Which of the following is a difference between SOAR and SCAP?
Question 12
An organization has a policy that requires servers to be dedicated to one function and unneeded services to be disabled. Given the following output from an Nmap scan of a web server: Which of the following ports should be closed?
Question 13
An organization is upgrading its network and all of its workstations. The project will occur in phases, with infrastructure upgrades each month and workstation installs every other week. The schedule should accommodate the enterprise-wide changes, while minimizing the impact to the network. Which of the following schedules BEST addresses these requirements?
Question 14
SIMULATION -Malware is suspected on a server in the environment. The analyst is provided with the output of commands from servers in the environment and needs to review all output files in order to determine which process running on one of the servers may be malware. INSTRUCTIONS -Servers 1, 2, and 4 are clickable. Select the Server and the process that host the malware. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Question 15
While reviewing incident reports from the previous night, a security analyst notices the corporate websites were defaced with political propaganda. Which of the following BEST describes this type of actor?
Question 16
A security analyst is performing a Diamond Model analysis of an incident the company had last quarter. A potential benefit of this activity is that it can identify:
Question 17
An IT security analyst has received an email alert regarding a vulnerability within the new fleet of vehicles the company recently purchased. Which of the following attack vectors is the vulnerability MOST likely targeting?
Question 18
An internally developed file-monitoring system identified the following excerpt as causing a program to crash often: char filedata[100]; fp = fopen(`access.log`, `r`); srtcopy (filedata, fp); printf (`%s
`, filedata); Which of the following should a security analyst recommend to fix the issue?
Question 19
A company's legal and accounting teams have decided it would be more cost-effective to offload the risks of data storage to a third party. The IT management team has decided to implement a cloud model and has asked the security team for recommendations. Which of the following will allow all data to be kept on the third-party network?
Question 20
A security analyst discovers suspicious host activity while performing monitoring activities. The analyst pulls a packet capture for the activity and sees the following: