Free certification test prep

NEW QUESTION 77
Alexis is working as an incident responder in XYZ organization. She was asked to identify and attribute the actors behind an attack that took place recently. In order to do so, she is performing threat attribution that deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target. Which of the following types of threat attributions Alexis performed?

NEW QUESTION 78
The following steps describe the key activities in forensic readiness planning:
1. Train the staff to handle the incident and preserve the evidence
2. Create a special process for documenting the procedure
3. Identify the potential evidence required for an incident
4. Determine the source of the evidence
5. Establish a legal advisory board to guide the investigation process
6. Identify if the incident requires full or formal investigation
7. Establish a policy for securely handling and storing the collected evidence
8. Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption Identify the correct sequence of steps involved in forensic readiness planning.

NEW QUESTION 79
SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization’s security.
Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

NEW QUESTION 80
An organization named Sam Morison Inc. decided to use cloud-based services to reduce the cost of maintenance. The organization identified various risks and threats associated with cloud service adoption and migrating business-critical data to thirdparty systems. Hence, the organization decided to deploy cloud-based security tools to prevent upcoming threats.
Which of the following tools help the organization to secure the cloud resources and services?

NEW QUESTION 81
Elizabeth, who works for OBC organization as an incident responder, is assessing the risks to the organizational security. As part of the assessment process, she is calculating the probability of a threat source exploiting an existing system vulnerability. Which of the following risk assessment steps is Elizabeth currently in?

NEW QUESTION 82
Drake is an incident handler in Dark CLoud Inc. He is intended to perform log analysis in order to detect traces of malicious activities within the network infrastructure.
Which of the following tools Drake must employ in order to view logs in real time and identify malware propagation within the network?

NEW QUESTION 83
Richard is analyzing a corporate network. After an alert in the network’s IPS. he identified that all the servers are sending huge amounts of traffic to the website abc.xyz. What type of information security attack vectors have affected the network?

NEW QUESTION 84
An incident handler is analyzing email headers to find out suspicious emails.
Which of the following tools he/she must use in order to accomplish the task?

NEW QUESTION 85
Rinni is an incident handler and she is performing memory dump analysis.
Which of following tools she can use in order to perform memory dump analysis?

NEW QUESTION 86
Bran is an incident handler who is assessing the network of the organization. In the process, he wants to detect ping sweep attempts on the network using Wireshark tool.
Which of the following Wireshark filter he must use to accomplish this task?

NEW QUESTION 87
Which of the following is an attack that attempts to prevent the use of systems, networks, or applications by the intended users?

NEW QUESTION 88
Miko was hired as an incident handler in XYZ company. His first task was to identify the PING sweep attempts inside the network. For this purpose, he used Wireshark to analyze the traffic. What filter did he use to identify ICMP ping sweep attempts?

NEW QUESTION 89
Which of the following is a technique used by attackers to make a message difficult to understand through the use of ambiguous language?

NEW QUESTION 90
Sarah is a security operations center (SOC) analyst working at JW Williams and Sons organization based in Chicago. As a part of security operations, she contacts information providers (sharing partners) for gathering information such as collections of validated and prioritized threat indicators along with a detailed technical analysis of malware samples, botnets, DDoS attack methods, and various other malicious tools. She further used the collected information at the tactical and operational levels.
Sarah obtained the required information from which of the following types of sharing partner?

NEW QUESTION 91
A team of threat intelligence analysts is performing threat analysis on malware, and each of them has come up with their own theory and evidence to support their theory on a given malware.
Now, to identify the most consistent theory out of all the theories, which of the following analytic processes must threat intelligence manager use?

NEW QUESTION 92
In which of the following phases of incident handling and response (IH&R) process the identified security incidents are analyzed, validated, categorized, and prioritized?

NEW QUESTION 93
Which of the following is a standard framework that provides recommendations for implementing information security controls for organizations that initiate, implement, or maintain information security management systems (ISMSs)?

NEW QUESTION 94
Jason is setting up a computer forensics lab and must perform the following steps: 1. physical location and structural design considerations; 2. planning and budgeting; 3. work area considerations; 4. physical security recommendations; 5. forensic lab licensing; 6. human resource considerations. Arrange these steps in the order of execution.

NEW QUESTION 95
Alison, an analyst in an XYZ organization, wants to retrieve information about a company’s website from the time of its inception as well as the removed information from the target website.
What should Alison do to get the information he needs.

NEW QUESTION 96
In which of the following phases of the incident handling and response (IH&R) process is the identified security incidents analyzed, validated, categorized, and prioritized?

NEW QUESTION 97
Eric works as a system administrator in ABC organization. He granted privileged users with unlimited permissions to access the systems. These privileged users can misuse their rights unintentionally or maliciously or attackers can trick them to perform malicious activities.
Which of the following guidelines helps incident handlers to eradicate insider attacks by privileged users?

NEW QUESTION 98
In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?