A new policy requires the security team to perform web application and OS vulnerability scans. All of the company's web applications use federated authentication and are accessible via a central portal. Which of the following should be implemented to ensure a more thorough scan of the company's web application, while at the same time reducing false positives?

Three similar production servers underwent a vulnerability scan. The scan results revealed that the three servers had two different vulnerabilities rated "Critical". The administrator observed the following about the three servers:
- The servers are not accessible by the Internet
- AV programs indicate the servers have had malware as recently as two
weeks ago
- The SIEM shows unusual traffic in the last 20 days
- Integrity validation of system files indicates unauthorized
modifications
Which of the following assessments is valid and what is the most appropriate NEXT step? (Select TWO).

The help desk provided a security analyst with a screenshot of a user's desktop:

For which of the following is aircrack-ng being used?

A cybersecurity analyst is reviewing the following outputs:

Which of the following can the analyst infer from the above output?

The Chief Information Security Officer (CISO) asked for a topology discovery to be conducted and verified against the asset inventory. The discovery is failing and not providing reliable or complete data. The syslog shows the following information:

Which of the following describes the reason why the discovery is failing?