- All Exams Instant Download
Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?
A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO) . Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code...
Which of the following is the MOST likely cause of the issue?
An end user reports a computer has been acting slower than normal for a few weeks. During an investigation, an analyst determines the system is sending the user's email address and a ten-digit number to an IP address once a day. The only recent log entry regarding the user's computer...
Which of the following BEST indicates that valid credentials were used?
A security auditor is reviewing vulnerability scan data provided by an internal security team . Which of the following BEST indicates that valid credentials were used?A . The scan results show open ports, protocols, and services exposed on the target hostB . The scan enumerated software versions of installed programsC...
Which of the fallowing should be deployed to detect a potential insider threat?
A500 is implementing an insider threat detection program. The primary concern is that users may be accessing confidential data without authorization . Which of the fallowing should be deployed to detect a potential insider threat?A . A honeyfileB . A DMZC . ULFD . File integrity monitoringView AnswerAnswer: A
Which of the following is the analyst MOST likely seeing?
A cybersecurity analyst reviews the log files from a web server and sees a series of files that indicates a directory-traversal attack has occurred . Which of the following is the analyst MOST likely seeing? A) B) C) D) A . Option AB . Option BC . Option CD ....
Which of the following would a European company interested in implementing a technical, hands-on set of security standards MOST likely choose?
Which of the following would a European company interested in implementing a technical, hands-on set of security standards MOST likely choose?A . GOPRB . CIS controlsC . ISO 27001D . ISO 37000View AnswerAnswer: A
Which of the following will the CISO MOST likely recommend to mitigate this risk?
A Chief Information Security Officer (CISO) is concerned about the organization's ability to continue business operation in the event of a prolonged DDoS attack on its local datacenter that consumes database resources . Which of the following will the CISO MOST likely recommend to mitigate this risk?A . Upgrade the...
Which of the following is the attacker MOST likely attempting?
An attacker is trying to gain access by installing malware on a website that is known to be visited by the target victims . Which of the following is the attacker MOST likely attempting?A . A spear-phishing attackB . A watering-hole attackC . Typo squattingD . A phishing attackView AnswerAnswer:...
Which of the following job roles would sponsor data quality and data entry initiatives that ensure business and regulatory requirements are met?
Which of the following job roles would sponsor data quality and data entry initiatives that ensure business and regulatory requirements are met?A . The data ownerB . The data processorC . The data stewardD . The data privacy officer.View AnswerAnswer: C
Which of the following BEST describes the configurations the attacker exploited?
An attacker was easily able to log in to a company's security camera by performing a basic online search for a setup guide for that particular camera brand and model. Which of the following BEST describes the configurations the attacker exploited?A . Weak encryptionB . Unsecure protocolsC . Default settingsD...
