- All Exams Instant Download
Which of the following policies should the CISO use to prevent someone from using the exfilltrated credentials?
A report delivered to the Chief Information Security Officer (CISO) shows that some user credentials could be exfilltrated. The report also indicates that users tend to choose the same credentials on different systems and applications. Which of the following policies should the CISO use to prevent someone from using the...
Which of the following will the company MOST likely reference for guidance during this change?
Due to unexpected circumstances, an IT company must vacate its main office, forcing all operations to alternate, off-site locations. Which of the following will the company MOST likely reference for guidance during this change?A . The business continuity plan B. The retention policy C. The disaster recovery plan D. The...
Which of the following MOST likely explains this behavior?
A security analyst is receiving numerous alerts reporting that the response time of an internet-facing application has been degraded However, the internal network performance was not degraded. Which of the following MOST likely explains this behavior?A . DNS poisoning B. MAC flooding C. DDoS attack D. ARP poisoningView AnswerAnswer: C
Which of the following risks would this training help to prevent?
A company is providing security awareness training regarding the importance of not forwarding social media messages from unverified sources. Which of the following risks would this training help to prevent?A . Hoaxes B. SPIMs C. Identity fraud D. Credential harvestingView AnswerAnswer: A Explanation: Hoax A hoax is a falsehood deliberately...
Which of the following would be the BEST way to analyze diskless malware that has infected a VDI?
Which of the following would be the BEST way to analyze diskless malware that has infected a VDI?A . Shut down the VDI and copy off the event logs. B. Take a memory snapshot of the running system. C. Use NetFlow to identify command-and-control IPs. D. Run a full on-demand...
Which of the following should the organization use to compare biometric solutions?
An organization wants to implement a biometric system with the highest likelihood that an unauthorized user will be denied access. Which of the following should the organization use to compare biometric solutions?A . FRR B. Difficulty of use C. Cost D. FAR E. CERView AnswerAnswer: A
Which of the following organizations sets frameworks and controls for optimal security configuration on systems?
Which of the following organizations sets frameworks and controls for optimal security configuration on systems?A . ISO B. GDPR C. PCI DSS D. NISTView AnswerAnswer: D
Which of the following options BEST fulfils the architect’s requirements?
DDoS attacks are causing an overload on the cluster of cloud servers. A security architect is researching alternatives to make the cloud environment respond to load fluctuation in a cost-effective way. Which of the following options BEST fulfils the architect’s requirements?A . An orchestration solution that can adjust scalability of...
Which of the following backup types should be used?
A security forensics analyst is examining a virtual server. The analyst wants to preserve the present state of the virtual server, including memory contents. Which of the following backup types should be used?A . Snapshot B. Differential C. Cloud D. Full E. IncrementalView AnswerAnswer: A
Which of the following is the BEST solution to meet the requirement?
The database administration team is requesting guidance for a secure solution that will ensure confidentiality of cardholder data at rest only in certain fields in the database schema. The requirement is to substitute a sensitive data field with a non-sensitive field that is rendered useless if a data breach occurs....
