A security analyst is responding to a malware incident at a company. The malware connects to a command-and-control server on the internet in order to function. Which of the following should the security analyst implement first?
Which of the following is the first step to take when creating an anomaly detection process?
A security analyst is investigating a workstation that is suspected of outbound communication to a command-and-control server. During the investigation, the analyst discovered that logs on the endpoint were deleted. Which of the following logs would the analyst most likely look at next?
A systems administrator is concerned about the output from web server logs Given the following snippet of the web server log file:
Which of the following attacks occurred?
A company needs to keep the fewest records possible meet compliance needs, and ensure destruction of records that are no longer needed Which of the following best describes the policy that meets these requirements?
Several employees received a fraudulent text message from someone claiming to be the Chief Executive Officer (CEO). The message stated:
'Tm in an airport right now with no access to email. I need you to buy gift cards for employee recognition awards. Please send the gift cards to following email address."
Which of the following are the best responses to this situation? (Select two).
In order to strengthen a password and prevent a hacker from cracking it, a random string of 36 characters was added to the password. Which of the following best describes this technique?
A systems administrator is considering switching from tape backup to an alternative backup solution that would allow data to be readily available in the event of a disaster. Which of the following backup types should the administrator implement?