A security analyst is reviewing packet captures from a system that was compromised. The system was already isolated from the network, but it did have network access for a few hours after being compromised. When viewing the capture in a packet analyzer, the analyst sees the following:

Which of the following can the analyst conclude?

• A.The system is scanning ajgidwle.com for PII.
• B.The system is running a DoS attack against ajgidwle.com.
• C.Malware is attempting to beacon to 128.50.100.3.
• D.Data is being exfiltrated over DNS.

Comment: *

Name: *

Email: *

Verification: *

A newly appointed Chief Information Security Officer (CISO) has completed a risk assessment review of the organization and wants to reduce the numerous risks that were identified. Which of the following will provide a trend of risk mitigation?

• A.Risk analysis
• B.Oversight
• C.Risk response
• D.Continuous monitoring
• E.Planning

Comment: *

Name: *

Email: *

Verification: *

A large organization wants to move account registration services to the cloud to benefit from faster processing and elasticity. Which of the following should be done FIRST to determine the potential risk to the organization?

• A.Determine recovery priorities for the assets being moved to the cloud-based systems
• B.Establish a recovery time objective and a recovery point objective for the systems being moved
• C.Calculate the resource requirements for moving the systems to the cloud
• D.Perform an inventory of the servers that will be moving and assign priority to each one
• E.Identify the business processes that will be migrated and the criticality of each one

Comment: *

Name: *

Email: *

Verification: *

During a routine review of service restarts a security analyst observes the following in a server log:

Which of the following is the GREATEST security concern?

• A.The process identifiers for the running service change
• B.The daemon's binary was AChanged
• C.The PIDs are continuously changing
• D.Four consecutive days of monitoring are skipped in the tog

Comment: *

Name: *

Email: *

Verification: *

Which of the following, BEST explains the function of TPM?

• A.To implement encryption algorithms for hard drives
• B.To ensure platform confidentiality by storing security measurements
• C.To improve management of the OS installation.
• D.To provide hardware-based security features using unique keys

Comment: *

Name: *

Email: *

Verification: *