Question 1

An employee downloads a freeware program to change the desktop to the classic look of legacy Windows. Shortly after the employee installs the program, a high volume of random DNS queries begin to originate from the system. An investigation on the system reveals the following: Add-MpPreference -ExclusionPath '%Program Filest\ksysconfig' Which of the following is possibly occurring?

Options :

A : Persistence

B : Privilege escalation

C : Credential harvesting

D : Defense evasion

Answer: D

Question 2

A technician identifies a vulnerability on a server and applies a software patch. Which of the following should be the next step in the remediation process?

Options :

A : Testing

B : Implementation

C : Validation

D : Rollback

Answer: C

Question 3

Which of the following entities should an incident manager work with to ensure correct processes are adhered to when communicating incident reporting to the general public, as a best practice? (Select two).

Options :

A : Law enforcement

B : Governance

C : Legal

D : Manager

E : Public relations

F : Human resources

Answer: C,E

Question 4

An MSSP received several alerts from customer 1, which caused a missed incident response deadline for customer 2. Which of the following best describes the document that was violated?

Options :

A : KPI

B : SLO

C : SLA

D : MOU

Answer: C

Question 5

The security operations team is required to consolidate several threat intelligence feeds due to redundant tools and portals. Which of the following will best achieve the goal and maximize results?

Options :

A : Single pane of glass

B : Single sign-on

C : Data enrichment

D : Deduplication

Answer: A