- (Exam Topic 2)
An employee was found to have performed fraudulent activities. The employee was dismissed, and the employee's laptop was sent to the IT service desk to undergo a data sanitization procedure. However, the security analyst responsible for the investigation wants to avoid data sanitization. Which of the following can the security analyst use to justify the request?
Correct Answer:A
- (Exam Topic 1)
A security analyst is reviewing the logs from an internal chat server. The chat.log file is too large to review manually, so the analyst wants to create a shorter log file that only includes lines associated with a user demonstrating anomalous activity. Below is a snippet of the log:
Which of the following commands would work BEST to achieve the desired result?
Correct Answer:D
- (Exam Topic 3)
Which of the following APT adversary archetypes represent non-nation-state threat actors? (Select TWO)
Correct Answer:CD
- (Exam Topic 1)
Which of the following MOST accurately describes an HSM?
Correct Answer:B
- (Exam Topic 2)
Massivelog log has grown to 40GB on a Windows server At this size, local tools are unable to read the file, and it cannot be moved off the virtual server where it is located. Which of the following lines of PowerShell script will allow a user to extract the last 10.000 lines of the loq for review?
Correct Answer:D
https://social.technet.microsoft.com/Forums/en-US/d7a84189-fa3f-4431-8b03-30a7d57d076a/getcontent-read-la