Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

What is idempotence?

A.

the assurance of system uniformity throughout the whole delivery process

B.

the ability to recover from failures while keeping critical services running

C.

the necessity of setting maintenance of individual deployment environments

D.

the ability to set the target environment configuration regardless of the starting state

A security architect in an automotive factory is working on the Cyber Security Management System and is implementing procedures and creating policies to prevent attacks. Which standard must the architect apply?

A.

IEC62446

B.

IEC62443

C.

IEC62439-3

D.

IEC62439-2

Drag and drop the telemetry-related considerations from the left onto their cloud service models on the right.

An analyst received multiple alerts on the SIEM console of users that are navigating to malicious URLs. The analyst needs to automate the task of receiving alerts and processing the data for further investigations. Three variables are available from the SIEM console to include in an automation script: console_ip, api_token, and reference_set_name. What must be added to this script to receive a successful HTTP response?

#!/usr/bin/python import sys import requests

A.

{1}, {2}

B.

{1}, {3}

C.

console_ip, api_token

D.

console_ip, reference_set_name

A SOC team receives multiple alerts by a rule that detects requests to malicious URLs and informs the incident response team to block the malicious URLs requested on the firewall. Which action will improve the effectiveness of the process?

A.

Block local to remote HTTP/HTTPS requests on the firewall for users who triggered the rule.

B.

Inform the user by enabling an automated email response when the rule is triggered.

C.

Inform the incident response team by enabling an automated email response when the rule is triggered.

D.

Create an automation script for blocking URLs on the firewall when the rule is triggered.

A new malware variant is discovered hidden in pirated software that is distributed on the Internet. Executives have asked for an organizational risk assessment. The security officer is given a list of all assets. According to NIST, which two elements are missing to calculate the risk assessment? (Choose two.)

A.

incident response playbooks

B.

asset vulnerability assessment

C.

report of staff members with asset relations

D.

key assets and executives

E.

malware analysis report

Drag and drop the actions below the image onto the boxes in the image for the actions that should be taken during this playbook step. Not all options are used.

A cloud engineer needs a solution to deploy applications on a cloud without being able to manage and control the server OS. Which type of cloud environment should be used?

A.

IaaS

B.

PaaS

C.

DaaS

D.

SaaS

Refer to the exhibit.

An employee is a victim of a social engineering phone call and installs remote access software to allow an “MS Support” technician to check his machine for malware. The employee becomes suspicious after the remote technician requests payment in the form of gift cards. The employee has copies of multiple, unencrypted database files, over 400 MB each, on his system and is worried that the scammer copied the files off but has no proof of it. The remote technician was connected sometime between 2:00 pm and 3:00 pm over https. What should be determined regarding data loss between the employee’s laptop and the remote technician’s system?

A.

No database files were disclosed

B.

The database files were disclosed

C.

The database files integrity was violated

D.

The database files were intentionally corrupted, and encryption is possible

A company recently completed an internal audit and discovered that there is CSRF vulnerability in 20 of its hosted applications. Based on the audit, which recommendation should an engineer make for patching?

A.

Identify the business applications running on the assets

B.

Update software to patch third-party software

C.

Validate CSRF by executing exploits within Metasploit

D.

Fix applications according to the risk scores