As part of a review of incident response plans, which of the following is MOST important for an organization to understand when establishing the breach notification period?

• A.Service-level agreements
• B.Vendor requirements and contracts
• C.Legal requirements
• D.Organizational policies

Comment: *

Name: *

Email: *

Verification: *

A company has alerted planning the implemented a vulnerability management procedure. However, to security maturity level is low, so there are some prerequisites to complete before risk calculation and prioritization. Which of the following should be completed FIRST?

• A.A risk identification process
• B.Communication of the risk factors
• C.A business Impact analysis
• D.A system assessment

Comment: *

Name: *

Email: *

Verification: *

A security analyst is reviewing the following DNS logs as part of security-monitoring activities:

Which of the following MOST likely occurred?

• A.The attack attempted to contact www.gooqle com to verify Internet connectivity.
• B.The attack caused an internal host to connect to a command and control server.
• C.The attack used an algorithm to generate command and control information dynamically.
• D.The attack used encryption to obfuscate the payload and bypass detection by an IDS.

Comment: *

Name: *

Email: *

Verification: *

A security analyst for a large pharmaceutical company was given credentials from a threat intelligence resources organisation for Internal users, which contain usernames and valid passwords for company accounts. Which of the following is the FIRST action the analyst should take as part of security operations monitoring?

• A.Change all the user passwords to ensure the malicious actors cannot use them.
• B.Search the event logs for event identifiers that indicate Mimikatz was used.
• C.Run scheduled antivirus scans on all employees' machines to look for malicious processes.
• D.Reimage the machines of all users within the group in case of a malware infection.

Comment: *

Name: *

Email: *

Verification: *

A cybersecurity analyst routinely checks logs, querying for login attempts. While querying for unsuccessful login attempts during a five-day period, the analyst produces the following report:

Which of the following BEST describes what the analyst Just found?

• A.Users 4 and 5 are using their credentials to run an unauthorized scheduled task targeting some servers In the cloud.
• B.An unauthorized user is using login credentials in a script.
• C.A bot is running a brute-force attack in an attempt to log in to the domain.
• D.Users 4 and 5 are using their credentials to transfer files to multiple servers.

Comment: *

Name: *

Email: *

Verification: *