NO.166 An organization is planning to roll out a new mobile device policy and issue each employee a new laptop, These laptops would access the users' corporate operating system remotely and allow them to use the laptops for purposes outside of their job roles. Which of the following deployment models is being utilized?

(A). MDM and application management

NO.167 Which of the following actions would be recommended to improve an incident response process?

(A). Train the team to identify the difference between events and incidents

(B). Modify access so the IT team has full access to the compromised assets

(C). Contact the authorities if a cybercrime is suspected

(D). Restrict communication surrounding the response to the IT team

NO.168 Which of the following explains why RTO is included in a BIA?

(A). It identifies the amount of allowable downtime for an application or system,

(B). It prioritizes risks so the organization can allocate resources appropriately,

(C). It monetizes the loss of an asset and determines a break-even point for risk mitigation.

(D). It informs the backup approach so that the organization can recover data to a known time.

NO.171 Which of the following prevents an employee from seeing a colleague who is visiting an inappropriate website?

(D). Separation Of duties policy

NO.173 A user forwarded a suspicious email to the security team, Upon investigation, a malicious URL was discovered. Which of the following should be done FIRST to prevent other users from accessing the malicious URL?

(A). Configure the web content filter for the web address.

(B). Report the website to threat intelligence partners

(C). Set me SIEM to alert for any activity to the web address.

(D). Send out a corporate communication to warn all users Of the malicious email.

NO.175 A research company discovered that an unauthorized piece of software has been detected on a small number of machines in its lab. The researchers collaborate with other machines using port 445 and on the Internet using port 443. The unauthorized software is starting to be seen on additional machines outside of the lab and is making outbound communications using HTTPS and SMB. The security team has been instructed to resolve the problem as quickly as possible causing minimal disruption to the researchers. Which of the following contains the BEST course of action in this scenario?

(C). Place the unauthorized application in a blocklist.

(A). Update the host firewalls to block outbound SMB.

(B). Place the machines with the unapproved software in containment.

(D). Implement a content filter to block the unauthorized software communication.

NO.179 A web server has been compromised due to a ransomware attack. Further investigation reveals the ransomware has been in the server for the past 72 hours. The systems administrator needs to get the services back up as soon as possible. Which of the following should the administrator use to restore services to a secure state?

(C). The last full backup that was conducted seven days ago

(A). The last incremental backup that was conducted 72 hours ago Most Voted

(B). The last known-good configuration Most Voted

(D). The baseline OS configuration

NO.180 An organization has been experiencing outages during holiday sales and needs to ensure availability of its point-of-sale systems The IT administrator has been asked to improve both serverdata fault tolerance and site availability under high consumer load Which of the following are the BEST options to accomplish this objective'? (Select TWO)

(E). Dual power supply(F). NIC teaming

Warriors 151-180

Authored by virtual world

Computers

Professional Development

Used 4+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

30 questions

Show all answers

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.151 Which of the following is a security best practice that ensures the integrity of aggregated log files within a SIEM?

(A). Set up hashing on the source log file servers that complies with local regulatory requirements,

(B). Back up the aggregated log files at least two times a day or as stated by local regulatory requirements.

(C). Write protect the aggregated log files and move them to an isolated server with limited access.

(D). Back up the source log files and archive them for at least six years or in accordance with local regulatory requirements.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.152 A company recently experienced an inside attack using a corporate machine that resulted in data compromise. Analysis indicated an unauthorized change to the software circumvented technological protection measures, The analyst was tasked with determining the best method to ensure the integrity of the systems remains intact and local and remote boot attestation can take place. Which of the following would provide the BEST solution?

(A). HIPS

(B). Flm

(C). TPM

(D). DLP

Answer explanation

https://learn.microsoft.com/en-us/azure/security/fundamentals/measured-boot-host-attestation

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.153 A SOC operator is receiving continuous alerts from multiple Linux systems indicating that unsuccessful SSH attempts to a functional user ID have been attempted on each one of them in a short period of time. Which of the following BEST explains this behavior?

(A). Rainbow table attack

(B). Password spraying

(C). Logic bomb

(D). Malware bot

Answer explanation

Password Spraying is a variant of what is known as a brute force attack. In a traditional brute force attack, the perpetrator attempts to gain unauthorized access to a single account by guessing the password "repeatedly" in a very short period of time.

MULTIPLE SELECT QUESTION

2 mins • 1 pt

NO.154 A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Select TWO).

(A). The order of volatility

(B). A CRC32 checksum

(C). The provenance of the artifacts

(E). The date timer

(D). The vendor's name(F). A warning banne

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.155 Which of the following can work as an authentication method and as an alerting mechanism for unauthorized access attempts?

(A). Smart card

(B). push notifications

(C). Attestation service

(D). HMAC-based, one-time password

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.156 A company is receiving emails with links to phishing sites that look very similar to the company's own website address and content. Which of the following is the BEST way for the company to mitigate this attack?

(A). Create a honeynet to trap attackers who access the VPN with credentials obtained by phishing.

(B). Generate a list of domains similar to the company's own and implement a DNS sinkhole for each.

(C). Disable POP and IMAP on all Internet-facing email servers and implement SMTPS.

(D). Use an automated tool to flood the phishing websites with fake usernames and passwords.

MULTIPLE CHOICE QUESTION

2 mins • 1 pt

NO.157 Which of the following is a risk that is specifically associated with hosting applications in the public cloud?

(A). Unsecured root accounts

(B). Zero-day

(C). Shared tenancy

(D). Insider threat

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

25 questions

THỂ THỨC VĂN BẢN

Quiz

•

Professional Development

25 questions

7 ÔT Giữa Hk 1 tin học 7 23 - 24

Quiz

•

Professional Development

25 questions

Chủ đề: Ms powerpoint

Quiz

•

2nd Grade - Professio...

25 questions

MME 3.2- Chipset y BIOS

Quiz

•

Professional Development

25 questions

SOM 2.2.1

Quiz

•

Professional Development

25 questions

Myob Accounting/Kompt. Akt.

Quiz

•

Professional Development

26 questions

Repaso 2do trimestre Computación 5°

Quiz

•

KG - Professional Dev...

25 questions

IP Addressing Quiz

Quiz

•

Professional Development

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

10 questions

Probability Practice

Quiz

•

4th Grade

15 questions

Probability on Number LIne

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

6 questions

Appropriate Chromebook Usage

Lesson

•

7th Grade

10 questions

Greek Bases tele and phon

Quiz

•

6th - 8th Grade

Discover more resources for Computers

20 questions

Black History Month Trivia Game #1

Quiz

•

Professional Development

20 questions

90s Cartoons

Quiz

•

Professional Development

12 questions

Mardi Gras Trivia

Quiz

•

Professional Development

7 questions

Copy of G5_U5_L14_22-23

Lesson

•

KG - Professional Dev...

12 questions

Unit 5: Puerto Rico W1

Quiz

•

Professional Development

42 questions

LOTE_SPN2 5WEEK2 Day 4 We They Actividad 3

Quiz

•

Professional Development

15 questions

Balance Equations Hangers

Quiz

•

Professional Development

31 questions

Servsafe Food Manager Practice Test 2021- Part 1

Quiz

•

9th Grade - Professio...

Warriors 151-180

NO.151 Which of the following is a security best practice that ensures the integrity of aggregated log files within a SIEM?

https://learn.microsoft.com/en-us/azure/security/fundamentals/measured-boot-host-attestation

NO.153 A SOC operator is receiving continuous alerts from multiple Linux systems indicating that unsuccessful SSH attempts to a functional user ID have been attempted on each one of them in a short period of time. Which of the following BEST explains this behavior?

Password Spraying is a variant of what is known as a brute force attack. In a traditional brute force attack, the perpetrator attempts to gain unauthorized access to a single account by guessing the password "repeatedly" in a very short period of time.

NO.154 A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Select TWO).

NO.155 Which of the following can work as an authentication method and as an alerting mechanism for unauthorized access attempts?

NO.156 A company is receiving emails with links to phishing sites that look very similar to the company's own website address and content. Which of the following is the BEST way for the company to mitigate this attack?

NO.157 Which of the following is a risk that is specifically associated with hosting applications in the public cloud?

NO.158 Which of the following is an effective tool to stop or prevent the exfiltration of data from a network?

Data loss prevention (DLP) makes sure that users do not send sensitive or critical information outside the corporate network

NO.159 During a recent security incident at a multinational corporation a security analyst found the following logs for an account called user:.......Which Of the following account policies would BEST prevent attackers from logging in as user?

NO.160 Which of the following secure coding techniques makes compromised code more difficult for hackers to use?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers