Due to continued support of legacy applications, an organization's enterprise password complexity rules are inadequate for its required security posture. Which of the following is the BEST compensating control to help reduce authentication compromises?

A. Smart cards
B. Multifactor authentication
C. Biometrics
D. Increased password-rotation frequency

A security analyst notices the following entry while reviewing the server logs:
OR 1=1' ADD USER attacker' PW 1337password' —
Which of the following events occurred?

A. CSRF
B. XSS
C. SQLi
D. RCE

The Chief Information Officer (CIO) of a large healthcare institution is concerned about all machines having direct access to sensitive patient information. Which of the following should the security analyst implement to BEST mitigate the risk of sensitive data exposure?

A. A cloud access service broker system
B. NAC to ensure minimum standards are met
C. MFA on all workstations
D. Network segmentation

Which of the following will allow different cloud instances to share various types of data with a minimal amount of complexity?

A. Reverse engineering
B. Application log collectors
C. Workflow orchestration
D. API integration
E. Scripting

A security analyst received a series of antivirus alerts from a workstation segment, and users reported ransomware messages. During lessons-learned activities, the analyst determines the antivirus was able to alert to abnormal behavior but did not stop this newest variant of ransomware. Which of the following actions should be taken to BEST mitigate the effects of this type of threat in the future?

A. Enabling sandboxing technology
B. Purchasing cyber insurance
C. Enabling application blacklisting
D. Installing a firewall between the workstations and internet

An analyst performs a routine scan of a host using Nmap and receives the following output:

Which of the following should the analyst investigate FIRST?

A. Port 21
B. Port 22
C. Port 23
D. Port 80

An organization has the following policies:

Services must run on standard ports.
Unneeded services must be disabled.
The organization has the following servers:
192.168.10.1 – web server
192.168.10.2 – database server
A security analyst runs a scan on the servers and sees the following output:
Which of the following actions should the analyst take?

A. Disable HTTPS on 192.168.10.1.
B. Disable IIS on 192.168.10.1.
C. Disable DNS on 192.168.10.2.
D. Disable MSSQL on 192.168.10.2.
E. Disable SSH on both servers.

SIMULATION
Welcome to the Enterprise Help Desk System. Please work the ticket escalated to you in the help desk ticket queue.
INSTRUCTIONS
Click on the ticket to see the ticket details. Additional content is available on tabs within the ticket.
First, select the appropriate issue from the drop-down menu. Then, select the MOST likely root cause from second drop-down menu.

HOTSPOT
A security analyst performs various types of vulnerability scans.
Review the vulnerability scan results to determine the type of scan that was executed and if a false positive occurred for each device.
INSTRUCTIONS
Select the Results Generated drop-down option to determine if the results were generated from a credentialed scan, non-credentialed scan, or a compliance scan.
For ONLY the credentialed and non-credentialed scans, evaluate the results for False Positives and check the Findings that display false positives.
NOTE: If you would like to uncheck an option that is currently selected, click on the option a second time.
Lastly, based on the vulnerability scan results, identify the type of Server by dragging the Server to the results.
The Linux Web Server, File-Print Server, and Directory Server are draggable.
Hot Area:

A security analyst has received a report that servers are no longer able to connect to the network. After many hours of troubleshooting, the analyst determines a Group Policy Object is responsible for the network connectivity issues. Which of the following solutions should the security analyst recommend to prevent an interruption of service in the future?

A. CI/CD pipeline
B. Impact analysis and reporting
C. Appropriate network segmentation
D. Change management process