212-89 Exam Question 46

AlphaTech recently discovered signs of an advanced persistent threat (APT) in its infrastructure. The incident response team is trying to gather more information about the threat to form a comprehensive response strategy. While leveraging threat intelligence platforms, which of the following approaches would be most effective in gathering detailed and actionable insights about the APT?
  • 212-89 Exam Question 47

    A colleague wants to minimize their security responsibility because they are in a small organization. They are evaluating a new application that is offered in different forms. Which form would result in the least amount of responsibility for the colleague?
  • 212-89 Exam Question 48

    Khai was tasked with examining the logs from a Linux email server. The server uses Sendmail to execute the command to send emailsand Syslog to maintain logs. To validate the data within email headers, which of the following directories should Khai check for information such as source and destination IP addresses, dates, and timestamps?
  • 212-89 Exam Question 49

    After a recent cloud migration, AeroFlights, an airline company, spotted unauthorized data access.
    Preliminary checks hinted at malware that used cloud resources to spread, impacting flight schedules.
    Equipped with a cloud-specific security tool and a real-time scheduling monitor, what should be the primary action?
  • 212-89 Exam Question 50

    Lara, a SOC analyst, investigates multiple alerts generated by an IDS showing repeated login failures from a specific workstation to an internal application. When reviewing Windows Event Viewer logs, she discovers a user repeatedly attempting logins outside of working hours. Further checks reveal the user had installed an unauthorized remote desktop tool. Which of the following best describes this situation?