An employee abused PowerShell commands and script interpreters, which lead to an indicator of compromise (IOC) trigger. The IOC event shows that a known malicious file has been executed, and there is an increased likelihood of a breach. Which indicator generated this IOC event?

• A.Crossrider.ioc
• B.W32 AccesschkUtility.ioc
• C.ConnectToSuspiciousDomain.ioc
• D.ExecutedMalware.ioc

Comment: *

Name: *

Email: *

Verification: *

An engineer received an alert of a zero-day vulnerability affecting desktop phones through which an attacker sends a crafted packet to a device, resets the credentials, makes the device unavailable, and allows a default administrator account login. Which step should an engineer take after receiving this alert?

• A.Implement restrictions within the VoIP VLANS
• B.Determine company usage of the affected products
• C.Search for a patch to install from the vendor
• D.Initiate a triage meeting to acknowledge the vulnerability and its potential impact

Comment: *

Name: *

Email: *

Verification: *

Drag and drop the phases to evaluate the security posture of an asset from the left onto the activity that happens during the phases on the right.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *

A Mac laptop user notices that several files have disappeared from their laptop documents folder. While looking for the files, the user notices that the browser history was recently cleared. The user raises a case, and an analyst reviews the network usage and discovers that it is abnormally high. Which step should be taken to continue the investigation?

• A.Run the w command
• B.Run the sudo sysdiagnose command
• C.Run the sh command
• D.Run the who command

Comment: *

Name: *

Email: *

Verification: *

Drag and drop the telemetry-related considerations from the left onto their cloud service models on the right.

Correct Answer:

Comment: *

Name: *

Email: *

Verification: *