- All Exams Instant Download
Which of the following is the MOST appropriate threat classification for these incidents?
A security analyst has observed several incidents within an organization that are affecting one specific piece of hardware on the network. Further investigation reveals the equipment vendor previously released a patch. Which of the following is the MOST appropriate threat classification for these incidents?A . Known threat B. Zero day...
Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?
Which of the following would MOST likely be included in the incident response procedure after a security breach of customer PII?A . Human resources B. Public relations C. Marketing D. Internal network operations centerView AnswerAnswer: B
Which of the following should the analyst do?
A security analyst is investigating malicious traffic from an internal system that attempted to download proxy avoidance software as identified from the firewall logs but the destination IP is blocked and not captured . Which of the following should the analyst do?A . Shut down the computer B. Capture live...
Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?
A company was recently awarded several large government contracts and wants to determine its current risk from one specific APT. Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?A . Attack vectors B. Adversary capability C. Diamond Model of Intrusion Analysis D....
Which of the following describes the type of vulnerability that was MOST likely expiated?
A security analyst is investigating a system compromise. The analyst verities the system was up to date on OS patches at the time of the compromise . Which of the following describes the type of vulnerability that was MOST likely expiated?A . Insider threat B. Buffer overflow C. Advanced persistent...
Which of the following should be used to identify the traffic?
A large amount of confidential data was leaked during a recent security breach. As part of a forensic investigation, the security team needs to identify the various types of traffic that were captured between two compromised devices. Which of the following should be used to identify the traffic?A . Carving...
For machine learning to be applied effectively toward security analysis automation, it requires.
For machine learning to be applied effectively toward security analysis automation, it requires.A . relevant training data. B. a threat feed API. C. a multicore, multiprocessor system. D. anomalous traffic signatures.View AnswerAnswer: A
Which of the following is the analyst MOST likely executing?
A cybersecurity analyst is supposing an incident response effort via threat intelligence . Which of the following is the analyst MOST likely executing?A . Requirements analysis and collection planning B. Containment and eradication C. Recovery and post-incident review D. Indicator enrichment and research pivotingView AnswerAnswer: A
Which of the following would be the MOST effective way for the security team to meet these objectives?
The security team at a large corporation is helping the payment-processing team to prepare for a regulatory compliance audit and meet the following objectives: ✑ Reduce the number of potential findings by the auditors. ✑ Limit the scope of the audit to only devices used by the payment-processing team for...
Which of the following is the MOST proactive tool or technique that feeds incident response capabilities?
A Chief Information Security Officer (CISO) wants to upgrade an organization's security posture by improving proactive activities associated with attacks from internal and external threats. Which of the following is the MOST proactive tool or technique that feeds incident response capabilities?A . Development of a hypothesis as part of threat...
