QUESTION 181
Which of the following would cause a violation of data sovereignty requirements? (Select two).
A. Data loss prevention labeling
B. File metadata manipulation
C. Unencrypted data at rest
D. Tokenization of selected database fields
E. Cloud-based repositories
F. Multiregion redundancy for backups
Correct Answer: EF
QUESTION 182
A business needs a recovery site but does not require immediate failover. The business also wants to reduce the workload required to recover from an outage. Which of the following recovery sites is the best option?
A. Hot
B. Cold
C. Warm
D. Geographically dispersed
Correct Answer: C
QUESTION 183
An administrator is installing an sol certificate on a new system. During testing, errors indicate that the certificate is not trusted. The administrator has verified with the issuing CA and has validated the private key. Which of the following should the administrator check for next?
A. If the wildcard certificate is configured
B. If the certificate signing request is valid
C. If the root certificate is installed
D. If the public key is configured
Correct Answer: C
QUESTION 184
Which of the following will prevent an attack on a corporate data center?
A. Video surveillance
B. Access badges
C. Infrared sensors
D. Flood lights
Correct Answer: B
QUESTION 185
A security analyst investigates abnormal outbound traffic from a corporate endpoint. The traffic is encrypted and uses non-standard ports. Which of the following data sources should the analyst use first to confirm whether this traffic is malicious?
A. Application logs
B. Vulnerability scans
C. Endpoint logs
D. Packet captures
Correct Answer: C
QUESTION 186
Which of the following exercises should an organization use to improve its incident response process?
A. Tabletop
B. Replication
C. Failover
D. Recovery
Correct Answer: A
QUESTION 187
A systems administrator is working on a solution with the following requirements:
1. Provide a secure zone.
2. Enforce a company-wide access control policy.
3. Reduce the scope of threats.
Which of the following is the systems administrator setting up?
A. Zero Trust
B. AAA
C. Non-repudiation
D. CIA
Correct Answer: A
QUESTION 188
A security analyst developed a script to automate a trivial and repeatable task. Which of the following best describes the benefits of ensuring other team members understand how the script works?
A. To reduce implementation cost
B. To identify complexity
C. To remediate technical debt
D. To prevent a single point of failure
Correct Answer: A
QUESTION 189
Which of the following security concepts is accomplished with the installation of a RADIUS server?
A. CIA
B. AAA
C. ACL
D. PEM
Correct Answer: B
QUESTION 190
An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take?(Select two)
A. Disable default accounts.
B. Add the server to the asset inventory.
C. Remove unnecessary services.
D. Document default passwords.
E. Send server logs to the SIEM.
F. Join the server to the corporate domain.
Correct Answer: AC
QUESTION 191
Which of the following would most likely mitigate the impact of an extended power outage on a company’s environment?
A. Hot site
B. UPS
C. Snapshots
D. SOAR
Correct Answer: B
QUESTION 192
Several customers want an organization to verify its security controls are operating effectively and have requested an independent opinion. Which of the following is the most efficient way to address these requests?
A. to Hire a vendor to perform a penetration test.
B. Perform an annual self-assessment.
C. Allow each client the right to audit.
D. Provide a third-party attestation report.
Correct Answer: D
QUESTION 193
Which of the following is a compensating control for providing user access to a high-risk website?
A. Enabling threat prevention features on the firewall
B. Configuring a SIEM tool to capture all web traffic
C. Setting firewall rules to allow traffic from any port to that destination
D. Blocking that website on the endpoint protection software
Correct Answer: A
QUESTION 194
Which of the following tasks is typically included in the BIA process?
A. Estimating the recovery time of systems
B. Identifying the communication strategy
C. Evaluating the risk management plan
D. Establishing the backup and recovery procedures
E. Developing the incident response plan
Correct Answer: A
QUESTION 195
A new security regulation was announced that will take effect in the coming year. A company must comply with it to remain in business. Which of the following activities should the company perform next?
A. Gap analysis
B. Policy review
C. Security procedure evaluation
D. Threat scope reduction
Correct Answer: A
QUESTION 196
A company’s accounting department receives an urgent payment message from the company’s bank domain with instructions to wire transfer funds. The sender requests that the transfer be completed as soon as possible. Which of the following attacks is described?
A. Business email compromise
B. Vishing
C. Spear phishing
D. Impersonation
Correct Answer: A
QUESTION 197
Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?
A. Availability
B. Non-repudiation
C. Integrity
D. Confidentiality
Correct Answer: A
QUESTION 198
Which of the following is the primary reason why false negatives on a vulnerability scan should be a concern?
A. The system has vulnerabilities that are not being detected
B. The time to remediate vulnerabilities that do not exist is excessive
C. Vulnerabilities with a lower severity will be prioritized over critical vulnerabilities
D. The system has vulnerabilities, and a patch has not yet been released
Correct Answer: A
QUESTION 199
Which of the following elements of digital forensics should a company use if it needs to ensure the integrity of evidence?
A. Preservation
B. E-discovery
C. Acquisition
D. Containment
Correct Answer: A
QUESTION 200
Which of the following best describe the benefits of a microservices architecture when compared to a monolithic architecture?(Select two.)
A. Easier debugging of the system
B. Reduced cost of ownership of the system
C. Improved scalability of the system
D. Increased compartmentalization of the system
E. Stronger authentication of the system
F. Reduced complexity of the system
Correct Answer: CD
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.