Biometric authentication. Cloud storage encryption. Application containerization. Hardware anti-tamper. Match each relevant finding to the affected host-After associating the finding with the appropriate host s , click the host to select the appropriate corrective action for that finding.
A secure facility has a server room that currently is controlled by a simple lock and key. To maintain regulatory compliance, a second lock, which is controlled by an application on the administrators' smartphones, is purchased and installed. The application has various authentication methods that can be used. Which of the following BEST meets the criteria? Facial recognition. Swipe pattern. Fingerprint scanning.
Complex passcode. Token card. A security analyst is reviewing the corporate MDM settings and notices some disabled settings, which consequently permit users to download programs from untrusted developers and manually install them.
After some conversations, it is confirmed that these settings were disabled to support the internal development of mobile applications. Which of the following settings should be toggled to achieve the goal? OTA updates. Remote wiping. Side loading. Signed applications. An application development company implements object reuse to reduce life-cycle costs for the company and its clients Despite the overall cost savings, which of the following BEST describes a security risk to customers inherent within this model?
Configurations of applications will affect multiple products. Reverse engineering of applications will lead to intellectual property loss. Software patch deployment will occur less often. Homogeneous vulnerabilities will occur across multiple products. A Chief Information Securiy Officer CISO is reviewing technical documentation from various regional offices and notices some key differences between these groups. The CISO has not discovered any governance documentation. The CISO creates the following chart to visualize the differences among the networking used.
There are open standards in use on the network. Network engineers have ignored defacto standards. Network engineers are not following SOPs. The network has competing standards in use. Page 4 of 10 Loading Which of the following is a concern for the consultant, and how can it be mitigated? The consultant should implement a WAF to prevent this. The consultant is concerned the site is using an older version of the SSL 3.
Upgrading the site to TLS 1. The HTTP traffic is vulnerable to network sniffing, which could disclose usernames and passwords to an attacker. The consultant should recommend disabling HTTP on the web server. Implementing HSTS on the web server would prevent this.
Which of the following would be the BEST justification? Making employees rotate through jobs ensures succession plans can be implemented and prevents single point of failure. Forcing different people to perform the same job minimizes the amount of time malicious actions go undetected by forcing malicious actors to attempt collusion between two or more people. Administrators and engineers who perform multiple job functions throughout the day benefit from being cross-trained in new job areas.
It eliminates the need to share administrative account passwords because employees gain administrative rights as they rotate into a new job area. The applications are configured to use passwords, and two-factor authentication is not provided natively.
Procure a password manager for the employees to use with the cloud applications. Create a VPN tunnel between the on-premises environment and the cloud providers. Deploy applications internally and migrate away from SaaS applications. A global company has decided to implement a cross-platform baseline of security settings for all company laptops. A security engineer is planning and executing the project. Which of the following should the security engineer recommend? Replace each laptop in the company's environment with a standardized laptop that is preconfigured to match the baseline settings.
Create batch script files that will enable the baseline security settings and distribute them to global employees for execution. Send each laptop to a regional IT office to be reimaged with the new baseline security settings enabled and then redeployed. Establish GPO configurations for each baseline setting, test that each works as expected, and have each setting deployed to the laptops. Leverage an MDM solution to apply the baseline settings and deploy continuous monitoring of security configurations.
A network service on a production system keeps crashing at random times. The systems administrator suspects a bug in the listener is causing the service to crash, resuming in the a DoS. Which of the following tools can the systems administrator use to reproduction these symptoms?
Core dump analyzer. A company recently deployed an agent-based DLP solution to all laptop in the environment. Application whitelisting for all company-owned devices. A secure VDI environment for research department employees. Bluetooth restriction on all laptops. An organization has employed the services of an auditing firm to perform a gap assessment in preparation for an upcoming audit.
As part of the gap assessment, the auditor supporting the assessment recommends the organization engage with other industry partners to share information about emerging attacks to organizations in the industry in which the organization functions. Which of the following types of information could be drawn from such participation? Threat modeling. Vulnerability data. Threat intelligence. Risk metrics.
Exploit frameworks. Transfer the risk. Avoid the risk. Mitigate the risk. Accept the risk. A security architect is designing a system to satisfy user demand for reduced transaction time, increased security and message integrity, and improved cryptographic security. The resultant system will be used in an environment with a broad user base where many asynchronous transactions occur every minute and must be publicly verifiable. An internal key infrastructure that allows users to digitally sign transaction logs.
An agreement with an entropy-as-a-service provider to increase the amount of randomness in generated keys. A publicly verified hashing algorithm that allows revalidation of message integrity at a future date. An open distributed transaction ledger that requires proof of work to append entries. Which of the following should the CISO task a security analyst with to determine whether or not the attachment is safe? Place it in a malware sandbox. Perform a code review of the attachment.
Run a vulnerability scan on the email server. Page 5 of 10 Loading This alert is false positive because DNS is a normal network function. This alert indicates a user was attempting to bypass security measures using dynamic DN. This alert was generated by the SIEM because the user attempted too many invalid login attempts. This alert indicates an endpoint may be infected and is potentially contacting a suspect host. The SOC is reviewing processes and procedures after a recent incident.
The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. This allowed the malware to spread to additional hosts before it was contained. Which of the following would BEST to improve the incident response process?
Updating the playbook with better decision points. Dividing the network into trusted and untrusted zones. Providing additional end-user training on acceptable use. Implementing manual quarantining of infected hosts. A cloud architect needs to isolate the most sensitive portion of the network while maintaining hosting in a public cloud.
Which of the following configurations can be employed to support this effort? Create a single-tenancy security group in the public cloud that hosts only similar types of servers. Privatize the cloud by implementing an on-premises instance. Create a hybrid cloud with an on-premises instance for the most sensitive server types.
Sandbox the servers with the public cloud by server type. A security architect is implementing security measures in response to an external audit that found vulnerabilities in the corporate collaboration tool suite. The report identified the lack of any mechanism to provide confidentiality for electronic correspondence between users and between users and group mailboxes. Which of the following controls would BEST mitigate the identified vulnerability?
Federate with an existing PKI provider, and reject all non-signed emails. Implement two-factor email authentication, and require users to hash all email messages upon receipt. Provide digital certificates to all systems, and eliminate the user group or shared mailboxes. A database administrator is required to adhere to and implement privacy principles when executing daily tasks. Which of the following principles is being demonstrated? Administrator accountability. PII security.
Record transparency. Data minimization. A company is deploying a DIP solution and scanning workstations and network drives for documents that contain potential Pll and payment card data. The results of the first scan are as follows: The security learn is unable to identify the data owners for the specific files in a timely manner and does not suspect malicious activity with any of the detected files. Which of the following would address the inherent risk until the data owners can be formally identified?
Move the files from the marketing share to a secured drive. Search the metadata for each file to locate the file's creator and transfer the files to the personal drive of the listed creator. Configure the DLP tool to delete the files on the shared drives. Remove the access for the internal audit group from the accounts payable and payroll shares.
A networking administrator was recently promoted to security administrator in an organization that handles highly sensitive data. Which of the following should the new security administrator review to gain more information? CVE database. Recent security industry conferences. Security vendor pages. Known vendor threat models. Secure routing metrics. Verified security forums. NetFlow analytics. A development team releases updates to an application regularly.
The application is compiled with several standard open-source security products that require a minimum version for compatibility. During the security review portion of the development cycle, which of the following should be done to minimize possible application vulnerabilities?
The developers should require an exact version of the open-source security products, preventing the introduction of new vulnerabilities.
The application development team should move to an Agile development approach to identify security concerns faster. The change logs for the third-party libraries should be reviewed for security patches, which may need to be included in the release.
The application should eliminate the use of open-source libraries and products to prevent known vulnerabilities from being included. Which of the following solutions would BEST support trustworthy communication solutions? Enabling spam filtering and DMAR. Using MFA when logging into email clients and the domain. Enforcing data classification labels before an email is sent to an outside party. An insurance company has two million customers and is researching the top transactions on its customer portal.
It identifies that the top transaction is currently password reset. Due to users not remembering their secret questions, a large number of calls are consequently routed to the contact center for manual password resets. The business wants to develop a mobile application to improve customer engagement in the future, continue with a single factor of authentication, minimize management overhead of the solution, remove passwords, and eliminate to the contact center.
Which of the following techniques would BEST meet the requirements? Magic link sent to an email address. Customer ID sent via push notification. Third-party social login.
Certificate sent to be installed on a device. Hardware tokens sent to customers. Page 6 of 10 Loading A network administrator is concerned about a particular server that is attacked occasionally from hosts on the Internet. The server is not critical; however, the attacks impact the rest of the network. The administrator needs to be able to mitigate the effects of an attack immediately without opening a trouble ticket with the ISP. Which of the following is the BESRT way for the administrator to mitigate the effects of these attacks?
Use the route protection offered by the ISP to accept only BGP routes from trusted hosts on the Internet, which will discard traffic from attacking hosts. Add a redundant connection to a second local ISP, so a redundant connection is available for use if the server is being attacked on one connection.
A Chief Information Security Officer CISO has created a survey that will be distributed to managers of mission-critical functions across the organization. The survey requires the managers to determine how long their respective units can operate in the event of an extended IT outage before the organization suffers monetary losses from the outage.
To which of the following is the survey question related? Select TWO. Risk avoidance. Business impact. Recovery point objective. Recovery time objective. Mean time between failures. A company wants to configure its wireless network to require username and password authentication.
Which of the following should the system administrator implement? An organization is creating requirements for new laptops that will be issued to staff One of the company's key security objectives is to ensure the laptops nave hardware-enforced data-at-rest protection tied to permanent hardware identities. The laptops must also provide attestation for secure boot processes. To meet these demands, which of the following BEST represent the features that should be included in the requirements set?
Opal support. MicroSD token authenticator. Shim and GRUB. ARMv7 with TrustZone. A security analyst is attempting to identify code that is vulnerable to butler and integer overflow attacks. Which of the following code snippets is safe from these types of attacks?
Option A. Option B. Option C. Option D. After analyzing code, two developers al a company bring these samples to the security operations manager. Which of the following would BEST solve these coding problems? Use a privileged access management system. Prompt the administrator for the password. Increase the complexity and length of the password.
A security engineer is looking at a DNS server following a known incident. As such, this career-building credential makes you in demand in the marketplace and shows that you are qualified to address enterprise-level security concerns. This site comply with DMCA digital copyright. We do not store files not owned by us, or without the permission of the owner.
We also do not have links that lead to sites DMCA copyright infringement. If You feel that this book is belong to you and you want to unpublish it, Please Contact us. Flexible so you can learn at any pace. Focused on your exam success. Complement a study guide with popular training options such as: Learn online with CertMaster Learn. Download a Free Sample Take a look inside the study guide and download the table of contents as well as a content section for free.
Kitts and Nevis St.
0コメント