- All Exams Instant Download
Where does it signify that a page will be stopped from loading when a scripting attack is detected?
Refer to the exhibit. Where does it signify that a page will be stopped from loading when a scripting attack is detected?A . x-frame-optionsB . x-content-type-optionsC . x-xss-protectionD . x-test-debugView AnswerAnswer: C Explanation: Reference: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/customize-http-security-headers-ad-fs
What is the next step the engineer should take in this investigation?
A security engineer discovers that a spreadsheet containing confidential information for nine of their employees was fraudulently posted on a competitor’s website. The spreadsheet contains names, salaries, and social security numbers . What is the next step the engineer should take in this investigation?A . Determine if there is internal...
What is needed to assess risk mitigation effectiveness in an organization?
What is needed to assess risk mitigation effectiveness in an organization?A . analysis of key performance indicatorsB . compliance with security standardsC . cost-effectiveness of control measuresD . updated list of vulnerable systemsView AnswerAnswer: C
Which security threat should be mitigated first?
An organization installed a new application server for IP phones. An automated process fetched user credentials from the Active Directory server, and the application will have access to on-premises and cloud services . Which security threat should be mitigated first?A . aligning access control policiesB . exfiltration during data transferC...
What is the first action for the incident response team?
A malware outbreak is detected by the SIEM and is confirmed as a true positive. The incident response team follows the playbook to mitigate the threat . What is the first action for the incident response team?A . Assess the network for unexpected behaviorB . Isolate critical hosts from the...
An organization lost connectivity to critical servers, and users cannot access business applications and internal websites. An engineer checks the network devices to investigate the outage and determines that all devices are functioning
DRAG DROP An organization lost connectivity to critical servers, and users cannot access business applications and internal websites. An engineer checks the network devices to investigate the outage and determines that all devices are functioning. Drag and drop the steps from the left into the sequence on the right to...
Which action does the engineer recommend?
Refer to the exhibit. An engineer must tune the Cisco IOS device to mitigate an attack that is broadcasting a large number of ICMP packets. The attack is sending the victim’s spoofed source IP to a network using an IP broadcast address that causes devices in the network to respond...
What is a limitation of cyber security risk insurance?
What is a limitation of cyber security risk insurance?A . It does not cover the costs to restore stolen identities as a result of a cyber attackB . It does not cover the costs to hire forensics experts to analyze the cyber attackC . It does not cover the costs...
What is occurring in this packet capture?
Refer to the exhibit. What is occurring in this packet capture?A . TCP port scanB . TCP floodC . DNS floodD . DNS tunnelingView AnswerAnswer: B
What is the next step the analyst should take?
A security analyst receives an escalation regarding an unidentified connection on the Accounting A1 server within a monitored zone. The analyst pulls the logs and discovers that a Powershell process and a WMI tool process were started on the server after the connection was established and that a PE format...
