QUESTION 161
In order to follow new regulations, the Chief Information Security Officer plans to use a defense-in-depth approach for a perimeter network Which of the following protections would best achieve this goal?
A. SAST, DAST, IAST
B. NGFW, IPS, EDR
C. SASE, IDS, SAST
D. CASB, DLP, EDR
Correct Answer: B
QUESTION 162
An organization has noticed an increase in phishing campaigns utilizing typosquatting. A security analyst needs to enrich the data for commonly used domains against the domains used in phishing campaigns. The analyst uses a log forwarder to forward network logs to the SIEM. Which of the following would allow the security analyst to perform this analysis?
A. Use a cron job to regularly update and compare domains.
B. Subscribe to an ISAC to obtain threat intel data
C. Develop a query that filters out all matching domain names.
D. Implement a dashboard on the SIEM that shows the percentage of traffic by domain.
Correct Answer: B
QUESTION 163
A company’s Chief Information Security Officer learns that the senior leadership team is traveling to a country accused of attempting to steal intellectual property saved on laptops. Which of the following is the best method to protect against this attack?
A. Configure Measured Boot to report any firmware changes.
B. Use sanitized devices with remote connections to VDI.
C. Deploy self-encrypting drives to protect company data.
D. Install tamper-evident stickers over any laptop screws.
Correct Answer: B
QUESTION 164
Which of the following best describes the reason a network architect would enable forward secrecy on all VPN tunnels?
A. This process is a requirement to enable hardware-accelerated cryptography.
B. This process reduces the success of attackers performing cryptanalysis.
C. The business requirements state that confidentiality is a critical success factor.
D. Modern cryptographic protocols list this process as a prerequisite for use.
Correct Answer: B
QUESTION 165
A financial services organization is using Al to fully automate the process of deciding client loan rates. Which of the following should the organization be most concerned about from a regulatory perspective?
A. Model explainability
B. Credential theft
C. Possible prompt injections
D. Exposure to social engineering
Correct Answer: A
QUESTION 166
A compliance officer is facilitating a business impact analysis and wants business unit leaders to collect meaningful data. Several business unit leaders want more information about the types of data the officer needs. Which of the following data types would be the most beneficial for the compliance officer? (Select two).
A. Inventory details
B. Applicable contract obligations
C. Costs associated with downtime
D. Network diagrams
E. Contingency plans
F. Critical processes
Correct Answer: CF
QUESTION 167
An application requires the storage of PII. A systems engineer needs to implement a solution that uses an external device for key management. Which of the following is the best solution?
A. TPM
B. SBoM
C. vTPM
D. HSM
Correct Answer: D
QUESTION 168
A company is planning to migrate all of its on-site-hosted applications to a public cloud provider. Which of the following is the best way to reduce the scope of security-relevant work that the company must address after the applications have been migrated to the cloud?
A. Adopting cloud-native security solutions
B. Using a microservices architecture
C. Performing a lift-and-shift cloud migration
D. Implementing serverless cloud services
Correct Answer: D
QUESTION 169
An organization must provide access to its internal system data. The organization requires
1. Access must be automated.
2. Data confidentiality must be preserved.
3. Access must be authenticated.
4. Data must be preprocessed before it is retrieved.
Which of the following actions should the organization take to meet these requirements?
A. Configure a reverse proxy to protect the data.
B. Implement an on-demand VPN connection.
C. Deploy an API gateway protected with access tokens.
D. Continually publish all relevant data to a CDN.
Correct Answer: C
QUESTION 170
A security architect must make sure that the least number of services as possible is exposed in order to limit an adversary’s ability to access the systems. Which of the following should the architect do first?
A. Enforce Secure Boot.
B. Perform attack surface reduction.
C. Disable third-party Integrations.
D. Limit access to the systems.
Correct Answer: B
QUESTION 171
An architect is securing an external infrastructure to support external services. The following components are in use:
1. One Kubernetes cluster with multiple pods and nodes for back-end services
2. Two VM Linux instances as the web tier
3. One SQL-based database
The company only has funding for two controls and must prioritize resilience. Which of the following are the most effective controls for the company to implement to meet this goal? (Select two).
A. An IAM policies enforced
B. A RASP to the workload services
C. A content delivery network
D. A database firewall on the SQL instance
E. An IPS at the web tier
F. An application load balancer
Correct Answer: CF
QUESTION 172
A security officer performs due diligence activities before implementing a third-party solution into the enterprise environment. The security officer needs evidence from the third party that a data subject access request handling process is in place. Which of the following is the security officer most likely seeking to maintain compliance?
A. Information security standards
B. E-discovery requirements
C. Privacy regulations
D. Certification requirements
E. Reporting frameworks
Correct Answer: C
QUESTION 173
A company wants to modify its process to comply with privacy requirements after an incident involving PII data in a development environment. In order to perform functionality tests, the QA team still needs to use non-obfuscated, valid data in the native format. Which of the following best addresses the risk without impacting the development life cycle?
A. Encrypting the data before moving into the QA environment
B. Truncating the data to make it not personally identifiable
C. Using a large language model to generate synthetic data
D. Utilizing tokenization for sensitive fields
Correct Answer: D
QUESTION 174
Emails that the marketing department is sending to customers are going to the customers’ spam folders. The security team is investigating the issue and discovers that the certificates used by the email server were reissued, but DNS records had not been updated. Which of the following should the security team update in order to fix this issue? (Select three).
A. DMARC
B. SPF
C. DKIM
D. DNSSEC
E. SASE
F. SAN
G. SOA
H. MX
Correct Answer: ABC
QUESTION 175
To comply with security regulations, an organization must remediate recent audit findings regarding weak credentials. Which of the following is the best way to mitigate this risk?
A. Perform user awareness training.
B. Configure PAM.
C. Implement Group Policies.
D. Deploy an EDR solution.
E. Enable SSO.
Correct Answer: C
QUESTION 176
After a leak of important documents, a company decides to implement a data protection program to avoid similar incidents in the future. Which of the following should the company do first?
A. Implement data encryption.
B. Perform data storage hardening.
C. Deploy a data loss prevention policy.
D. Develop data labeling standards.
Correct Answer: D
QUESTION 177
A development team must create a website to share indicators of compromise. The team wants to use APIs between industry peers to aid in configuring SIEM and SOAR. The team needs to create a free tier of service, and the senior developer insists on configuring rate limiting. Which of the following best describes the senior developer’s reasoning?
A. To prevent password-spraying attacks on the services hosting the API
B. To limit the likelihood of resource exhaustion occurring on the API server
C. To address concerns the team has about API bandwidth utilization
D. To reduce attack surface exposure of the API endpoints connecting peers
Correct Answer: B
QUESTION 178
An engineer wants to automate several tasks by running commands daily on a UNIX server. The engineer has only built-in, default tools available. Which of the following should the engineer use to best assist with this effort? (Select two).
A. Python
B. Cron
C. Ansible
D. PowerShell
E. Bash
F. Task Scheduler
Correct Answer: BE
QUESTION 179
A company implements an Al model that handles sensitive and personally identifiable information. Which of the following threats is most likely the company’s primary concern?
A. Unsecured output handling
B. Model theft
C. Model poisoning
D. Prompt injection
Correct Answer: D
QUESTION 180
An organization is implementing Zero Trust architecture. A systems administrator must increase the effectiveness of the organization’s context-aware access system. Which of the following is the best way to improve the effectiveness of the system?
A. Secure zone architecture
B. Always-on VPN
C. RADIUS
D. Microsegmentation
Correct Answer: D
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.