Question 9 of 10 A financial institution's security analyst must discover any active threats to the network. The analyst relies on the OSSTMM and OWASP Testing Guide to effectively monitor and analyze these threats. After receiving an alert regarding a potential spear -phishing attack, what should be the analyst's initial priority when evaluating the situation? Detecting threat markers and weaknesses Assessing the company's security protocols and procedures. Implementing security measures recommended by the OSSTMM Evaluating the organization's web applications for security vulnerabilities

The correct answer is: Assessing the company's security protocols and procedures.<br /><br />Explanation: When evaluating a potential spear-phishing attack, the analyst's initial priority should be to assess the company's security protocols and procedures. This involves reviewing the organization's security policies, access controls, and incident response plans to determine if there are any gaps or weaknesses that could be exploited by the attacker. By understanding the company's security posture, the analyst can identify areas that need improvement and take appropriate actions to mitigate the threat.