A security analyst is performing a vulnerability assessment on behalf of a client. The analyst must define what constitutes a risk to the organization.Which of the following should be the analyst's FIRST action?
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?
A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements:✑ Only users with corporate-owned devices can directly access servers hosted by the cloud provider.✑ The company can control what SaaS applications each individual user can access.✑ User browser activity can be monitored.Which of the following solutions would BEST meet these requirements?
During a system penetration test, a security engineer successfully gained access to a shell on a Linux host as a standard user and wants to elevate the privilege levels.Which of the following is a valid Linux post-exploitation method to use to accomplish this goal?
A systems administrator is in the process of hardening the host systems before connecting to the network. The administrator wants to add protection to the boot loader to ensure the hosts are secure before the OS fully boots.Which of the following would provide the BEST boot loader protection?
An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items.Which of the following phases establishes the identification and prioritization of critical systems and functions?
