Which of the following procedures should the security responder apply to the situation?

Correct Answer for the Question – Which of the following procedures should the security responder apply to the situation? is given below An organization has recently deployed an EDR solution across its laptops, desktops, and server infrastructure. The organization’s server infrastructure is deployed in an IaaS environment. A database within the non-production environment has been misconfigured … Read more

Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly?

Correct Answer for the Question – Which of the following MOST likely need to be configured to ensure the system are mitigated accordingly? is given below A threat advisory alert was just emailed to the IT security staff. The alert references specific types of host operating systems that can allow an unauthorized person to access files … Read more

Which of the following tools did the penetration tester use?

Correct Answer for the Question – Which of the following tools did the penetration tester use? is given below A consulting firm was hired to conduct assessment for a company. During the first stage, a penetration tester used a tool that provided the following output:TCP 80 openTCP 443 openTCP 1434 filteredThe penetration tester then used a … Read more

Which of the following should be verified during incident response activities to determine the possible impact of the incident?

Correct Answer for the Question – Which of the following should be verified during incident response activities to determine the possible impact of the incident? is given below A laptop is recovered a few days after it was stolen.Which of the following should be verified during incident response activities to determine the possible impact of the … Read more

Which of the following business areas should the CISO target FIRST to best meet the objective?

Correct Answer for the Question – Which of the following business areas should the CISO target FIRST to best meet the objective? is given below A Chief Information Security Officer (CISO) of a large financial institution undergoing an IT transformation program wants to embed security across the business rapidly and across as many layers of the … Read more

Which has an established security department, identifies a customer who has been using a fraudulent credit card.

Correct Answer for the Question – Which has an established security department, identifies a customer who has been using a fraudulent credit card. is given below The Chief Information Security Officer (CISO) of an e-retailer, which has an established security department, identifies a customer who has been using a fraudulent credit card. The CISO calls the … Read more

Which of the following solutions will address the RPO requirements?

Correct Answer for the Question – Which of the following solutions will address the RPO requirements? is given below A security analyst is reviewing the following company requirements prior to selecting the appropriate technical control configuration and parameter:• RTO: 2 days• RPO: 36 hours MTTR: 24 hours• MTBF: 60 days• MTTR: 24 hours MTBF: 60 daysWhich … Read more

Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell?

Correct Answer for the Question – Which of the following of the MOST likely reason the analyst cannot find a process ID for the shell? is given below A forensic analyst suspects that a buffer overflow exists in a kernel module. The analyst executes the following command: dd if=/dev/ram of=/tmp/mem/dmpThe analyst then reviews the associated output:^34^#AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/bin/bash^21^03#45However, … Read more

Which of the following additional information should be the Chief Information Security Officer (CISO) include in the report?

Correct Answer for the Question – Which of the following additional information should be the Chief Information Security Officer (CISO) include in the report? is given below Company leadership believes employees are experiencing an increased number of cyber attacks; however, the metrics do not show this. Currently, the company uses “Number of successful phishing attacks” as … Read more