- All Exams Instant Download
Which of the following solutions will assist in reducing the risk?
The Chief Information Security Officer wants to eliminate and reduce shadow IT in the enterprise. Several high-risk cloud applications are used that increase the risk to the organization. Which of the following solutions will assist in reducing the risk?A . Deploy a CASB and enable policy enforcement B. Configure MFA...
Under the terms of PCI DSS, which of the following groups should the organization report the breach to?
An organization has experienced a breach of customer transactions. Under the terms of PCI DSS, which of the following groups should the organization report the breach to?A . PCI Security Standards Council B. Local law enforcement C. Federal law enforcement D. Card issuerView AnswerAnswer: D Explanation: Under the terms of...
Which of the following can the analyst perform to see the entire contents of the downloaded files?
A security analyst is reviewing a packet capture in Wireshark that contains an FTP session from a potentially compromised machine. The analyst sets the following display filter: ftp. The analyst can see there are several RETR requests with 226 Transfer complete responses, but the packet list pane is not showing...
Which of the following most likely describes the observed activity?
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...
Which of the following tools would work best to prevent the exposure of PII outside of an organization?
Which of the following tools would work best to prevent the exposure of PII outside of an organization?A . PAM B. IDS C. PKI D. DLPView AnswerAnswer: D Explanation: Data loss prevention (DLP) is a tool that can prevent the exposure of PII outside of an organization by monitoring, detecting,...
Which of the following best describes what is happening?
An incident response analyst notices multiple emails traversing the network that target only the administrators of the company. The email contains a concealed URL that leads to an unknown website in another country. Which of the following best describes what is happening? (Choose two.)A . Beaconinq B. Domain Name System...
Which of the following is the best action to take after the conclusion of a security incident to improve incident response in the future?
Which of the following is the best action to take after the conclusion of a security incident to improve incident response in the future?A . Develop a call tree to inform impacted users B. Schedule a review with all teams to discuss what occurred C. Create an executive summary to...
Which of the following describes what the analyst has noticed?
An analyst notices there is an internal device sending HTTPS traffic with additional characters in the header to a known-malicious IP in another country. Which of the following describes what the analyst has noticed?A . Beaconing B. Cross-site scripting C. Buffer overflow D. PHP traversalView AnswerAnswer: A Explanation:
Which of the following tuning recommendations should the security analyst share?
An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed: Which of the following tuning recommendations should the security analyst share?A . Set an HttpOnlvflaq to force communication by HTTPS B. Block requests without an X-Frame-Options header C. Configure an Access-Control-Allow-Origin header...
Which of the following can the analyst perform to see the entire contents of the downloaded files?
A security analyst is reviewing a packet capture in Wireshark that contains an FTP session from a potentially compromised machine. The analyst sets the following display filter: ftp. The analyst can see there are several RETR requests with 226 Transfer complete responses, but the packet list pane is not showing...
