[Security Architecture] After a vendor identified a recent vulnerability, a severity score was assigned to the vulnerability. A notification was also publicly distributed. Which of the following would most likely include information regarding the vulnerability and the recommended remediation steps?
[Security Operations] A security analyst notices a number of SIEM events that show the following activity: 10/30/2020 - 8:01 UTC - 192.168.1.1 - sc stop HinDctend 10/30/2020 - 8:05 UTC - 192.168.1.2 - c:\program files \games \comptidcasp.exe 10/30/2020 - 8:07 UTC - 192.168.1.1 - c:\windows \system32 \cmd.exe /c powershell 10/30/2020 - 8:07 UTC - 192.168.1.1 - powershell —> 40.90.23.154:443 Which of the following response actions should the analyst take first?
[Security Engineering and Cryptography] A social media company wants to change encryption ciphers after identifying weaknesses in the implementation of the existing ciphers. The company needs the new ciphers to meet the following requirements: • Utilize less RAM than competing ciphers. • Be more CPU-efficient than previous ciphers. • Require customers to use TLS 1.3 while broadcasting video or audio. Which of the following is the best choice for the social media company?
[Security Architecture] A Chief Information Security Officer (CISO) is concerned that a company's current data disposal procedures could result in data remanence. The company uses only SSDs. Which of the following would be the most secure way to dispose of the SSDs given the CISO's concern?
[Security Architecture] A healthcare system recently suffered from a ransomware incident. As a result, the board of directors decided to hire a security consultant to improve existing network security. The security consultant found that the healthcare network was completely flat, had no privileged access limits, and had open RDP access to servers with personal health information. As the consultant builds the remediation plan, which of the following solutions would best solve these challenges? (Select three).
4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 34 6d be 66 00 00 00 00 00 00 00 00 e0 00 0f 03 0b 01 05 00 00 70 00 00 00 10 00 00 00 d0 00 00 70 4c 01 00 00 e0 00 00 00 50 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 01 00 00 02 00 00 00 00 00 00 03 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 Attempts to run the code in a sandbox produce no results. Which of the following should the malware analyst do next to further analyze the malware and discover useful IoCs?
