- All Exams Instant Download
Which of the following would be the MOST acceptable?
An organization with a low tolerance for user inconvenience wants to protect laptop hard drives against loss or data theft. Which of the following would be the MOST acceptable?A . SEDB . HSMC . DLPD . TPMView AnswerAnswer: A
Which of the following should the engineer employ to meet these requirements?
A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet....
In which of the following risk management strategies would cybersecurity insurance be used?
In which of the following risk management strategies would cybersecurity insurance be used?A . TransferenceB . AvoidanceC . AcceptanceD . MitigationView AnswerAnswer: A
Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)
Which of the following are the MOST likely vectors for the unauthorized inclusion of vulnerable code in a software company’s final software releases? (Select TWO.)A . Unsecure protocolsB . Use of penetration-testing utilitiesC . Weak passwordsD . Included third-party librariesE . Vendors/supply chainF . Outdated anti-malware softwareView AnswerAnswer: D,E
Which of the following will the company MOST likely review to trace this transaction?
After a ransomware attack a forensics company needs to review a cryptocurrency transaction between the victim and the attacker. Which of the following will the company MOST likely review to trace this transaction?A . The public ledgerB . The NetFlow dataC . A checksumD . The event logView AnswerAnswer: A
Which of the following should the network security manager consult FIRST to determine a priority list for forensic review?
After reading a security bulletin, a network security manager is concerned that a malicious actor may have breached the network using the same software flaw. The exploit code is publicly available and has been reported as being used against other industries in the same vertical. Which of the following should...
Which of the following BEST explains the difference between a data owner and a data custodian?
Which of the following BEST explains the difference between a data owner and a data custodian?A . The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the dataB . The data owner is...
Which of the following control types is an IDS?
A network administrator has been asked to install an IDS to improve the security posture of an organization. Which of the following control types is an IDS?A . CorrectiveB . PhysicalC . DetectiveD . AdministrativeView AnswerAnswer: C Explanation: IDS = Intrusion Detection System. It is passive and only notifies instead...
Which of the following files should be given to the forensics firm?
A malicious actor recently penetration a company’s network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know was in the memory on the compromised server. Which of the following files should be given to the forensics firm?A . SecurityB . ApplicationC . DumpD . SyslogView...
Which of the following solutions would meet the requirements?
An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include: ✑ Check-in/checkout of credentials ✑ The ability to use but not know the password ✑ Automated password changes ✑ Logging of access to credentials Which of the following solutions would meet...
