CAS-003 문제 206
The SOC is reviewing processes and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?
CAS-003 문제 207
민감한 데이터 유출에 대해 우려하는 보안 분석가는 다음을 검토합니다.
다음 중 분석가가 데이터 유출이 발생하는지 확인할 수 있는 도구는 무엇입니까?
다음 중 분석가가 데이터 유출이 발생하는지 확인할 수 있는 도구는 무엇입니까?
CAS-003 문제 208
A security engineer must establish a method to assess compliance with company security policies as they apply to the unique configuration of individual endpoints, as well as to the shared configuration policies of common devices.
Which of the following tools is the security engineer using to produce the above output?
Which of the following tools is the security engineer using to produce the above output?
CAS-003 문제 209
The administrator is troubleshooting availability issues on an FCoE-based storage array that uses deduplication. The single controller in the storage array has failed, so the administrator wants to move the drives to a storage array from a different manufacturer in order to access the data.
Which of the following issues may potentially occur?
Which of the following issues may potentially occur?
CAS-003 문제 210
A security administrator is concerned about the increasing number of users who click on malicious links contained within phishing emails. Although the company has implemented a process to block these links at the network perimeter, many accounts are still becoming compromised. Which of the following should be implemented for further reduce the number of account compromises caused by remote users who click these links?