Sorular 11-20

NO.11 Which of the following control types is focused primarily on reducing risk before an incident occurs?

NO.12 An organization has developed an application that needs a patch to fix a critical vulnerability In which of the following environments should the patch be deployed LAST?

NO.13 Which of the following control Types would be BEST to use in an accounting department to reduce losses from fraudulent transactions?

NO.14 Which of the following risk management strategies would an organization use to maintain a legacy system with known risks for operational purposes?

NO.15 A social media company based in North America is looking to expand into new global markets and needs to maintain compliance with international standards With which of the following is the company's data protection officer MOST likely concerned''

NO.16 Several users have opened tickets with the help desk. The help desk has reassigned the tickets to a security analyst for further review The security analyst reviews the following metrics:

Which of the following is MOST likely the result of the security analyst's review?

NO.17 A security analyst wants to fingerprint a web server Which of the following tools will the security analyst MOST likely use to accomplish this task?

NO.18 A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution. In order to restrict PHI documents, which of the following should be performed FIRST?

NO.19 Certain users are reporting their accounts are being used to send unauthorized emails and conduct suspicious activities. After further investigation, a security analyst notices the following:

✑ All users share workstations throughout the day.

✑ Endpoint protection was disabled on several workstations throughout the network.

✑ Travel times on logins from the affected users are impossible.

✑ Sensitive data is being uploaded to external sites. All user account passwords were forced to be reset and the issue continued.

Which of the following attacks is being used to compromise the user accounts?

NO.20 A junior security analyst is conducting an analysis after passwords were changed on multiple accounts without users' interaction. The SIEM have multiple login entries with the following text:

Which of The following is the MOST likely attack conducted on the environment?