An organization has the following risk mitigation policy:
Risks with a probability of 95% or greater will be addressed before all others regardless of the impact.
All other prioritization will be based on risk value.
The organization has identified the following risks:

Which of the following is the order of priority for risk mitigation from highest to lowest?

• A.D, A, C, B
• B.A, B, D, C
• C.A, B, C, D
• D.D, A, B, C

Comment: *

Name: *

Email: *

Verification: *

An organization has been seeing increased levels of malicious traffic. A security analyst wants to take a more proactive approach to identify the threats that are acting against the organization's network. Which of the following approaches should the security analyst recommend?

• A.Use SCAP scans to monitor for configuration changes on the network.
• B.Use the MITRE ATT&CK framework to develop threat models.
• C.Review the perimeter firewall rules to ensure rule-set accuracy.
• D.Conduct internal threat research and establish indicators of compromise.

Comment: *

Name: *

Email: *

Verification: *

A cyber-incident response analyst is investigating a suspected cryptocurrency miner on a company's server.
Which of the following is the FIRST step the analyst should take?

• A.Take a memory snapshot of the machine to capture volatile information stored in memory.
• B.Run a manual antivirus scan on the machine to look for known malicious software.
• C.Create a full disk image of the server's hard drive to look for the file containing the malware.
• D.Start packet capturing to look for traffic that could be indicative of command and control from the miner.

Comment: *

Name: *

Email: *

Verification: *

Which of me following BEST articulates the benefit of leveraging SCAP in an organization's cybersecurity analysis toolset?

• A.It enables standard checklist and vulnerability analysis expressions for automaton
• B.It automatically performs remedial configuration changes lo enterprise security services
• C.It establishes a continuous integration environment for software development operations
• D.It provides validation of suspected system vulnerabilities through workflow orchestration

Comment: *

Name: *

Email: *

Verification: *

A company recently experienced a break-in whereby a number of hardware assets were stolen through unauthorized access at the back of the building. Which of the following would BEST prevent this type of theft from occurring in the future?

• A.Motion detection
• B.Badged entry
• C.Monitored security cameras
• D.Perimeter fencing

Comment: *

Name: *

Email: *

Verification: *