- All Exams Instant Download
Which standard must the architect apply?
A security architect in an automotive factory is working on the Cyber Security Management System and is implementing procedures and creating policies to prevent attacks . Which standard must the architect apply?A . IEC62446B . IEC62443C . IEC62439-3D . IEC62439-2View AnswerAnswer: B
Which data format is being used?
Refer to the exhibit. Which data format is being used?A . JSONB . HTMLC . XMLD . CSVView AnswerAnswer: B
What is the threat model for the SQL database?
Refer to the exhibit. Two types of clients are accessing the front ends and the core database that manages transactions, access control, and atomicity . What is the threat model for the SQL database?A . An attacker can initiate a DoS attack.B . An attacker can read or change data.C...
What are the next two steps the engineers should take in this investigation?
Engineers are working to document, list, and discover all used applications within an organization. During the regular assessment of applications from the HR backup server, an engineer discovered an unknown application. The analysis showed that the application is communicating with external addresses on a non- secure, unencrypted channel. Information gathering...
What should be concluded from this report?
Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop has automatically submitted a low prevalence file to the Threat Grid analysis engine for further analysis . What should be concluded from this report?A . The prioritized behavioral indicators of compromise do not justify the execution of...
What must be added to this script to receive a successful HTTP response?
An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token,...
What should be concluded from this report?
Refer to the exhibit. Cisco Advanced Malware Protection installed on an end-user desktop automatically submitted a low prevalence file to the Threat Grid analysis engine . What should be concluded from this report?A . Threat scores are high, malicious ransomware has been detected, and files have been modifiedB . Threat...
What is the next step in the incident response workflow?
The network operations center has identified malware, created a ticket within their ticketing system, and assigned the case to the SOC with high-level information. A SOC analyst was able to stop the malware from spreading and identified the attacking host . What is the next step in the incident response...
Which technical architecture must be used?
A security architect is working in a processing center and must implement a DLP solution to detect and prevent any type of copy and paste attempts of sensitive data within unapproved applications and removable devices . Which technical architecture must be used?A . DLP for data in motionB . DLP...
What is the next step that should be taken in this investigation?
After a recent malware incident, the forensic investigator is gathering details to identify the breach and causes. The investigator has isolated the affected workstation . What is the next step that should be taken in this investigation?A . Analyze the applications and services running on the affected workstation.B . Compare...
