SYO 701 EDR Module FC

60. A recent malware outbreak across a subnet included successful rootkit installations on many PCs, ensuring persistence by rendering remediation efforts ineffective. Which of the following would best detect the presence of a rootkit in the future?

98. A systems administrator receives the following alert from a file integrity monitoring tool:

• The hash of the cmd.exe file has changed.

• The systems administrator checks the OS logs and notices that no patches were applied in the last two months.

• Which of the following most likely occurred?

106. A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following should the analyst do?

114. 114. A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

116. Which of the following can best protect against an employee inadvertently installing malware on a company system?

136. Which of the following is used to protect a computer from viruses, malware, and Trojans being installed and moving laterally across the network?

163. Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?