QUESTION 181
A company plans to deploy a new online application that provides video training for its customers. As part of the design, the application must be:
1. Fast for all users
2. Available for users worldwide
3. Protected against attacks
Which of the following are the best components the company should use to meet these requirements? (Select two).
A. WAF
B. IPS
C. CDN
D. SASE
E. VPN
F. CASB
Correct Answer: AC
QUESTION 182
A company discovers intellectual property data on commonly known collaboration web applications that allow the use of slide templates. The systems administrator is reviewing the configurations of each tool to determine how to prevent this issue. The following security solutions are deployed:
1. CASB
2. SASE
3. WAF
4. EDR
5. Firewall
6. DSSIEM
7. DLP endpoints
Which of the following should the administrator do to address the issue?
A. Enable blocking for all WAF policies.
B. Enforce a policy to block unauthorized web applications within CASB.
C. Create an alert within the SIEM for outgoing network traffic to the suspected website.
D. Enable blocking for all WAF policies.
Correct Answer: B
QUESTION 183
A company must build and deploy security standards for all servers in its on-premises and cloud environments based on hardening guidelines. Which of the following solutions most likely meets the requirements?
A. Develop a security baseline to integrate with the vulnerability scanning platform to alert about any server not aligned with the new security standards.
B. Create baseline images for each OS in use, following security standards, and integrate the images into the patching and deployment solution.
C. Build all new images from scratch, installing only needed applications and modules in accordance with the new security standards.
D. Run a script during server deployment to remove all the unnecessary applications as part of provisioning.
Correct Answer: B
QUESTION 184
Which of the following most likely explains the reason a security engineer replaced ECC with a lattice-based cryptographic technique?
A. It is computationally efficient and provides perfect forward secrecy.
B. It is more resilient to brute-force attacks than ECC.
C. It supports ephemeral key exchange and digital signatures.
D. It is currently considered a robust PQC technique.
E. It enables processing on data while remaining in an encrypted state.
Correct Answer: D
QUESTION 185
An administrator needs to craft a single certificate-signing request for a web-server certificate. The server should be able to use the following identities to mutually authenticate other resources over TLS:
1. www.int.comptia.org
2. webserver01.int.comptia.org.
3. 10.5.100.10
Which of the following certificate fields must be set properly to support this objective?
A. Subject Alternative Name
B. Organizational unit
C. Extended key usage
D. Certificate extension
Correct Answer: A
QUESTION 186
A security administrator needs to review the efficacy of the detection rules configured on the SIEM by employing real-world attacker TTPs. Which of the following actions should the security administrator take to accomplish this objective?
A. Perform an internal penetration test.
B. Use adversary emulation.
C. Execute an internal vulnerability assessment.
D. Perform a threat hunt exercise.
E. Ingest new threat intelligence feeds.
Correct Answer: B
QUESTION 187
A pharmaceutical company employs automated control systems to fabricate chemicals. During a recent experiment to attempt to secure these systems, a security engineer finds that the controllers do not appear to be sensitive to additional network latency. Which of the following is the best recommendation for this issue?
A. Performing integrity checks on control system command journals
B. Performing baseline reviews on the system configurations
C. Integrating a proxy to drop improperly formatted commands
D. Implementing in-line encryption between the control systems
E. Deploying and configuring a protocol accelerator
Correct Answer: D
QUESTION 188
A security analyst discovers requests associated with IP addresses known for both legitimate and bot-related traffic. Which of the following should the analyst use to determine whether the requests are malicious?
A. User-agent string
B. Byte length of the request
C. Web application headers
D. HTML encoding field
Correct Answer: C
QUESTION 189
A security engineer wants to enhance the security posture of end-user systems in a Zero Trust environment. Given the following requirements:
1. Reduce the ability for potentially compromised endpoints to contact command-and-control infrastructure.
2. Track the requests that the malware makes to the IPs.
3. Avoid the download of additional payloads.
Which of the following should the engineer deploy to meet these requirements?
A. DNS sinkholing
B. Browser isolation
C. Zone transfer protection
D. HIDS
Correct Answer: A
QUESTION 190
A security engineer is concerned about:
1. Asset inventory accuracy
2. Lack of communication between new service teams
3. Lack of coordination between production releases
Which of the following should the security engineer implement?
A. A configuration management database
B. A vulnerability assessment tool
C. A change management process
D. Hardened images
Correct Answer: A
QUESTION 191
A developer receives feedback about code quality and efficiency. The developer needs to identify and resolve the following coding issues before submitting the code changes for peer review:
1. Indexing beyond arrays
2. Dereferencing null pointers
3. Potentially dangerous data type combinations
4. Unreachable code
5. Non-portable constructs
Which of the following would be most appropriate for the developer to use in this situation?
A. Linting
B. SBoM
C. DAST
D. Branch protection
E. Software composition analysis
Correct Answer: A
QUESTION 192
An organization is deploying a new data lake that will centralize records from several applications. During the design phase, the security architect identifies the following requirements:
1. The sensitivity levels of the data is different.
2. The data must be accessed through stateless API calls after authentication.
3. Different users will have access to different data sets.
Which of the following should the architect implement to best meet these requirements?
A. Directory services
B. 802.1x with EAP-TLS
C. OpenID Connect
D. CASB
Correct Answer: C
QUESTION 193
A company wants to protect a web-based application against application-layer attacks by monitoring the inputs, outputs, and internal state of the application. The solution must also rapidly integrate with different programming languages. Which of the following technologies is most likely to meet this need?
A. RASP
B. Cloud-based IDE
C. DAST
D. NIPS
Correct Answer: C
QUESTION 194
A small business recently expanded its offerings to include critical infrastructure services. The business is concerned about attacks using previously unknown methods. Which of the following is the best location to install network security sensors?
A. On the same broadcast domain as any Tier 0 devices
B. Inside of the firewall and the local network segments
C. Between the ISP equipment and the business’s firewall
D. As a span port connected to the end-user switching devices
Correct Answer: B
QUESTION 195
A global company’s Chief Financial Officer (CFO) receives a phone call from someone claiming to be the Chief Executive officer (CEO). The caller claims to be stranded and in desperate need of money. The CF0 is suspicious, but the caller’s voice sounds similar to the CEO’s. Which of the following best describes this type of attack?
A. Smishing
B. Deepfake
C. Automated exploit generation
D. Spear phishing
Correct Answer: B
QUESTION 196
A company must meet the following security requirements when implementing controls in order to be compliant with government policy:
1. Access to the system document repository must be MFA enabled.
2. Ongoing risk monitoring must be displayed on a system dashboard.
3. Staff must receive email notifications about periodic tasks.
Which of the following best meets all of these requirements?
A. Implementing a GRC tool
B. Configuring a privileged access management system
C. Launching a vulnerability management program
D. Creating a risk register
Correct Answer: A
QUESTION 197
A security architect wants to configure a mail server so it maintains an updated list of IOCs and blocks known-malicious incoming emails. Which of the following will the security architect most likely need for this task? (Select two).
A. Log analyzer
B. Threat feed API
C. Scheduled task
D. Webhooks
E. Inbox deletion code
F. Security runbook
Correct Answer: BC
QUESTION 198
An organization that performs real-time financial processing is implementing a new backup solution. Given the following business requirements:
1. The backup solution must reduce the risk for potential backup compromise.
2. The backup solution must be resilient to a ransomware attack.
3. The time to restore from backups is less important than the backup data integrity.
4. Multiple copies of production data must be maintained.
Which of the following backup strategies best meets these requirements?
A. Creating a secondary, immutable database and adding live data on a continuous basis
B. Utilizing two connected storage arrays and ensuring the arrays constantly sync
C. Enabling remote journaling on the databases to ensure real-time transactions are mirrored
D. Setting up anti-tampering on the databases to ensure data cannot be changed unintentionally
Correct Answer: A
QUESTION 199
A security engineer needs to create multiple servers in a company’s private cloud. The servers should have a virtual network infrastructure that supports connectivity, as well as security configurations applied using predefined templates. Which of the following is the best option for the security engineer to consider for the deployment?
A. Installing a container orchestration solution locally, configuring the infrastructure, and cloning the solution
B. Creating templates on the cloud provider marketplace and modeling the solution using those templates
C. Using Terraform to implement an infrastructure as code model with the existing private cloud solution
D. Integrating the cloud provider API to the CICD pipeline model used by the company
Correct Answer: C
QUESTION 200
A company’s engineers must ensure that it is difficult for competitors to determine how the company’s software works. Which of the following techniques can help achieve this objective?
A. Removing dead code
B. Using code signing
C. Diversifying binaries
D. Stripping debug symbols
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.