- All Exams Instant Download
Which of the following can be used to accomplish this task?
An engineer recently deployed a group of 100 web servers in a cloud environment. Per the security policy, all web-server ports except 443 should be disabled. Which of the following can be used to accomplish this task?A . Application allow list B. SWG C. Host-based firewall D. VPNView AnswerAnswer: B
Which of the following risk management practices does the BEST describe?
The board of doctors at a company contracted with an insurance firm to limit the organization’s liability. Which of the following risk management practices does the BEST describe?A . Transference B. Avoidance C. Mitigation D. AcknowledgementView AnswerAnswer: A
Which of the following control Types would be BEST to use in an accounting department to reduce losses from fraudulent transactions?
Which of the following control Types would be BEST to use in an accounting department to reduce losses from fraudulent transactions?A . Recovery B. Deterrent C. Corrective D. DetectiveView AnswerAnswer: C Explanation: Corrective controls are implemented after detective controls to rectify the problem and (ideally) prevent it from happening again.
Which of the following would BEST describe the estimated number of devices to be replaced next year?
An IT manager is estimating the mobile device budget for the upcoming year Over the last five years, the number of devices that were replaced due to loss damage or theft steadily increased by 10%. Which of the following would BEST describe the estimated number of devices to be replaced...
Which of the following is a benefit of including a risk management framework into an organization's security approach?
Which of the following is a benefit of including a risk management framework into an organization's security approach?A . It defines expected service levels from participating supply chain partners to ensure system outages are remediated in a timely manner B. It identifies specific vendor products that have been tested and...
Which of the following BEST reduces the security risks introduced when running systems that have expired vendor support and lack an immediate replacement?
Which of the following BEST reduces the security risks introduced when running systems that have expired vendor support and lack an immediate replacement?A . Implement proper network access restrictions B. Initiate a bug bounty program B. Classify the system as shadow IT. C. Increase the frequency of vulnerability scansView AnswerAnswer:...
Which of the following should the company consult?
A company is auditing the manner in which its European customers' personal information is handled. Which of the following should the company consult?A . GDPR B. ISO C. NIST D. PCI DSSView AnswerAnswer: A
Which of the following is the MOST effective control against zero-day vulnerabilities?
Which of the following is the MOST effective control against zero-day vulnerabilities?A . Network segmentation B. Patch management C. Intrusion prevention system D. Multiple vulnerability scannersView AnswerAnswer: A
Which of the following will increase cryptographic security?
Which of the following will increase cryptographic security?A . High data entropy B. Algorithms that require less computing power C. Longer key longevity D. HashingView AnswerAnswer: C
In addition, which of the following should the auditor do to complete the assessment?
As part of a security compliance assessment, an auditor performs automated vulnerability scans. In addition, which of the following should the auditor do to complete the assessment?A . User behavior analysis B. Packet captures C. Configuration reviews D. Log analysisView AnswerAnswer: D Explanation: A vulnerability scanner is essentially doing that....
