- All Exams Instant Download
Which of the following BEST explains the appliance’s vulnerable state?
An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance’s vulnerable state?A . The system was configured with weak default security settings.B . The device uses weak encryption ciphers.C ....
Which of the following BEST explains the difference between a data owner and a data custodian?
Which of the following BEST explains the difference between a data owner and a data custodian?A . The data owner is responsible for adhering to the rules for using the data, while the data custodian is responsible for determining the corporate governance regarding the dataB . The data owner is...
Which of the following attacks was MOST likely used?
A security engineer is reviewing log files after a third discovered usernames and passwords for the organization’s accounts. The engineer sees there was a change in the IP address for a vendor website one earlier. This change lasted eight hours. Which of the following attacks was MOST likely used?A ....
Which of the following describes the ability of code to target a hypervisor from inside
Which of the following describes the ability of code to target a hypervisor from insideA . Fog computingB . VM escapeC . Software-defined networkingD . Image forgeryE . Container breakoutView AnswerAnswer: B Explanation: Virtual machine escape is an exploit in which the attacker runs code on a VM that allows...
Which of the following BEST describes the tasks the developer is conducting?
A software developer needs to perform code-execution testing, black-box testing, and non-functional testing on a new product before its general release. Which of the following BEST describes the tasks the developer is conducting?A . VerificationB . ValidationC . NormalizationD . StagingView AnswerAnswer: A
Which of the following would MOST likely show where the malware originated?
A host was infected with malware. During the incident response, Joe, a user, reported that he did not receive any emails with links, but he had been browsing the Internet all day. Which of the following would MOST likely show where the malware originated?A . The DNS logsB . The...
Which of the following network attacks is the researcher MOST likely experiencing?
A researcher has been analyzing large data sets for the last ten months. The researcher works with colleagues from other institutions and typically connects via SSH to retrieve additional data. Historically, this setup has worked without issue, but the researcher recently started getting the following message: Which of the following...
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations?A . Least privilegeB . Awareness trainingC . Separation of dutiesD . Mandatory vacationView AnswerAnswer: C Explanation: Separation of duties - is a means of establishing checks and balances...
Which of the following is the BEST solution to protect these designs?
A manufacturer creates designs for very high security products that are required to be protected and controlled by the government regulations. These designs are not accessible by corporate networks or the Internet. Which of the following is the BEST solution to protect these designs?A . An air gapB . A...
Which of the following did the assessment identify?
A security assessment determines DES and 3DES at still being used on recently deployed production servers. Which of the following did the assessment identify?A . Unsecme protocolsB . Default settingsC . Open permissionsD . Weak encryptionView AnswerAnswer: D
