- All Exams Instant Download
Which of the following inhibitors to remediation do these systems and associated vulnerabilities best represent?
An analyst is reviewing a vulnerability report and must make recommendations to the executive team. The analyst finds that most systems can be upgraded with a reboot resulting in a single downtime window. However, two of the critical systems cannot be upgraded due to a vendor appliance that the company...
Which of the following should the analyst do first to evaluate the potential impact of this security incident?
During an investigation, an analyst discovers the following rule in an executive's email client: The executive is not aware of this rule. Which of the following should the analyst do first to evaluate the potential impact of this security incident?A . Check the server logs to evaluate which emails were...
Which of the following would help to minimize human engagement and aid in process improvement in security operations?
Which of the following would help to minimize human engagement and aid in process improvement in security operations?A . OSSTMMB . SIEMC . SOARD . QVVASPView AnswerAnswer: C Explanation: SOAR stands for security orchestration, automation, and response, which is a term that describes a set of tools, technologies, or platforms...
Which of the following is the best way to achieve this goal?
A company's legal department is concerned that its incident response plan does not cover the countless ways security incidents can occur. The department has asked a security analyst to help tailor the response plan to provide broad coverage for many situations. Which of the following is the best way to...
Which of the following is the first step that should be performed when establishing a disaster recovery plan?
Which of the following is the first step that should be performed when establishing a disaster recovery plan?A . Agree on the goals and objectives of the planB . Determine the site to be used during a disaster C Demonstrate adherence to a standard disaster recovery processC . Identity applications...
Which of the following risk management principles did the CISO select?
After conducting a cybersecurity risk assessment for a new software request, a Chief Information Security Officer (CISO) decided the risk score would be too high. The CISO refused the software request. Which of the following risk management principles did the CISO select?A . AvoidB . TransferC . AcceptD . MitigateView...
Which of the following logs should the team review first?
An incident response team receives an alert to start an investigation of an internet outage. The outage is preventing all users in multiple locations from accessing external SaaS resources. The team determines the organization was impacted by a DDoS attack. Which of the following logs should the team review first?A...
Which of the following shell script functions could help achieve the goal?
A security analyst is trying to identify possible network addresses from different source networks belonging to the same company and region. Which of the following shell script functions could help achieve the goal?A . function w() { a=$(ping -c 1 $1 | awk-F ”/” ’END{print $1}’) && echo “$1 |...
Which of the following would be the best action for the incident response team to recommend?
Joe, a leading sales person at an organization, has announced on social media that he is leaving his current role to start a new company that will compete with his current employer. Joe is soliciting his current employer's customers. However, Joe has not resigned or discussed this with his current...
Which of the following actions should the analyst take first?
During an extended holiday break, a company suffered a security incident. This information was properly relayed to appropriate personnel in a timely manner and the server was up to date and configured with appropriate auditing and logging. The Chief Information Security Officer wants to find out precisely what happened. Which...
