QUESTION: 153

A security analyst has received the following alert snippet from the HIDS appliance:

Given the above logs, which of the following is the cause of the attack?

The TCP ports on destination are all open
FIN, URG, and PSH flags are set in the packet header
TCP MSS is configured improperly
There is improper Layer 2 segmentation

Answer(s): B

Reveal Solution Next Question

A security analyst reviews the following output:

The analyst loads the hash into the SIEM to discover if this hash is seen in other parts of the network.

After inspecting a large number of files, the security analyst reports the following:

Which of the following is the MOST likely cause of the hash being found in other areas?

Jan Smith is an insider threat
There are MD5 hash collisions
The file is encrypted
Shadow copies are present

Answer(s): B

Reveal Solution Next Question

QUESTION: 155

A company's AUP requires:
Passwords must meet complexity requirements.
Passwords are changed at least once every six months.
Passwords must be at least eight characters long.
An auditor is reviewing the following report:

Which of the following controls should the auditor recommend to enforce the AUP?

Account lockout thresholds
Account recovery
Password expiration
Prohibit password reuse

Answer(s): C

Reveal Solution Next Question

QUESTION: 156

An organization's primary datacenter is experiencing a two-day outage due to an HVAC malfunction. The node located in the datacenter has lost power and is no longer operational, impacting the ability of all users to connect to the alternate datacenter.
Which of the following BIA concepts BEST represents the risk described in this scenario?

SPoF
RTO
MTBF
MTTR

Answer(s): A

Reveal Solution Next Question

Free RC0-501 Exam Braindumps (page: 40)

QUESTION: 153

QUESTION: 154

QUESTION: 155

QUESTION: 156

RC0-501 Discussions & Posts