A large industrial system’s smart generator monitors the system status and sends alerts to third-party maintenance personnel when critical failures occur. While reviewing the network logs the company’s security manager notices the generator’s IP is sending packets to an internal file server’s IP. Which of the following mitigations would be BEST for the security...
An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:
An organization that is located in a flood zone is MOST likely to document the concerns associated with the restoration of IT operation in a:A . business continuity planB . communications plan.C . disaster recovery plan.D . continuity of operations plan View Answer Answer: C...
Which of the following is the analyst doing?
A security analyst is using a recently released security advisory to review historical logs, looking for the specific activity that was outlined in the advisory. Which of the following is the analyst doing?A . A packet captureB . A user behavior analysisC . Threat huntingD . Credentialed vulnerability scanning View Answer Answer: C Explanation:...
Which of the following ISO standards is certified for privacy?
Which of the following ISO standards is certified for privacy?A . ISO 9001B . ISO 27002C . ISO 27701D . ISO 31000 View Answer Answer: C Explanation: ISO 27701 also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data privacy. Privacy...
Which of the following refers to applications and systems that are used within an organization without consent or approval?
Which of the following refers to applications and systems that are used within an organization without consent or approval?A . Shadow ITB . OSINTC . Dark webD . Insider threats View Answer Answer: A...
Which of the following would mitigate the damage done by this type of data exfiltration in the future?
A security analyst discovers that a company username and password database was posted on an internet forum. The username and passwords are stored in plan text. Which of the following would mitigate the damage done by this type of data exfiltration in the future?A . Create DLP controls that prevent documents from leaving the...
Which of the following access control schemes BEST fits the requirements?
A system administrator needs to implement an access control scheme that will allow an object’s access policy be determined by its owner. Which of the following access control schemes BEST fits the requirements?A . Role-based access controlB . Discretionary access controlC . Mandatory access controlD . Attribute-based access control View Answer Answer: B...
Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop?
A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi to check emails and update reports. Which of the following would be BEST to prevent other devices on the network from directly accessing the laptop? (Choose two.)A . Trusted Platform ModuleB . A host-based firewallC . A DLP solutionD...
Which of the following BEST indicates that valid credentials were used?
A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?A . The scan results show open ports, protocols, and services exposed on the target hostB . The scan enumerated software versions of installed programsC . The scan produced a...
Which of the following should administrator implement to protect the environment from this malware?
Joe, a user at a company, clicked an email link led to a website that infected his workstation. Joe, was connected to the network, and the virus spread to the network shares. The protective measures failed to stop this virus, and It has continues to evade detection. Which of the following should administrator implement...