SY0-601 Exam Dumps | During an investigation, the incident response team discovers that multiple administrator accounts were

<< Prev Question Next Question >>

Question 496/610

During an investigation, the incident response team discovers that multiple administrator accounts were suspected of being compromised. The host audit logs indicate a repeated brute- force attack on a single administrator account followed by suspicious logins from unfamiliar geographic locations. Which of the following data sources would be BEST to use to assess the accounts impacted by this attack?

A. User behavior analytics

B. Dump files

C. Bandwidth monitors

D. Protocol analyzer output

Question List (610q): Question 1: An external vendor recently visited a company's headquarters...; Question 2: Which of the following is assured when a user signs an email...; Question 3: A company uses a SaaS vendor to host its customer database. ...; Question 4: Which of the following typically uses a combination of human...; Question 5: An employee received a word processing file that was deliver...; Question 6: Which of the following prevents an employee from seeing a co...; Question 7: Which of the following are requirements that must be configu...; Question 8: Drag and Drop Question A security engineer is setting up pas...; Question 9: The manager who is responsible for a data set has asked a se...; Question 10: A company uses wireless tor all laptops and keeps a very det...; Question 11: Which of the following would provide guidelines on how to la...; Question 12: In which of the following situations would it be BEST to use...; Question 13: Two companies are in the process of merging. The companies n...; Question 14: A security analyst is reviewing the following logs: (Exhibit...; Question 15: Which of the following best describes an environment where a...; Question 16: A security analyst needs to find real-time data on the lates...; Question 17: Which of the following security controls can be used to prev...; Question 18: The spread of misinformation surrounding the outbreak of a n...; Question 19: Audit logs indicate an administrative account that belongs t...; Question 20: An application owner reports suspicious activity on an inter...; Question 21: A user's account is constantly being locked out. Upon furthe...; Question 22: An attacker browses a company's online job board attempting ...; Question 23: A large bank with two geographically dispersed data centers ...; Question 24: A security engineer at an offline government facility is con...; Question 25: Which of the following refers to applications and systems th...; Question 26: An organization has hired a red team to simulate attacks on ...; Question 27: An organization wants to minimize the recovery time from bac...; Question 28: The board of doctors at a company contracted with an insuran...; Question 29: A security analyst is using a recently released security adv...; Question 30: Which of the following uses six initial steps that provide b...; Question 31: Which of the following is a known security risk associated w...; Question 32: The security team installed video cameras in a prominent loc...; Question 33: Remote workers in an organization use company-provided lapto...; Question 34: A systems administrator is redesigning how devices will perf...; Question 35: A systems engineer is building a new system for production. ...; Question 36: A company needs to centralize its logs to create a baseline ...; Question 37: A security analyst is reviewing logs on a server and observe...; Question 38: Which of the following scenarios would make a DNS sinkhole e...; Question 39: A network engineer and a security engineer are discussing wa...; Question 40: Several attempts have been made to pick the door lock of a s...; Question 41: A commercial cyber-threat intelligence organization observes...; Question 42: After entering a username and password, an administrator mus...; Question 43: An attacker has determined the best way to impact operations...; Question 44: A systems administrator reports degraded performance on a vi...; Question 45: A security administrator receives alerts from the perimeter ...; Question 46: A local server recently crashed and the team is attempting t...; Question 47: A company just implemented a new telework policy that allows...; Question 48: Which of the following is the BEST example of a cost-effecti...; Question 49: Which of the following is an effective tool to stop or preve...; Question 50: While investigating a recent security breach, an analyst fin...; Question 51: A user downloaded an extension for a browser, and the uses d...; Question 52: A Chief Information Officer receives an email stating a data...; Question 53: A marketing coordinator is trying to access a social media a...; Question 54: A security analyst is performing a forensic investigation co...; Question 55: Which of the following should customers who are involved wit...; Question 56: A financial analyst is expecting an email containing sensiti...; Question 57: A system that requires an operation availability of 99.99% a...; Question 58: A security analyst needs to harden access to a network. One ...; Question 59: Which of the following provides a calculated value for known...; Question 60: An organization relies on third-party videoconferencing to c...; Question 61: A security analyst is reviewing application logs to determin...; Question 62: A security architect is implementing a new email architectur...; Question 63: Which of the following would be the BEST way to analyze disk...; Question 64: A cybersecurity department purchased o new PAM solution. The...; Question 65: Joe, an employee, receives an email stating he won the lotte...; Question 66: A growing company would like to enhance the ability of its s...; Question 67: As part of annual audit requirements, the security team perf...; Question 68: A security incident has been resolved. Which of the followin...; Question 69: An organization's policy requires users to create passwords ...; Question 70: A forensics investigator is examining a number of unauthoriz...; Question 71: The SOC is reviewing process and procedures after a recent i...; Question 72: An organization is building backup server rooms in geographi...; Question 73: A recent audit uncovered a key finding regarding the use of ...; Question 74: Which of the following measures the average time that equipm...; Question 75: A small company that does not have security staff wants to i...; Question 76: After a recent ransomware attack on a company's system, an a...; Question 77: A company has been experiencing very brief power outages fro...; Question 78: Which of the following would BEST identify and remediate a d...; Question 79: The Chief Information Security Officer of an organization ne...; Question 80: Which of the following allows for functional test data to be...; Question 81: A systems engineer thinks a business system has been comprom...; Question 82: Which of the following is a reason to publish files' hashes?...; Question 83: A company recently moved sensitive videos between on-premise...; Question 84: While troubleshooting service disruption on a mission-critic...; Question 85: A security analyst is assisting a team of developers with be...; Question 86: During a trial, a judge determined evidence gathered from a ...; Question 87: Hotspot Question You are a security administrator investigat...; Question 88: A network engineer needs to create a plan for upgrading the ...; Question 89: A security analyst generated a file named host1.pcap and sha...; Question 90: A penetration-testing firm is working with a local community...; Question 91: Which of the following incident response phases should the p...; Question 92: Which of the following can be used to identify potential att...; Question 93: A company posts a sign indicating its server room is under v...; Question 94: Certain users are reporting their accounts are being used to...; Question 95: While assessing the security of a web application, a securit...; Question 96: A security administrator examines the ARP table of an access...; Question 97: Which of the following is used to ensure that evidence is ad...; Question 98: A company recently experienced a major breach. An investigat...; Question 99: Which of the following is a detective and deterrent control ...; Question 100: A company is auditing the manner in which its European custo...; Question 101: An organization is concerned about intellectual property the...; Question 102: A spoofed identity was detected for a digital certificate. W...; Question 103: A junior security analyst is reviewing web server logs and i...; Question 104: An information security incident recently occurred at an org...; Question 105: Which of the following control types fixes a previously iden...; Question 106: Which of the following is an example of transference of risk...; Question 107: A company wants to restrict emailing of PHI documents. The c...; Question 108: Administrators have allowed employee to access their company...; Question 109: An employee who is using a mobile device for work, is requir...; Question 110: While troubleshooting a firewall configuration, a technician...; Question 111: A business is looking for a cloud service provider that offe...; Question 112: A help desk technician receives a phone call from someone cl...; Question 113: A nuclear plant was the victim of a recent attack, and all t...; Question 114: An organization has been experiencing outages during holiday...; Question 115: Which of the following best describes why the SMS OTP authen...; Question 116: After returning from a conference, a user's laptop has been ...; Question 117: Which of the following describes a maintenance metric that m...; Question 118: A company is experiencing an increasing number of systems th...; Question 119: Adding a value to the end of a password to create a differen...; Question 120: An enterprise has hired an outside security firm to conduct ...; Question 121: A company network is currently under attack. Although securi...; Question 122: An organization routes all of its traffic through a VPN Most...; Question 123: A Chief Security Officer (CSO) is concerned about the volume...; Question 124: A security analyst is configuring a large number of new comp...; Question 125: An attacker is attempting to harvest user credentials on a c...; Question 126: A security analyst has received an alert about PII being sen...; Question 127: A Chief Information Security Officer (CISO) is evaluating th...; Question 128: The chief information security officer (CISO) has requested ...; Question 129: A company wants to pragmatically grant access to users who h...; Question 130: An analyst is trying to identify insecure services that are ...; Question 131: Which of the following should a data owner require all perso...; Question 132: Several employees have noticed other bystanders can clearly ...; Question 133: A company wants the ability to restrict web access and monit...; Question 134: A company wants to get alerts when others are researching an...; Question 135: Security analysts notice a server login from a user who has ...; Question 136: The Chief information Security Officer has directed the secu...; Question 137: An organization is tuning SIEM rules based off of threat int...; Question 138: Against the recommendation of the IT security analyst, a com...; Question 139: A security analyst is reviewing the following output from a ...; Question 140: A desktop support technician recently installed a new docume...; Question 141: A security administrator suspects there may be unnecessary s...; Question 142: Which of the following attacks MOST likely occurred on the u...; Question 143: A security analyst has been tasked with creating a new WiFi ...; Question 144: A technician enables full disk encryption on a laptop that w...; Question 145: A systems engineer wants to leverage a cloud-based architect...; Question 146: A security analyst was asked to evaluate a potential attack ...; Question 147: Which two features are available only in next-generation fir...; Question 148: A user must introduce a password and a USB key to authentica...; Question 149: A well-known organization has been experiencing attacks from...; Question 150: During a recent security incident at a multinational corpora...; Question 151: A security administrator is evaluating remote access solutio...; Question 152: A security analyst is investigating suspicious traffic on th...; Question 153: A software development manager wants to ensure the authentic...; Question 154: During the onboarding process, an employee needs to create a...; Question 155: A global company is experiencing unauthorized logging due to...; Question 156: Which of the following types of disaster recovery plan exerc...; Question 157: An organization has implemented a two-step verification proc...; Question 158: A user's login credentials were recently compromised During ...; Question 159: A systems administrator is looking for a solution that will ...; Question 160: A cybersecurity analyst reviews the log files from a web ser...; Question 161: Which of the following can work as an authentication method ...; Question 162: A security analyst is reviewing computer logs because a host...; Question 163: A security analyst is reviewing the vulnerability scan repor...; Question 164: Which of the following, if compromised, can indirectly impac...; Question 165: An information security policy stales that separation of dut...; Question 166: A company recently decided to allow its employees to use the...; Question 167: A Chief Information Security Officer (CISO) needs to create ...; Question 168: A network administrator has been asked to design a solution ...; Question 169: A company wants to deploy decoy systems alongside production...; Question 170: Which of the following is a valid multifactor authentication...; Question 171: The local administrator account for a company's VPN applianc...; Question 172: An engineer recently deployed a group of 100 web servers in ...; Question 173: A company wants to implement MFA. Which of the following ena...; Question 174: A security analyst needs to perform periodic vulnerably scan...; Question 175: An information security manager for an organization is compl...; Question 176: A dynamic application vulnerability scan identified that cod...; Question 177: A security team created a document that details the order in...; Question 178: During a Chief Information Security Officer (CISO) conventio...; Question 179: A network engineer created two subnets that will be used for...; Question 180: Which of the following would a European company interested i...; Question 181: A security engineer needs to create a network segment that c...; Question 182: Which of the following techniques eliminates the use of rain...; Question 183: The SIEM at an organization has detected suspicious traffic ...; Question 184: A company recently suffered a breach in which an attacker wa...; Question 185: A security manager needs to assess the security posture of o...; Question 186: An organization has expanded its operations by opening a rem...; Question 187: Which of the following incident response steps occurs before...; Question 188: Following a prolonged datacenter outage that affected web-ba...; Question 189: A threat actor was able to use a username and password to lo...; Question 190: To further secure a company's email system, an administrator...; Question 191: A small business office is setting up a wireless infrastruct...; Question 192: Which of the following types of data are most likely to be s...; Question 193: A security modern may have occurred on the desktop PC of an ...; Question 194: An analyst is generating a security report for the managemen...; Question 195: A university is opening a facility in a location where there...; Question 196: A security analyst is investigating a malware incident at a ...; Question 197: A security analyst has been tasked with ensuring all program...; Question 198: A technician needs to apply a high-priority patch to a produ...; Question 199: An organization has a growing workforce that is mostly drive...; Question 200: The following are the logs of a successful attack. (Exhibit)...; Question 201: In a rush to meet an end-of-year business goal, the IT depar...; Question 202: An organization has developed an application that needs a pa...; Question 203: An analyst is reviewing an incident in which a user clicked ...; Question 204: A security manager runs Nessus scans of the network after ev...; Question 205: A security analyst is responding to an alert from the SIEM. ...; Question 206: An incident response technician collected a mobile device du...; Question 207: A company is adopting a BYOD policy and is looking for a com...; Question 208: A security engineer is installing a WAF to protect the compa...; Question 209: Which of the following agreements defines response time, esc...; Question 210: A security analyst discovers that a company username and pas...; Question 211: An application developer accidentally uploaded a company's c...; Question 212: A user reports trouble using a corporate laptop. The laptop ...; Question 213: A Chief Security Officer (CSO) is concerned that cloud-based...; Question 214: Which of the following are the BEST ways to implement remote...; Question 215: A security analyst finds a rogue device during a monthly aud...; Question 216: A company would like to provide flexibility for employees on...; Question 217: n organization plans to transition the intrusion detection a...; Question 218: Which of the following best describes a penetration test tha...; Question 219: After a recent security breach, a security analyst reports t...; Question 220: To mitigate the impact of a single VM being compromised by a...; Question 221: The concept of connecting a user account across the systems ...; Question 222: Which of the following would cause a Chief Information Secur...; Question 223: A company needs to keep the fewest records possible, meet co...; Question 224: An enterprise has hired an outside security firm to facilita...; Question 225: A global pandemic is forcing a private organization to close...; Question 226: A newly identified network access vulnerability has been fou...; Question 227: A company recently implemented a patch management policy; ho...; Question 228: A junior security analyst is conducting an analysis after pa...; Question 229: A security analyst wants to fingerprint a web server. Which ...; Question 230: A network administrator needs to determine the sequence of a...; Question 231: A network administrator deployed a DNS logging tool that log...; Question 232: A business uses Wi-Fi with content filtering enabled. An emp...; Question 233: A security analyst is tasked with classifying data to be sto...; Question 234: A security analyst is investigating some users who are being...; Question 235: A cryptomining company recently deployed a new antivirus app...; Question 236: Which of the following controls is used to make an organizat...; Question 237: A systems administrator is troubleshooting a server's connec...; Question 238: The chief compliance officer from a bank has approved a back...; Question 239: As part of the building process for a web application, the c...; Question 240: A Chief Security Office's (CSO's) key priorities are to impr...; Question 241: A forensic analyst needs to prove that data has not been tam...; Question 242: A security analyst needs to implement an MDM solution for BY...; Question 243: Which of the following is a reason why an organization would...; Question 244: A Chief Information Security Officer (CISO) wants to impleme...; Question 245: A company wants to modify its current backup strategy to min...; Question 246: Which of the following types of attacks is specific to the i...; Question 247: A security analyst is working on a project to implement a so...; Question 248: The Chief Executive Officer announced a new partnership with...; Question 249: A company has drafted an insider-threat policy that prohibit...; Question 250: During an incident, an EDR system detects an increase in the...; Question 251: A systems analyst determines the source of a high number of ...; Question 252: An organization implemented a process that compares the sett...; Question 253: The Chief Security Officer (CSO) at a major hospital wants t...; Question 254: A startup company is using multiple SaaS and IaaS platforms ...; Question 255: Which of the following best represents an application that d...; Question 256: A security researcher has alerted an organization that its s...; Question 257: Users reported several suspicious activities within the last...; Question 258: A security engineer is working to address the growing risks ...; Question 259: Several employees return to work the day after attending an ...; 1 commentQuestion 260: A network manager wants to protect the company's VPN by mult...; Question 261: An organization's RPO for a critical system is two hours. Th...; Question 262: A security analyst needs to produce a document that details ...; Question 263: A Chief Security Officer (CSO) was notified that a customer ...; Question 264: A recent security breach exploited software vulnerabilities ...; Question 265: A recent phishing campaign resulted in several compromised u...; Question 266: An information security officer at a credit card transaction...; Question 267: A security engineer is reviewing the logs from a SAML applic...; Question 268: A security analyst is concerned about traffic initiated to t...; Question 269: A transitive trust:; Question 270: A security administrator is integrating several segments ont...; Question 271: Which of the follow ng disaster recovery sites is the most c...; Question 272: Which of the following scenarios BEST describes a risk reduc...; Question 273: Which of the following describes the exploitation of an inte...; Question 274: An analyst is working on an email security incident in which...; 1 commentQuestion 275: Which of the following BEST describes a social-engineering a...; Question 276: An organization is having difficulty correlating events from...; Question 277: Hackers recently attacked a company's network and obtained s...; Question 278: During an internal penetration test, a security analyst iden...; Question 279: An organization has decided to host its web application and ...; Question 280: A security analyst is reviewing web-application logs and fin...; Question 281: Which of the following are common VoIP-associated vulnerabil...; Question 282: An organization's Chief Security Officer (CSO) wants to vali...; Question 283: A company is receiving emails with links to phishing sites t...; Question 284: A security engineer needs to enhance MFA access to sensitive...; Question 285: Which of the following BEST describes a technique that compe...; Question 286: During a forensic investigation, an analyst uses software to...; Question 287: An IT security team is concerned about the confidentiality o...; Question 288: The exploitation of a buffer-overrun vulnerability in an app...; Question 289: Following a recent security breach, an analyst discovered th...; Question 290: Which of the following BEST describes data streams that are ...; Question 291: Which of the following is a common source of unintentional c...; Question 292: A security analyst notices several attacks are being blocked...; Question 293: A nationwide company is experiencing unauthorized logins at ...; Question 294: A network administrator is concerned about users being expos...; Question 295: Which of the following provides guidelines for the managemen...; Question 296: A network administrator has been alerted that web pages are ...; Question 297: Which of the following BEST describes the MFA attribute that...; Question 298: Which of the following would be indicative of a hidden audio...; Question 299: A user reports constant lag and performance issues with the ...; Question 300: A security analyst needs to determine how an attacker was ab...; Question 301: A SOC is implementing an in sider-threat-detection program. ...; Question 302: Which of the following BEST describes the team that acts as ...; Question 303: An organization blocks user access to command-line interpret...; Question 304: Drag and Drop Question Leveraging the information supplied b...; Question 305: The compliance team requires an annual recertification of pr...; Question 306: Company engineers regularly participate in a public Internet...; Question 307: A company Is planning to install a guest wireless network so...; Question 308: A security analyst needs to implement security features acro...; Question 309: Under GDPR, which of the following is MOST responsible for t...; Question 310: While considering the organization's cloud-adoption strategy...; Question 311: An organization wants to enable built-in FDE on all laptops....; Question 312: During a security incident, the security operations team ide...; Question 313: An IT manager is estimating the mobile device budget for the...; Question 314: When implementing automation with loT devices, which of the ...; Question 315: An attacker replaces a digitally signed document with anothe...; Question 316: An employee recently resigned from a company. The employee w...; Question 317: A security analyst is reviewing SIEM logs during an ongoing ...; Question 318: A security administrator has discovered that workstations on...; Question 319: A security analyst wants to fingerprint a web server. Which ...; Question 320: A large financial services firm recently released informatio...; Question 321: The marketing department at a retail company wants to publis...; Question 322: A security administrator checks the table of a network switc...; Question 323: A company's public-facing website, https://www.organization....; Question 324: A customer service representative reported an unusual text m...; Question 325: An enterprise needs to keep cryptographic keys in a safe man...; Question 326: Multiple beaconing activities to a malicious domain have bee...; Question 327: Hotspot Question The security administration has installed a...; Question 328: A security analyst is investigating what appears to be unaut...; Question 329: A company recently experienced an inside attack using a corp...; Question 330: Which of the following is the MOST relevant security check t...; Question 331: During a security incident investigation, an analyst consult...; Question 332: An engineer is setting up a VDI environment for a factory lo...; Question 333: An audit report indicates multiple suspicious attempts to ac...; Question 334: Which of the following would be the BEST resource for a soft...; Question 335: An organization wants to quickly assess how effectively the ...; Question 336: A security administrator needs to publish multiple applicati...; Question 337: An organization suffered numerous multiday power outages at ...; Question 338: Phishing and spear-phishing attacks have been occurring more...; Question 339: An attacker is attempting to exploit users by creating a fak...; Question 340: A security operations center wants to implement a solution t...; Question 341: A security engineer was assigned to implement a solution to ...; Question 342: Which of the following processes will eliminate data using a...; Question 343: A junior security analyst is reviewing web server logs and i...; Question 344: A network administrator at a large organization Is reviewing...; Question 345: A security analyst discovers several .jpg photos from a cell...; Question 346: A company wants to improve end users' experiences when they ...; Question 347: A security analyst needs to propose a remediation plan for e...; Question 348: Drag and Drop Question A security engineer is setting up pas...; Question 349: Which of the following is a difference between a DRP and a B...; Question 350: Which of the following best describes a legal hold?...; Question 351: A data administrator is configuring authentication for a Saa...; Question 352: Which of the following provides a catalog of security and pr...; Question 353: During an incident response process involving a laptop, a ho...; Question 354: An administrator identifies some locations on the third floo...; Question 355: A company is launching a website in a different country in o...; Question 356: An organization suffered an outage and a critical system too...; Question 357: Various stakeholders are meeting to discuss their hypothetic...; Question 358: A small business uses kiosks on the sales floor to display p...; Question 359: Which of the following terms should be included in a contrac...; Question 360: A security architect at a large, multinational organization ...; Question 361: A grocery store is expressing security and reliability conce...; Question 362: The most recent vulnerability scan flagged the domain contro...; Question 363: Joe. a security analyst, recently performed a network discov...; Question 364: Which of the following function as preventive, detective, an...; Question 365: A technician needs to prevent data loss in a laboratory. The...; Question 366: During an engagement, penetration testers left USB keys that...; Question 367: Which of the following is the final step of the incident res...; Question 368: A security professional wants to enhance the protection of a...; Question 369: A security analyst is designing the appropriate controls to ...; Question 370: A cyber threat intelligence analyst is gathering data about ...; Question 371: The president of a company that specializes in military cont...; Question 372: A security analyst is reviewing a secure website that is gen...; Question 373: A company wants to ensure that all employees in a given depa...; Question 374: Which of the following examples would be best mitigated by i...; Question 375: Which of the following controls would be the MOST cost-effec...; Question 376: A security analyst is using OSINT to gather information to v...; Question 377: Which of the following can be used to calculate the total lo...; Question 378: Several universities are participating in a collaborative re...; Question 379: An organization maintains several environments in which patc...; Question 380: Customers reported their antivirus software flagged one of t...; Question 381: A network administrator is setting up wireless access points...; Question 382: A security analyst is working with a vendor to get a new Saa...; Question 383: A manufacturing organization wants to control and monitor ac...; Question 384: A user reset the password for a laptop but has been unable t...; Question 385: An organization is concerned about hackers potentially enter...; Question 386: An organization would like to give remote workers the abilit...; Question 387: A security administrator is analyzing the corporate wireless...; Question 388: A government organization is developing an advanced Al defen...; Question 389: A security analyst is investigating an incident to determine...; Question 390: A network technician is installing a guest wireless network ...; Question 391: A company is looking to migrate some servers to the cloud to...; Question 392: A security analyst notices an unusual amount of traffic hitt...; Question 393: A company recently experienced a significant data loss when ...; Question 394: A software company adopted the following processes before re...; Question 395: Which of the following is most likely associated with introd...; Question 396: An organization wants to implement a biometric system with t...; Question 397: An attacker has successfully exfiltrated several non-salted ...; Question 398: A security forensics analyst is examining a virtual server. ...; Question 399: A company is implementing a new SIEM to log and send alerts ...; Question 400: A financial analyst is expecting an email containing sensiti...; Question 401: A company that provides an online streaming service made its...; Question 402: A security analyst is receiving several alerts per user and ...; Question 403: A security analyst discovers that a large number of employee...; Question 404: A new company wants to avoid channel interference when build...; Question 405: A small, local company experienced a ransomware attack. The ...; Question 406: The Chief Information Security Officer wants to pilot a new ...; Question 407: Which of the following describes the exploitation of an inte...; Question 408: A security engineer has enabled two-factor authentication on...; Question 409: Since a recent upgrade to a WLAN infrastructure, several mob...; Question 410: While reviewing the wireless router, the systems administrat...; Question 411: An organization with a low tolerance for user inconvenience ...; Question 412: An internet company has created a new collaboration applicat...; Question 413: A new vulnerability enables a type of malware that allows th...; Question 414: Which of the following terms describes a broad range of info...; Question 415: An attacker is trying to gain access by installing malware o...; Question 416: A business operations manager is concerned that a PC that is...; Question 417: As part of a company's ongoing SOC maturation process, the c...; Question 418: A company is designing the layout of a new data center so it...; Question 419: A large bank with two geographically dispersed data centers ...; Question 420: Which of the following is a cryptographic concept that opera...; Question 421: An employee has been charged with fraud and is suspected of ...; Question 422: An attacker was easily able to log in to a company's securit...; Question 423: A Chief Information Security Officer has defined resiliency ...; Question 424: A security analyst is performing a packet capture on a serie...; Question 425: Several users have opened tickets with the help desk. The he...; Question 426: A company has had several malware incidents that have been t...; Question 427: Two hospitals merged into a single organization. The privacy...; Question 428: Stakeholders at an organization must be kept aware of any in...; Question 429: A company was recently breached Part of the company's new cy...; Question 430: Which of the following policies establishes rules to measure...; Question 431: A company just developed a new web application for a governm...; Question 432: A company is providing security awareness training regarding...; Question 433: A hospital's administration is concerned about a potential l...; Question 434: A company wants to deploy systems alongside production syste...; Question 435: A workwide manufacturing company has been experiencing email...; Question 436: The help desk has received calls from users in multiple loca...; Question 437: A database administrator wants to grant access to an applica...; Question 438: An organization's help desk is flooded with phone calls from...; Question 439: Law enforcement officials sent a company a notification that...; Question 440: A security engineer needs to Implement the following require...; Question 441: Given the following logs: (Exhibit) Which of the following B...; Question 442: Several users have opened tickets with the help desk. The he...; Question 443: Physical access to the organization's servers in the data ce...; Question 444: An IT security manager requests a report on company informat...; Question 445: A security team discovered a large number of company-issued ...; Question 446: Which of the following methods is the most effective for red...; Question 447: A systems administrator wants to implement a backup solution...; Question 448: A user wanted to catch up on some work over the weekend but ...; Question 449: Which of the following can a security director use to priori...; Question 450: A security engineer obtained the following output from a thr...; Question 451: A cybersecurity analyst at Company A is working to establish...; Question 452: Which of the following roles, according to the shared respon...; Question 453: An analyst needs to set up a method for securely transferrin...; Question 454: Which of the following are common VoIP-associated vulnerabil...; Question 455: After a recent external audit, the compliance team provided ...; Question 456: A security analyst has identified malware spreading through ...; Question 457: A software developer needs to perform code-execution testing...; Question 458: A security administrator needs to inspect in-transit files o...; Question 459: An organization is concerned about hackers bypassing MFA thr...; Question 460: A web application for a bank displays the following output w...; Question 461: A user s laptop constantly disconnects from the Wi-Fi networ...; Question 462: A user enters a username and a password at the login screen ...; Question 463: Which of the following rales is responsible for defining the...; Question 464: A security administrator currently spends a large amount of ...; Question 465: A root cause analysis reveals that a web application outage ...; Question 466: Employees are having issues accessing the company's website....; Question 467: A security administrator needs to inspect in-transit files o...; Question 468: Which of the following authentication methods sends out a un...; Question 469: A recent vulnerability scan revealed multiple servers have n...; Question 470: An organization experiences a cybersecurity incident involvi...; Question 471: A large industrial system's smart generator monitors the sys...; Question 472: On which of the following is the live acquisition of data fo...; Question 473: A retail executive recently accepted a job with a major comp...; Question 474: A security administrator is reviewing reports about suspicio...; Question 475: A systems administrator is required to enforce MFA for corpo...; Question 476: A company discovered that terabytes of data have been exfilt...; Question 477: Which of the following actions would be recommended to impro...; Question 478: A retail company that is launching a new website to showcase...; Question 479: Which of the following is the most important security concer...; Question 480: An organization discovered a disgruntled employee exfiltrate...; Question 481: A security team suspects that the cause of recent power cons...; Question 482: Historically, a company has had issues with users plugging i...; Question 483: Which of the following would a security analyst use to deter...; Question 484: To reduce and overhead, an organization wants to move from a...; Question 485: After reading a security bulletin, a network security manage...; Question 486: The security team received a report of copyright infringemen...; Question 487: A customer has reported that an organization's website displ...; Question 488: A security analyst discovers that one of the web APIs is bei...; Question 489: An organization wants to ensure it can track changes between...; Question 490: Which of the following tools is effective in preventing a us...; Question 491: An amusement park is implementing a biometric system that va...; Question 492: An incident has occurred in the production environment. Anal...; Question 493: Which of the following is the BEST use of a WAF?...; Question 494: A systems analyst is responsible for generating a new digita...; Question 495: An organization would like to remediate the risk associated ...; Question 496: During an investigation, the incident response team discover...; Question 497: A user reports that a bank's website no longer displays a pa...; Question 498: A company employee recently retired, and there was a schedul...; Question 499: A new plug-and-play storage device was installed on a PC in ...; Question 500: Which of the following security controls is used to isolate ...; Question 501: A privileged user at a company stole several proprietary doc...; Question 502: A large retail store's network was breached recently, and th...; Question 503: Which of the following would be MOST effective to contain a ...; Question 504: After a hardware incident, an unplanned emergency maintenanc...; Question 505: In which of the following scenarios is tokenization the best...; Question 506: A user downloaded an extension for a browser and the user's ...; Question 507: A company has a flat network in the cloud. The company needs...; Question 508: A user recent an SMS on a mobile phone that asked for bank d...; Question 509: A user forwarded a suspicious email to the security team, Up...; Question 510: A web server has been compromised due to a ransomware attack...; Question 511: A company has installed badge readers for building access bu...; Question 512: Which of the following is an algorithm performed to verify t...; Question 513: A company's security team received notice of a critical vuln...; Question 514: A large financial services firm recently released informatio...; Question 515: A financial organization has adopted a new secure, encrypted...; Question 516: An organization is developing a plan in the event of a compl...; Question 517: A SOC operator is analyzing a log file that contains the fol...; Question 518: A cloud administrator is configuring five compute instances ...; Question 519: A large financial services firm recently released informatio...; Question 520: Which of the following describes the ability of code to targ...; Question 521: A network architect wants a server to have the ability to re...; Question 522: An organization discovers that unauthorized applications hav...; Question 523: A company is launching a new internet platform for its clien...; Question 524: The new Chief Information Security Officer at a company has ...; Question 525: A systems administrator works for a local hospital and needs...; Question 526: Server administrators want to configure a cloud solution so ...; Question 527: An organization routes all of its traffic through a VPN. Mos...; Question 528: A security analyst needs to generate a server certificate to...; Question 529: A systems administrator set up an automated process that che...; Question 530: A report delivered to the Chief Information Security Officer...; Question 531: Which of the following BEST describes when an organization u...; Question 532: During a recent incident an external attacker was able to ex...; Question 533: A Chief Executive Officer (CEO) is dissatisfied with the lev...; Question 534: A company is working on mobile device security after a repor...; Question 535: A host was infected with malware. During the incident respon...; Question 536: On the way into a secure building, an unknown individual str...; Question 537: A network engineer is troubleshooting wireless network conne...; Question 538: Security analysts are conducting an investigation of an atta...; Question 539: Which of the following best describes a threat actor who is ...; Question 540: A company recently decided to allow employees to work remote...; Question 541: An attacker is attempting, to harvest user credentials on a ...; Question 542: Which of the following threat actors is MOST likely to be mo...; Question 543: While investigating a data leakage incident a security analy...; Question 544: Which of the following is the MOST effective control against...; Question 545: A financial institution would like to store its customer dat...; Question 546: A company's end users are reporting that they are unable to ...; Question 547: Which of the following employee roles is responsible for pro...; Question 548: A user attempts to load a web-based application, but the exp...; Question 549: A security analyst wants to verify that a client-server (non...; Question 550: Which of the following authentication methods is considered ...; Question 551: A company is implementing a vendor's security tool in the cl...; Question 552: A critical file server is being upgraded and the systems adm...; Question 553: Which of the following best describes why a company would er...; Question 554: An organization's corporate offices were destroyed due to a ...; Question 555: An organization is building a single virtual environment tha...; Question 556: Which of the following roles would MOST likely have direct a...; Question 557: Which of the following control Types would be BEST to use in...; Question 558: A website visitor is required to provide properly formatted ...; Question 559: Which of the following tools can assist with detecting an em...; Question 560: Hotspot Question A newly purchased corporate WAP needs to be...; Question 561: Which of the following should a technician use to protect a ...; Question 562: A security analyst has been reading about a newly discovered...; Question 563: Which of the following can be used to detect a hacker who is...; Question 564: An analyst visits an internet forum looking for information ...; Question 565: Which of the following job roles would sponsor data quality ...; Question 566: A security manager for a retailer needs to reduce the scope ...; Question 567: A Chief Information Officer is concerned about employees usi...; Question 568: Which of the following would BEST provide a systems administ...; Question 569: A network analyst is investigating compromised corporate inf...; Question 570: An analyst just discovered an ongoing attack on a host that ...; Question 571: A security administrator has received multiple calls from th...; Question 572: A software company adopted the following processes before re...; Question 573: A manufacturing company has several one-off legacy informati...; Question 574: An annual information security assessment has revealed that ...; Question 575: A network engineer notices the VPN concentrator overloaded a...; Question 576: A manufacturer creates designs for very high security produc...; Question 577: During an investigation, events from two affected servers in...; Question 578: A security administrator manages five on-site APs. Each AP u...; Question 579: Which of the following concepts BEST describes tracking and ...; Question 580: Which of the following serves to warn users against download...; Question 581: A Chief Security Officer (CSO) has asked a technician to dev...; Question 582: A security analyst was deploying a new website and found a c...; Question 583: An employee finds a USB flash drive labeled "Salary Info" in...; Question 584: A company is implementing MFA for all applications that stor...; Question 585: A security analyst receives a SIEM alert that someone logged...; Question 586: An auditor is performing an assessment of a security applian...; Question 587: Which biometric error would allow an unauthorized user to ac...; Question 588: An organization has activated an incident response plan due ...; Question 589: A vendor needs to remotely and securely transfer files from ...; Question 590: A security analyst is responding to a malware incident at a ...; Question 591: A cybersecurity administrator needs to implement a Layer 7 s...; Question 592: An administrator is configuring a firewall rule set for a su...; Question 593: A backdoor was detected on the containerized application env...; Question 594: Which of the following would be BEST for a technician to rev...; Question 595: A news article states hackers have been selling access to Io...; Question 596: A security engineer needs to implement an MDM solution that ...; Question 597: A malicious actor recently penetration a company's network a...; Question 598: A company is moving to new location. The systems administrat...; Question 599: A security engineer is hardening existing solutions to reduc...; Question 600: A security analyst is reviewing the following system command...; Question 601: A security administrator installed a new web server. The adm...; Question 602: A vulnerability scan returned the following results: - 2 Cri...; Question 603: A company recently transitioned to a strictly BYOD culture d...; Question 604: A company is designing the layout of a new datacenter so it ...; Question 605: A security analyst reviews web server logs and notices the f...; Question 606: A SOC is currently being outsourced. Which of the following ...; Question 607: A security analyst needs an overview of vulnerabilities for ...; Question 608: An enterprise has hired an outside security firm to conduct ...; Question 609: An attacker was easily able to log in to a company's securit...; Question 610: A company recently experienced a data breach and the source ...

Question 496/610

LEAVE A REPLY

Download PDF File