- All Exams Instant Download
Which of the following is an example of transference of risk?
Which of the following is an example of transference of risk?A . Purchasing insurance B. Patching vulnerable servers C. Retiring outdated applications D. Application owner risk sign-offView AnswerAnswer: A
Which of the following risk management practices does the BEST describe?
The board of doctors at a company contracted with an insurance firm to limit the organization’s liability. Which of the following risk management practices does the BEST describe?A . Transference B. Avoidance C. Mitigation D. AcknowledgementView AnswerAnswer: A
CORRECT TEXT
CORRECT TEXT An incident has occurred in the production environment. Analyze the command outputs and identify the type of compromise. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. View AnswerAnswer: Answer as SQL injection Graphical user...
Which of the following would BEST detect a malicious actor?
While reviewing an alert that shows a malicious request on one web application, a cybersecurity analyst is alerted to a subsequent token reuse moments later on a different service using the same single sign-on method. Which of the following would BEST detect a malicious actor?A . Utilizing SIEM correlation engines...
Which of the following attacks was MOST likely used to cause the data toss?
A DBA reports that several production server hard drives were wiped over the weekend. The DBA also reports that several Linux servers were unavailable due to system files being deleted unexpectedly. A security analyst verified that software was configured to delete data deliberately from those servers. No backdoors to any...
Which of the following would BEST meet the company's requirements?
A company needs to validate its updated incident response plan using a real-world scenario that will test decision points and relevant incident response actions without interrupting daily operations. Which of the following would BEST meet the company's requirements?A . Red-team exercise B. Capture-the-flag exercise C. Tabletop exercise D. Phishing exerciseView...
Which of the following MOST likely explains this behavior?
A security analyst is receiving numerous alerts reporting that the response time of an internet-facing application has been degraded However, the internal network performance was not degraded. Which of the following MOST likely explains this behavior?A . DNS poisoning B. MAC flooding C. DDoS attack D. ARP poisoningView AnswerAnswer: C
Which of the following should be configured in order to deploy the proposal?
A security proposal was set up to track requests for remote access by creating a baseline of the users' common sign-in properties. When a baseline deviation is detected, an Iv1FA challenge will be triggered. Which of the following should be configured in order to deploy the proposal?A . Context-aware authentication...
A company labeled some documents with the public sensitivity classification.
A company labeled some documents with the public sensitivity classification. This means the documents can be accessed by:A . employees of other companies and the press B. all members of the department that created the documents C. only the company's employees and those listed in the document D. only the...
Which of the following can be implemented?
A security analyst is evaluating solutions to deploy an additional layer of protection for a web application. The goal is to allow only encrypted communications without relying on network devices. Which of the following can be implemented?A . HTTP security header B. DNSSEC implementation C. SRTP D. S/MIMEView AnswerAnswer: C
