An analyst receives artifacts from a recent intrusion and is able to pull a domain, IP address, email address, and software version. Which of the following points of the Diamond Model of Intrusion Analysis does this intelligence represent?
While conducting a network infrastructure review, a security analyst discovers a laptop that is plugged into a core switch and hidden behind a desk. The analyst sees the following on the laptop's screen:[*] [NBT-NS] Poisoned answer sent to 192.169.23.115 for name FILE-SHARE-A (service: File Server)[*] [LLMNR] Poisoned answer sent to 192.168.23.115 for name FILE-SHARE-A[*] [LLMNR] Poisoned answer sent to 192.168.23.115 for name FILE-SHARE-A[SMBv2] NTLMv2-SSP Client : 192.168.23.115[SMBv2] NTLMv2-SSP Username : CORP\jsmith[SMBv2] NTLMv2-SSP Hash : F5DBF769CFEA7...[*] [NBT-NS] Poisoned answer sent to 192.169.23.24 for name FILE-SHARE-A (service: File Server)[*] [LLMNR] Poisoned answer sent to 192.168.23.24 for name FILE-SHARE-A[*] [LLMNR] Poisoned answer sent to 192.168.23.24 for name FILE-SHARE-A[SMBv2] NTLMv2-SSP Client : 192.168.23.24[SMBv2] NTLMv2-SSP Username : CORP\progers[SMBv2] NTLMv2-SSP Hash : 6D093BE2FDD70A...Which of the following is the BEST action for the security analyst to take?
A Chief Executive Officer (CEO) is concerned the company will be exposed to data sovereignty issues as a result of some new privacy regulations. To help mitigate this risk, the Chief Information Security Officer (CISO) wants to implement an appropriate technical control. Which of the following would meet the requirement?
Which of the following is a difference between SOAR and SCAP?
An organization has a policy that requires servers to be dedicated to one function and unneeded services to be disabled. Given the following output from an Nmap scan of a web server:Which of the following ports should be closed?
Which of the following is the software development process by which function, usability, and scenarios are tested against a known set of base requirements?
