An attacker embedded a macro within a word processing file opened by a user in an organization's legal department. The attacker used this technique to gain access to confidential financial data. Which two recommendations should a security expert make to mitigate this type of attack? (Choose two.)
Refer to the exhibit. Which element in this email is an indicator of attack?
Refer to the exhibit. Which encoding technique is represented by this HEX string?
A network host is infected with malware by an attacker who uses the host to make calls for files and shuttle traffic to bots. This attack went undetected and resulted in a significant loss. The organization wants to ensure this does not happen in the future and needs a security solution that will generate alerts when command and control communication from an infected device is detected. Which network security solution should be recommended?
What is a use of TCPdump?
An incident response team is recommending changes after analyzing a recent compromise in which:✑ a large number of events and logs were involved;✑ team members were not able to identify the anomalous behavior and escalate it in a timely manner;✑ several network systems were affected as a result of the latency in detection;✑ security engineers were able to mitigate the threat and bring systems back to a stable state; and✑ the issue reoccurred shortly after and systems became unstable again because the correct information was not gathered during the initial identification phase.Which two recommendations should be made for improving the incident response process? (Choose two.)
