An organization is tuning SIEM rules based off of threat intelligence

reports. Which of the following phases of the incident response process

does this scenario represent?

A network manager is concerned that business may be negatively

impacted if the firewall in its datacenter goes offline. The manager would

like to implement a high availability pair to:

A host was infected with malware. During the incident response, Joe, a

user, reported that he did not receive any emails with links, but he had

been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?

Which of the following would MOST likely be identified by a Points

credentialed scan but would be missed by an uncredentialed scan?

A recent phishing campaign resulted in several compromised user

accounts. The security incident response team has been tasked with

reducing the manual labor ot filtering through all the phishing emails as

they arrive and blocking the sender's email address, along with other

time-consuming mitigation actions. Which of the following can be configured to streamline those tasks?

Which of the following is a reason to publish files' hashes?

A security analyst is tasked with classifying data to be stored on company

servers. Which of the following should be classified as proprietary?