NO.371 A document that appears to be malicious has been discovered in an email that was sent to a company's Chief Financial Officer (CFO). Which of the following would be BEST to allow a security analyst to gather information and confirm it is a malicious document without executing any code it may contain?

(C). Search for matching file hashes on malware websites

(A). Open the document on an air-gapped network

(B). View the document's metadata for origin clues

(D). Detonate the document in an analysis sandbox

NO.376 A security analyst needs to be proactive in understand the types of attacks that could potentially target the company's execute. Which of the following intelligence sources should to security analyst review?

(D). Industry information-sharing and collaboration groups

(B). Trusted automated exchange of indicator information

(C). Structured threat information expression

NO.377 The CSIRT is reviewing the lessons learned from a recent incident. A worm was able to spread unhindered throughout the network and infect a large number of computers and servers. Which of the following recommendations would be BEST to mitigate the impacts of a similar incident in the future?

(B). Segment the network with firewalls.

A). Install a NIDS device at the boundary

(C). Update all antivirus signatures daily.

(D). Implement application blacklisting.

NO.378 A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

(C). Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors

A). The most common set of MDM configurations will become the effective set of enterprise mobile security controls

(B). All devices will need to support SCEP-based enrollment; therefore, the heterogeneity of the chosen architecture may unnecessarily expose private keys to adversaries

(D). MDMs typically will not support heterogeneous deployment environments, so multiple MDMs will need to be installed and configured.

NO.381 A security analyst Is hardening a Linux workstation and must ensure It has public keys forwarded to remote systems for secure login Which of the following steps should the analyst perform to meet these requirements? (Select TWO).

(A). Forward the keys using ssh-copy-id.

(C). Forward the keys using ash -i.

(D). Forward the keys using openssl -s.

(E). Forward the keys using ssh-keyger

NO.382 A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices the following requirements must be met: Mobile device OSs must be patched up to the latest release A screen lock must be enabled (passcode or biometric) * Corporate data must be removed if the device is reported lost or stolen Which of the following controls should the security engineer configure? (Select TWO)

(E). Full-device encryption F). Geofencing

NO.384 An analyst has determined that a server was not patched and an external actor exfiltrated data on port 139. Which of the following sources should the analyst review to BEST ascertain how the Incident could have been prevented?

(A). The vulnerability scan output

NO.387 A security manager runs Nessus scans of the network after every maintenance window. Which of the following is the security manger MOST likely trying to accomplish?

A). Verifying that system patching has effectively removed knows vulnerabilities

(B). Identifying assets on the network that may not exist on the network asset inventory

(C). Validating the hosts do not have vulnerable ports exposed to the internet

(D). Checking the status of the automated malware analysis that is being performed

NO.389 A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

(D). Scan for rogue access points

(E). Upgrade the security protocols (F). Install a captive portal

NO.390 A website developer who is concerned about theft cf the company's user database warns to protect weak passwords from offline brute-force attacks. Which of the following be the BEST solution?

(A) Lock acconuts after five failed logons

(B) Precompute passwords with rainbow tables

(C) Use a key-stretching technique

(D) Hash passwords with the MD5 algorithm

361 - 390

Authored by siso coc

Computers

Used 10+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

30 questions

Show all answers

MULTIPLE CHOICE QUESTION

10 mins • 1 pt

NO.361 A security analyst is investigating multiple hosts that are communicating to external IP addresses during the hours of 2:00 a.m - 4:00 am. The malware has evaded detection by traditional antivirus software. Which of the following types of malware is MOST likely infecting the hosts?

(A). A RAT

(B). Ransomware

(C). Logic bomb

(D). A worm

MULTIPLE CHOICE QUESTION

10 mins • 1 pt

NO.362 A public relations team will be taking a group of guest on a tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboars are cleaned and all desks are cleared. The company is MOST likely trying to protect against

A). Loss of proprietary information

(B). Damage to the company's reputation

(C). Social engineering

(D). Credential exposure

MULTIPLE CHOICE QUESTION

10 mins • 1 pt

NO.363 A desktop support technician recently installed a new document-scanning software program on a computer However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?

(A). A new firewall rule is needed to access the application.

B). The system was quarantined for missing software updates

(C). The software was not added to the application whitelist.

(D). The system was isolated from the network due to infected software.

MULTIPLE CHOICE QUESTION

10 mins • 1 pt

NO.364 Users reported several suspicious activities within the last two weeks that resulted in several unauthorized transactions. Upon investigation, the security analyst found the following: Multiple reports of breached credentials within that time period Traffic being redirected in certain parts of the network * Fraudulent emails being sent by various internal users without their consent Which of the following types of attacks was MOST likely used?

(A). Replay attack

(B). Race condition

C). Cross site scripting

D). Request forgeries

MULTIPLE CHOICE QUESTION

10 mins • 1 pt

NO.365 An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

(A). It allows for the sharing of digital forensics data across organizations

(B). It provides insurance in case of a data breach

(C). It provides complimentary training and certification resources to IT security staff

(D). It certifies the organization can work with foreign entities that require a security clearance

(E). It assures customers that the organization meets security standards

MULTIPLE CHOICE QUESTION

10 mins • 1 pt

NO.366 A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements: The devices will be used internationally by staff who travel extensively. Occasional personal use is acceptable due to the travel requirements. Users must be able to install and configure sanctioned programs and productivity suites. The devices must be encrypted The devices must be capable of operating in low-bandwidth environments. Which of the following would provide the GREATEST benefit to the security posture of the devices?

(A). Configuring an always-on VPN

(B). Implementing application whitelisting

(C). Requiring web traffic to pass through the on-premises content filter

(D). Setting the antivirus DAT update schedule to weekly

MULTIPLE CHOICE QUESTION

10 mins • 1 pt

NO.367 A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

(A). Configure the perimeter firewall to deny inbound external connections to SMB ports.

(B). Ensure endpoint detection and response systems are alerting on suspicious SMB connections.

(C). Deny unauthenticated users access to shared network folders

(D). Verify computers are set to install monthly operating system, updates automatically.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

LIST-TUPLES-SET-DICTIONARY

Quiz

•

Professional Development

25 questions

Atividade sobre Modelos de Processo de Software

Quiz

•

University

30 questions

Programming Techniques

Quiz

•

8th - 10th Grade

25 questions

Module 3 - Security Architecture

Quiz

•

University

28 questions

B1. Hệ điều hành

Quiz

•

11th Grade

25 questions

PH TIK Kelas 6

Quiz

•

1st - 5th Grade

25 questions

HTML dla początkujących

Quiz

•

9th Grade

25 questions

Aptitude Competition(FY)

Quiz

•

University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

10 questions

Probability Practice

Quiz

•

4th Grade

15 questions

Probability on Number LIne

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

6 questions

Appropriate Chromebook Usage

Lesson

•

7th Grade

10 questions

Greek Bases tele and phon

Quiz

•

6th - 8th Grade

Discover more resources for Computers

12 questions

Presidents' Day

Quiz

•

KG - 5th Grade

20 questions

Place Value

Quiz

•

KG - 3rd Grade

12 questions

CKLA Unit 6 Comprehension Assessment K

Quiz

•

23 questions

CKLA Unit 6 Assessment K

Quiz

•

16 questions

Blends and Digraphs

Quiz

•

KG - 1st Grade

10 questions

Direct and Indirect Characterization

Quiz

•

22 questions

Waves

Quiz

•

KG - University

7 questions

Copy of G5_U5_L14_22-23

Lesson

•

KG - Professional Dev...

361 - 390

NO.361 A security analyst is investigating multiple hosts that are communicating to external IP addresses during the hours of 2:00 a.m - 4:00 am. The malware has evaded detection by traditional antivirus software. Which of the following types of malware is MOST likely infecting the hosts?

NO.363 A desktop support technician recently installed a new document-scanning software program on a computer However, when the end user tried to launch the program, it did not respond. Which of the following is MOST likely the cause?

NO.365 An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification?

NO.367 A recently discovered zero-day exploit utilizes an unknown vulnerability in the SMB network protocol to rapidly infect computers. Once infected, computers are encrypted and held for ransom. Which of the following would BEST prevent this attack from reoccurring?

NO.368 Which of the following disaster recovery tests is The LEAST time consuming for the disaster recovery team?

NO.370 A retail executive recently accepted a job with a major competitor. The following week, a security analyst reviews the security logs and identifies successful logon attempts to access the departed executive's accounts. Which of the following security practices would have addressed the issue?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers