A security analyst wishes to scan the network to view potentially vulnerable systems the way an attacker would. Which of the following would BEST enable the analyst to complete the objective?
A.Perform a non-credentialed scan
B.Conduct an intrusive scan
C.Attempt escalation of privilege
D.Execute a credentialed scan
Performing a non-credentialed scan is the best option because that is how an attacker would see when they first enter the network. It acts as first level scan for the network because an attacker would easily find those patches.
A security analyst wishes to scan the network to view potentially vulnerable systems the way an...
A security analyst performs various types of vulnerability
scans. Review the vulnerability scan
results to determine the type of scan that was executed and if a
false positive
occurred for each device.
Instructions:
Select the Results Generated drop-down option to determine if the
results were generated from a credentialed
scan, non-credentialed scan, or a compliance scan.
For ONLY the credentialed and non-credentialed scans, evaluate the
results for false positives and check the
findings that display false positives. NOTE: If you...
A systems administrator has created network file shares for each department with associated security groups for each role within the organization . Which of the following security concepts is the system administrator implementing? separation of duites permission auditing least privilege standard naming concention
376. A security analyst receives a mobile device with symptoms of a virus infection. The virus is morphing whenever it is from sandbox to sandbox to analyze. Which of the following will help to identify the number of variations through the analysis life cycle? A. Journaling B. Hashing utilities C. Log viewers D. OS and process analysis My guess: C Other’s answer: D __________________________________________________ 378. Which of the following BEST describes why vulnerabilities found in ICS and SCADA can be...
156. A cybersecurity analyst is hired to review the security posture of a company. The cybersecurity analyst notices a very high network bandwidth consumption due to SYN floods from a small number of IP addresses. Which of the following would be the BEST action to take to support incident response? A. Increase the company's bandwidth. B. Apply ingress filters at the routers. C. Install a packet capturing tool. D. Block all SYN packets. My guess: B _______________________________________ 161. The security...
A staff member reported that a laptop has degraded performance. The security analyst has investigated the issue and discovered that CPU utilization, memory utilization, and outbound network traffic are consuming the laptop resources. Which of the following is the BEST course of actions to resolve the problem? (choose one and why) Identify and remove malicious processes. Disable scheduled tasks. Suspend virus scan. Increase laptop memory. Ensure the laptop OS is properly patched.
A cyber security analyst noticed a spike in activities from the
guest wireless network to several electronic health record (EHR)
systems. After further analysis, the analyst discovered that a
large volume of data has been uploaded to a cloud provider in the
last six months. Which of the following actions should the analyst
do FIRST?
A. Contact the Office of Civil Rights (OCR) to report the
breach
B. Put an ACL on the gateway router
C. Notify the Chief Privacy...
A systems administrator is concerned that a server may be compromised. A security analyst notices the following log output while aiding with the investigation July 23 01:35:10 LINSERV01 useradd [30245]: failed adding user 'hjasole, data deleted July 23 01:35:10 LINSERVO1 passwd [ 30246] : password for 'hjasole changed by 'root' July 23 01:35:12 LINSERV01 passwd [30263] : password for 'mroch' changed by 'root' July 23 01:38:10 LINSERV01 useradd(30523]: failed adding user 'apache', data deleted July 23 01:42:48 LINSERV01 passwd [32532]...
A SIEM analyst noticed a spike in activities from the guest wireless network to several electronic health record (EHR) systems. After further analysis, the analyst discovered that a large volume of data has been uploaded to a cloud provider in the last six months. Which of the following actions should the analyst do FIRST? A. Contact the Office of Civil Rights (OCR) to report the breach B. Notify the Chief Privacy Officer (CPO) C. Put an ACL on the gateway...
As part of a new BYOD rollout, a security analyst has been asked to find a way to securely store company data on personal devices. Which of the following would BEST help to accomplish this? Require the use of an eight-character PIN. Implement containerization of company data. Require annual AUP sign-off. Use geofencing tools to unlock devices while on the premises.
REALISTIC ANSWERS PLS QUESTION: 166 A company contracts a security engineer to perform a penetration test of its client-facing web portal. Which of the following activities would be MOST appropriate? A. Use a protocol analyzer against the site to see if data input can be replayed from the browser B. Scan the website through an interception proxy and identify areas for the code injection C. Scan the site with a port scanner to identify vulnerable services running on the web...