- All Exams Instant Download
Which of the following access control schemes would be BEST for the company to implement?
A company processes highly sensitive data and senior management wants to protect the sensitive data by utilizing classification labels . Which of the following access control schemes would be BEST for the company to implement?A . DiscretionaryB . Rule-basedC . Role-basedD . MandatoryView AnswerAnswer: D
Which of the following should the administrator use when configuring the VPN?
A network administrator would like to configure a site-to-site VPN utilizing iPSec. The administrator wants the tunnel to be established with data integrity encryption, authentication and anti- replay functions. Which of the following should the administrator use when configuring the VPN?A . AHB . EDRC . ESPD . DNSSECView AnswerAnswer:...
Which of the following would mitigate the damage done by this type of data exfiltration in the future?
A security analyst discovers that a company username and password database was posted on an internet forum. The username and passwords are stored in plan text . Which of the following would mitigate the damage done by this type of data exfiltration in the future?A . Create DLP controls that...
Which of the following should the administrator use?
A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee’s hard disk . Which of the following should the administrator use?A . ddB . chmodC . dnsenumD . loggerView AnswerAnswer: A
Which of the following certificate types would BEST meet the requirements?
A company wants to deploy PKI on its Internet-facing website. The applications that are currently deployed are: ✑ www.company.com (main website) ✑ contactus.company.com (for locating a nearby location) ✑ quotes.company.com (for requesting a price quote) The company wants to purchase one SSL certificate that will work for all the existing...
In which of the following situations would it be BEST to use a detective control type for mitigation?
In which of the following situations would it be BEST to use a detective control type for mitigation?A . A company implemented a network load balancer to ensure 99.999% availability of its web application.B . A company designed a backup solution to increase the chances of restoring services in case...
In which of the following incident response phases is the security engineer currently operating?
In the middle of a cybersecurity, a security engineer removes the infected devices from the network and lock down all compromised accounts. In which of the following incident response phases is the security engineer currently operating?A . IdentificationB . PreparationC . EradictionD . RecoveryE . ContainmentView AnswerAnswer: E
Which of the following BEST describes the attack that was attempted against the forum readers?
An analyst visits an internet forum looking for information about a tool. The analyst finds a threat that appears to contain relevant information. One of the posts says the following: Which of the following BEST describes the attack that was attempted against the forum readers?A . SOU attackB . DLL...
Which of the following describes the BEST approach for deploying application patches?
Which of the following describes the BEST approach for deploying application patches?A . Apply the patches to systems in a testing environment then to systems in a staging environment, and finally to production systems.B . Test the patches in a staging environment, develop against them in the development environment, and...
Which of the following MFA factors or attributes are being utilized in the authentication process?
A user enters a password to log in to a workstation and is then prompted to enter an authentication code . Which of the following MFA factors or attributes are being utilized in the authentication process? (Select TWO).A . Something you knowB . Something you haveC . Somewhere you areD...
