- All Exams Instant Download
Which of the following security controls would best support the company in this scenario?
There are several reports of sensitive information being disclosed via file sharing services. The company would like to improve its security posture against this threat. Which of the following security controls would best support the company in this scenario?A . Implement step-up authentication for administratorsB . Improve employee training and...
Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?
An incident response team found IoCs in a critical server. The team needs to isolate and collect technical evidence for further investigation. Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?A . Hard diskB . Primary boot partitionC...
Which of the following describes what the analyst has noticed?
An analyst notices there is an internal device sending HTTPS traffic with additional characters in the header to a known-malicious IP in another country. Which of the following describes what the analyst has noticed?A . BeaconingB . Cross-site scriptingC . Buffer overflowD . PHP traversalView AnswerAnswer: A Explanation:
Which of the following would best mitigate such attacks?
A cybersecurity analyst is concerned about attacks that use advanced evasion techniques. Which of the following would best mitigate such attacks?A . Keeping IPS rules up to dateB . Installing a proxy serverC . Applying network segmentationD . Updating the antivirus softwareView AnswerAnswer: A Explanation: Keeping IPS rules up to...
Which of the following is the best priority based on common attack frameworks?
The Chief Information Security Officer is directing a new program to reduce attack surface risks and threats as part of a zero trust approach. The IT security team is required to come up with priorities for the program. Which of the following is the best priority based on common attack...
Which of the following functions would help the analyst achieve the objective?
A security analyst is writing a shell script to identify IP addresses from the same country. Which of the following functions would help the analyst achieve the objective?A . function w() { info=$(ping -c 1 $1 | awk -F “/” ‘END{print $1}’) && echo “$1 | $info” }B . function...
Which of the following is the best solution to improve the equipment's security posture?
Legacy medical equipment, which contains sensitive data, cannot be patched. Which of the following is the best solution to improve the equipment's security posture?A . Move the legacy systems behind a WARB . Implement an air gap for the legacy systems.C . Place the legacy systems in the perimeter network.D...
Which of the following best describes what is happening?
An incident response analyst notices multiple emails traversing the network that target only the administrators of the company. The email contains a concealed URL that leads to an unknown website in another country. Which of the following best describes what is happening? (Choose two.)A . BeaconinqB . Domain Name System...
Which of the following should the analyst do first to evaluate the potential impact of this security incident?
During an investigation, an analyst discovers the following rule in an executive's email client: The executive is not aware of this rule. Which of the following should the analyst do first to evaluate the potential impact of this security incident?A . Check the server logs to evaluate which emails were...
Which of the following actions would allow the analyst to achieve the objective?
A security analyst is performing an investigation involving multiple targeted Windows malware binaries. The analyst wants to gather intelligence without disclosing information to the attackers. Which of the following actions would allow the analyst to achieve the objective?A . Upload the binary to an air gapped sandbox for analysisB ....
