Which of the following actions should the application team take?
An Organization requires secure configuration baselines for all platforms and technologies that are used. If any system cannot conform to the secure baseline, the organization must process a risk acceptance and receive approval before the system is placed into production. It may have non-conforming systems in its lower environments (development...
Which of the following has occurred?
Joe, an employee, asks a coworker how long ago Ann started working at the help desk. The coworker expresses surprise since nobody named Ann works at the help desk. Joe mentions that Ann called several people in the customer service department 10 help reset their passwords over the phone due...
Which of the following configurations should be implemented?
An organization requires that all workstations he issued client computer certificates from the organization‘s PKI. Which of the following configurations should be implemented?A . EAP-PEAPB . LEAPC . EAP-TLSD . EAP-FAST/MSCHAPv2E . EAP-MD5View AnswerAnswer: C
Which of the following is MOST likely the situation?
A computer forensics team is performing an integrity check on key systems files. The team is comparing the signatures of original baseline files with the latest signatures. The original baseline was taken on March 2, 2016. and was established to be clean of malware and uncorrupted. The latest tile signatures...
Which of the following security concepts is the systems administrator implementing?
A systems administrator has created network file shares for each department with associated security groups for each role within the organization. Which of the following security concepts is the systems administrator implementing?A . Separation of dutiesB . Permission auditingC . Least privilegeD . Standard naming conventionView AnswerAnswer: A
Which of the following vulnerabilities is the MOST likely cause of this data breach?
Confidential corporate data was recently stolen by an attacker who exploited data transport protections. Which of the following vulnerabilities is the MOST likely cause of this data breach?A . Resource exhaustion on the VPN concentratorsB . Weak SSL cipher strengthC . Improper input handling on the FTP siteD . Race...
Which of the following should be used to mitigate this risk in the future?
An organization was recently compromised by an attacker who used a server certificate with the company's domain issued by an irrefutable CA. Which of the following should be used to mitigate this risk in the future? A. OCSP B. DNSSEC C. Corticated pinning D. Key escrowView AnswerAnswer: B
Which of the following should the technician implement to BEST reduce the risk of this happening in the future?
A company uses WPA2-PSK, and it appears there are multiple unauthorized connected to the wireless network. A technician suspects this is because the wireless passwords has been shared with unauthorized individuals. Which of the following should the technician implement to BEST reduce the risk of this happening in the future?A...
Which of the following MOST likely occurred to produce this output?
A security analyst receives the following output Which of the following MOST likely occurred to produce this output?A . The host-based firewall prevented an attack from a Trojan horseB . USB-OTG prevented a file from being uploaded to a mobile deviceC . The host DLP prevented a file from being...
Which of the following tools can be used to fulfill the requirements that were established by the engineer?
A security engineer needs to obtain a recurring log of changes to system files. The engineer is most concerned with detecting unauthorized changes to system data. Which of the following tools can be used to fulfill the requirements that were established by the engineer?A . TPMB . Trusted operating systemC...
 
	