A Chief Information Security Officer has asked for a list of hosts that have critical and high-severity findings as referenced in the CVE database. Which of the following tools would produce the assessment output needed to satisfy this request?
Correct Answer:
A
Nessus is a vulnerability scanning and assessment tool that can be used to scan systems for potential vulnerabilities and weaknesses. It provides detailed reports on any critical and high-severity findings as referenced in the CVE database, making it the ideal tool for fulfilling the Chief Information Security Officer's request. Nikto, fuzzer, wireshark, and prowler are all security tools, but they are not applicable for the scenario described in the question. Here is a link to an article from CompTIA's website about Nessus for your reference: https://www.comptia.org/content/nessus-vulnerability-scanning-and-assessment-tool.
An analyst is coordinating with the management team and collecting several terabytes of data to analyze using advanced mathematical techniques in order to find patterns and correlations in events and activities. Which of the following describes what the analyst is doing?
Correct Answer:
C
The correct answer is C. Machine learning. Machine learning is a branch of artificial intelligence that uses advanced mathematical techniques, such as statistics, algorithms, and linear algebra, to analyze large amounts of data and find patterns and correlations in events and activities. Machine learning can help to automate tasks, improve decision making, and enhance security by detecting anomalies, threats, or trends1.
* A. Data visualization is not correct. Data visualization is the process of presenting data in a graphical or pictorial format, such as charts, graphs, maps, or dashboards. Data visualization can help to communicate information, insights, or trends more effectively and intuitively than using text or numbers alone2.
* B. SOAR is not correct. SOAR stands for Security Orchestration, Automation, and Response, and it is a solution that combines various tools and processes to improve the efficiency and effectiveness of security operations. SOAR can help to automate tasks, integrate systems, coordinate actions, and respond to incidents faster and more consistently3.
* D. SCAP is not correct. SCAP stands for Security Content Automation Protocol, and it is a set of standards and specifications that enable the automated assessment, measurement, and reporting of the security posture of systems and networks. SCAP can help to ensure compliance, identify vulnerabilities, and remediate issues.
* 1: What Is Machine Learning? 2: What Is Data Visualization? 3: What Is Security Orchestration, Auto and Response (SOAR)? : [What Is Security Content Automation Protocol (SCAP)?]
A cybersecurity analyst routinely checks logs, querying for login attempts. While querying for unsuccessful login attempts during a five-day period, the analyst produces the following report:
Which of the following BEST describes what the analyst Just found?
Correct Answer:
C
A script is a program that can automate tasks or perform actions on a computer system. A script can be used to attempt multiple login attempts with different credentials, either randomly or from a list of known or guessed usernames and passwords. This can be done to gain unauthorized access to a system or to test its securit1y2.
Users 4 and 5 are not using their credentials to transfer files or run tasks, because the report shows that they have failed login attempts on multiple servers. If they were authorized users, they would not have failed login attempts. Also, transferring files or running tasks does not require multiple login attempts on different servers.
A bot is a software application that runs automated tasks over the Internet. A bot can also be used to perform brute-force attacks, which are repeated attempts to guess a password or other authentication
information. However, a bot would not use login credentials in a script, but rather generate random or common passwords to try3.
An organizational policy requires one person to input accounts payable and another to do accounts receivable. A separate control requires one person to write a check and another person to sign all checks greater than $5,000 and to get an additional signature for checks greater than $10,000. Which of the following controls has the organization implemented?
Correct Answer:
A
Segregation of duties is a security control that requires multiple people to be involved with completing a task. This helps prevent fraud, as it ensures that no one individual has the ability to commit fraud or make mistakes without other people being aware of it
A company wants to ensure a third party does not take intellectual property and build a competing product. Which of the following is a non-technical data and privacy control that would best protect the company?
Correct Answer:
B
A non-disclosure agreement (NDA) is a legally binding contract that establishes a confidential relationship between two or more parties and prevents them from sharing or using certain information that is deemed sensitive, proprietary, or valuable1. An NDA can be used to protect intellectual property (IP) such as trade secrets, inventions, designs, or business plans from being disclosed to competitors or the public2.
A company that wants to ensure a third party does not take its IP and build a competing product can use an NDA to restrict the access, use, and disclosure of its IP by the third party. For example, if the company hires a contractor to develop a software application, the company can require the contractor to sign an NDA that prohibits the contractor from copying, modifying, selling, or revealing the source code or any other details of the application to anyone else3. The NDA can also specify the duration, scope, and consequences of the confidentiality obligation.