- All Exams Instant Download
Which of the following would MOST likely meet the organizations requirement?
An organization wants to participate in threat intelligence information sharing with peer groups. Which of the following would MOST likely meet the organizations requirement?A . Perform OSINT investigations B. Subscribe to threat intelligence feeds C. Submit RFCs D. Implement a TAXII serverView AnswerAnswer: B
Which of the following is the BEST remediation strategy?
A security analyst is concerned about critical vulnerabilities that have been detected on some applications running inside containers. Which of the following is the BEST remediation strategy?A . Update the base container image and redeploy the environment B. Include the containers in the regular patching schedule for servers C. Patch...
A SOC operator is analyzing a log file that contains the following entries:
A SOC operator is analyzing a log file that contains the following entries: A . SQL injection and improper input-handling attempts B. Cross-site scripting and resource exhaustion attempts C. Command injection and directory traversal attempts D. Error handling and privilege escalation attemptsView AnswerAnswer: C
Which of the following should the organization consider before implementation?
An organization is migrating several SaaS applications that support SSO. The security manager wants to ensure the migration is completed securely. Which of the following should the organization consider before implementation? (Select TWO).A . The back-end directory source B. The identity federation protocol C. The hashing method D. The encryption...
Which of the following BEST describes what the administrator is being advised to do?
An administrator needs to protect user passwords and has been advised to hash the passwords. Which of the following BEST describes what the administrator is being advised to do?A . Perform a mathematical operation on the passwords that will convert them into unglue stings B. Add extra data to the...
Which of the following is assured when a user signs an email using a private key?
Which of the following is assured when a user signs an email using a private key?A . Non-repudiation B. Confidentiality C. Availably D. AuthenticationView AnswerAnswer: A Explanation: Non Repudiation is your virtual John Hancock. It's a way of virtually stamping any data or document with "I am who I say...
Which of the following would be the MOST prudent course of action?
A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility...
Which of the following will the company MOST likely reference for guidance during this change?
Due to unexpected circumstances, an IT company must vacate its main office, forcing all operations to alternate, off-site locations. Which of the following will the company MOST likely reference for guidance during this change?A . The business continuity plan B. The retention policy C. The disaster recovery plan D. The...
Which of the following is the BEST security solution to reduce this risk?
The Chief Information Security Officer directed a nsk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access. Which of the following is the BEST security solution to reduce this risk?A . CASB B. VPN concentrator C. MFA D. VPC...
For this reason which of the following features should the security team prioritize FIRST?
An amusement park is implementing a btomelnc system that validates customers' fingerpnnts to ensure they are not sharing tickets. The park's owner values customers above all and would prefer customers' convenience over security For this reason which of the following features should the security team prioritize FIRST?A . Low FAR...
