CAS-004 Exam Dumps | A security engineer has been informed by the firewall team that a specific Windows workstation is part

<< Prev Question Next Question >>

Question 77/300

A security engineer has been informed by the firewall team that a specific Windows workstation is part of a command-and-control network. The only information the security engineer is receiving is that the traffic is occurring on a non-standard port (TCP 40322). Which of the following commands should the security engineer use FIRST to find the malicious process?

A. tcpdump

B. netstar

C. tasklist

D. traceroute

E. ipconfig

Question List (300q): Question 1: A business wants to migrate its workloads from an exclusivel...; Question 2: A help desk technician is troubleshooting an issue with an e...; Question 3: During a phishing exercise, a few privileged users ranked hi...; Question 4: An organization is working to secure its development process...; Question 5: An organization has deployed a cloud-based application that ...; Question 6: A security administrator has been provided with three separa...; Question 7: A security analyst is investigating a series of suspicious e...; Question 8: A company has data it would like to aggregate from its PLCs ...; Question 9: A SaaS startup is maturing its DevSecOps program and wants t...; Question 10: A recent security assessment generated a recommendation to t...; Question 11: Due to adverse events, a medium-sized corporation suffered a...; Question 12: A large telecommunications equipment manufacturer needs to e...; Question 13: The Chief Information Security Officer is concerned about th...; Question 14: A local university that has a global footprint is undertakin...; Question 15: During a review of events, a security analyst notes that sev...; Question 16: A security analyst discovered that the company's WAF was not...; Question 17: A security engineer is investigating a phishing campaign in ...; Question 18: A security administrator configured the account policies per...; Question 19: During a recent breach, an attacker was able to get a user's...; Question 20: A company would like to move its payment card data to a clou...; Question 21: A security architect is tasked with scoping a penetration te...; Question 22: The general counsel at an organization has received written ...; Question 23: An organization is prioritizing efforts to remediate or miti...; Question 24: The Chief information Officer (CIO) wants to establish a non...; Question 25: A company's claims processed department has a mobile workfor...; Question 26: A security administrator is trying to securely provide publi...; Question 27: A security analyst runs a vulnerability scan on a network ad...; Question 28: A company's SOC has received threat intelligence about an ac...; Question 29: A Chief Information Security Officer (CISO) is concerned tha...; Question 30: An analyst is working to address a potential compromise of a...; Question 31: During a recent security incident investigation, a security ...; Question 32: A recent data breach revealed that a company has a number of...; Question 33: Which of the following is the best reason for obtaining file...; Question 34: A company wants to refactor a monolithic application to take...; Question 35: A company has been the target of LDAP injections, as well as...; Question 36: A company just released a new video card. Due to limited sup...; Question 37: In order to authenticate employees who, call in remotely, a ...; Question 38: Which of the following technologies would need to be in an u...; Question 39: A security engineer is concerned about the threat of side-ch...; Question 40: A hospital has fallen behind with patching known vulnerabili...; Question 41: An administrator at a software development company would lik...; Question 42: The CI/CD pipeline requires code to have close to zero defec...; Question 43: A pharmaceutical company was recently compromised by ransomw...; Question 44: A security analyst is reading the results of a successful ex...; Question 45: A network administrator who manages a Linux web server notic...; Question 46: A system administrator at a medical imaging company discover...; Question 47: A company's Chief Information Security Officer is concerned ...; Question 48: A Chief information Security Officer (CISO) has launched to ...; Question 49: Which of the following is a risk associated with SDN?...; Question 50: A software development company needs to mitigate third-party...; Question 51: An organization's finance system was recently attacked. A fo...; Question 52: A cybersecurity analyst receives a ticket that indicates a p...; Question 53: A user experiences an HTTPS connection error when trying to ...; Question 54: A software developer created an application for a large, mul...; Question 55: To save time, a company that is developing a new VPN solutio...; Question 56: Due to internal resource constraints, the management team ha...; Question 57: A security administrator at a global organization wants to u...; Question 58: An organization developed a social media application that is...; Question 59: A security administrator wants to enable a feature that woul...; Question 60: A threat analyst notices the following URL while going throu...; Question 61: A business stores personal client data of individuals residi...; Question 62: Company A is merging with Company B Company A is a small, lo...; Question 63: Based on PCI DSS v3.4, One Particular database field can sto...; Question 64: A security engineer evaluates the overall security of a cust...; Question 65: A developer implement the following code snippet. (Exhibit) ...; Question 66: A product development team has submitted code snippets for r...; Question 67: A security analyst is validating the MAC policy on a set of ...; Question 68: A security architect needs to enable a container orchestrato...; Question 69: A security analyst is assessing a new application written in...; Question 70: An architectural firm is working with its security team to e...; Question 71: A technology company developed an in-house chat application ...; Question 72: A company's product site recently had failed API calls, resu...; Question 73: Which of the following technologies would benefit the most f...; Question 74: A company's employees are not permitted to access company sy...; Question 75: Which of the following describes how a risk assessment is pe...; Question 76: A security auditor needs to review the manner in which an en...; Question 77: A security engineer has been informed by the firewall team t...; Question 78: Law enforcement officials informed an organization that an i...; Question 79: A security engineer would like to control configurations on ...; Question 80: A security analyst is participating in a risk assessment and...; Question 81: A security analyst identified a vulnerable and deprecated ru...; Question 82: A security architect discovers the following page while test...; Question 83: An organization is designing a MAC scheme (or critical serve...; Question 84: A security administrator is setting up a virtualization solu...; Question 85: The findings from a recent penetration test report indicate ...; Question 86: A company is moving most of its customer-facing production s...; Question 87: A local government that is investigating a data exfiltration...; Question 88: A SIEM generated an alert after a third-party database admin...; Question 89: An investigator is attempting to determine if recent data br...; Question 90: Which of the following protocols is a low power, low data ra...; Question 91: During the development process, the team identifies major co...; Question 92: A Chief Information Security Officer is concerned about the ...; Question 93: A common industrial protocol has the following characteristi...; Question 94: After investigating a recent security incident, a SOC analys...; Question 95: A security operations center analyst is investigating anomal...; Question 96: A security technician is trying to connect a remote site to ...; Question 97: After a security incident, a network security engineer disco...; Question 98: A company processes data subject to NDAs with partners that ...; Question 99: A company has decided to purchase a license for software tha...; Question 100: A security analyst notices a number of SIEM events that show...; Question 101: A network security engineer is designing a three-tier web ar...; Question 102: A penetration tester inputs the following command: (Exhibit)...; Question 103: A new VM server (Web Server C) was spun up in the cloud and ...; Question 104: A security analyst is investigating a possible buffer overfl...; Question 105: An internal security assessor identified large gaps in a com...; Question 106: A security analyst is evaluating all third-party software an...; Question 107: An organization's assessment of a third-party, non-critical ...; Question 108: city government's IT director was notified by the City counc...; Question 109: A company hired a third party to develop software as part of...; Question 110: An organization develops a social media application that is ...; Question 111: A company reviews the regulatory requirements associated wit...; Question 112: A developer wants to maintain integrity to each module of a ...; Question 113: A company recently deployed a SIEM and began importing logs ...; Question 114: A security architect for a large, multinational manufacturer...; Question 115: A development team needs terminal access to preproduction se...; Question 116: A SOC analyst is reviewing malicious activity on an external...; Question 117: Which of the following allows computation and analysis of da...; Question 118: A security engineer at a company is designing a system to mi...; Question 119: Which of the following testing plans is used to discuss disa...; Question 120: Based on a recent security audit, a company discovered the p...; Question 121: An IT director is working on a solution to meet the challeng...; Question 122: A company is migrating its data center to the cloud. Some ho...; Question 123: A security engineer is creating a single CSR for the followi...; Question 124: The management team at a company with a large, aging server ...; Question 125: A customer requires secure communication of subscribed web s...; Question 126: A company just released a new video card. Due to limited sup...; Question 127: An engineering team has deployed a new VPN service that requ...; Question 128: An IT administrator is reviewing all the servers in an organ...; Question 129: An enterprise is undergoing an audit to review change manage...; Question 130: A security analyst is configuring an IPSec tunnel to use the...; Question 131: A security architect recommends replacing the company's mono...; Question 132: A security analyst at a global financial firm was reviewing ...; Question 133: A home automation company just purchased and installed tools...; Question 134: A mobile administrator is reviewing the following mobile dev...; Question 135: Users are reporting intermittent access issues with a new cl...; Question 136: PKI can be used to support security requirements in the chan...; Question 137: A security researcher identified the following messages whil...; Question 138: A security architect is implementing a SOAR solution in an o...; Question 139: A threat hunting team receives a report about possible APT a...; Question 140: An organization handles sensitive information that must be d...; Question 141: A cybersecurity engineer analyst a system for vulnerabilitie...; Question 142: A security architect Is analyzing an old application that is...; Question 143: A company has decided that only administrators are permitted...; Question 144: A security review of the architecture for an application mig...; Question 145: Signed applications reduce risks by:...; Question 146: An organization has a secure manufacturing facility that is ...; Question 147: A security architect discovers the following while reviewing...; Question 148: An organization mat provides a SaaS solution recently experi...; Question 149: Which of the following describes the system responsible for ...; Question 150: Which of the following is the MOST important cloud-specific ...; Question 151: An IDS was unable to detect malicious network traffic during...; Question 152: A software development company wants to ensure that users ca...; Question 153: A security engineer has been asked to close all non-secure c...; Question 154: Ransomware encrypted the entire human resources fileshare fo...; Question 155: A security solution uses a sandbox environment to execute ze...; Question 156: A security analyst and a DevOps engineer are working togethe...; Question 157: Which of the following is the best way to protect the websit...; Question 158: A security analyst is reviewing SIEM events and is uncertain...; Question 159: A regulated company is in the process of refreshing its enti...; Question 160: Technicians have determined that the current server hardware...; Question 161: A software development company is building a new mobile appl...; Question 162: After installing an unapproved application on a personal dev...; Question 163: A vulnerability analyst identified a zero-day vulnerability ...; Question 164: When managing and mitigating SaaS cloud vendor risk, which o...; Question 165: A network administrator for a completely air-gapped and clos...; Question 166: A retail organization wants to properly test and verify its ...; Question 167: A security engineer is assessing the security controls of lo...; Question 168: A security architect is designing a solution for a new custo...; Question 169: An application developer is including third-party background...; Question 170: A hospitality company experienced a data breach that include...; Question 171: A software development company is building a new mobile appl...; Question 172: Device event logs sources from MDM software as follows: (Exh...; Question 173: The Chief Security Officer (CSO) requested the security team...; Question 174: A security team received a regulatory notice asking for info...; Question 175: (Exhibit) An organization is planning for disaster recovery ...; Question 176: A security analyst reviews network logs and notices a large ...; Question 177: An HVAC contractor requested network connectivity permission...; Question 178: Company A acquired Company #. During an audit, a security en...; Question 179: An analyst needs to evaluate all images and documents that a...; Question 180: A company has integrated source code from a subcontractor in...; Question 181: A security engineer has learned that terminated employees' a...; Question 182: An analyst has prepared several possible solutions to a succ...; Question 183: A company created an external, PHP-based web application for...; Question 184: A technology company developed an in-house chat application ...; Question 185: A company wants to use a process to embed a sign of ownershi...; Question 186: An engineering team is developing and deploying a fleet of m...; Question 187: A company's BIA indicates that any loss of more than one hou...; Question 188: A user logged in to a web application. Later, a SOC analyst ...; Question 189: The Chief Information Security Officer (CISO) at a software ...; Question 190: A small bank is evaluating different methods to address and ...; Question 191: A financial institution generates a list of newly created ac...; Question 192: An analyst execute a vulnerability scan against an internet-...; Question 193: During a remodel, a company's computer equipment was moved t...; Question 194: A consultant needs access to a customer's cloud environment....; Question 195: A financial services company wants to migrate its email serv...; Question 196: An organization found a significant vulnerability associated...; Question 197: A software developer has been tasked with creating a unique ...; Question 198: An organization is concerned with a critical legacy applicat...; Question 199: A cloud security architect has been tasked with selecting th...; Question 200: A security analyst detected a malicious PowerShell attack on...; Question 201: The security analyst discovers a new device on the company's...; Question 202: A security architect was asked to modify an existing interna...; Question 203: A major broadcasting company that requires continuous availa...; Question 204: Which of the following best describes a risk associated with...; Question 205: An auditor needs to scan documents at rest for sensitive tex...; Question 206: A small company recently developed prototype technology for ...; Question 207: In a cloud environment, the provider offers relief to an org...; Question 208: A CSP, which wants to compete in the market, has been approa...; Question 209: A security engineer is trying to identify instances of a vul...; Question 210: A company is implementing SSL inspection. During the next si...; Question 211: A security engineer is implementing DLP. Which of the follow...; Question 212: When implementing serverless computing an organization must ...; Question 213: A forensic investigator started the process of gathering evi...; Question 214: A financial institution has several that currently employ th...; Question 215: An organization's board of directors has asked the Chief Inf...; Question 216: A network administrator receives a ticket regarding an error...; Question 217: A host on a company's network has been infected by a worm th...; Question 218: A security engineer is troubleshooting an issue in which an ...; Question 219: An attacker infiltrated an electricity-generation site and d...; Question 220: A company is losing hundreds of mobile devices each year due...; Question 221: A company provides guest WiFi access to the internet and phy...; Question 222: An organization is deploying a container-based application t...; Question 223: Which of the following provides the best solution for organi...; Question 224: A security architect examines a section of code and discover...; Question 225: A bank is working with a security architect to find the BEST...; Question 226: A company is looking to fortify its cybersecurity defenses a...; Question 227: A company is in the process of refreshing its entire infrast...; Question 228: A security analyst for a managed service provider wants to i...; Question 229: A company is experiencing a large number of attempted networ...; Question 230: An employee's device was missing for 96 hours before being r...; Question 231: A satellite communications ISP frequently experiences outage...; Question 232: A large organization is planning to migrate from on premises...; Question 233: Two companies that recently merged would like to unify appli...; Question 234: A small business would like to provide guests who are using ...; Question 235: An internal user can send encrypted emails successfully to a...; Question 236: An attack team performed a penetration test on a new smart c...; Question 237: Company A acquired Company B. During an initial assessment, ...; Question 238: A DNS forward lookup zone named complia.org must: * Ensure t...; Question 239: A security analyst sees that a hacker has discovered some ke...; Question 240: An organization needs to classify its systems and data in ac...; Question 241: A security analyst is reviewing the following output from a ...; Question 242: A penetration tester discovers a condition that causes unexp...; Question 243: An organization does not have visibility into when company-o...; Question 244: An IPSec solution is being deployed. The configuration files...; Question 245: A security analyst received a report that a suspicious flash...; Question 246: In order to save money, a company has moved its data to the ...; Question 247: A third-party organization has implemented a system that all...; Question 248: You are a security analyst tasked with interpreting an Nmap ...; Question 249: Which of the following technologies allows CSPs to add encry...; Question 250: A security analyst is reviewing the following output from a ...; Question 251: The principal security analyst for a global manufacturer is ...; Question 252: A security engineer estimates the company's popular web appl...; Question 253: A security administrator needs to implement anX.509 solution...; Question 254: A network architect is designing a new SD-WAN architecture t...; Question 255: A software company is developing an application in which dat...; Question 256: A security architect updated the security policy to require ...; Question 257: A company underwent an audit in which the following issues w...; Question 258: A company is repeatedly being breached by hackers who valid ...; Question 259: A company wants to prevent a partner company from denying ag...; Question 260: A company is preparing to deploy a global service. Which of ...; Question 261: A developer needs to implement PKI in an autonomous vehicle'...; Question 262: A cyberanalyst has been tasked with recovering PDF files fro...; Question 263: An organization's finance system was recently attacked. A fo...; Question 264: A security engineer is performing a threat modeling procedur...; Question 265: A recent audit discovered that multiple employees had been u...; Question 266: A security technician is investigating a system that tracks ...; Question 267: An organization developed a containerized application. The o...; Question 268: A security analyst discovered that a database administrator'...; Question 269: Which of the following is the BEST disaster recovery solutio...; Question 270: The information security manager at a 24-hour manufacturing ...; Question 271: A security analyst has noticed a steady increase in the numb...; Question 272: Which of the following objectives BEST supports leveraging t...; Question 273: A security architect is working with a new customer to find ...; Question 274: A forensic investigator would use the foremost command for:...; Question 275: A systems administrator at a web-hosting provider has been t...; Question 276: Leveraging cryptographic solutions to protect data that is i...; Question 277: Ann, a CIRT member, is conducting incident response activiti...; Question 278: Which of the following is the reason why security engineers ...; Question 279: Which of the following is the MOST important security object...; Question 280: An organization is rolling out a robust vulnerability manage...; Question 281: Which of the following security features do email signatures...; Question 282: A pharmaceutical company recently experienced a security bre...; Question 283: A CRM company leverages a CSP PaaS service to host and publi...; Question 284: The primary advantage of an organization creating and mainta...; Question 285: Which of the following is required for an organization to me...; Question 286: A new, online file hosting service is being offered. The ser...; Question 287: A mobile application developer is creating a global, highly ...; Question 288: An energy company is required to report the average pressure...; Question 289: A security manager wants to transition the organization to a...; Question 290: A company is migrating from company-owned phones to a BYOD s...; Question 291: A company Invested a total of $10 million lor a new storage ...; Question 292: A company wants to improve Its active protection capabilitie...; Question 293: In a shared responsibility model for PaaS, which of the foll...; Question 294: A help desk technician just informed the security department...; Question 295: A company undergoing digital transformation is reviewing the...; Question 296: Which of the following agreements includes no penalties and ...; Question 297: A junior security researcher has identified a buffer overflo...; Question 298: A security architect wants to ensure a remote host's identit...; Question 299: A customer reports being unable to connect to a website at w...; Question 300: All staff at a company have started working remotely due to ...

Question 77/300

LEAVE A REPLY

Download PDF File