Sopa_test

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?. Avoid. Mitigate. Accept. Transfer.

Which of the following is the most likely to be used to document risk, responsible parties and thresholds?. Risk transfer. Risk analysis. Risk tolerence. Risk register.

Which of the following is the reason to complete an audit in a banking enviroment?. Regulatory requirement. Self-assessment requirement. Organizational change. Service-level requirement.

Which of the following threat vectors is most commonly utilized by insider threat actors alternating data exfiltration?. Impersonation of business units through typo squatting. Spear phishing emails. Default network credentials. Unidentified removable devices.

An accounting clerk sent money to an attacker's bank account after receiving fraudulent instructions to use a new account. Which of the following would most likely prevent this activity in the future?. Updating processes for sending wire transfers. Executing regular phishing compaings. Implementing insider threat detection measures. Standardizing security incident reporting.

After security incident, a systems administrators asks the company to buy a NAC platform. Which of the following attack surfaces is the systems administrator trying to protect?. Wired. NFC. SCADA. Bluetooth.

A system administrator notices that the research and development department is not using the company VPN when accessing various company-related services and systems. Which of the following scenarios describes this activity?. Data exfiltration. Shadow IT. Nation state attack. Espionage.

Which of the following security concepts is accomplished with the installation of a RADIUS server?. CIA. AAA. PEM. ACL.

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take (selec two)?. Document default passwords. Join the server to the corporate domain. Disable default accounts. Remove unnecessary services. Add the server to the asset inventory. Send server logs to the SIEM.

A security analyst has determined that a security breach would have a financial impact of $15,000 and is expected to occur twice within a three-year period. Which of the following is the ALE for this risk?. 7,500. 30,000. 10,000. 15,000.

After creating a contract for IT contrators, the human resources departmen changed several cluases. The contract has gone three revisions. Which of the flollowing processes should the human resources department follow to track revisions?. Version control. Version validation. Version changes. Version updates.

The marketing departmen set up its own project management sofware without telling the appropiate departments. Wchich of the following describes this scenario?. Service disruption. Shadow IT. Data exfiltration. Insider threat.

Which of the following would best explain why a security analyst is running daily vulnerability scans on all corporate endpoints?. To continuously the monitor hardware inventory. To find shadow IT cloud deployments. To hunt for active attackers in the network. To track the status of patching installations.

A security analyst is evaluating a SaaS application that the human resources deparment would like to implement. The analyst requests a SoC 2 report from the SaaS vendor. Which of the following processes is the analyst most likely conducting?. Due diligence. Attestation. Internal audit. Penetration testing.

A security architect wants to prevent employees from receiving malicious attachments by email. Which of the following functions should the chosen solution do?. Scan email traffic inline. Check SPF records. Trap an monitor the email feed. Apply IP address reputation data.

Which of the following threat actors would most likely deface the website of a high-profile music group?. Unskilled attacker. Organized crime. Insider Threat. Nation-state.

Which of the following control types is AUP an example of?. Operational. Managerial. Physical. Technical.

Which of the following would be the most appropriate way to proctect data in transit?. SSL 3.0. TLS 1.3. SHA-256. AES-256.

For which of the following reasons would a systems administrators leverage a 3DES hash from an installer file that is posted on a vendor's website?. To activate the license for the file. To validate the authenticity of the file. To test the integrity of the file. To calculate the checksum of the file.

Which of the following is a benefit of vendor diversity ?. Load balancing. Secure configuration guide applicability. Patch availability. Zero-day resiliency.

Which of the following tasks is typically included in the BIA process?. Identifying the communication strategy. Estimating the recovery time of systems. Developing the incident response plan. Establishing the backup and recovery procedures. Evaluating the risk management plan.

When trying to access and internal website, an employee reports that a prompt displays, stating that the sites is insecure. Which of the following certificate types is the site most likely using ?. Third-party. Wildcard. Root of trust. Self-signed.

A security analyst is reviewing logs and discovers the following. 149.34.228.10 -- [28/Jan/2023: 16:32:45-0300] "GET /HTTP/1.0" User-Agent: $(/bin/sh/id) 200 397 Which of the following should be used to best mitigate this type of attack?. Sandboxing. Input sanitization. Static code analysis. Secure cookies.

Which of the following activities are associated with vulnerability management ? (Select two). Correlation. Table top excercise. Reporting. Prioritization. Exploiting. Containment.

Which of the following consequences would a retail chain most likely face from customers in the event the retailer is non-compliant with PCI DSS ?. Contractual impacts. Fines. Sanctions. Reputational damage.

Which of the following objetives is best achieved by a tabletop exercise?. Quickly determining the impact of an actual security breach. Deciding red and blue team rules of engagement. Familiarizing participiants with incident response process. Conducting multiple security investigation in parallel.

A system administrator creates a script that validates OS version, patch levels, and installed applications when users log in. Which of the following examples best describes the purpose of this script?. Baseline enforcement. Resource scaling. Guard rails implementation. Policy enumeration.

Which of the following should a company use to provide proof of external network security testing?. Third-party attestation. Supply chain analysis. Business impact analysis. Vulnerability assessment.

A company plans to secure its systems by: 1. Preventing users from sending sensitive data over corporate email 2. Restricting access to potentially harmful websites Which of the following feature should the company set up? (Select two). Guardrails. DNS filtering. DLP software. Antivirus signature. File integrity monitoring. Stateful firewall.

Which of the following most accurately describes the order in which a security engineer should implement secure baselines?. Establish, maintain, deploy. Deploy, maintain, establish. Establish, deploy, maintain. deploy, establish, maintain.

Which of the following should be used to aggregate log data in order to create alerts and detect anomalous activity?. SIEM. Network taps. IDS. WAF.

A group of developers has a shared backup acccount to access the source code repository. Which of the following is best way to secure the backup account if there is an SSO failure?. EAP. PAM. SAML. RAS.

A company's accounting department receives an urgent payment message from the company's bank domain with instructions to wire transfer funds. The sender request that the transfer be completed as soon as posible. Which of the following attacks is describe?. Vishing. Impersonation. Spear phishig. Business email compromise.

A security report shows that during a two-week test period, 80% of employees unwitingly disclosed their SSO credentials when accesing an external website. The organization purposely created the website to simulate a cost-free password complexity test. Which of the following would best help reduce the number of visits to similar websites in the future?. Restrict internet access for the employees who disclosed credentials. Block all outbound traffic from the intranet. Implement a deny list of websites. Introduce a campaing to recognize phishing attempts.

A security analyst learns that an attack vector, which was used as a part if a recent incident, was a well-known loT device exploit. The analyst needs to review logs to identify the time of initial exploit. Which of the following logs should the analyst review first?. Firewall. NAC. Application. Endpoint.

A security analyst attemps to start a company's databse server. When the server starts, the anayst receives an error message indicating the database server did not pass authenticacion. After reviewing and testing the system the analyst receives confirmation the server has been compromised and the attackers have redirected all outgoin database traffic to a server under their control. Which of the following MITRE ATT&CK techniques did the attacker most likely use to redirec database traffic?. Valid accounts. Browser extension. Escape to host. Process injection.

The Chief Information Officer (CIO) asked a vendor to provide documentation detailing the specific objectives whitin the compliance framework that the vendor's service meet. The vendor provided a report and a signed letter stating thast ther service meet 17 of the 21 objectives. Which of the following did the vendor provide to the CIO ?. Penetration test results. Attestation of compliance. Self assesment findings. Third party audit report.

An organization needs to determine how many employees are accessing the building each day in order to configure the proper access controls. Which of the following control types best meets this requirement?. Corrective. Detective. Directive. Preventive.

An organization's web server host an online ordering system. The organization discovers that the servers are vulnerable to a malicious JavaScript injection, which could allow attackers to acces customer payment information. Which of the following mitigation strategies would be most effective for preventing an attack on the organization's web servers? (select two). Implementing strong password policies. Utilizing a web application firewall. Removing payment information from the servers. Encryption sensitive data at rest and in transit. Regularly updating server software and patches. Performing regular vulneraility scans.

Which of the following is the best way to provide secure, remote access for examples while minimizing the exposure of a company's internal network?. FTP. VPN. LDAP. RADIUS.

Which of the following is the primary purpose of a service that tracks log-ins and time spent using the service?. Authentication. Availability. Accounting. Authorization.

Which of the following allows a system administrator to tune permissions for a file?. Configuration enforcement. Access control list. Patching. Least privilege.

A security administrator is addressing an issue with a legacy system that communicates data using an unencrypted protocol to transfer sesitive data to a third party. No software updates that use an encrypted protocol are available, so a compensating control is needed. Which of the following are the most appropriate for the administrator to suggest? (Select two). Data masking. Segmentation. Tokenization. Cryptographic downgrade. SSH tunneling. Patch installation.

Which of the following would be the greatest concern for a company that is aware of the consequences of non-compliace with government regulations?. Right to be forgotten. Sanctions. External compliance reporting. Attestation.

Which of the following is a possible consequence of a VM escape?. An attacker can access the hypervisor and compromise other VMs. Unencrypted data can be read by user show is in a separate enviroment. Users can install software that is not on the manufacturer's approved list. Malicious instructions can be inserted into memory and give the attacker elevated permissions.

A security team is in the process of hardening the network against externally crafted malicious packets. Which of the following is the most secure method to protect the internal network?. Intrusion prevention systems. Network access control. Host based firewalls. Antimalware solutions.

A company is concerned about theft of client data from decommissioned laptops. Which of the following is the most cost-effective method to decrease this risk?. Shredding. Wiping. Recycling. Delection.

Which of the following should an organization focus on the most when making decisions about vulnerability prioritization?. CVSS. CVE. Exposure factor. Industry impact.

Which of the following provides the best protection against unwanted or insecure communications to and from a device?. Host-based firewall. Intrusion detection system. Anti alware software. Syste hardening.

Which of the following best describe the benefits of a microservices architecture when compared to a monilithic architecture?(Select two). Stronger authenticacion of the system. Easier debugging of the system. Reduced complexity of the system. Improved scalability of the system. Increased compartmentalization of the system. Reduced cost of ownership of the system.

An organization needs to monitor its users activities in order to prevent insider threats. Which of the following solutions would help the organization achieve this goal?. Access control list. Behavioral analytics. Identity anb access management. Network intrusion detection system.

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?. CRL. Key. CSR. OCSP.

Which of the following is the most relevant reason a DPO would develop a data inventory?. to automate the reduction of duplicated data. to determine the impact in the event of a breach. To manage data storage requirements better. To extend the length of time can be retained.

Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?. Destrution. Sanitization. Certification. Retention.

Various company stakeholders meet to disscus roles and responsibilities in the event of a security breach that affect offshore offices. Which of the following is this an example of?. Penetration test. Geographic dispersion. Tabletop exercise. Incident response.

Which of the following types of identification methods can be performed on a deployed application during runtime?. Package monitoring. Bug Bounty. Dynamic analysis. Code review.

A costumer has a contract with CSP and wants to identify which controls should be implemented in the IaaS enclave. Which of the following is most likely to contain this information?. Responsability matrix. Master service agreement. Service level agreement. Statement of work.

A network engineer is increasing the overall security of network devices and needs to harden the devices. Which of the following will best accomplish this task?. Replacing Telnet with SSH. Configuring centrilized logging. Generating local administrator accounts. Enable HTTP administration.

Which of the following attacks exploits a potential vulnerability as a result weak cryptographic algorithms?. Digital signing. Password cracking. Side channel. On path.

Which of the following is most likely to be used as a just-in-time reference document within a security operations center ?. SIEM profile. Risk profile. Change management policy. Playbook.

An engineer has ensured that the swirches are using the latest O.S, the servers latest patches, and the endpoints definitions are up to date. Which of the following will these actions most effectively prevent?. End of life support. Insider threats. Zero day attackts. Known exploits.

While conducting a business continuity tabletop exercise, the security team becomes by potential impact if a generator was to develop a fault during failover. Which of the following is the team most likely to consider in regard to risk management activities?. RPO. BIA. ARO. MTTR.

Which of the following analysis methods allows an organization to measure the exposure factor associated with organizational assets?. Quantitative. User-driven. Heuristic. Trend-based.

Which of the following should be used to ensure an attacker is unable to read the contents of a mobile device's drive if the device is lost?. FDE. TPM. ECC. HSM.

A company wants to add an MFA solution for all employees who access the corporate network remotely. Log-in requirements include something you know, are, and have. The company wants a solution that does not require purchasing third-party applications or specialized hardware. Which of the following MFA solutions would best meet the company's requirements?. Smart card with PIN and password. Voice and fingerprint verification with an SMS one time passcode. Mobile application generated, one time with facial recognition. Security question and one time passcode sent via email.

Which of the following steps should be taken before mitigation a vulnerability in a production server?. Refer to the change management policy. Perform a risk assessment to classify the vulnerability. Escale the issue to the SDLC team. Use the IR plan to evaluate the changes.

An organization purchased a critical application containing sensitive data. The organization would like to ensure that the applications is not exploited by common data exfiltration attacks. Which of the following approaches would best help to fulfill this requirement?. WAF. URL scanning. Reverse Proxy. NAC.

Which of the following should a system administrator use to decrease the company's hardware attack surface?. Replication. Centralization. Isolation. Virtalization.

A security administrator is implementing encryption on all hard drives in an organization. Which of the following security concepts is the administratos applying?. Authentication. Zero Trust. Integrity. Confidentiality.

Which of the following is a type of vulnerability that involves inserting scripts into a web-based applications in order to take control of the clients web browser?. On path attackt. Cross-site scripting. Zero day exploit. SQL injection.

Which of the following is a type of vulnerability that refers to the unauthorized installation of applications on a device through means other than the official application store?. Cross site scripting. Side loading. Buffer overflow. Jailbreaking.

An administrator wants to automate an account permissions update for a large number of accounts. Which of the following would best accomplish this task?. Vertical Scaling. Federation. Security groups. User provisioning.

Which of the following is an example of a data protection strategy that uses tokenization?. Removing isensitive data from production system. Replacing sensitive data with surrogate values. Hashing sensitive data in critical systems. Encrypting databases containing sensitive data.

A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most likely use?. Network traffic. Sandbox. Static. Package monitoring.

A penetration test has demostrated that domain administrator accounts were vulnerable to pass the hash attacks. Which of the following have been the best strategy to prevent the threat actor from using domain administrator accounts?. Create IDS policies to monitor domain controller access. Use a group Policy to enforce password expiration. Audit each domain administrator account weekly for password compliance. Implement a privileged access management solution.

Which of the following is a use of CVSS?. To identify unused ports and services that should be closed. To determine the cost associated with patching systems. To analyse code for defects that could be exploited. To prioritize the remediation of vulnerabilities.

Which of the following activities should be performed first to compile a list of vulnerabilities in an enviroment?. Penetration testing. Log aggregation. Threat hunting. Adversarial emulation. Automated scanning.

The physical security team at a company reports that employees are not displaying their badges. The team also observes eomployees tailgating at controlled entrances. Which of the following topics will the security team most likely emphasize in upcoming security training?. Social engineering. Situational awareness. Phishing. Acceptable use policy.

A new employee accessed an unauthorized website. An investigation found that the employee violated the company's rules. Which of the following did the employee violate?. NDA. AUP. MOA. MOU.

The management team reports that employees are missing features on company provided tablets, which is causing productivity issues. The management team directs the IT team to resolve the issue within 48 hours. Which of the following would be the best solution for the IT team to leverage in this scenario?. COPE. MDM. EDR. FDE.

Which of the following options will provide the lowest RTO and RPO for a databse?. Hot site. Journaling. Snapshots. ON-site backups.

Which of the following best protects sensitive data in transit across a geographically dispersed infraestructure?. Encryption. Obfuscation. Masking. Tokenization.

A contrator is required to visually inspect the motherboards of all new servers thar are purchased to determine whether the servers were tampered with. Which of the following risks is the contractor attempting to mitigate?. Embedded rookit. Firmware failure. RFID keylogger. Supply chain.

Which of the following would a security administrator use to comply with a secure baseline during a patch update?. Service-level expectations. Test result report. Standard operating procedure. Information security policy.

Which of the following security concepts is accomplished when granting access after an indiviual has logged into a computer network?. Non-repudiation. Identification. Authorization. Authentication.

A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA to comply with internal security pilicies. Which of the following should the security team recommend?. Web procy for all remote traffic. RDP connection with LDAPS. Jump server with 802.1x. IPsec with RADIUS.

A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most difficult to remediate due to the company's reliance on open source libraries?. Zero day. Buffer overflow. SQL injection. Cross site scripting.

A Chief Information Security Officer (CISO) has developed information security policies that the software development methodology. Which of the following would the CISO most likely include in the organization's documentation?. Branch protection test. Multifactor authentication. Secrets management configurations. Peer review requirements.

Which of the following best describes the concept of informacition being stored outside of its country of origin while still being subject to the laws and requirements of the country of origin?. Data sovereignty. Intellectual property. Geolocation. Geographic restrictions.

A network administrator wants to ensure that network traffic is highly secure while in transit. Which of the following actions best describes the actions the network administrators should take?. Ensure the EDR software manitors for unauthorized applications that could be used by threat actors and configure alerts for the security team. Configure the premimeter IPs to block inbound HTTPS directory tranversal trafic and verify that signatures are update on a daily basis. Ensure only TLS and other encrypted protocols are selected for use on the network and only permit authorized traffic via secure protocols. Ensure that NAC is enforce on all metwor segments and confirm that firewalls have updated policies to block unauthorized trafic.

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best achieve the objective?. Independent audit. Red teaming. Vulnerability assessment. Penetration testing.

Employees sign an agreement that restricts specific activities when the company. Violating the agrerment can result in legal consequences. Which of the following agreements does this best describe?. MOA. BPA. SLA. NDA.

An unexpected and out of character email message from a Chief Executive Officer's corporate account asked an employee to provide financial information and to change the recipient's contact number. Which of the following attack vectors is most likely being used?. Phishig. Business email compromise. Brand impersonation. Pretexting.

During a recent log review an analyst discovered evidence of succesful injection attacks. Whihc of the following would best address this issue?. Static code analysis. Authentication. Input validation. Secure cookies.

While a school district is performing state testing a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning is occurring on the network and then terminates access for the host. Which of the following is most likely responsible for this maliciuos activity?. Nation state. Insider threat. Unskilled attacker. Shadow IT.

To which of the following security categories does an EDR solution belong?. Technical. Operational. Physical. Managerial.

A systems administrator just purchased multiple network devices. Which of the following should the systems administrator perform to prevent attackers from accessing the devices by using publicly available information?. Remove unnecessary software. Disable ports protocol. Change defualt passwords. Install endpoint protection.

Which of the following is a directive managerial control?. No trespassing sign. Acceptable use policy. Master service agreement. Log-in warning banner.

After a series of account compromises and credential misuse, a company hires security manager to develop a security program. Which of the following steps should the security manager take first to increase security awareness?. Update policies and handbooks to ensure all employees are informed of the new procedures. Send quartely newsletters that explain the importance of password management. Develop phishing campaings and notify the management team of any successes. Evaluate tools that identify risky behavior and distribute reports on the findings.

A security team receives reports about high latency and complete network unavailability throughout most of the office building. Flow logs from campus switches show high traffic on TCP 445. Which of the following is most likely the root cause of this incident?. DoS attack. Worn. NTP amplification attack. Buffer overflow.

Employees receive a text message containing a link to a web page that prompts the user the enter their ID and a work phone number. The text message appears to come from the Chief Executive Officer, but it is later discovered that the message is not legitimate. Which of the following does this best represent? (Select two). Misinformation. Phishing. Typosquatting. Impersonation. Pretexting. Smishing.

A company is changing its mobile device policy. the company has the following requirements: 1. Company-owned devices 2. Ability to harden the devices 3. Reduced security risk 4. Compatibility with company resources Which of the following would best meet these requirements?. CYOD. BYOD. COBO. COPE.

Which of the following is the best way to prevent data from being leaked from a secure network that does not need to communicate externally?. Decentralization. Virtualization. Containerization. Air gap.

A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for maliciuos activity. Which of the following is the user account an example?. Honeynet. Honeypot. Honeyfile. Honeytoken.

An organization is preparing to export propietary software to a customer. Which of the following would be the best way to prevent the loss of intellectual property?. Code signing. Tokenization. Blockchain. Obfuscation.

A company uses a cloud-based server for file storage and wants to ensure the security of its dta in transit. Which of the following should the company use to secure this type of communication? (select two). HTTPS. Digital signatures. WPA2 encryption. Virtual private network. Encryption key management. SSL certificates.

A new corporate policy requires all staff to use multifactor authentication to access company resources. Which of the following can be utilized to set up this form of identity and access management? (Selec two). LDAP. Password vaulting. SAML. Least privilege. Biometrics. Authentication tokens.

Which of the following describes the difference between encryption and hashing?. Encryption uses a public-key exchange while hashing uses a private key. Encryption ensures data integrity, while hashing ensures data confidentiality. Encryption ensures data integrity, While hashing protects data at rest. Encryption replaces cleartext with ciphertext, while hashing calculates a cheksum.

A penetration test identifies that a SMBv1 is enabled on multiple servers accross an organization. The organization wants to remediate this vulneranility in the most efficient way possible. Which of the following should the organization use for this purpose?. GPO. ACL. DLP. SETP.

While updating the security awareness training a security analyst wants to address issues created if vendors email accounts are compromised. Which of the following recommendations should the security analyst include in the training?. Refrain from clicking on images included in emails form new vendors. Delete emails from unknown service provider partners. Require that invoices be sent as attachments. Be alerts to unexpected request from familiar email addresses.

Which of the following is the fastest and most cost-effective way to confirm a third-party suppliers compliance with security obligations?. Third-party audit. Vulnerability assessment. Penetration testing. Attestation report.

The Chief Executive Officer has requested that a vendor conduct a penetration test without engaging the internal IT team to validate the company's investment in security tools, awareness training and SOC personnel. Which of the following penetration testing methods is most likely being used ?. Known. Unknown. Partially known. Integrated.

An engineer needs to ensure that a script has not been modified before it is launched. Which of the following best provides this functionality ?. Hashing. Masking. Obfuscation. Encryption.

For an upcoming product launch, a company hires a marketing agency whose owner is a close relative of the Chief Executive Officer. Which of the following the company violate?. Supply chain analysis. Right to audit clause. Idependent assessments. Conflict of interest policy.

A security needs to improve the company's authentication policy following a password audit. Which of the following should be included in the policy? (Selec two). Somenthing you have. Security keys. Biometrics. Length. Least privilege. Complexity.

Which of the following phases of the incident response process attemps to minimize disruption?. Containment. Recovery. Analysis. Preparation.

Which of the following is the act of proving to a customer that software developers are trained on secure coding?. Assurance. Due diligence. Contract. Attestation.

A security engineer needs to patch an OS vulnerability that impacts all corporate laptops. Which of the following is necessary to ensure all corporate laptops are patched?. Ownership. Enumeration. Classification. Inventory.

Which of the following is the most important element when defining effective security governance?. Discovering and documenting external considerations. Assigning roles and responsabilities for owners controllers and custodians. Developing procedures for employees onboarding and offboarding. Defining and monitoring change management procedures.

A program manager wants to ensure contract employees can only access the companys computers monday trhough Friday from 9 a.m. to 5 p.m. Which of the following would best enforce this access control?. Creating a discretionary access policy and setting rule based access dor contract employees. Implementing an OAuth server and then setting least privilege for contract employees. Creating a GO for all contract employees and setting time of day log-in restrictions. Implementing SAML with federetaion to the contract employees authentication server.

Which of the following activities identifies but does not exploit vulnerabilities?. Static analysis. Dynamic analysis. Penetration test. Bug bounty.

Which of the following is a prerequisite for a DLP solution?. Data destruction. Data classification. Data masking. Data sanitization.

An organization wants to deploy software in a container enviroment to increase security. Which of the following would limit the organization ability to achieve this goal?. Monolithic code. Regulatory compliance. Kernel version. Patch availability.

An organization that handles sensitive information wants to protect the information by using a reversible technology. Which of the following best satisfies this requirement?. Tokenization. Hardware security module. Hashing algorithm. Steganogrphy.

Which of the following provides resilence by hosting critical VMs within different IaaS providers while being maintened by internal application owners?. Multicloud architectures. Corporate owned off-site locations. SaaS provider diversity. On-premises server load balancing.

A company is using a legacy FTP server to transfer financial data to a third party. The legacy system does not support SFT, so a compensating control is needed to protect the sensitive, financial data in transit. Which of the following would be the most appropiate for the company to use?. SSH tunneling. Full disk encryption. Telnet connection. Patch installation.

A company processes and stores sensitive data its own systems. Which of the following steps should the company take first to ensure compliance with privacy regulations?. Create incident response and disaster recovery plans. implement access controls encryption. Identify and understand relevant data protection requirements. Purcharse and install security software.

All clients who connect to the swichports are required to complete a posture analysis before accessing the internet. Which of the following should the IT team configure to help secure the enterprise infraestructure?. WAF. VPN. NAC. IPS.

A security manager wants to reduce the number of steps required to identify and contain basic threats. Which of the following will help achieve this goal?. NIDS. SIEM. SOAR. DMARC.

Which of the following activities is used to determine the reason an incident ocurred, prior to closing the incident?. Root cause analysis. Lessons learned. Detection. E-discovery.

A company's leadership team wants to ensure employees only print business-relates documents on company printers. Which of the following documents should the company add this directive to?. Information security policy. Data Classification policy. Acceptable use policy. Business continuity plan.

Company A jointly develops a product with company B, which is located in a diferent country. Company A out that their intellectual property is being shared with unauthorized companies. Which of the following has been breached?. MOA. SOW. SLA. AUP.

Which of the following are activities that should be complete during the containment and eradication phases of the incident responses process? (Select two). Analyzing the incident. Restoring the system. Notifying stakeholders. Removing the malicious threat. Identifying the threat. Developing a recovery plan.

A company wants to track modifications to the code that is used to build new virtual servers. Which of the following will the company most likely deploy?. Collaboration Platform. Behavioral analyzer. Version control tool. Change management ticketing system.

Which of the following can be used to mitigate attacks from hig-risk regions?. Obfuscation. Data sovereignty. Encryption. IP geolocation.

A site reliability engineer is designing a recovery strategy that requires quick failover to an identical site if the primary facility goes down. Which of the following types of sites should the engineer consider?. Recovery site. Hot site. Warn site. Cold site.

Which of the following documents details how to accomplish a technical security task?. Procedure. Guideline. Standard. Policy.

During a SQL update of a database, a temporary field used as part the update sequence was modified by an attacker before the update in order to allow access to the system. Which of the following best describes this type vulneranility?. Memory injection. Malicious update. Race condition. Side loading.

The number of tickets the help desk been has increased recently due to numerous false-positive phishing reports. Which of the following would be best to help to reduce the false positives?. implementing an incident reporting web page. Performing more phishing simulation campaings. Hiring more help desk staff. Improving security awareness training.

Which of the following is a social engineering attack in which a bad actor impersonates a web URL?. Watering-hole. Misinformation. Typosquatting. Pretexting.

Whict of the following would best prepare a security team for a specific incident response scenario?. Risk assessment. Root cause analysis. Tabletop exercise. Situational awareness.

Which of the following security principles most likely requires validation before allowing traffic between system?. Zero Trust architecture. Confidentiality. Authentication. Policy enforcement.

An incident responses specialist must stop a malicious attack from expanding to other parts of an organization. Which of the following should the incident response specialist perform first?. Containment. recovery. Simutation. Eradication.

A company that has large IT operations is looking to better control, standardize and lower the time required to build new servers. Which of the following architectures will best achieve the company objectives?. PaaS. Iot. IaC. ICS.

A security analyst is reviewing the following logs a suspicious activity alert for a user's VPN log-ins: Which of the following malicious activity indicators triggered the alert?. Concurrent session usage. Impossible travel. Blocked content. Account lockout.

Which of the following actions must an organization take to comply with a person's request for the rigth to be forgotten?. Encryp all of the person's data. Purge all personally identifiable attributes. Remove all of the person's data. Obfuscate all of the person's data.

Which of the following should an organization use to ensure that ir can review the controls and performance of a service provider or vendor?. Memorandum of agreement. Right to audit clause. Supply chain analysis. Service level agreement.

A retail company receives a request to remove a customer's data. Which of the following is the retail company considered under GDPR legislation?. Data controller. Data custodian. Data Subject. Data Processor.

A university uses two different cloud solutions for storing student data. Which of the following does this represent?. Parallel processing. Load balancer. Clustering. Platform diversity.

Which of the following is an example of a certificate that is generated by an internal source?. Symetric key. Self-signed. Asymetric key. Digital signature.