SY0-601 Exam Dumps | A security analyst receives an alert from the company's SIEM that anomalous activity is coming from a

<< Prev Question Next Question >>

Question 126/213

A security analyst receives an alert from the company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security Officer asks the analyst to block the originating source. Several days later another employee opens an internal ticket stating that vulnerability scans are no longer being performed properly. The IP address the employee provides is 192.168.34.26. Which of the following describes this type of alert?

A. True positive

B. True negative

C. False positive

D. False negative

Question List (213q): Question 1: A large industrial system's smart generator monitors the sys...; Question 2: A new plug-and-play storage device was installed on a PC in ...; Question 3: A network analyst is setting up a wireless access point for ...; Question 4: An engineer needs to deploy a security measure to identify a...; Question 5: Which of the following would be the BEST resource for a soft...; Question 6: Which of the following scenarios would make a DNS sinkhole e...; Question 7: A company wants to modify its current backup strategy to min...; Question 8: Which of the following is the MOST secure but LEAST expensiv...; Question 9: A hospital's administration is concerned about a potential l...; Question 10: The spread of misinformation surrounding the outbreak of a n...; Question 11: Which of the following cloud models provides clients with se...; Question 12: A security analyst is reviewing logs on a server and observe...; Question 13: The cost of movable media and the security risks of transpor...; Question 14: An incident, which is affecting dozens of systems, involves ...; Question 15: A global pandemic is forcing a private organization to close...; Question 16: A security analyst is reviewing the following output from a ...; Question 17: Which of the following policies would help an organization i...; Question 18: A system administrator needs to implement an access control ...; Question 19: A500 is implementing an insider threat detection program, Th...; Question 20: A new vulnerability in the SMB protocol on the Windows syste...; Question 21: The chief compliance officer from a bank has approved a back...; Question 22: Which of the following scenarios BEST describes a risk reduc...; Question 23: A company processes highly sensitive data and senior managem...; Question 24: Which of the following environments minimizes end-user disru...; Question 25: A security analyst has been asked to investigate a situation...; Question 26: An end user reports a computer has been acting slower than n...; Question 27: A security analyst needs to determine how an attacker was ab...; Question 28: Which of the following should be monitored by threat intelli...; Question 29: A recently discovered zero-day exploit utilizes an unknown v...; Question 30: A newly purchased corporate WAP needs to be configured in th...; Question 31: A company has determined that if its computer-based manufact...; Question 32: A security analyst is concerned about critical vulnerabiliti...; Question 33: A network administrator would like to configure a site-to-si...; Question 34: An organization blocks user access to command-line interpret...; Question 35: Which of the following is MOST likely to contain ranked and ...; Question 36: An organization has decided to host its web application and ...; Question 37: A security analyst reviews the datacenter access logs for a ...; Question 38: A cybersecurity administrator needs to allow mobile BYOD dev...; Question 39: A security analyst is investigating a vulnerability in which...; Question 40: A company recently set up an e-commerce portal to sell its p...; Question 41: After installing a Windows server, a cybersecurity administr...; Question 42: A startup company is using multiple SaaS and IaaS platforms ...; Question 43: A network engineer notices the VPN concentrator overloaded a...; Question 44: After a WiFi scan of a local office was conducted, an unknow...; Question 45: A company reduced the area utilized in its datacenter by cre...; Question 46: Which of the following environments would MOST likely be use...; Question 47: An organization wants to implement a third factor to an exis...; Question 48: A network administrator is concerned about users being expos...; Question 49: A Chief Information Security Officer (CISO) needs to create ...; Question 50: A security analyst needs to perform periodic vulnerability s...; Question 51: An organization has implemented a two-step verification proc...; Question 52: Which of the following is a reason why an organization would...; Question 53: Which of the following controls would BEST identify and repo...; Question 54: A company's bank has reported that multiple corporate credit...; Question 55: A company Is concerned about is security after a red-team ex...; Question 56: An organization is concerned about intellectual property the...; Question 57: As part of the lessons-learned phase, the SOC is tasked with...; Question 58: A user enters a password to log in to a workstation and is t...; Question 59: The IT department's on-site developer has been with the team...; Question 60: While reviewing the wireless router, the systems administrat...; Question 61: An organization's Chief Security Officer (CSO) wants to vali...; Question 62: Which of the following BEST describes a social-engineering a...; Question 63: A company currently uses passwords for logging in to company...; Question 64: An attacker is attempting, to harvest user credentials on a ...; Question 65: A website developer who is concerned about theft cf the comp...; Question 66: The lessons-learned analysis from a recent incident reveals ...; Question 67: A smart switch has the ability to monitor electrical levels ...; Question 68: A company wants to restrict emailing of PHI documents. The c...; Question 69: Which of the following describes the BEST approach for deplo...; Question 70: A customer called a company's security team to report that a...; Question 71: While checking logs, a security engineer notices a number of...; Question 72: Which of the following will MOST likely adversely impact the...; Question 73: An organization is having difficulty correlating events from...; Question 74: A security analyst needs to complete an assessment. The anal...; Question 75: A network administrator has been asked to install an IDS to ...; Question 76: Which of the following would cause a Chief Information Secur...; Question 77: A user reports trouble using a corporate laptop. The laptop ...; Question 78: A client sent several inquiries to a project manager about t...; Question 79: The following is an administrative control that would be MOS...; Question 80: A company is setting up a web server on the Internet that wi...; Question 81: After a hardware incident, an unplanned emergency maintenanc...; Question 82: A grocery store is expressing security and reliability conce...; Question 83: A network manager is concerned that business may be negative...; Question 84: The Chief Executive Officer (CEO) of an organization would l...; Question 85: A security analyst needs to generate a server certificate to...; Question 86: A security analyst needs to be proactive in understand the t...; Question 87: Which of the following function as preventive, detective, an...; Question 88: Which of the following is an example of risk avoidance?...; Question 89: Security analysts are conducting an investigation of an atta...; Question 90: A developer is building a new portal to deliver single-pane-...; Question 91: A security operations analyst is using the company's SIEM so...; Question 92: A small company that does not have security staff wants to i...; Question 93: A company is implementing MFA for all applications that stor...; Question 94: A financial analyst has been accused of violating the compan...; Question 95: An enterprise needs to keep cryptographic keys in a safe man...; Question 96: An organization maintains several environments in which patc...; Question 97: A security architect at a large, multinational organization ...; Question 98: A security analyst notices several attacks are being blocked...; Question 99: A security analyst is hardening a network infrastructure. Th...; Question 100: A user's account is constantly being locked out. Upon furthe...; Question 101: A security analyst discovers that a company username and pas...; Question 102: The process of passively gathering information prior to laun...; Question 103: An employee has been charged with fraud and is suspected of ...; Question 104: A security manager runs Nessus scans of the network after ev...; Question 105: An attacker was easily able to log in to a company's securit...; Question 106: A cybersecurity administrator is using iptables as an enterp...; Question 107: An organization is building backup sever moms in geographica...; Question 108: Which of the following would be BEST to establish between or...; Question 109: A security assessment determines DES and 3DES at still being...; Question 110: A security administrator needs to create a RAID configuratio...; Question 111: During a routine scan of a wireless segment at a retail comp...; Question 112: The website http://companywebsite.com requires users to prov...; Question 113: A remote user recently took a two-week vacation abroad and b...; Question 114: A penetration tester successfully gained access to a company...; Question 115: An organization needs to implement more stringent controls o...; Question 116: A company is implementing a new SIEM to log and send alerts ...; Question 117: Leveraging the information supplied below, complete the CSR ...; Question 118: A security administrator is trying to determine whether a se...; Question 119: Which of the following is a difference between a DRP and a B...; Question 120: Name: Wikipedia.org Address: 208.80.154.224 Which of the fol...; Question 121: Which of the following refers to applications and systems th...; Question 122: An organization plans to transition the intrusion detection ...; Question 123: A security engineer is reviewing log files after a third dis...; Question 124: A new vulnerability in the SMB protocol on the Windows syste...; Question 125: An organization regularly scans its infrastructure for missi...; Question 126: A security analyst receives an alert from the company's SIEM...; Question 127: In the middle of a cybersecurity, a security engineer remove...; Question 128: An information security policy stales that separation of dut...; Question 129: A startup company is using multiple SaaS and IaaS platform t...; Question 130: A cybersecurity administrator has a reduced team and needs t...; Question 131: Which of the following is the BEST reason to maintain a func...; Question 132: A network technician is installing a guest wireless network ...; Question 133: A Chief Security Officer (CSO) is concerned about the amount...; Question 134: A company has decided to move its operations to the cloud. I...; Question 135: After a ransomware attack a forensics company needs to revie...; Question 136: Accompany deployed a WiFi access point in a public area and ...; Question 137: A security analyst receives a SIEM alert that someone logged...; Question 138: A global company is experiencing unauthorized logging due to...; Question 139: Developers are writing code and merging it into shared repos...; Question 140: A nationwide company is experiencing unauthorized logins at ...; Question 141: A security analyst is preparing a threat for an upcoming int...; Question 142: A company's Chief Information Security Officer (CISO) recent...; Question 143: An organization with a low tolerance for user inconvenience ...; Question 144: A security analyst is reviewing the following command-line o...; Question 145: Which of the following utilize a subset of real data and are...; Question 146: Security analyst must enforce policies to harden an MOM infr...; Question 147: A security analyst is running a vulnerability scan to check ...; Question 148: A manufacturer creates designs for very high security produc...; Question 149: A malicious actor recently penetration a company's network a...; Question 150: The following are the logs of a successful attack. (Exhibit)...; Question 151: A company installed several crosscut shredders as part of in...; Question 152: Which of the following BEST explains the difference between ...; Question 153: When implementing automation with loT devices, which of the ...; Question 154: Several large orders of merchandise were recently purchased ...; Question 155: During an incident response, a security analyst observes the...; Question 156: A SOC is currently being outsourced. Which of the following ...; Question 157: A company was recently breached Part of the company's new cy...; Question 158: The manager who is responsible for a data set has asked a se...; Question 159: A company is launching a new internet platform for its clien...; Question 160: A company has been experiencing very brief power outages fro...; Question 161: A forensics examiner is attempting to dump password cached i...; Question 162: Which of the following provides the BEST protection for sens...; Question 163: Which of the following control types would be BEST to use to...; Question 164: A security researching is tracking an adversary by noting it...; Question 165: The IT department at a university is concerned about profess...; Question 166: A SOC is implementing an in sider-threat-detection program. ...; Question 167: An engineer wants to access sensitive data from a corporate-...; Question 168: A security analyst is Investigating a malware incident at a ...; Question 169: A security audit has revealed that a process control termina...; Question 170: To reduce costs and overhead, an organization wants to move ...; Question 171: A security analyst was deploying a new website and found a c...; Question 172: A company has drafted an insider-threat policy that prohibit...; Question 173: The Chief Financial Officer (CFO) of an insurance company re...; Question 174: A security administrator suspects an employee has been email...; Question 175: A security researcher has alerted an organization that its s...; Question 176: A security engineer has enabled two-factor authentication on...; Question 177: A security administrator is setting up a SIEM to help monito...; Question 178: A developer is concerned about people downloading fake malwa...; Question 179: After entering a username and password, and administrator mu...; Question 180: Which of the following should a data owner require all perso...; Question 181: A security analyst is reviewing a new website that will soon...; Question 182: A security engineer needs to Implement the following require...; Question 183: A systems administrator is looking for a solution that will ...; Question 184: A company has discovered unauthorized devices are using its ...; Question 185: A financial institution would like to store its customer dat...; Question 186: A user downloaded an extension for a browser, and the uses d...; Question 187: Which of the following are the MOST likely vectors for the u...; Question 188: A security analyst needs to make a recommendation for restri...; Question 189: An attacker has successfully exfiltrated several non-salted ...; Question 190: The concept of connecting a user account across the systems ...; Question 191: A retail executive recently accepted a job with a major comp...; Question 192: A cyberthreat intelligence analyst is gathering data about a...; Question 193: Which of the following terms should be included in a contrac...; Question 194: In which of the following risk management strategies would c...; Question 195: Some laptops recently went missing from a locked storage are...; Question 196: A security analyst has received an alert about being sent vi...; Question 197: Which of the following relets to applications and systems th...; Question 198: The CSIRT is reviewing the lessons learned from a recent inc...; Question 199: An organization is concerned about hackers potentially enter...; Question 200: A company uses specially configured workstations tor any wor...; Question 201: A systems administrator needs to install a new wireless netw...; Question 202: Remote workers in an organization use company-provided lapto...; Question 203: An external forensics investigator has been hired to investi...; Question 204: An organization would like to remediate the risk associated ...; Question 205: A security analyst is configuring a large number of new comp...; Question 206: A Chief Executive Officer (CEO) is dissatisfied with the lev...; Question 207: A SECURITY ANALYST NEEDS TO FIND REAL-TIME DATA ON THE LATES...; Question 208: In which of the following common use cases would steganograp...; Question 209: Law enforcement officials sent a company a notification that...; Question 210: A company recently experienced an attack during which its ma...; Question 211: During a security assessment, a security finds a file with o...; Question 212: A security analyst needs to produce a document that details ...; Question 213: A network administrator has been alerted that web pages are ...

Question 126/213

LEAVE A REPLY

Download PDF File