- All Exams Instant Download
Which of the following would be most relevant for the analyst to evaluate?
An analyst is evaluating the implementation of Zero Trust principles within the data plane. Which of the following would be most relevant for the analyst to evaluate?A . Secured zonesB . Subject roleC . Adaptive identityD . Threat scope reductionView AnswerAnswer: D Explanation: The data plane, also known as the...
Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?
A company’s web filter is configured to scan the URL for strings and deny access when matches are found. Which of the following search strings should an analyst employ to prohibit access to non-encrypted websites?A . encryption=offB . http://C . www.*.comD . :443View AnswerAnswer: B Explanation: A web filter is...
Which of the following best describes the user’s activity?
An administrator was notified that a user logged in remotely after hours and copied large amounts of data to a personal device. Which of the following best describes the user’s activity?A . Penetration testingB . Phishing campaignC . External auditD . Insider threatView AnswerAnswer: D Explanation: An insider threat is...
Which of the following options is the most appropriate?
A software development manager wants to ensure the authenticity of the code created by the company. Which of the following options is the most appropriate?A . Testing input validation on the user input fieldsB . Performing code signing on company-developed softwareC . Performing static code analysis on the softwareD ....
Which of the following describes the reason root cause analysis should be conducted as part of incident response?
Which of the following describes the reason root cause analysis should be conducted as part of incident response?A . To gather loCs for the investigationB . To discover which systems have been affectedC . To eradicate any trace of malware on the networkD . To prevent future incidents of the...
Which of the following social engineering techniques are being attempted?
An employee receives a text message that appears to have been sent by the payroll department and is asking for credential verification. Which of the following social engineering techniques are being attempted? (Choose two.)A . TyposquattingB . PhishingC . ImpersonationD . VishingE . SmishingF . MisinformationView AnswerAnswer: B E Explanation:...
Which of the following would be the best solution?
An engineer needs to find a solution that creates an added layer of security by preventing unauthorized access to internal company resources. Which of the following would be the best solution?A . RDP serverB . Jump serverC . Proxy serverD . HypervisorView AnswerAnswer: B Explanation: = A jump server is...
Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?
Which of the following threat actors is the most likely to be hired by a foreign government to attack critical systems located in other countries?A . HacktivistB . WhistleblowerC . Organized crimeD . Unskilled attackerView AnswerAnswer: C Explanation: Organized crime is a type of threat actor that is motivated by...
Which of the following would be the best way to block unknown programs from executing?
Which of the following would be the best way to block unknown programs from executing?A . Access control listB . Application allow list.C . Host-based firewallD . DLP solutionView AnswerAnswer: B Explanation: An application allow list is a security technique that specifies which applications are permitted to run on a...
Which of the following actions would prevent this issue?
While troubleshooting a firewall configuration, a technician determines that a “deny any” policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable. Which of the following actions would prevent this issue?A . Documenting the...
