DRAG DROP

Drag and drop the cloud computing service descriptions from the left onto the cloud service categories on the right.

Select and Place:

DRAG DROP

Drag and drop the function on the left onto the mechanism on the right.

Select and Place:

A European-based advertisement company collects tracking information from partner websites and stores it on a local server to provide tailored ads. Which standard must the company follow to safeguard the resting data?

A. HIPAA

B. PCI-DSS

C. Sarbanes-Oxley

D. GDPR

An organization had a breach due to a phishing attack. An engineer leads a team through the recovery phase of the incident response process. Which action should be taken during this phase?

A. Host a discovery meeting and define configuration and policy updates

B. Update the IDS/IPS signatures and reimage the affected hosts

C. Identify the systems that have been affected and tools used to detect the attack

D. Identify the traffic with data capture using Wireshark and review email filters

A SIEM tool fires an alert about a VPN connection attempt from an unusual location. The incident response team validates that an attacker has installed a remote access tool on a user's laptop while traveling. The attacker has the user's credentials and is attempting to connect to the network.

What is the next step in handling the incident?

A. Block the source IP from the firewall

B. Perform an antivirus scan on the laptop

C. Identify systems or services at risk

D. Identify lateral movement

Refer to the exhibit. Where does it signify that a page will be stopped from loading when a scripting attack is detected?

A. x-frame-options

B. x-content-type-options

C. x-xss-protection

D. x-test-debug

An engineer is developing an application that requires frequent updates to close feedback loops and enable teams to quickly apply patches. The team wants their code updates to get to market as often as possible. Which software development approach should be used to accomplish these goals?

A. continuous delivery

B. continuous integration

C. continuous deployment

D. continuous monitoring

A SOC analyst detected a ransomware outbreak in the organization coming from a malicious email attachment. Affected parties are notified, and the incident response team is assigned to the case. According to the NIST incident response handbook, what is the next step in handling the incident?

A. Create a follow-up report based on the incident documentation.

B. Perform a vulnerability assessment to find existing vulnerabilities.

C. Eradicate malicious software from the infected machines.

D. Collect evidence and maintain a chain-of-custody during further analysis.

An engineer detects an intrusion event inside an organization's network and becomes aware that files that contain personal data have been accessed. Which action must be taken to contain this attack?

A. Disconnect the affected server from the network.

B. Analyze the source.

C. Access the affected server to confirm compromised files are encrypted.

D. Determine the attack surface.

Refer to the exhibit. Two types of clients are accessing the front ends and the core database that manages transactions, access control, and atomicity. What is the threat model for the SQL database?

A. An attacker can initiate a DoS attack.

B. An attacker can read or change data.

C. An attacker can transfer data to an external server.

D. An attacker can modify the access logs.