- All Exams Instant Download
Which of the following describes what MOST likely occurred?
Some laptops recently went missing from a locked storage area that is protected by keyless RFID-enabled locks. There is no obvious damage to the physical space. The security manager identifies who unlocked the door, however, human resources confirms the employee was on vacation at the time of the incident ....
Which of the following would MOST likely contain that information?
An analyst needs to identify the applications a user was running and the files that were open before the user’s computer was shut off by holding down the power button . Which of the following would MOST likely contain that information?A . NGFWB . PagefileC . NetFlowD . RAMView AnswerAnswer:...
Which of the following files should be given to the forensics firm?
A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server . Which of the following files should be given to the forensics firm?A . SecurityB . ApplicationC . DumpD ....
Which of the following stages of the incident response process is this an example of?
A security operations analyst is using the company's SIEM solution to correlate alerts . Which of the following stages of the incident response process is this an example of?A . EradicationB . RecoveryC . IdentificationD . PreparationView AnswerAnswer: C
Which of the following would provide the GREATEST benefit to the security posture of the devices?
A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements: • The devices will be used internationally by staff who travel extensively. • Occasional personal use is acceptable due to the travel requirements. • Users must be able to install and configure...
A symmetric encryption algorithm Is BEST suited for:
A symmetric encryption algorithm Is BEST suited for:A . key-exchange scalability.B . protecting large amounts of data.C . providing hashing capabilities,D . implementing non-repudiation.View AnswerAnswer: D
Which of the following actions will BEST allow the PII to be shared with the secure application without compromising the organization’s security posture?
A financial organization has adopted a new secure, encrypted document-sharing application to help with its customer loan process. Some important PII needs to be shared across this new platform, but it is getting blocked by the DLP systems . Which of the following actions will BEST allow the PII to...
Which of the following would BEST meet this objective?
A network administrator needs to build out a new datacenter, with a focus on resiliency and uptime . Which of the following would BEST meet this objective? (Choose two.)A . Dual power supplyB . Off-site backupsC . Automatic OS upgradesD . NIC teamingE . Scheduled penetration testingF . Network-attached storageView...
Which of the following RAID levels meets this requirements?
A critical file server is being upgraded and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures . Which of the following RAID levels meets this requirements?A . RAID 0+1B . RAID 2C . RAID 5D ....
Which of the following describes the method that was used to compromise the laptop?
A security analyst is investigating an incident to determine what an attacker was able to do on a compromised laptop. The analyst reviews the following SIEM log: Which of the following describes the method that was used to compromise the laptop?A . An attacker was able to move laterally from...
