- All Exams Instant Download
To which of the following groups should the analyst report this real-world event?
The SIEM at an organization has detected suspicious traffic coming a workstation in its internal network. An analyst in the SOC the workstation and discovers malware that is associated with a botnet is installed on the device A review of the logs on the workstation reveals that the privileges of...
Which of the following actions MOST likely supports an investigation for fraudulent submission?
A client sent several inquiries to a project manager about the delinquent delivery status of some critical reports. The project manager claimed the reports were previously sent via email, but then quickly generated and backdated the reports before submitting them as plain text within the body of a new email...
Which of the following is the researcher MOST likely using?
A security researcher is tracking an adversary by noting its attacks and techniques based on its capabilities, infrastructure, and victims. Which of the following is the researcher MOST likely using?A . The Diamond Model of Intrusion AnalysisB . The Cyber Kill ChainC . The MITRE CVE databaseD . The incident...
Which of the following control types does this BEST represent?
A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent?A . PreventiveB . CompensatingC . CorrectiveD . DetectiveView AnswerAnswer: D Explanation: A SIEM is a security solution that helps detect security incidents by...
Which of the following will this practice reduce?
A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this practice reduce?A . Dumpster divingB . Shoulder surfingC . Information elicitationD . Credential harvestingView AnswerAnswer: A Explanation: Crosscut shredders are used to destroy paper documents and reduce...
Which of the following is needed to meet the objective?
A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?A . A reverse proxyB . A decryption certificateC . A split-tunnel VPND . Load-balanced serversView AnswerAnswer: B Explanation: A Web Application Firewall...
Which of the following recovery solutions would be the BEST option to meet these requirements?
A systems administrator is considering different backup solutions for the IT infrastructure. The company is looking for a solution that offers the fastest recovery time while also saving the most amount of storage used to maintain the backups. Which of the following recovery solutions would be the BEST option to...
Which of the following should the analyst perform to understand the threat and retrieve possible IoCs?
A security analyst is investigating a phishing email that contains a malicious document directed to the company's Chief Executive Officer (CEO). Which of the following should the analyst perform to understand the threat and retrieve possible IoCs?A . Run a vulnerability scan against the CEOs computer to find possible vulnerabilitiesB...
Which of the following should the organization use to inform the affected parties?
A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?A . A An incident response planB . A communications planC . A business continuity planD . A disaster...
Which of the following BEST explains a risk of this practice?
A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice?A . Default system configurationB . Unsecure protocolsC . Lack of vendor supportD . Weak encryptionView AnswerAnswer: C Explanation: One of the risks of using legacy...
