- All Exams Instant Download
Which of the following systems should be prioritized for patching first?
An analyst is reviewing a vulnerability report for a server environment with the following entries: Which of the following systems should be prioritized for patching first?A . 10.101.27.98 B. 54.73.225.17 C. 54.74.110.26 D. 54.74.110.228View AnswerAnswer: D Explanation: The system that should be prioritized for patching first is 54.74.110.228, as it...
Which of the following scripting languages was used in the script?
A security analyst recently joined the team and is trying to determine which scripting language is being used in a production script to determine if it is malicious. Given the following script: Which of the following scripting languages was used in the script?A . PowerShel B. Ruby C. Python D....
Which of the following most likely describes the observed activity?
A company's user accounts have been compromised. Users are also reporting that the company's internal portal is sometimes only accessible through HTTP, other times; it is accessible through HTTPS. Which of the following most likely describes the observed activity?A . There is an issue with the SSL certificate causinq port...
Which of the following steps of an attack framework is the analyst witnessing?
An analyst finds that an IP address outside of the company network that is being used to run network and vulnerability scans across external-facing assets. Which of the following steps of an attack framework is the analyst witnessing?A . Exploitation B. Reconnaissance C. Command and control D. Actions on objectivesView...
Which of the following tuning recommendations should the security analyst share?
An organization conducted a web application vulnerability assessment against the corporate website, and the following output was observed: Which of the following tuning recommendations should the security analyst share?A . Set an HttpOnlvflaq to force communication by HTTPS B. Block requests without an X-Frame-Options header C. Configure an Access-Control-Allow-Origin header...
Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?
An incident response team found IoCs in a critical server. The team needs to isolate and collect technical evidence for further investigation. Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?A . Hard disk B. Primary boot partition...
Which of the following will produce the data needed for the briefing?
A new cybersecurity analyst is tasked with creating an executive briefing on possible threats to the organization. Which of the following will produce the data needed for the briefing?A . Firewall logs B. Indicators of compromise C. Risk assessment D. Access control listsView AnswerAnswer: B Explanation: Indicators of compromise (IoCs)...
Which of the following is the best way to begin preparation for a report titled "What We Learned" regarding a recent incident involving a cybersecurity breach?
Which of the following is the best way to begin preparation for a report titled "What We Learned" regarding a recent incident involving a cybersecurity breach?A . Determine the sophistication of the audience that the report is meant for B. Include references and sources of information on the first page...
Which of the following most accurately describes the result of the scan?
The security team reviews a web server for XSS and runs the following Nmap scan: Which of the following most accurately describes the result of the scan?A . An output of characters > and " as the parameters used m the attempt B. The vulnerable parameter ID hccp://l72.31.15.2/1.php?id-2 and unfiltered...
Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating in?
A malicious actor has gained access to an internal network by means of social engineering. The actor does not want to lose access in order to continue the attack. Which of the following best describes the current stage of the Cyber Kill Chain that the threat actor is currently operating...
