- All Exams Instant Download
Which of the following would be BEST for the third-party vendor to provide to the CISO?
The Chief Information Security Officer (CISO) has requested that a third-party vendor provide supporting documents that show proper controls are in place to protect customer data. Which of the following would be BEST for the third-party vendor to provide to the CISO?A . GDPR compliance attestation B. Cloud Security Alliance...
Which of the following is the BEST solution to adopt?
Business partners are working on a secunty mechanism lo validate transactions securely. The requirement is for one company to be responsible for deploying a trusted solution that will register and issue artifacts used to sign encrypt, and decrypt transaction files. Which of the following is the BEST solution to adopt?A...
Which of the following should the company do FIRST?
An application developer accidentally uploaded a company's code-signing certificate private key to a public web server. The company is concerned about malicious use of its certificate. Which of the following should the company do FIRST?A . Delete the private key from the repository. B. Verify the public key is not...
Which of the following BEST explains this reasoning?
During a trial, a judge determined evidence gathered from a hard drive was not admissible. Which of the following BEST explains this reasoning?A . The forensic investigator forgot to run a checksum on the disk image after creation B. The chain of custody form did not note time zone offsets...
In which of the following environments should the patch be deployed LAST?
An organization has developed an application that needs a patch to fix a critical vulnerability. In which of the following environments should the patch be deployed LAST?A . Test B. Staging C. Development D. ProductionView AnswerAnswer: A
Which of the following should the analyst do NEXT?
CORRECT TEXT A security analyst has identified malv/are spreading through the corporate network and has activated the CSIRT. Which of the following should the analyst do NEXT? AA . Review how the malware was introduced to the network B. Attempt to quarantine all infected hosts to limit further spread C....
Which of the following security controls can be implemented?
A company suspects that some corporate accounts were compromised. The number of suspicious logins from locations not recognized by the users is increasing Employees who travel need their accounts protected without the nsk of blocking legitimate login requests that may be made over new sign-in properties. Which of the following...
Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation
HOTSPOT Select the appropriate attack and remediation from each drop-down list to label the corresponding attack with its remediation. INSTRUCTIONS Not all attacks and remediation actions will be used. If at any time you would like to bring back the initial state of the simulation, please click the Reset All...
Which of the following describes this type of alert?
A security analyst receives an alert from trie company's SIEM that anomalous activity is coming from a local source IP address of 192.168.34.26. The Chief Information Security Officer asks the analyst to block the originating source Several days later, another employee opens an internal ticket stating that vulnerability scans are...
Which of the following cloud deployment strategies would BEST meet this need?
Several universities are participating m a collaborative research project and need to share compute and storage resources. Which of the following cloud deployment strategies would BEST meet this need?A . Community B. Private C. Public D. HybridView AnswerAnswer: A Explanation: Community cloud storage is a variation of the private cloud...
