- (Exam Topic 2)
An organization is experiencing issues with emails that are being sent to external recipients Incoming emails to the organization are working fine. A security analyst receives the following screenshot ot email error from the help desk.
The analyst the checks the email server and sees many of the following messages in the logs. Error 550 - Message rejected
Which of the following is MOST likely the issue?
Correct Answer:A
- (Exam Topic 1)
An organization has not had an incident for several month. The Chief information Security Officer (CISO) wants to move to proactive stance for security investigations. Which of the following would BEST meet that goal?
Correct Answer:E
- (Exam Topic 1)
A security analyst gathered forensics from a recent intrusion in preparation for legal proceedings. The analyst used EnCase to gather the digital forensics. cloned the hard drive, and took the hard drive home for further analysis. Which of the following of the security analyst violate?
Correct Answer:B
- (Exam Topic 3)
A security analyst is investigate an no client related to an alert from the threat detection platform on a host
(10.0 1.25) in a staging environment that could be running a cryptomining tool because it in sending traffic to an IP address that are related to Bitcoin.
The network rules for the instance are the following:
Which of the following is the BEST way to isolate and triage the host?
Correct Answer:D
- (Exam Topic 1)
A Chief Information Security Officer (CISO) wants to upgrade an organization's security posture by improving proactive activities associated with attacks from internal and external threats.
Which of the following is the MOST proactive tool or technique that feeds incident response capabilities?
Correct Answer:A