A small number but steady series of attempts to breach the network has been occurring over a long period of time. During an investigation, a SOC analyst finds that traffic is exiting the network to known malicious hosts and is originating from a rogue network device. Which of the following attack vectors is most likely being used to breach the network?
A security analyst detects a possible RAT infection on a computer in the internal network. After reviewing the details of the alert, the analyst identifies the initial vector of the attack was an email that was forwarded to multiple recipients in the same organizational unit. Which of the following should the analyst do first to minimize this type of threat in the future?
An organization that performs real-time financial processing is implementing a new backup solution. Given the following business requirements:• The backup solution must reduce the risk for potential backup compromise.• The backup solution must be resilient to a ransomware attack.• The time to restore from backups is less important than the backup data integrity.• Multiple copies of production data must be maintained.Which of the following backup strategies best meets these requirements?
A security operations analyst is reviewing network traffic baselines for nightly database backups. Given the following information:Which of the following should the security analyst do next?
While performing threat-hunting functions, an analyst is using the Diamond Model of Intrusion Analysis. The analyst identifies the likely adversary, the infrastructure involved, and the target. Which of the following must the threat hunter document to use the model effectively?
A company plans to implement a research facility with intellectual property data that should be protected. The following is the security diagram proposed by the security architect:Which of the following security architect models is illustrated by the diagram?
