Which of the following is the best metric for an organization to focus on given recent investments in SIEM, SOAR, and a ticketing system?

• A.Mean time to detect
• B.Number of exploits by tactic
• C.Alert volume
• D.Quantity of intrusion attempts

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the best way to begin preparation for a report titled "What We Learned" regarding a recent incident involving a cybersecurity breach?

• A.Determine the sophistication of the audience that the report is meant for
• B.Include references and sources of information on the first page
• C.Include a table of contents outlining the entire report
• D.Decide on the color scheme that will effectively communicate the metrics

Comment: *

Name: *

Email: *

Verification: *

An analyst is reviewing a vulnerability report for a server environment with the following entries:

Which of the following systems should be prioritized for patching first?

• A.10.101.27.98
• B.54.73.225.17
• C.54.74.110.26
• D.54.74.110.228

Comment: *

Name: *

Email: *

Verification: *

Due to reports of unauthorized activity that was occurring on the internal network, an analyst is performing a network discovery. The analyst runs an Nmap scan against a corporate network to evaluate which devices were operating in the environment. Given the following output:

Which of the following choices should the analyst look at first?

• A.wh4dc-748gy.lan (192.168.86.152)
• B.lan (192.168.86.22)
• C.imaging.lan (192.168.86.150)
• D.xlaptop.lan (192.168.86.249)
• E.p4wnp1_aloa.lan (192.168.86.56)

Comment: *

Name: *

Email: *

Verification: *

Which of the following best describes the goal of a disaster recovery exercise as preparation for possible incidents?

• A.TO provide metrics and test continuity controls
• B.To verify the roles of the incident response team
• C.To provide recommendations for handling vulnerabilities
• D.To perform tests against implemented security controls

Comment: *

Name: *

Email: *

Verification: *