- All Exams Instant Download
Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?
A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO) . Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code...
Which of the following would BEST meet this need?
A security analyst is looking for a solution to help communicate to the leadership team the seventy levels of the organization’s vulnerabilities . Which of the following would BEST meet this need?A . CVEB . SIEMC . SOARD . CVSSView AnswerAnswer: D Explanation: The Common Vulnerability Scoring System (CVSS) is...
An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:
An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:A . business continuity planB . communications plan.C . disaster recovery plan.D . continuity of operations planView AnswerAnswer: C
Which of the following would BEST assist the company?
A small company that does not have security staff wants to improve its security posture . Which of the following would BEST assist the company?A . MSSPB . SOARC . IaaSD . PaaSView AnswerAnswer: B
Which of the following is the purpose of a risk register?
Which of the following is the purpose of a risk register?A . To define the level or risk using probability and likelihoodB . To register the risk with the required regulatory agenciesC . To identify the risk, the risk owner, and the risk measuresD . To formally log the type...
Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?
Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?A . SSAE SOC 2B . PCI DSSC . GDPRD . ISO 31000View AnswerAnswer: C
A security engineer is setting up passwordless authentication for the first time
DRAG DROP A security engineer is setting up passwordless authentication for the first time. INSTRUCTIONS Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused. If at any time you would like to bring back the initial state of the simulation,...
Which of the following would MOST likely support the integrity of a voting machine?
Which of the following would MOST likely support the integrity of a voting machine?A . Asymmetric encryptionB . BlockchainC . Transport Layer SecurityD . Perfect forward secrecyView AnswerAnswer: B Explanation: “Blockchain technology has a variety of potential applications. It can ensure the integrity and transparency of financial transactions, online voting...
Which of the following MOST likely occurred?
A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following: • The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP • The forged...
Which of the following implementations would be BEST to prevent the issue from reoccurring?
A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications . Which of the following implementations would be BEST to prevent the issue from reoccurring?A . CASBB ....
