NO.25 An API developer is improving an application code to prevent DDoS attacks. The solution needs to accommodate instances of a large number of API requests coming for legitimate purposes from trustworthy services. Which solution should be implemented?

NO.26 Refer to the exhibit.

Which command was executed in PowerShell to generate this log?

NO.27 The physical security department received a report that an unauthorized person followed an authorized individual to enter a secured premise. The incident was documented and given to a security specialist to analyze. Which step should be taken at this stage?

NO.28 Refer to the exhibit. What is occurring in this packet capture?

NO.29 An engineer is going through vulnerability triage with company management because of a recent malware outbreak from which 21 affected assets need to be patched or remediated. Management decides not to prioritize fixing the assets and accepts the vulnerabilities. What is the next step the engineer should take?

NO.30 What is the difference between process orchestration and automation?

NO.31 Refer to the exhibit.

Where are the browser page rendering permissions displayed?

NO.32 Employees report computer system crashes within the same week. An analyst is investigating one of the computers that crashed and discovers multiple shortcuts in the system’s startup folder. It appears that the shortcuts redirect users to malicious URLs. What is the next step the engineer should take to investigate this case?

NO.33 What is a principle of Infrastructure as Code?

NO.34 Drag and drop the threat from the left onto the scenario that introduces the threat on the right. Not all options are used.

NO.35

Refer to the exhibit. An employee is a victim of a social engineering phone call and installs remote access software to allow an “MS Support” technician to check his machine for malware. The employee becomes suspicious after the remote technician requests payment in the form of gift cards. The employee has copies of multiple, unencrypted database files, over 400 MB each, on his system and is worried that the scammer copied the files off but has no proof of it. The remote technician was connected sometime between 2:00 pm and 3:00 pm over https. What should be determined regarding data loss between the employee’s laptop and the remote technician’s system?

NO.36 Refer to the exhibit.

An engineer is performing static analysis of a file received and reported by a user. Which risk is indicated in this STIX?

NO.37 What is a limitation of cyber security risk insurance?

NO.38 How does Wireshark decrypt TLS network traffic?

NO.39 An organization is using a PKI management server and a SOAR platform to manage the certificate lifecycle. The SOAR platform queries a certificate management tool to check all endpoints for SSL certificates that have either expired or are nearing expiration. Engineers are struggling to manage problematic certificates outside of PKI management since deploying certificates and tracking them requires searching server owners manually. Which action will improve workflow automation?

NO.40 Refer to the exhibit.

What is occurring in this packet capture?

NO.41 Refer to the exhibit.

The Cisco Secure Network Analytics (Stealthwatch) console alerted with “New Malware Server Discovered” and the IOC indicates communication from an end-user desktop to a Zeus C&C Server. Drag and drop the actions that the analyst should take from the left into the order on the right to investigate and remediate this IOC.