Which of the following are requirements that must be configured for PCI OSS compliance? (Choose two.)

Testing security systems and processes regularly

Assigning a unique 10 to each person with computer access

Installing and maintaining a web proxy to protect cardholder data

Encrypting transmission of cardholder data across private networks

Benchmarking security awareness training far contractors

Which of the following explains why RTO is included in a BlA?

It identifies the amount of allowable downtime for an application or system.

It monetizes the loss of an asset and determines a break-even point for risk mitigation.

It prioritizes risks so the organization can allocate resources appropriately.

It informs the backup approach so that the organization can recover data ta a known time.

Which of the following would be the BEST way to analyze diskless malware that has infected a VDI?

Take a memory snapshot of the running system.

Run a full on-demand scan of the root volume.

Shut down the VOI and copy off the event logs.

Use NetFlow to identify command-and-control IPs.

An organization is building backup server rooms in geographically diverse locations. The Chief Information Security Officer implemented a requirement on the project that states the new hardware cannot be susceptible to the same vulnerabilities in the existing server room. Which of the following should the systems engineer consider?

Purchasing hardware from different vendors

Implementing a robust patch management solution

Migrating workloads to public cloud infrastructure

Designing new detective security controls

While reviewing the wireless router, a systems administrator of a small business determines someone is spoofing the MAC address of an authorized device. Given the table ABOVE Which of the following should be the administrators NEXT step to detect if there is a rogue system without impacting availability?

Deny Internet access to the "UNKNOWN" hostname.

While checking logs, a security engineer notices a number of end users suddenly downloading files with the .tar.gz extension. Closer examination of the files reveals they are PE32 files. The end users state they did not initiate any of the downloads. Further investigation reveals the end users all clicked on an external email containing an infected MHT file with an href link a week prior. Which of the following is MOST likely occurring?

A RAT was installed and is transferring additional exploit tools.

A logic bomb was executed and is responsible for the data transfers.

The workstations are beaconing to a command-and-control server.

A fireless virus is spreading in the local network environment.

A cybersecurity analyst reviews the log files trom a web server and sees a series of files that indicate a directory-traversal attack has occurred. Which of the following is the analyst MOST likely seeing?

http://sample.url.com/someotherpageonsite/../../../etc/shadow

http://sample.url.com/<script>Please-Visit-Our-Phishing-Site</script>

The IT depaäment's on-site developer has been WI•th the team for many years. Each time an application is released, the security team is able to identify multiple vulnerabilities. Which of the following would BEST help the team ensure the application is ready to be released to production?

Submit the application to before releasing it

Limit the use of third-pady libraries

SYO-601 Practice Questions 42-82

Authored by Darrielle Flemming-Robinson

Instructional Technology

12th Grade

41 Questions

Used 5+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An organization is tuning SIEM rules based off of threat intelligence
reports. Which of the following phases of the incident response process
does this scenario represent?

Eradication

Preparation

Lessons Learned

Recovery

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A network manager is concerned that business may be negatively
impacted if the firewall in its datacenter goes offline. The manager would
like to implement a high availability pair to:

decrease the mean time between failures

cut dawn the mean time to repair.

remove the single point of failure.

reduce the recovery time objective.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A host was infected with malware. During the incident response, Joe, a
user, reported that he did not receive any emails with links, but he had
been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?

The DNS logs

The SIP traffic logs

The web server logs

The SNMP logs

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following would MOST likely be identified by a Points
credentialed scan but would be missed by an uncredentialed scan?

Vulnerabilities with a CVSS score greater than 6.9.

CVEs related to nan-Microsoft systems such as printers and switches.

Critical infrastructure vulnerabilities on non-lP protocols.

Missing patches for third-party software on Windows workstations and

servers.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A recent phishing campaign resulted in several compromised user
accounts. The security incident response team has been tasked with
reducing the manual labor ot filtering through all the phishing emails as
they arrive and blocking the sender's email address, along with other
time-consuming mitigation actions. Which of the following can be configured to streamline those tasks?

SOAR playbook

Firewall rules

MOM policy

URLfilter

SIEM data collection

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a reason to publish files' hashes?

To validate the integrity af the files

To use the hash as a software activation ke

To verify if the software was digitally signed

To use the hash as a decryption passphrase

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A security analyst is tasked with classifying data to be stored on company
servers. Which of the following should be classified as proprietary?

Customers dates af birth

Marketing strategies

Customers email addresses

Employee salaries

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

46 questions

PEMELIHARAAN SASIS DAN PEMINDAH TENAGA KENDARAAN RINGAN

Quiz

•

12th Grade

40 questions

GOOGLE DOCS

Quiz

•

5th - 12th Grade

40 questions

COMPUTER SYSTEM (SYSTEM BACK-UP) SET 2

Quiz

•

1st Grade - Professio...

36 questions

Mega Quiz

Quiz

•

7th Grade - Professio...

40 questions

Quiz Rancang Bangun Konfigurasi Router Mikrotik

Quiz

•

12th Grade

40 questions

SOAL EVALUASI CMS OTOTRONIK

Quiz

•

12th Grade

40 questions

Thủy Tổ Tin Học

Quiz

•

12th Grade

44 questions

CNGHE 50C

Quiz

•

12th Grade

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Instructional Technology

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

15 questions

Christmas Song Emoji Pictionary

Quiz

•

7th - 12th Grade

20 questions

Christmas Movies

Quiz

•

1st - 12th Grade

55 questions

CHS Holiday Trivia

Quiz

•

12th Grade

20 questions

Christmas Movie Trivia

Quiz

•

9th - 12th Grade

29 questions

christmas facts

Lesson

•

5th - 12th Grade

20 questions

Christmas Trivia

Quiz

•

5th - 12th Grade

20 questions

Stages of Meiosis

Quiz

•

9th - 12th Grade

SYO-601 Practice Questions 42-82

An organization is tuning SIEM rules based off of threat intelligencereports. Which of the following phases of the incident response processdoes this scenario represent?

A network manager is concerned that business may be negativelyimpacted if the firewall in its datacenter goes offline. The manager wouldlike to implement a high availability pair to:

A host was infected with malware. During the incident response, Joe, auser, reported that he did not receive any emails with links, but he hadbeen browsing the Internet all day. Which of the following would MOST likely show where the malware originated?

Which of the following would MOST likely be identified by a Pointscredentialed scan but would be missed by an uncredentialed scan?

Which of the following is a reason to publish files' hashes?

A security analyst is tasked with classifying data to be stored on companyservers. Which of the following should be classified as proprietary?

Which of the following are requirements that must be configured for PCIOSS compliance? (Choose two.)

Which of the following can be used by a monitoring tool to comparevalues and detect password leaks without providing the actualcredentials?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Instructional Technology

An organization is tuning SIEM rules based off of threat intelligence
reports. Which of the following phases of the incident response process
does this scenario represent?

A network manager is concerned that business may be negatively
impacted if the firewall in its datacenter goes offline. The manager would
like to implement a high availability pair to:

A host was infected with malware. During the incident response, Joe, a
user, reported that he did not receive any emails with links, but he had
been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?

Which of the following would MOST likely be identified by a Points
credentialed scan but would be missed by an uncredentialed scan?

A security analyst is tasked with classifying data to be stored on company
servers. Which of the following should be classified as proprietary?

Which of the following are requirements that must be configured for PCI
OSS compliance? (Choose two.)

Which of the following can be used by a monitoring tool to compare
values and detect password leaks without providing the actual
credentials?