- All Exams Instant Download
Which of the following will the company MOST likely review to trace this transaction?
After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?A . The public ledgerB . The NetFlow dataC . A checksumD . The event logView AnswerAnswer: A
Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?
After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should...
Which of the following BEST explains the difference between a data owner and a data custodian?
Which of the following BEST explains the difference between a data owner and a data custodian?A . The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the dataB . The data owner is...
Which of the following control types is an IDS?
A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?A . CorrectiveB . PhysicalC . DetectiveD . AdministrativeView AnswerAnswer: C Explanation: IDS = Intrusion Detection System. It is passive and only notifies instead...
Which of the following files should be given to the forensics firm?
A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server. Which of the following files should be given to the forensics firm?A . SecurityB . ApplicationC . DumpD . SyslogView...
Which of the following solutions would meet the requirements?
An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include: ✑ Check-in/checkout of credentials ✑ The ability to use but not know the password ✑ Automated password changes ✑ Logging of access to credentials Which of the following solutions would meet...
Which of the following should the CISO read and understand before writing the policies?
A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?A . PCI DSSB . GDPRC . NISTD . ISO 31000View AnswerAnswer: B Explanation: GDPR is...
Which of the following BEST describes this type of email?
Joe, an employee, receives an email stating he won the lottery. The email includes a link that requests a name, mobile phone number, address, and date of birth be provided to confirm Joe’s identity before sending him the prize. Which of the following BEST describes this type of email?A ....
Which of the following would be the BEST way to achieve this objective?
A cybersecurity analyst needs to implement secure authentication to third-party websites without users’ passwords. Which of the following would be the BEST way to achieve this objective?A . OAuthB . SSOC . SAMLD . PAPView AnswerAnswer: C
Which of the following would mitigate the damage done by this type of data exfiltration in the future?
A security analyst discovers that a company username and password database was posted on an internet forum. The username and passwords are stored in plan text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?A . Create DLP controls that prevent...
