During a routine security audit, you notice an unusual PowerShell script running on a Windows system. The script appears to be Base64-encoded and is being executed from a temporary directory. What is your FIRST course of action?

Decode the Base64 script, review its content, and analyze its behavior in a sandbox environment.

What should be your FIRST course of action to improve security regarding authentication methods configured in the /etc/ssh/sshd_config file, including: PasswordAuthentication yes PubkeyAuthentication yes ChallengeResponseAuthentication yes when concerned about the security of the password-based authentication method?

Disable Password Authentication and enforce the use of public key authentication only.

Which of the following is considered a false positive in security monitoring? An alert indicating a successful brute-force login attack when there was none, An alert about unusual traffic that is determined to be caused by a DDoS attack, An alert indicating malware detected in a sandbox environment, An alert indicating a legitimate login attempt by an authorized user

An alert indicating a successful brute-force login attack when there was none

SOC Monthly Flashcard

Flashcard

•

Computers

•

Professional Development

•

Practice Problem

•

Hard

Wayground Content

FREE Resource

Student preview

10 questions

Show all answers

FLASHCARD QUESTION

Front

A user reports receiving a suspicious email containing a link prompting them to enter their credentials. What is the FIRST step in investigating this phishing attempt?

Back

Analyze the email headers for sender details and authentication records

FLASHCARD QUESTION

Front

A user reports that all their files have been encrypted with the .locked extension, and a ransom note is present. What is the IMMEDIATE action to take?

Back

Disconnect the infected machine from the network

FLASHCARD QUESTION

Front

Your IDS detects multiple SQL injection attempts on a public-facing web server. What is the BEST response?

Back

Review web server logs and check for signs of successful exploitation

FLASHCARD QUESTION

Front

What does the command
netsh advfirewall set allprofiles state off
do?

Back

It turns off the Windows Defender Firewall for all network profiles (Domain, Private, and Public).

FLASHCARD QUESTION

Front

A brute-force attack has been detected against an exposed RDP server. What is the BEST mitigation strategy?

Back

Block the attacker's IP, enforce account lockout policies, and enable multi-factor authentication (MFA).

FLASHCARD QUESTION

Front

Your DLP (Data Loss Prevention) alerts show large data uploads to a cloud storage service. What is the next step of action?

Back

Review SIEM and proxy logs to confirm the source, destination, and nature of the data transfer.

FLASHCARD QUESTION

Front

Your SIEM system has flagged an alert indicating a high volume of failed login attempts followed by a successful login to an internal system using a corporate user's credentials. The account owner reports they did not attempt to log in, and the login was from an unrecognized IP address. What should be your FIRST course of action to mitigate the ATO attack?

Back

Immediately lock the account, force a password reset, and review the account's recent activity.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

By signing up, you agree to our Terms of Service & Privacy Policy

Already have an account?

Similar Resources on Wayground

11 questions

SAINS SUKAN TINGKATAN 5 BIDANG 7

Flashcard

•

10 questions

examen de anatomia dental

Flashcard

•

University

8 questions

IA EN LA LECTURA

Flashcard

•

13 questions

Acústica

Flashcard

•

University

10 questions

Different kinds of friends

Flashcard

•

7 questions

Colors and clothes

Flashcard

•

University

8 questions

Improving Doctor-Patient Communication

Flashcard

•

University

Popular Resources on Wayground

10 questions

Honoring the Significance of Veterans Day

Interactive video

•

6th - 10th Grade

9 questions

FOREST Community of Caring

Lesson

•

1st - 5th Grade

10 questions

Exploring Veterans Day: Facts and Celebrations for Kids

Interactive video

•

6th - 10th Grade

19 questions

Veterans Day

Quiz

•

5th Grade

14 questions

General Technology Use Quiz

Quiz

•

8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

15 questions

Circuits, Light Energy, and Forces

Quiz

•

5th Grade

19 questions

Thanksgiving Trivia

Quiz

•

6th Grade

Discover more resources for Computers

10 questions

Identifying Phishing Emails Quiz

Quiz

•

Professional Development

14 questions

2019 Logos

Quiz

•

Professional Development

10 questions

Thanksgiving Day Quiz - reading passage

Passage

•

Professional Development

20 questions

Prepositions of Place

Quiz

•

Professional Development