A security analyst is reviewing web-application logs and finds the following log:

Which of the following attacks is being observed?


A. Directory traversal
B. XSS
C. CSRF
D. On-path attack

Which of the following explains why RTO is included in a BIA?


A. It identifies the amount of allowable downtime for an application or system.
B. It prioritizes risks so the organization can allocate resources appropriately.
C. It monetizes the loss of an asset and determines a break-even point for risk mitigation.
D. It informs the backup approach so that the organization can recover data to a known time.

A security analyst is evaluating the risks of authorizing multiple security solutions to collect data from the
company's cloud environment. Which of the following is an immediate consequence of these integrations?


A. Non-compliance with data sovereignty rules
B. Loss of the vendor's interoperability support
C. Mandatory deployment of a SIEM solution
D. Increase in the attack surface

Which of the following is a security best practice that ensures the integrity of aggregated log files within a
SIEM?


A. Set up hashing on the source log file servers that complies with local regulatory requirements.
B. Back up the aggregated log files at least two times a day or as stated by local regulatory requirements.
C. Write protect the aggregated log files and move them to an isolated server with limited access.
D. Back up the source log files and archive them for at least six years or in accordance with local regulatory
requirements.

A Chief Information Security Officer has defined resiliency requirements for a new data center architecture. The
requirements are as follows:
Critical fileshares will remain accessible during and after a natural disaster.
Five percent of hard disks can fail at any given time without impacting the data.
Systems will be forced to shut down gracefully when battery levels are below 20%.
Which of the following are required to BEST meet these objectives? (Choose three.)


A. Fiber switching
B. IaC
C. NAS
D. RAID
E. UPS
F. Redundant power supplies
G. Geographic dispersal
H. Snapshots
I. Load balancing

The president of a regional bank likes to frequently provide SOC tours to potential investors. Which of the
following policies BEST reduces the risk of malicious activity occurring after a tour?


A. Password complexity
B. Acceptable use
C. Access control
D. Clean desk

A company has a flat network in the cloud. The company needs to implement a solution to segment its
production and non-production servers without migrating servers to a new network. Which of the following
solutions should the company implement?


A. Intranet
B. Screened subnet
C. VLAN segmentation
D. Zero Trust

Which of the following can work as an authentication method and as an alerting mechanism for unauthorized
access attempts?


A. Smart card
B. Push notifications
C. Attestation service
D. HMAC-based, one-time password

A security analyst has been tasked with ensuring all programs that are deployed into the enterprise have been
assessed in a runtime environment. Any critical issues found in the program must be sent back to the
developer for verification and remediation. Which of the following BEST describes the type of assessment
taking place?


A. Input validation
B. Dynamic code analysis
C. Fuzzing
D. Manual code review

A company is required to continue using legacy software to support a critical service. Which of the following
BEST explains a risk of this practice?


A. Default system configuration
B. Unsecure protocols
C. Lack of vendor support
D. Weak encryption