A security analyst is investigate an no client related to an alert from the threat detection platform on a host (10.0 1.25) in a staging environment that could be running a cryptomining tool because it in sending traffic to an IP address that are related to Bitcoin.
The network rules for the instance are the following:

Which of the following is the BEST way to isolate and triage the host?

• A.Remove rules 4 and 5
• B.Remove rules 1.4. and 5.
• C.Remove rules 1.2. 4. and 5.
• D.Remove rules 1.2. and 5.
• E.Remove rules 1.2. 3.4. and 5.
• F.Remove rules 1.2. and 3.

Comment: *

Name: *

Email: *

Verification: *

A security analyst receives an alert that highly sensitive information has left the company's network Upon investigation, the analyst discovers an outside IP range has had connections from three servers more than 100 times m the past month The affected servers are virtual machines Which of the following is the BEST course of action?

• A.Report the data exfiltration to management take the affected servers offline, conduct an antivirus scan, remediate all threats found, and return the servers to service.
• B.Determine if any other servers have been affected, snapshot any servers found, determine the vector that was used to allow the data exfiltration. fix any vulnerabilities, remediate, and report.
• C.Disconnect the affected servers from the network, use the virtual machine console to access the systems, determine which information has left the network, find the security weakness, and remediate
• D.Shut down the servers as soon as possible, move them to a clean environment, restart, run a vulnerability scanner to find weaknesses determine the root cause, remediate, and report

Comment: *

Name: *

Email: *

Verification: *

The Chief Information Officer (CIO) for a large manufacturing organization has noticed a significant number of unknown devices with possible malware infections are on the organization's corporate network.
Which of the following would work BEST to prevent the issue?

• A.Implement certificate validation on the VPN to ensure only employees with the certificate can access the company network.
• B.Reconfigure the NAC solution to prevent access based on a full device profile and ensure antivirus is installed.
• C.Update the antivirus configuration to enable behavioral and real-time analysis on all systems within the network.
• D.Segment the network to isolate all systems that contain highly sensitive information, such as intellectual property.

Comment: *

Name: *

Email: *

Verification: *

A malicious hacker wants to gather guest credentials on a hotel 802.11 network. Which of the following tools is the malicious hacker going to use to gain access to information found on the hotel network?

• A.Aircrak-ng
• B.Nessus
• C.Nikto
• D.tcpdump

Comment: *

Name: *

Email: *

Verification: *

A secutily analyst is reviewing WAF alerts and sees the following request:

Which of the following BEST describes the attack?

• A.Denial of service
• B.Command iniection
• C.SQL injection
• D.LDAP injection

Comment: *

Name: *

Email: *

Verification: *