- All Exams Instant Download
Which of the following should the analyst do FIRST?
A cybersecurity analyst is contributing to a team hunt on an organization's endpoints. Which of the following should the analyst do FIRST?A . Write detection logic. B. Establish a hypothesis. C. Profile the threat actors and activities. D. Perform a process analysis.View AnswerAnswer: C Explanation: Reference: https://www.cybereason.com/blog/blog-the-eight-steps-to-threat-hunting
Which of the following is MOST likely a false positive?
A security analyst, who is working for a company that utilizes Linux servers, receives the following results from a vulnerability scan: Which of the following is MOST likely a false positive?A . ICMP timestamp request remote date disclosure B. Windows SMB service enumeration via srvsvc C. Anonymous FTP enabled D....
Which of the following describes the output of this scan?
A cybersecurity analyst is currently checking a newly deployed server that has an access control list applied. When conducting the scan, the analyst received the following code snippet of results: Which of the following describes the output of this scan?A . The analyst has discovered a False Positive, and the...
Which of the following would BEST mitigate and improve the security posture of the wireless network for this type of attack?
A security analyst recently discovered two unauthorized hosts on the campus's wireless network segment from a man-m-the-middle attack. The security analyst also verified that privileges were not escalated, and the two devices did not gain access to other network devices. Which of the following would BEST mitigate and improve the...
Which of the following would BEST identify potential indicators of compromise?
An information security analyst observes anomalous behavior on the SCADA devices in a power plant. This behavior results in the industrial generators overheating and destabilizing the power supply. Which of the following would BEST identify potential indicators of compromise?A . Use Burp Suite to capture packets to the SCADA device's...
Which of the following technologies can be used to house the entropy keys for disk encryption on desktops and laptops?
Which of the following technologies can be used to house the entropy keys for disk encryption on desktops and laptops?A . Self-encrypting drive B. Bus encryption C. TPM D. HSMView AnswerAnswer: A
The inability to do remote updates of certificates. keys software and firmware is a security issue commonly associated with:
The inability to do remote updates of certificates. keys software and firmware is a security issue commonly associated with:A . web servers on private networks. B. HVAC control systems C. smartphones D. firewalls and UTM devicesView AnswerAnswer: B
Which of the following roles is ultimately responsible for determining the classification levels assigned to specific data sets?
Which of the following roles is ultimately responsible for determining the classification levels assigned to specific data sets?A . Data custodian B. Data owner C. Data processor D. Senior managementView AnswerAnswer: B Explanation: Reference: https://www.pearsonitcertification.com/articles/article.aspx?p=2731933&seqNum=3
Which of the following BEST describes the process by which code is developed, tested, and deployed in small batches?
Which of the following BEST describes the process by which code is developed, tested, and deployed in small batches?A . Agile B. Waterfall C. SDLC D. Dynamic code analysisView AnswerAnswer: A Explanation: Reference: https://www.cleverism.com/software-development-life-cycle-sdlc-methodologies/
Which of the following attacks can be prevented by using output encoding?
Which of the following attacks can be prevented by using output encoding?A . Server-side request forgery B. Cross-site scripting C. SQL injection D. Command injection E. Cross-site request forgery F. Directory traversalView AnswerAnswer: B
