A security analyst discovered that a database administrator's workstation was compromised by malware. After examining the Jogs. the compromised workstation was observed connecting to multiple databases through ODBC. The following query behavior was captured:

SELECT *

from ACCOUNTS

Where regexp '^ [0-9] {4} [- ] + [0-9] {4} [-] + [0-9] {4} $’

Assuming this query was used to acquire and exfiltrate data, which of the following types of data was compromised, and what steps should the incident response plan contain?

A. Personal health information: Inform the human resources department of the breach and review the DLP logs.

В. Account history; Inform the relationship managers of the breach and create new accounts for the affected users.

C. Customer IDs: Inform the customer service department of the breach and work to change the account numbers.

D. PAN: Inform the legal department of the breach and look for this data in dark web monitoring.

A company in the financial sector receives a substantial number of customer transaction requests via email. While doing a root-cause analysis conceding a security breach, the CIRT correlates an unusual spike in port 80 traffic from the IP address of a desktop used by a customer relations employee who has access to several of the compromised accounts. Subsequent antivirus scans of the device do not return an findings, but the CIRT finds undocumented services running on the device. Which of the following controls would reduce the discovery time for similar in the future.

Options:

A Implementing application blacklisting
B Configuring the mall to quarantine incoming attachment automatically
C Deploying host-based firewalls and shipping the logs to the SIEM
D Increasing the cadence for antivirus DAT updates to twice daily

Which of the following represents the different information formats?

1. Detail, summary, aggregate
2. Document, Presentation, spreadsheet, database
3. Individual, department, enterprise
4. none of the above

All staff at a company have started working remotely due to a global pandemic. To transition to remote work, the company has migrated to SaaS collaboration tools. The human resources department wants to use these tools to process sensitive information but is concerned the data could be:

Leaked to the media via printing of the documents

Sent to a personal email address

Accessed and viewed by systems administrators

Uploaded to a file storage site

Which of the following would mitigate the department's concerns?

Options:
A. Data loss detection, reverse proxy, EDR, and PGP
B. VDI, proxy, CASB, and DRM
C. Watermarking, forward proxy, DLP, and MFA
D. Proxy, secure VPN, endpoint encryption, and AV