- All Exams Instant Download
Which of the following was the MOST likely cause?
A large enterprise has moved all its data to the cloud behind strong authentication and encryption. A sales director recently had a laptop stolen, and later, enterprise data was found to have been compromised from a local database. Which of the following was the MOST likely cause?A . Shadow IT...
Which of the following BEST describes the purpose of this device?
After a WiFi scan of a local office was conducted, an unknown wireless signal was identified Upon investigation, an unknown Raspberry Pi device was found connected to an Ethernet port using a single connection. Which of the following BEST describes the purpose of this device?A . loT sensor B. Evil...
Which of the following environment utilizes dummy data and is MOST to be installed locally on a system that allows to be assessed directly and modified easily wit each build?
Which of the following environment utilizes dummy data and is MOST to be installed locally on a system that allows to be assessed directly and modified easily wit each build?A . Production B. Test C. Staging D. DevelopmentView AnswerAnswer: D Explanation: The environment that utilizes dummy data and is most...
Which of the following is the BEST course of action for the analyst to take?
An analyst is working on an email security incident in which the target opened an attachment containing a worm. The analyst wants to implement mitigation techniques to prevent further spread. Which of the following is the BEST course of action for the analyst to take?A . Apply a DLP solution....
Which of the following BEST describes the importance of the final phase of the incident response plan?
A security incident has been resolved. Which of the following BEST describes the importance of the final phase of the incident response plan?A . It examines and documents how well the team responded discovers what caused the incident, and determines how the incident can be avoided in the future B....
Which of the following would be BEST for the analyst to perform?
A security analyst is responding to an alert from the SIEM. The alert states that malware was discovered on a host and was not automatically deleted. Which of the following would be BEST for the analyst to perform?A . Add a deny-all rule to that host in the network ACL...
Which of the following can block an attack at Layer 7?
A cybersecurity administrator needs to implement a Layer 7 security control on a network and block potential attacks. Which of the following can block an attack at Layer 7? (Select TWO).A . HIDS B. NIPS C. HSM D. WAF E. NAC F. NIDS G. Stateless firewallView AnswerAnswer: DF Explanation: A...
Which of the following should the analyst perform to understand the threat and retrieve possible IoCs?
A security analyst is investigating a phishing email that contains a malicious document directed to the company's Chief Executive Officer (CEO). Which of the following should the analyst perform to understand the threat and retrieve possible IoCs?A . Run a vulnerability scan against the CEOs computer to find possible vulnerabilities...
Which of the following should the analyst enable on all the devices to meet these requirements?
A security analyst must enforce policies to harden an MDM infrastructure. The requirements are as follows: * Ensure mobile devices can be tracked and wiped. * Confirm mobile devices are encrypted. Which of the following should the analyst enable on all the devices to meet these requirements?A . A Geofencing...
Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)
Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)A . Block cipher B. Hashing C. Private key D. Perfect forward secrecy E. Salting F. Symmetric keysView AnswerAnswer: B, C Explanation: Non-repudiation is the ability to ensure that a party cannot deny a previous...
