NO.51 An online gaming company was impacted by a ransomware attack. An employee opened an attachment that was received via an SMS attack on a company-issued mobile device while connected to the network. Which of the following actions would help during the forensic analysis of the mobile device? (Select TWO)
CySA+ (51-100)

Quiz
•
Computers
•
KG
•
Easy
cysa cysa
Used 42+ times
FREE Resource
50 questions
Show all answers
1.
MULTIPLE SELECT QUESTION
45 sec • 1 pt
A. Resetting the phone to factory settings
B. Rebooting the phone and installing the latest security updates
C. Documenting the respective chain of custody
D. Uninstalling any potentially unwanted programs
E. Performing a memory dump of the mobile device for analysis
F. Unlocking the device by browsing the eFuse
2.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
NO.52 An analyst receives an alert from the continuous-monitoring solution about unauthorized
changes to the firmware versions on several field devices. The asset owners confirm that no firmware
version updates were performed by authorized technicians, and customers have not reported any
performance issues or outages. Which Of the following actions would be BEST for the analyst to
recommend to the asset owners to secure the devices from further exploitation?
A. Change the passwords on the devices.
B. Implement BIOS passwords.
C. Remove the assets from the production network for analysis
D. Report the findings to the threat intel community.
3.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
NO.53 A security analyst reviews a recent network capture and notices encrypted inbound traffic on TCP port 465 was coming into the company's network from a database server. Which of the following will the security analyst MOST likely identify as the reason for the traffic on this port?
A. The server is receiving a secure connection using the new TLS 1.3 standard
B. Someone has configured an unauthorized SMTP application over SSL
C. The traffic is common static data that Windows servers send to Microsoft
D. A connection from the database to the web front end is communicating on the port
4.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
NO.54 Due to the continued support of legacy applications, an organization's enterprise password complexity rules are inadequate for its required security posture. Which of the following is the BEST compensating control to help reduce authentication compromises?
A. Smart cards
B. Multifactor authentication
C. Biometrics
D. Increased password-rotation frequency
5.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
NO.55 A security analyst identified some potentially malicious processes after capturing the contents of memory from a machine during incident response. Which of the following procedures is the NEXT step for further in investigation?
A. Data carving
B. Timeline construction
C. File cloning
D. Reverse engineering
6.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
NO.56 A company's Chief Information Officer wants to use a CASB solution to ensure policies are
being met during cloud access. Due to the nature of the company's business and risk appetite, the
management team elected to not store financial information in the cloud. A security analyst needs to
recommend a solution to mitigate the threat of financial data leakage into the cloud. Which of the
following should the analyst recommend?
A. Utilize the CASB to enforce DLP data-at-rest protection for financial information that is stored on
premises.
B. Do not utilize the CASB solution for this purpose, but add DLP on premises for data in motion.
C. Utilize the CASB to enforce DLP data-in-motion protection for financial information moving to the
cloud.
D. Do not utilize the CASB solution for this purpose, but add DLP on premises for data at res
7.
MULTIPLE CHOICE QUESTION
30 sec • 1 pt
NO.57 A general contractor has a list of contract documents containing critical business data that are stored at a public cloud provider. The organization's security analyst recently reviewed some of the storage containers and discovered most of the containers are not encrypted. Which of the following configurations will provide the MOST security to resolve the vulnerability?
A. Upgrading TLS 1.2 connections to TLS 1.3
B. Implementing AES-256 encryption on the containers
C. Enabling SHA-256 hashing on the containers
D. Implementing the Triple Data Encryption Algorithm at the file level
Create a free account and access millions of resources
Similar Resources on Wayground
53 questions
Intro To Networking 123

Quiz
•
9th - 12th Grade
45 questions
CSC 308 ISA MIDTERM EXAM

Quiz
•
University
49 questions
CYSA + (351-400)

Quiz
•
KG
50 questions
#01 CISSP: Full Coverage Mastery Exam 1 - Challenging

Quiz
•
Professional Development
50 questions
MCTCC0113

Quiz
•
University
51 questions
ITF+ Study Quiz 3

Quiz
•
Professional Development
53 questions
The Internet - AP CSP Unit 4

Quiz
•
9th - 12th Grade
50 questions
AKT test (151-200) Жаңа вариант

Quiz
•
University
Popular Resources on Wayground
25 questions
Equations of Circles

Quiz
•
10th - 11th Grade
30 questions
Week 5 Memory Builder 1 (Multiplication and Division Facts)

Quiz
•
9th Grade
33 questions
Unit 3 Summative - Summer School: Immune System

Quiz
•
10th Grade
10 questions
Writing and Identifying Ratios Practice

Quiz
•
5th - 6th Grade
36 questions
Prime and Composite Numbers

Quiz
•
5th Grade
14 questions
Exterior and Interior angles of Polygons

Quiz
•
8th Grade
37 questions
Camp Re-cap Week 1 (no regression)

Quiz
•
9th - 12th Grade
46 questions
Biology Semester 1 Review

Quiz
•
10th Grade