Question 40


The Chief Information Security Officer (CISO) has asked the security team to determine whether the organization is susceptible to a zero-day exploit utilized in the banking industry and whether attribution is possible. The CISO has asked what process would be utilized to gather the information, and then wants to apply signatureless controls to stop these kinds of attacks in the future. Which of the following are the MOST appropriate ordered steps to take to meet the CISO’s request?

A.     1. Perform the ongoing research of the best practices

2. Determine current vulnerabilities and threats

3. Apply Big Data techniques

4. Use antivirus control

B.     1. Apply artificial intelligence algorithms for detection

2. Inform the CERT team

3. Research threat intelligence and potential adversaries

4. Utilize threat intelligence to apply Big Data techniques

C.     1. Obtain the latest IOCs from the open source repositories

2. Perform a sweep across the network to identify positive matches

3. Sandbox any suspicious files

4. Notify the CERT team to apply a future proof threat model

D.     1. Analyze the current threat intelligence

2. Utilize information sharing to obtain the latest industry IOCs

3. Perform a sweep across the network to identify positive matches

4. Apply machine learning algorithms

Correct Answer: C