SY0-601 Exam Dumps | Which of the following controls would BEST identify and report malicious insider activities?

<< Prev Question Next Question >>

Question 53/213

Which of the following controls would BEST identify and report malicious insider activities?

A. An intrusion detection system

B. A proxy

C. Audit trails

D. Strong authentication

Question List (213q): Question 1: A large industrial system's smart generator monitors the sys...; Question 2: A new plug-and-play storage device was installed on a PC in ...; Question 3: A network analyst is setting up a wireless access point for ...; Question 4: An engineer needs to deploy a security measure to identify a...; Question 5: Which of the following would be the BEST resource for a soft...; Question 6: Which of the following scenarios would make a DNS sinkhole e...; Question 7: A company wants to modify its current backup strategy to min...; Question 8: Which of the following is the MOST secure but LEAST expensiv...; Question 9: A hospital's administration is concerned about a potential l...; Question 10: The spread of misinformation surrounding the outbreak of a n...; Question 11: Which of the following cloud models provides clients with se...; Question 12: A security analyst is reviewing logs on a server and observe...; Question 13: The cost of movable media and the security risks of transpor...; Question 14: An incident, which is affecting dozens of systems, involves ...; Question 15: A global pandemic is forcing a private organization to close...; Question 16: A security analyst is reviewing the following output from a ...; Question 17: Which of the following policies would help an organization i...; Question 18: A system administrator needs to implement an access control ...; Question 19: A500 is implementing an insider threat detection program, Th...; Question 20: A new vulnerability in the SMB protocol on the Windows syste...; Question 21: The chief compliance officer from a bank has approved a back...; Question 22: Which of the following scenarios BEST describes a risk reduc...; Question 23: A company processes highly sensitive data and senior managem...; Question 24: Which of the following environments minimizes end-user disru...; Question 25: A security analyst has been asked to investigate a situation...; Question 26: An end user reports a computer has been acting slower than n...; Question 27: A security analyst needs to determine how an attacker was ab...; Question 28: Which of the following should be monitored by threat intelli...; Question 29: A recently discovered zero-day exploit utilizes an unknown v...; Question 30: A newly purchased corporate WAP needs to be configured in th...; Question 31: A company has determined that if its computer-based manufact...; Question 32: A security analyst is concerned about critical vulnerabiliti...; Question 33: A network administrator would like to configure a site-to-si...; Question 34: An organization blocks user access to command-line interpret...; Question 35: Which of the following is MOST likely to contain ranked and ...; Question 36: An organization has decided to host its web application and ...; Question 37: A security analyst reviews the datacenter access logs for a ...; Question 38: A cybersecurity administrator needs to allow mobile BYOD dev...; Question 39: A security analyst is investigating a vulnerability in which...; Question 40: A company recently set up an e-commerce portal to sell its p...; Question 41: After installing a Windows server, a cybersecurity administr...; Question 42: A startup company is using multiple SaaS and IaaS platforms ...; Question 43: A network engineer notices the VPN concentrator overloaded a...; Question 44: After a WiFi scan of a local office was conducted, an unknow...; Question 45: A company reduced the area utilized in its datacenter by cre...; Question 46: Which of the following environments would MOST likely be use...; Question 47: An organization wants to implement a third factor to an exis...; Question 48: A network administrator is concerned about users being expos...; Question 49: A Chief Information Security Officer (CISO) needs to create ...; Question 50: A security analyst needs to perform periodic vulnerability s...; Question 51: An organization has implemented a two-step verification proc...; Question 52: Which of the following is a reason why an organization would...; Question 53: Which of the following controls would BEST identify and repo...; Question 54: A company's bank has reported that multiple corporate credit...; Question 55: A company Is concerned about is security after a red-team ex...; Question 56: An organization is concerned about intellectual property the...; Question 57: As part of the lessons-learned phase, the SOC is tasked with...; Question 58: A user enters a password to log in to a workstation and is t...; Question 59: The IT department's on-site developer has been with the team...; Question 60: While reviewing the wireless router, the systems administrat...; Question 61: An organization's Chief Security Officer (CSO) wants to vali...; Question 62: Which of the following BEST describes a social-engineering a...; Question 63: A company currently uses passwords for logging in to company...; Question 64: An attacker is attempting, to harvest user credentials on a ...; Question 65: A website developer who is concerned about theft cf the comp...; Question 66: The lessons-learned analysis from a recent incident reveals ...; Question 67: A smart switch has the ability to monitor electrical levels ...; Question 68: A company wants to restrict emailing of PHI documents. The c...; Question 69: Which of the following describes the BEST approach for deplo...; Question 70: A customer called a company's security team to report that a...; Question 71: While checking logs, a security engineer notices a number of...; Question 72: Which of the following will MOST likely adversely impact the...; Question 73: An organization is having difficulty correlating events from...; Question 74: A security analyst needs to complete an assessment. The anal...; Question 75: A network administrator has been asked to install an IDS to ...; Question 76: Which of the following would cause a Chief Information Secur...; Question 77: A user reports trouble using a corporate laptop. The laptop ...; Question 78: A client sent several inquiries to a project manager about t...; Question 79: The following is an administrative control that would be MOS...; Question 80: A company is setting up a web server on the Internet that wi...; Question 81: After a hardware incident, an unplanned emergency maintenanc...; Question 82: A grocery store is expressing security and reliability conce...; Question 83: A network manager is concerned that business may be negative...; Question 84: The Chief Executive Officer (CEO) of an organization would l...; Question 85: A security analyst needs to generate a server certificate to...; Question 86: A security analyst needs to be proactive in understand the t...; Question 87: Which of the following function as preventive, detective, an...; Question 88: Which of the following is an example of risk avoidance?...; Question 89: Security analysts are conducting an investigation of an atta...; Question 90: A developer is building a new portal to deliver single-pane-...; Question 91: A security operations analyst is using the company's SIEM so...; Question 92: A small company that does not have security staff wants to i...; Question 93: A company is implementing MFA for all applications that stor...; Question 94: A financial analyst has been accused of violating the compan...; Question 95: An enterprise needs to keep cryptographic keys in a safe man...; Question 96: An organization maintains several environments in which patc...; Question 97: A security architect at a large, multinational organization ...; Question 98: A security analyst notices several attacks are being blocked...; Question 99: A security analyst is hardening a network infrastructure. Th...; Question 100: A user's account is constantly being locked out. Upon furthe...; Question 101: A security analyst discovers that a company username and pas...; Question 102: The process of passively gathering information prior to laun...; Question 103: An employee has been charged with fraud and is suspected of ...; Question 104: A security manager runs Nessus scans of the network after ev...; Question 105: An attacker was easily able to log in to a company's securit...; Question 106: A cybersecurity administrator is using iptables as an enterp...; Question 107: An organization is building backup sever moms in geographica...; Question 108: Which of the following would be BEST to establish between or...; Question 109: A security assessment determines DES and 3DES at still being...; Question 110: A security administrator needs to create a RAID configuratio...; Question 111: During a routine scan of a wireless segment at a retail comp...; Question 112: The website http://companywebsite.com requires users to prov...; Question 113: A remote user recently took a two-week vacation abroad and b...; Question 114: A penetration tester successfully gained access to a company...; Question 115: An organization needs to implement more stringent controls o...; Question 116: A company is implementing a new SIEM to log and send alerts ...; Question 117: Leveraging the information supplied below, complete the CSR ...; Question 118: A security administrator is trying to determine whether a se...; Question 119: Which of the following is a difference between a DRP and a B...; Question 120: Name: Wikipedia.org Address: 208.80.154.224 Which of the fol...; Question 121: Which of the following refers to applications and systems th...; Question 122: An organization plans to transition the intrusion detection ...; Question 123: A security engineer is reviewing log files after a third dis...; Question 124: A new vulnerability in the SMB protocol on the Windows syste...; Question 125: An organization regularly scans its infrastructure for missi...; Question 126: A security analyst receives an alert from the company's SIEM...; Question 127: In the middle of a cybersecurity, a security engineer remove...; Question 128: An information security policy stales that separation of dut...; Question 129: A startup company is using multiple SaaS and IaaS platform t...; Question 130: A cybersecurity administrator has a reduced team and needs t...; Question 131: Which of the following is the BEST reason to maintain a func...; Question 132: A network technician is installing a guest wireless network ...; Question 133: A Chief Security Officer (CSO) is concerned about the amount...; Question 134: A company has decided to move its operations to the cloud. I...; Question 135: After a ransomware attack a forensics company needs to revie...; Question 136: Accompany deployed a WiFi access point in a public area and ...; Question 137: A security analyst receives a SIEM alert that someone logged...; Question 138: A global company is experiencing unauthorized logging due to...; Question 139: Developers are writing code and merging it into shared repos...; Question 140: A nationwide company is experiencing unauthorized logins at ...; Question 141: A security analyst is preparing a threat for an upcoming int...; Question 142: A company's Chief Information Security Officer (CISO) recent...; Question 143: An organization with a low tolerance for user inconvenience ...; Question 144: A security analyst is reviewing the following command-line o...; Question 145: Which of the following utilize a subset of real data and are...; Question 146: Security analyst must enforce policies to harden an MOM infr...; Question 147: A security analyst is running a vulnerability scan to check ...; Question 148: A manufacturer creates designs for very high security produc...; Question 149: A malicious actor recently penetration a company's network a...; Question 150: The following are the logs of a successful attack. (Exhibit)...; Question 151: A company installed several crosscut shredders as part of in...; Question 152: Which of the following BEST explains the difference between ...; Question 153: When implementing automation with loT devices, which of the ...; Question 154: Several large orders of merchandise were recently purchased ...; Question 155: During an incident response, a security analyst observes the...; Question 156: A SOC is currently being outsourced. Which of the following ...; Question 157: A company was recently breached Part of the company's new cy...; Question 158: The manager who is responsible for a data set has asked a se...; Question 159: A company is launching a new internet platform for its clien...; Question 160: A company has been experiencing very brief power outages fro...; Question 161: A forensics examiner is attempting to dump password cached i...; Question 162: Which of the following provides the BEST protection for sens...; Question 163: Which of the following control types would be BEST to use to...; Question 164: A security researching is tracking an adversary by noting it...; Question 165: The IT department at a university is concerned about profess...; Question 166: A SOC is implementing an in sider-threat-detection program. ...; Question 167: An engineer wants to access sensitive data from a corporate-...; Question 168: A security analyst is Investigating a malware incident at a ...; Question 169: A security audit has revealed that a process control termina...; Question 170: To reduce costs and overhead, an organization wants to move ...; Question 171: A security analyst was deploying a new website and found a c...; Question 172: A company has drafted an insider-threat policy that prohibit...; Question 173: The Chief Financial Officer (CFO) of an insurance company re...; Question 174: A security administrator suspects an employee has been email...; Question 175: A security researcher has alerted an organization that its s...; Question 176: A security engineer has enabled two-factor authentication on...; Question 177: A security administrator is setting up a SIEM to help monito...; Question 178: A developer is concerned about people downloading fake malwa...; Question 179: After entering a username and password, and administrator mu...; Question 180: Which of the following should a data owner require all perso...; Question 181: A security analyst is reviewing a new website that will soon...; Question 182: A security engineer needs to Implement the following require...; Question 183: A systems administrator is looking for a solution that will ...; Question 184: A company has discovered unauthorized devices are using its ...; Question 185: A financial institution would like to store its customer dat...; Question 186: A user downloaded an extension for a browser, and the uses d...; Question 187: Which of the following are the MOST likely vectors for the u...; Question 188: A security analyst needs to make a recommendation for restri...; Question 189: An attacker has successfully exfiltrated several non-salted ...; Question 190: The concept of connecting a user account across the systems ...; Question 191: A retail executive recently accepted a job with a major comp...; Question 192: A cyberthreat intelligence analyst is gathering data about a...; Question 193: Which of the following terms should be included in a contrac...; Question 194: In which of the following risk management strategies would c...; Question 195: Some laptops recently went missing from a locked storage are...; Question 196: A security analyst has received an alert about being sent vi...; Question 197: Which of the following relets to applications and systems th...; Question 198: The CSIRT is reviewing the lessons learned from a recent inc...; Question 199: An organization is concerned about hackers potentially enter...; Question 200: A company uses specially configured workstations tor any wor...; Question 201: A systems administrator needs to install a new wireless netw...; Question 202: Remote workers in an organization use company-provided lapto...; Question 203: An external forensics investigator has been hired to investi...; Question 204: An organization would like to remediate the risk associated ...; Question 205: A security analyst is configuring a large number of new comp...; Question 206: A Chief Executive Officer (CEO) is dissatisfied with the lev...; Question 207: A SECURITY ANALYST NEEDS TO FIND REAL-TIME DATA ON THE LATES...; Question 208: In which of the following common use cases would steganograp...; Question 209: Law enforcement officials sent a company a notification that...; Question 210: A company recently experienced an attack during which its ma...; Question 211: During a security assessment, a security finds a file with o...; Question 212: A security analyst needs to produce a document that details ...; Question 213: A network administrator has been alerted that web pages are ...

Question 53/213

LEAVE A REPLY

Download PDF File