...
Which of the following should the security analyst recommend to identity this behavior without alerting any potential malicious actors?
A threat feed notes malicious actors have been infiltrating companies and exfiltration data to a specific set of domains Management at an organization wants to know if it is a victim. Which of the following should the security analyst recommend to identity this behavior without alerting any potential malicious actors?A...
In which of the following phases is this APT MOST likely to leave discoverable artifacts?
A security analyst is attempting to utilize the blowing threat intelligence for developing detection capabilities: In which of the following phases is this APT MOST likely to leave discoverable artifacts?A . Data collection/exfiltrationB . Defensive evasionC . Lateral movementD . ReconnaissanceView AnswerAnswer: A
Which of the following would be the MOST appropriate to remediate the controller?
An analyst is working with a network engineer to resolve a vulnerability that was found in a piece of legacy hardware, which is critical to the operation of the organization's production line. The legacy hardware does not have third-party support, and the OEM manufacturer of the controller is no longer...
Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?
An analyst is performing penetration testing and vulnerability assessment activities against a new vehicle automation platform. Which of the following is MOST likely an attack vector that is being utilized as part of the testing and assessment?A . FaaSB . RTOSC . SoCD . GPSE . CAN busView AnswerAnswer: E
Which of the following would BEST identify potential indicators of compromise?
An information security analyst observes anomalous behavior on the SCADA devices in a power plant. This behavior results in the industrial generators overheating and destabilizing the power supply. Which of the following would BEST identify potential indicators of compromise?A . Use Burp Suite to capture packets to the SCADA device's...
Which of the following is the MOST likely cause of this issue?
A security analyst received an alert from the SIEM indicating numerous login attempts from users outside their usual geographic zones, all of which were initiated through the web-based mail server. The logs indicate all domain accounts experienced two login attempts during the same time frame. Which of the following is...
