- All Exams Instant Download
Which of the following items should be included in a vulnerability scan report? (Choose two.)
Which of the following items should be included in a vulnerability scan report? (Choose two.)A . Lessons learned B. Service-level agreement C. Playbook D. Affected hosts E. Risk score F. Education planView AnswerAnswer: D, E Explanation: A vulnerability scan report should include information about the affected hosts, such as their...
Which of the following is the best technique to perform the analysis?
A security analyst received a malicious binary file to analyze. Which of the following is the best technique to perform the analysis?A . Code analysis B. Static analysis C. Reverse engineering D. FuzzingView AnswerAnswer: C Explanation: Reverse engineering is a technique that involves analyzing a binary file to understand its...
Which of the following would best protect this organization?
The Chief Executive Officer of an organization recently heard that exploitation of new attacks in the industry was happening approximately 45 days after a patch was released. Which of the following would best protect this organization?A . A mean time to remediate of 30 days B. A mean time to...
Which of the following best describes what the security program did?
A security program was able to achieve a 30% improvement in MTTR by integrating security controls into a SIEM. The analyst no longer had to jump between tools. Which of the following best describes what the security program did?A . Data enrichment B. Security control plane C. Threat feed combination...
Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?
Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?A . Command and control B. Actions on objectives C. Exploitation D. DeliveryView AnswerAnswer: A Explanation: Command and control (C2) is a phase of the Cyber Kill Chain that...
Which of the following items should be included in a vulnerability scan report? (Choose two.)
Which of the following items should be included in a vulnerability scan report? (Choose two.)A . Lessons learned B. Service-level agreement C. Playbook D. Affected hosts E. Risk score F. Education planView AnswerAnswer: D, E Explanation: A vulnerability scan report should include information about the affected hosts, such as their...
Which of the following most likely describes the observed activity?
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...
Which of the following is the first step that should be performed when establishing a disaster recovery plan?
Which of the following is the first step that should be performed when establishing a disaster recovery plan?A . Agree on the goals and objectives of the plan B. Determine the site to be used during a disaster C Demonstrate adherence to a standard disaster recovery process D. Identity applications...
Which of the following most accurately describes the result of the scan?
The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attempt B. The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...
Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?
Which of the following phases of the Cyber Kill Chain involves the adversary attempting to establish communication with a successfully exploited target?A . Command and control B. Actions on objectives C. Exploitation D. DeliveryView AnswerAnswer: A Explanation: Command and control (C2) is a phase of the Cyber Kill Chain that...
