Q:201- The steering committee for information security management annually reviews the security

incident register for the organization to look for trends and systematic issues.The steering committee wants to rank the risks based on past incidents to improve the security program for next year. Below is the incident register for the organization.

Which of the following should the organization consider investing in FIRST due to the potential

impact of availability?

NO.202 A security administrator needs to provide access from partners to an Isolated laboratory network inside an organization that meets the following requirements:

*The partners' PCs must not connect directly to the laboratory network.

*The tools the partners need to access while on the laboratory network must be available to all partners

*The partners must be able to run analyses on the laboratory network, which may take hours to complete

Which of the following capabilities will MOST likely meet the security objectives of the request?

(ExamTopic'e gore guncellendi)

Q: 203 - A remote code execution vulnerability was discovered in the RDP. An organization currently uses RDP for remote access to a portion of its VDI environment. The analyst verified network-level authentication is enabled. Which of the following is the BEST remediation for this vulnerability?

Q: 204 A security analyst is reviewing the logs from an internal chat server.

The chat.log file is too

large to review manually, so the analyst wants to create a shorter log file that only includes lines associated with a user demonstrating anomalous activity. Below is a snippet of the log:

Q: 206 - A storage area network (SAN) was inadvertently powered off while power maintenance was being performed in a datacenter. None of the systems should have lost all power during the maintenance. Upon review, it is discovered that a SAN administrator moved a power plug when

testing the SAN's fault notification features.

Which of the following should be done to prevent this issue from reoccurring?

Q: 207 - While conoXicting a cloud assessment, a security analyst performs a Prowler scan, which

generates the following within the report:

Based on the Prowler report, which of the following is the BEST recommendation?

Q: 208 -A security analyst needs to perform a search for connections with a suspicious IP on the network traffic. The company collects full packet captures at the Internet gateway and retains them for one week. Which of the following will enable the analyst to obtain the BEST results?