Refer to the exhibit.

What is occurring?

• A.Cross-Site Scripting attack
• B.XML External Entitles attack
• C.Insecure Deserialization
• D.Regular GET requests

Comment: *

Name: *

Email: *

Verification: *

At a company party a guest asks questions about the company's user account format and password complexity.
How is this type of conversation classified?

• A.Piggybacking
• B.Social Engineering
• C.Password Revelation Strategy
• D.Phishing attack

Comment: *

Name: *

Email: *

Verification: *

A malicious file has been identified in a sandbox analysis tool.

Which piece of information is needed to search for additional downloads of this file by other hosts?

• A.file name
• B.file type
• C.file size
• D.file hash value

Comment: *

Name: *

Email: *

Verification: *

Which metric is used to capture the level of access needed to launch a successful attack?

• A.attack vector
• B.user interaction
• C.attack complexity
• D.privileges required

Comment: *

Name: *

Email: *

Verification: *

A SOC analyst detected connections to known C&C and port scanning activity to main HR database servers from one of the HR endpoints via Cisco StealthWatch. What are the two next steps of the SOC team according to the NISTSP800-61 incident handling process? (Choose two)

• A.Isolate affected endpoints and take disk images for analysis
• B.Provide security awareness training to HR managers and employees
• C.Block connection to this C&C server on the perimeter next-generation firewall
• D.Update antivirus signature databases on affected endpoints to block connections to C&C
• E.Detect the attack vector and analyze C&C connections

Comment: *

Name: *

Email: *

Verification: *