Which of the following responsibilities does the legal team have during an incident management event? (Choose two).
A security analyst is improving an organization’s vulnerability management program. The analyst cross-checks the current reports with the system’s infrastructure teams, but the reports do not accurately reflect the current patching levels. Which of the following will most likely correct the report errors?
A security analyst is reviewing a recent vulnerability scan report for a new server infrastructure. The analyst would like to make the best use of time by resolving the most critical vulnerability first. The following information is provided:Which of the following should the analyst concentrate remediation efforts on first?
A security analyst must assist the IT department with creating a phased plan for vulnerability patching that meets established SLAs. Which of the following vulnerability management elements will best assist with prioritizing a successful plan?
A WAF weekly report shows that a daily spike occurs from the same subnet. An open-source review indicates the IP addresses belong to a legitimate internet service provider but have been flagged for DDoS attacks and reconnaissance scanning in the past year. Which of the following actions should a SOC analyst take first in response to these traffic uptick activities?
HOTSPOT-A healthcare organization must develop an action plan based on the findings from a risk assessment. The action plan must consist of risk categorization and prioritization.INSTRUCTIONS-Click on the audit report and risk matrix to review their contents.Assign a categorization to each risk and determine the order in which the findings must be prioritized for remediation according to the risk rating score.If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
