An information security analyst on a threat-hunting team is working with administrators to create a hypothesis related to an internally developed web application. The working hypothesis is as follows: Due to the nature of the industry, the application hosts sensitive data associated with many clients and is a significant target. The platform is most likely vulnerable to poor patching and inadequate server hardening, which expose vulnerable services. The application is likely to be targeted with SQL injection attacks due to the large number of reporting capabilities within the application. As a result, the systems administrator upgrades outdated service applications and validates the endpoint configuration against an industry benchmark. The analyst suggests developers receive additional training on implementing identity and access management, and also implements a WAF to protect against SQL injection attacks. Which of the following BEST represents the technique in use?
A) Improving detection capabilities
B) Bundling critical assets
C) Profiling threat actors and activities
D) Reducing the attack surface area
Correct Answer:
Verified
Q128: A custom script currently monitors real-time logs
Q129: A security analyst is investigating malicious traffic
Q130: A security analyst is scanning the network
Q131: A security analyst is reviewing the following
Q132: An analyst is reviewing the following code
Q134: Which of the following should a database
Q135: A large organization wants to move account
Q136: An organization wants to move non-essential services
Q137: An analyst is searching a log for
Q138: A security analyst is required to stay
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents