A security analyst is reviewing ids logs and notices

This preview shows page 26 - 29 out of 46 pages.

2019 New CS0-001 Exam Guide V12.02.pdf

26.   A security audit revealed that port 389 has been used instead of 636 when connecting to LDAP for the authentication of users . The remediation recommended by the audit was to switch the port to 636 wherever technically possible . Which of the following is the BEST response ?
A . Correct the audit . This finding is a well - known false positive ; the services that typically run on 389 and 636 are identical .
B . 
C. Change all devices and servers that support it to 636 , as 389 is a reserved port that requires root access and can expose the server to privilege escalation attacks .
D. Correct the audit . This finding is accurate , but the correct remediation is to update encryption keys on each of the servers to match port 636 .
Answer:  B .   Change all devices and servers that support it to 636 , as encrypted services run by default on 636 .
27.   A security analyst is reviewing IDS logs and notices the following entry : Which of the following attacks is occurring ?
Get answer to your question and much more
28 .   A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities . Which of the following documents should include these details ?
Get answer to your question and much more
29 .   A reverse engineer was analyzing malwar e found on a retailer ’ s network and found code extracting track data in memory .
Get answer to your question and much more
30 .   Due to new regulations , a company has decided to institute an organizational vulnerability management program and assign the function to the security team . Which of the following frameworks would BEST support the program ? ( Select two . )
A. COBIT
B. NIST
C. ISO 27000 series
D. ITIL
E . OWASP
31.   A system administrator recently deployed and verified the installation of a critical patch issued by the company ’s primary OS vendor . This patch was supposed t o remedy a vulnerability that would allow an adversary to remotely execute code from over the network . However , the administrator just ran a vulnerability assessment of networked systems , and each of them still reported having the same vulnerability . Which of the following is the MOST likely explanation for this ?
Get answer to your question and much more
32 .   An incident response report indicates a virus was introduced through a remote host that was connected to corporate resources . A cybersecurity analyst has been asked for a recommendation to solve this issue . Which of the following should be applied ?
Get answer to your question and much more
33 .   Review the following results :
Get answer to your question and much more
34.   A security analyst is creating baseline system images to remediate vulnerabilities found in different operating systems . Each image needs to be scanned before it is deployed . The security analyst must ensure the configurations match industry standard benchmarks and the process can be repeated frequently . Which of the following vulnerability options would BEST create the process requirements ?
A. Utilizing an operating system SCAP plugin
B. Utilizing an authorized credential scan
C. Utilizing a non-credential scan
D. Utilizing a known malware plugin
35.   A cybersecurity analyst is retained by a firm for an open investigation . Upon arrival , the cybersecurity analyst reviews several security logs . Which of the following combinations BEST describes the situation and recommendations to be made for this situation ?
Get answer to your question and much more
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Survey of Accounting
The document you are viewing contains questions related to this textbook.
Chapter 7 / Exercise MBA 7-8
Survey of Accounting
Warren
Expert Verified
27.A security analyst is reviewing IDS logs and notices the following entry: Which of the following attacks is occurring? A. Cross-site scripting B. Header manipulation C. SQL injection D. XML injection Answer:C
28.A company that is hiring a penetration tester wants to exclude social engineering from the list of authorized activities. Which of the following documents should include these details?
29.A reverse engineer was analyzing malware found on a retailer’s network and found code extracting track data in memory.
We have textbook solutions for you!
The document you are viewing contains questions related to this textbook.
Survey of Accounting
The document you are viewing contains questions related to this textbook.
Chapter 7 / Exercise MBA 7-8
Survey of Accounting
Warren
Expert Verified
The safer , easier way to help you pass any IT exams.Which of the following threats did the engineer MOST likely uncover? 26/ 44
30.Due to new regulations, a company has decided to institute an organizational vulnerability management program and assign the function to the security team. Which of the following frameworks would BEST support the program? (Select two.)
31.A system administrator recently deployed and verified the installation of a critical patch issued by the company’s primary OS vendor. This patch was supposed to remedy a vulnerability that would allow an adversary to remotely execute code from over the network. However, the administrator just ran a vulnerability assessment of networked systems, and each of them still reported having the same vulnerability. Which of the following is the MOST likely explanation for this? A. The administrator entered the wrong IP range for the assessment. B. The administrator did not wait long enough after applying the patch to run the assessment. C. The patch did not remediate the vulnerability. D. The vulnerability assessment returned false positives. Answer:C
32.An incident response report indicates a virus was introduced through a remote host that was connected to corporate resources. A cybersecurity analyst has been asked for a recommendation to solve this issue. Which of the following should be applied?
33.Review the following results:
The safer , easier way to help you pass any IT exams.Which of the following has occurred? 27/ 44

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture