- All Exams Instant Download
Which of the following would BEST protect the company from data exfiltration via removable media?
A company has drafted an insider-threat policy that prohibits the use of external storage devices. Which of the following would BEST protect the company from data exfiltration via removable media?A . Monitoring large data transfer transactions in the firewall logsB . Developing mandatory training to educate employees about the removable...
Which of the following BEST describes the type of attack the analyst is experience?
During an incident response, a security analyst observes the following log entry on the web server. Which of the following BEST describes the type of attack the analyst is experience?A . SQL injectionB . Cross-site scriptingC . Pass-the-hashD . Directory traversalView AnswerAnswer: D
Which of the following methods would BEST accomplish this goal?
A website developer is working on a new e-commerce website and has asked an information security expert for the most appropriate way to store credit card numbers to create an easy reordering process. Which of the following methods would BEST accomplish this goal?A . Salting the magnetic strip informationB ....
Which of the following attacks MOST likely occurred on the original DNS server?
An organization’s help desk is flooded with phone calls from users stating they can no longer access certain websites. The help desk escalates the issue to the security team, as these websites were accessible the previous day. The security analysts run the following command: ipconfig /flushdns, but the issue persists....
Which of the following attacks does the analyst MOST likely see in this packet capture?
A user reports constant lag and performance issues with the wireless network when working at a local coffee shop. A security analyst walks the user through an installation of Wireshark and get a five-minute pcap to analyze. The analyst observes the following output: Which of the following attacks does the...
Which of the following certificate types would BEST meet the requirements?
A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are: ✑ www.company.com (main website) ✑ contactus.company.com (for locating a nearby location) ✑ quotes.company.com (for requesting a price quote) The company wants to purchase one SSL certificate that will work for all the existing...
Which of the following intelligence sources should to security analyst review?
A security analyst needs to be proactive in understand the types of attacks that could potentially target the company's execute. Which of the following intelligence sources should to security analyst review?A . Vulnerability feedsB . Trusted automated exchange of indicator informationC . Structured threat information expressionD . Industry information-sharing and...
Which of the following is the MOST likely reason for the user’s inability to connect the laptop to the VPN?
A remote user recently took a two-week vacation abroad and brought along a corporate-owned laptop. Upon returning to work, the user has been unable to connect the laptop to the VPN. Which of the following is the MOST likely reason for the user’s inability to connect the laptop to the...
A commercial cyber-threat intelligence organization observes IoCs across a variety of unrelated customers.
A commercial cyber-threat intelligence organization observes IoCs across a variety of unrelated customers. Prior to releasing specific threat intelligence to other paid subscribers, the organization is MOST likely obligated by contracts to:A . perform attribution to specific APTs and nation-state actors.B . anonymize any PII that is observed within the...
Which of the following will provide the BEST physical security countermeasures to stop intruders? (Select TWO.)
Which of the following will provide the BEST physical security countermeasures to stop intruders? (Select TWO.)A . AlarmsB . SignageC . LightingD . MantrapsE . FencingF . SensorsView AnswerAnswer: D,E
