- All Exams Instant Download
Which of the following is the analyst doing?
A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?A . A packet captureB . A user behavior analysisC . Threat huntingD . Credentialed vulnerability scanningView AnswerAnswer:...
Which of the following attacks does the analyst MOST likely see in this packet capture?
A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and get a five-minute pcap to analyze. The analyst observes the following output: Which of the following attacks does the...
Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?
A startup company is using multiple SaaS and IaaS platform to stand up a corporate infrastructure and build out a customer-facing web application. Which of the following solutions would be BEST to provide security, manageability, and visibility into the platforms?A . SIEMB . DLPC . CASBD . SWGView AnswerAnswer: C
As authorities collect evidence, and to preserve the admissibility of the evidence, which of the following forensic techniques should be used?
An employee has been charged with fraud and is suspected of using corporate assets. As authorities collect evidence, and to preserve the admissibility of the evidence, which of the following forensic techniques should be used?A . Order of volatilityB . Data recoveryC . Chain of custodyD . Non-repudiationView AnswerAnswer: C
Which of the following would BEST assist the company?
A small company that does not have security staff wants to improve its security posture. Which of the following would BEST assist the company?A . MSSPB . SOARC . IaaSD . PaaSView AnswerAnswer: B
A security engineer is setting up password less authentication for the first time
DRAG DROP A security engineer is setting up password less authentication for the first time. INSTRUCTIONS Use the minimum set of commands to set this up and verify that it works. Commands cannot be reused. If at any time you would like to bring back the initial state of the...
Which of the following is a team of people dedicated testing the effectiveness of organizational security programs by emulating the techniques of potential attackers?
Which of the following is a team of people dedicated testing the effectiveness of organizational security programs by emulating the techniques of potential attackers?A . Red teamB . While teamC . Blue teamD . Purple teamView AnswerAnswer: A Explanation: Red team―performs the offensive role to try to infiltrate the target.
Which of the following would be BEST to improve the incident response process?
The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following...
Which of the following account policies would BEST prevent this type of attack?
A work wide manufacturing company has been experiencing email account compromised. In one incident, a user logged in from the corporate office in France, but then seconds later, the same user account attempted a login from Brazil. Which of the following account policies would BEST prevent this type of attack?A...
Which of the following would be BEST to solve this issue?
A network engineer notices the VPN concentrator overloaded and crashes on days when there are a lot of remote workers. Senior management has placed greater importance on the availability of VPN resources for the remote workers than the security of the end users’ traffic. Which of the following would be...
