Multiple Choice
A security analyst receives an email from a peer that includes a sample of code from a piece of malware found in an application running in the organization's staging environment. During the incident response process, it is determined the code was introduced into the environment as a result of a compromised laptop being used to harvest credentials and access the organization's code repository. While the laptop itself was not used to access the code repository, an attacker was able to leverage the harvested credentials from another system in the development environment to bypass the ACLs limiting access to the repositories. Which of the following controls MOST likely would have interrupted the kill chain in this attack?
A) IP whitelisting on the perimeter firewall
B) MFA for developer access
C) Dynamic analysis scans in the production environment
D) Blue team engagement in peer-review activities
E) Time-based restrictions on developer access to code repositories
Correct Answer:
Verified
Correct Answer:
Verified
Q259: Following a recent network intrusion, a company
Q260: An organization, which handles large volumes of
Q261: A forensics analyst suspects that a breach
Q262: A company has hired an external security
Q263: With which of the following departments should
Q265: A security engineer is analyzing an application
Q266: A Chief Information Security Officer (CISO) has
Q267: A government organization operates and maintains several
Q268: During a recent incident, sensitive data was
Q269: A business is growing and starting to