An analyst receives alerts that state the following traffic was identified on the perimeter network firewall:

Which of the following best describes the indicator of compromise that triggered the alerts?

SOCは、従業員の認証情報がダークウェブ上で発見されたという脅威インテリジェンス通知を受け取りました。ユーザーのウェブおよびログインアクティビティを精査し、悪意のある接続や異常な接続、データのアップロード／ダウンロード、エクスプロイトの有無を確認しました。コントロールのレビューにより、多要素認証が有効になっていることが確認されました。ビジネスネットワークと資産への影響を軽減するために、まず以下のどれを実施すべきでしょうか？

A security analyst is working on a server patch management policy that will allow the infrastructure team to be informed more quickly about new patches. Which of the following would most likely be required by the infrastructure team so that vulnerabilities can be remediated quickly? (Choose two.)

セキュリティアナリストは、1時間以内に予期しない送信元からWebアプリケーションサーバーに向けて大量のSYNフラグが送信されたことを確認しました。トラフィックにはエクスプロイトシグネチャのフラグは付いていません。
次のシナリオのうち、このアクティビティを最もよく表すものはどれですか?

A security analyst performs various types of vulnerability scans. Review the vulnerability scan results to determine the type of scan that was executed and if a false positive occurred for each device.
Instructions:
Select the Results Generated drop-down option to determine if the results were generated from a credentialed scan, non-credentialed scan, or a compliance scan.
For ONLY the credentialed and non-credentialed scans, evaluate the results for false positives and check the findings that display false positives. NOTE: If you would like to uncheck an option that is currently selected, click on the option a second time.
Lastly, based on the vulnerability scan results, identify the type of Server by dragging the Server to the results.
The Linux Web Server, File-Print Server and Directory Server are draggable.
If at any time you would like to bring back the initial state of the simulation, please select the Reset All button.
When you have completed the simulation, please select the Done button to submit. Once the simulation is submitted, please select the Next button to continue.