- All Exams Instant Download
Which of the following is MOST likely occurring?
While checking logs, a security engineer notices a number of end users suddenly downloading files with the .tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on...
Which of the following is the purpose of a risk register?
Which of the following is the purpose of a risk register?A . To define the level or risk using probability and likelihoodB . To register the risk with the required regulatory agenciesC . To identify the risk, the risk owner, and the risk measuresD . To formally log the type...
Which of the following should the IT administrator do FIRST after recovery?
A small business just recovered from a ransomware attack against its file servers by purchasing the decryption keys from the attackers. The issue was triggered by a phishing email and the IT administrator wants to ensure it does not happen again. Which of the following should the IT administrator do...
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?
Which of the following technical controls is BEST suited for the detection and prevention of buffer overflows on hosts?A . DLPB . HIDSC . EDRD . NIPSView AnswerAnswer: C
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?
Which of the following BEST explains the reason why a server administrator would place a document named password.txt on the desktop of an administrator account on a server?A . The document is a honeyfile and is meant to attract the attention of a cyberintruder.B . The document is a backup...
Which of the following would MOST likely allow the company to find the cause?
A company recently moved sensitive videos between on-premises. Company-owned websites. The company then learned the videos had been uploaded and shared to the internet. Which of the following would MOST likely allow the company to find the cause?A . ChecksumsB . WatermarksC . Oder of volatilityD . A log analysisE...
Which of the following would MOST likely have prevented this breach?
A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?A . A firewallB . A device pinC . A USB data blockerD . BiometricsView...
Which of the following should administrator implement to protect the environment from this malware?
Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the...
Which of the following would MOST likely contain that information?
An analyst needs to identify the applications a user was running and the files that were open before the user’s computer was shut off by holding down the power button. Which of the following would MOST likely contain that information?A . NGFWB . PagefileC . NetFlowD . RAMView AnswerAnswer: B
Which of the following MOST likely occurred?
A user recently entered a username and password into a recruiting application website that had been forged to look like the legitimate site Upon investigation, a security analyst the identifies the following: • The legitimate websites IP address is 10.1.1.20 and eRecruit local resolves to the IP • The forged...
