1. Which of the following terms best describes an effort to manage and integrate multiple disparate security automation processes and tools?

2. Tala is a cybersecurity analyst who must analyze a suspicious application before allowing it to run on the network. She needs to make sure it does not interact with any other systems and cause any potential harm. Which of the following should Tala implement to examine the application?

3. Tala is a cybersecurity analyst who must analyze a suspicious application before allowing it to run on the network. She needs to make sure it does not interact with any other systems and cause any potential harm. Which of the following should Tala implement to examine the application?

4. Ethan is implementing a firewall solution for a sensitive internal network. The resources he is protecting contain sensitive web-based accounting applications that should not be accessible by any other users outside of the accounting department. Which of the following firewall solutions should he consider?

5. Rico is a cybersecurity analyst who is trying to perform analysis on unusual traffic patterns. The traffic does not match any known patterns and is not within the normal baseline of the organization's network traffic. Which of the following types of analysis would be best suited for Rico to use to match this abnormal traffic with characteristics of known attack methods?

6. Rico is a cybersecurity analyst who is trying to perform analysis on unusual traffic patterns. The traffic does not match any known patterns and is not within the normal baseline of the organization's network traffic. Which of the following types of analysis would be best suited for Rico to use to match this abnormal traffic with characteristics of known attack methods?

7. Evie is a cybersecurity analyst who has discovered some potential threats on the network. She is trying to put together information about the characteristics of the threat and information about the threat actor as well as to discover some of their tactics and techniques. What is this process called?

8. Ethan is implementing a firewall solution for a sensitive internal network. The resources he is protecting contain sensitive web-based accounting applications that should not be accessible by any other users outside of the accounting department. Which of the following firewall solutions should he consider?

9. Sam is a cybersecurity analyst who has been performing threat hunting on his infrastructure and has discovered some disturbing issues with the ability of the organization to detect potential threats. Which of the following actions should he take?

10. Jared is a cybersecurity analyst tasked with determining which applications should be allowed to run on the company's network. Jared has selected a list of applications that should be allowed and determined that no one else should be able to run additional applications without going through an extensive approval process. Which of the following should Jared implement?

11. Joseph is examining raw data obtained from various log files and other sources within his network. However, it is very difficult for him to analyze what this data means without understanding why and how it was created and how it relates to various potential threats and vulnerabilities. Which of the following would allow Joseph to view this data in a much more productive way, allowing him to perform a more comprehensive analysis of the raw data?

12. You are a cybersecurity analyst tasked with ensuring vulnerability scans begin at specified times of the night throughout the week. The vulnerability scanning software you are using does not allow for scheduled tasks. Which of the following would be the most efficient method for scheduling and executing the vulnerability scans at the prescribed times?

13. Ben is analyzing different attack surfaces in his organization. Which of the following should he do on individual hosts to reduce their attack surface?

14. Which of the following terms best describes an effort to manage and integrate multiple disparate security automation processes and tools?

15. Barney is a cybersecurity analyst who is attempting to configure network devices to prevent any potential malware from broadcasting outside the organization's network to an Internet command-and-control server. When he first analyzes a potential piece of malware, he sees that it is configured to send messages to a specific domain, which he promptly blocks. Several weeks later, he detects that same piece of malware on the network, as well as network traffic that indicates it is messaging a malicious server on the Internet. Which the following techniques did the malware most likely used to achieve this?

16. Amie is upgrading the organization's e-mail server and wants to include several security technologies in the implementation. She is looking at a specific technology that provides a method for recipients to verify messages by publishing the organization's public key to DNS records, which can be queried and verified by e-mail recipients. Which of the following technologies is Amie considering?

17. Ben is analyzing different attack surfaces in his organization. Which of the following should he do on individual hosts to reduce their attack surface?