The SOC received a threat intelligence notification indicating that an employee’s credentials were found on the dark web. The user’s web and log-in activities were reviewed for malicious or anomalous connections, data uploads/downloads, and exploits. A review of the controls confirmed multifactor authentication was enabled. Which of the following should be done first to mitigate impact to the business networks and assets?
An MSSP received several alerts from customer 1, which caused a missed incident response deadline for customer 2. Which of the following best describes the document that was violated?
A threat hunter seeks to identify new persistence mechanisms installed in an organization’s environment. In collecting scheduled tasks from all enterprise workstations, the following host details are aggregated:Which of the following actions should the hunter perform first based on the details above?
An organization's email account was compromised by a bad actor. Given the following information:Which of the following is the length of time the team took to detect the threat?
Which of the following best describes the key elements of a successful information security program?
A company has the following security requirements:• No public IPs• All data secured at rest• No insecure ports/protocolsAfter a cloud scan is completed a security analyst receives reports that several misconfigurations are putting the company at risk. Given the following cloud scanner output:Which of the following should the analyst recommend be updated first to meet the security requirements and reduce risks?
