A security analyst needs to block vulnerable ports and disable legacy protocols. The analyst has ensured NetBIOS trio, Telnet, SMB, and TFTP are blocked and/or disabled. Which of the following additional protocols should the analyst block next?
A user clicks on a malicious adware link, and the malware successfully downloads to the machine. The malware has a script that invokes command-and-control activity. Which of the following actions is the best way to contain the incident without any additional impact?
A security analyst needs to support an organization’s legal case against a threat actor. Which of the following processes provides the best way to assist in the prosecution of the case?
When starting an investigation, which of the following must be done first?
Due to reports of unauthorized activity that was occurring on the internal network, an analyst is performing a network discovery. The analyst runs an Nmap scan against a corporate network to evaluate which devices were operating in the environment. Given the following output:Which of the following choices should the analyst look at first?
During security scanning, a security analyst regularly finds the same vulnerabilities in a critical application. Which of the following recommendations would best mitigate this problem if applied along the SDLC phase?
