Question 1
Which of the following best describes the threat concept in which an organization works to ensure that all network users only open attachments from known sources?
Question 2
Which of the following is described as a method of enforcing a security policy between cloud customers and cloud services?
Question 3
Which of the following is the most important reason for an incident response team to develop a formal incident declaration?
Question 4
Which of the following items should be included in a vulnerability scan report? (Choose two.)
Question 5
A SOC analyst observes reconnaissance activity from an IP address. The activity follows a pattern of short bursts toward a low number of targets. An open-source review shows that the IP has a bad reputation. The perimeter firewall logs indicate the inbound traffic was allowed. The destination hosts are high-value assets with EDR agents installed. Which of the following is the best action for the SOC to take to protect against any further activity from the source IP?
