Which one of the following is not an appropriate criterion to use when prioritizing remediation of vulnerabilities?

The severity of vulnerabilities

The network exposure of an affected system

Which of the following statements is not true about ATT&CK matrices?

Include metadata like the author, the name of the IOC, and a description.

Include preattack, enterprise matrices focusing on Windows, macOS, Linux, and cloud computing as well as iOS and Android mobile platforms.

Include detailed descriptions, definitions, and examples for the complete threat life cycle.

Include details of mitigations, threat actor groups, software, and a host of other useful details.

During a forensic investigation, Maria discovers evidence that a crime has been committed. What do organizations typically do to ensure that law enforcement can use data to prosecute a crime?

Document a chain of custody for the forensic data.

Only perform a forensic investigation on the original storage media.

Securely wipe drives to prevent further issues.

Immediately implement a legal hold.

Bernie is designing a PCI DSS-compliant vulnerability management program for his business. Who may conduct the internal scans required by the standard?

Scans may be conducted by any qualified individual.

Scans must be conducted by an approved scanning vendor (ASV).

Scans must be conducted by an internal audit group or an ASV.

Scans must be conducted by a PCI DSS—certified individual.

Rodney's company wants to prevent phishing attacks from resulting in account compromise. Which of the following solutions will provide the most effective solution?

Add token-based authentication.

Set a shorter password lifespan.

Implement context—aware authentication.

Use enhanced password requirements.

Which phase of the incident response process is most likely to include gathering additional evidence, such as information that would support legal action?

Containment, eradication, and recovery

Edward is preparing an incident response report, and he discovers that some systems were not properly configured to use NTP. What critical element of incident reports may suffer based on this?

The post recovery validation report

The documentation of specific actions taken to remediate issues

Charles is building an incident response play course for his organization that will address command and control (C&C) client-server traffic detection and response. Which of the following information sources is least likely to be part of his play course?

Notifications from internal staff about suspicious behavior

Brian works in an XYZ organization. His network suddenly stops working at 8:40 AM, interrupting video conferences, streaming, and other services throughout his organization, and then resumes functioning. When Brian logs into his Paessler Router Traffic Grapher (PRTG) console and checks his router's traffic via the primary connection's redundant network link, he sees the following graph. What should Brian presume occurred based on the given information shown in Figure A?

The primary link had gone down and he should check the secondary link for traffic.

PRTG stopped receiving flow information and needs to be restarted.

There was a link card failure and the card has recovered.

The network has failed and is running in cached mode.

If users are performing forensic investigations on cloud services, it will be very challenging for them to preserve data. Which of the following tasks will users perform to overcome these challenges in the given scenario? Each correct answer represents a complete solution. Choose all that apply.

Determine what users' contracts say about investigations.

Determine what legal recourse users have with a vendor.

Identify data that users need and whether it is available via methods that they or their organization controls.

Work with a consumer to identify a course of action if users do not control data.

uC CS0-003 Q1

Authored by Jose Manuel Rios

Computers

University

Used 7+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

40 questions

Show all answers

MULTIPLE CHOICE QUESTION

1 min • 1 pt

An incident response report discovers a virus introduced through a remote host connected to corporate resources. A cybersecurity analyst has been asked for a
" recommendation to solve this issue. Which of the following should the cybersecurity analyst apply in the given scenario?

VPN

SIEM

NAC

MAC

Answer explanation

NAC

MULTIPLE SELECT QUESTION

1 min • 1 pt

Which of the following are the major categories of security event indicators described by NIST 800-61?
Each correct answer represents a complete solution. Choose all that apply.

Internal and external sources

Alerts from IDS, IPS, SIEM, AV, and other security systems

Patch validation

Regression testing

HTTP checking

WAV testing

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

36 questions

Ôn Tập HK1 Tin Học 11

Quiz

•

11th Grade - University

40 questions

Basic Algorithm in C (Data type, Expression, Branching, Looping)

Quiz

•

University

40 questions

Java-Collections

Quiz

•

University

45 questions

IP MIDTERM

Quiz

•

University

40 questions

แบบทดสอบกลางภาควิชาเทคโนโลยีดิจิทัลเพื่อการจัดการอาชีพ

Quiz

•

University

40 questions

Basic Computer Concepts Quiz

Quiz

•

University

35 questions

Unit 9.1 - Textual Programming

Quiz

•

8th Grade - University

39 questions

Advanced Object Oriented Programming

Quiz

•

University

Popular Resources on Wayground

7 questions

History of Valentine's Day

Interactive video

•

4th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

15 questions

Valentine's Day Trivia

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

Discover more resources for Computers

18 questions

Valentines Day Trivia

Quiz

•

3rd Grade - University

12 questions

IREAD Week 4 - Review

Quiz

•

3rd Grade - University

23 questions

Subject Verb Agreement

Quiz

•

9th Grade - University

5 questions

What is Presidents' Day?

Interactive video

•

10th Grade - University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

20 questions

Mardi Gras History

Quiz

•

6th Grade - University

10 questions

The Roaring 20's Crash Course US History

Interactive video

•

11th Grade - University

17 questions

Review9_TEACHER

Quiz

•

University

uC CS0-003 Q1

An incident response report discovers a virus introduced through a remote host connected to corporate resources. A cybersecurity analyst has been asked for a
" recommendation to solve this issue. Which of the following should the cybersecurity analyst apply in the given scenario?

NAC

Which of the following are the major categories of security event indicators described by NIST 800-61?
Each correct answer represents a complete solution. Choose all that apply.

NIST

Which incident response metric measures the time from detection to assessing the event as an incident and activating the process?

Joe, an investigator, wants to scan a hard drive to view the deleted communication. Which of the following tools should Joe use to accomplish the given task?

Jordan, a white hat hacker, observes an inaccurate alert triggered by an intrusion prevention system (IPS). Which type of event has occurred in the scenario?

Olivia has requested that her development team run their web application security testing tools against their web applications, despite the fact that they just installed the most recent patches. What is this type of testing called?

Sasha, the project manager of a computer networking project, is monitoring the performance of her project. She decides to change the project plan to eliminate risks to protect the objectives of the project. Which of the following strategies is she using to tackle the risk in the given scenario?

What information does a CVSS score provide that will influence administrator's prioritization of patch installation timeframes?

A security administrator is constructing a development environment and places three virtual servers in a new virtual network to isolate them from the production network. Which of the following describes the environment that the administrator is building in the given scenario?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

uC CS0-003 Q1

An incident response report discovers a virus introduced through a remote host connected to corporate resources. A cybersecurity analyst has been asked for a" recommendation to solve this issue. Which of the following should the cybersecurity analyst apply in the given scenario?

NAC

Which of the following are the major categories of security event indicators described by NIST 800-61?Each correct answer represents a complete solution. Choose all that apply.

NIST

Which incident response metric measures the time from detection to assessing the event as an incident and activating the process?

Joe, an investigator, wants to scan a hard drive to view the deleted communication. Which of the following tools should Joe use to accomplish the given task?

Jordan, a white hat hacker, observes an inaccurate alert triggered by an intrusion prevention system (IPS). Which type of event has occurred in the scenario?

Olivia has requested that her development team run their web application security testing tools against their web applications, despite the fact that they just installed the most recent patches. What is this type of testing called?

Sasha, the project manager of a computer networking project, is monitoring the performance of her project. She decides to change the project plan to eliminate risks to protect the objectives of the project. Which of the following strategies is she using to tackle the risk in the given scenario?

What information does a CVSS score provide that will influence administrator's prioritization of patch installation timeframes?

A security administrator is constructing a development environment and places three virtual servers in a new virtual network to isolate them from the production network. Which of the following describes the environment that the administrator is building in the given scenario?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

An incident response report discovers a virus introduced through a remote host connected to corporate resources. A cybersecurity analyst has been asked for a
" recommendation to solve this issue. Which of the following should the cybersecurity analyst apply in the given scenario?

Which of the following are the major categories of security event indicators described by NIST 800-61?
Each correct answer represents a complete solution. Choose all that apply.