Question: 1
A security analyst receives an alert from the company's S1EM that anomalous activity is coming from a local source IP address of 192 168 34.26 The Chief Information Security Officer asks the analyst to block the originating source Several days later another employee opens an internal ticket stating that vulnerability scans are no longer being performed property. The IP address the employee provides is 192 168.34 26. Which of the following describes this type of alert?
Question: 2
A candidate attempts to go to but accidentally visits http://comptiia.org. The malicious website looks exactly like the legitimate website. Which of the following best describes this type of attack?
Question: 3
Which of the following processes would most likely help an organization that has conducted an incident response exercise to improve performance and identify challenges?
Question: 4
A systems analyst is responsible for generating a new digital forensics chain-of-custody form. Which of the following should the analyst include in this documentation? (Choose two.)
Question: 5
A network engineer at a company with a web server is building a new web environment with the following requirements:
Only one web server at a time can service requests.
If the primary web server fails, a failover needs to occur to ensure the secondary web server becomes the primary.
Which of the following load-balancing options BEST fits the requirements?