CS0-002 Exam Question 111
A security analyst is performing a Diamond Model analysis of an incident the company had last quarter. A potential benefit of this activity is that it can identify:
CS0-002 Exam Question 112
A company was recently awarded several large government contracts and wants to determine its current risk from one specific APT.
Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?
Which of the following threat modeling methodologies would be the MOST appropriate to use during this analysis?
CS0-002 Exam Question 113
Ransomware is identified on a company's network that affects both Windows and MAC hosts. The command and control channel for encryption for this variant uses TCP ports from 11000 to 65000. The channel goes to good1. Iholdbadkeys.com, which resolves to IP address 72.172.16.2.
Which of the following is the MOST effective way to prevent any newly infected systems from actually encrypting the data on connected network drives while causing the least disruption to normal Internet traffic?
Which of the following is the MOST effective way to prevent any newly infected systems from actually encrypting the data on connected network drives while causing the least disruption to normal Internet traffic?
CS0-002 Exam Question 114
A security analyst is reviewing the network security monitoring logs listed below:
Which of the following is the analyst MOST likely observing? (Select TWO).
Which of the following is the analyst MOST likely observing? (Select TWO).