QUESTION 41
A security engineer must set up new resources in the cloud. The company wants to make sure all settings are secure and consistent across every instance before the company promotes the new resources to production. Which of the following is the best way for the security engineer to meet these requirements?
A. Use the basic setup the cloud company provides and make changes later if needed.
B. Write down the setup steps in a shared document and check them once a month.
C. Use a saved setup file that includes the parameters and reuse it for each deployment.
D. Run compliance scans on the instances occasionally and fix any problems.
Correct Answer: A
QUESTION 42
Which of the following techniques is used to assess the effectiveness of security controls that are designed to protect a system from unauthorized access?
A. Penetration test
B. Risk assessment
C. Vulnerability scan
D. Internal audit review
Correct Answer: A
QUESTION 43
A small-business owner purchases a subscription to a cloud-based productivity tool suite and needs to set it up across all company devices. The owner wants to configure the software to follow the principle of least privilege. Which of the following should the owner do to configure the productivity tools effectively?
A. Create user accounts with role-based access controls.
B. Enable multifactor authentication.
C. Apply updates on each device before installation.
D. Configure automatic data backups to the cloud.
Correct Answer: A
QUESTION 44
Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?
A. Compliance reporting
B. GDPR
C. Due diligence
D. Attestation
Correct Answer: C
QUESTION 45
A systems administrator successfully configures VPN access to a cloud environment. Which of the following capabilities should the administrator use to best facilitate remote administration?
A. A jump host in the shared services security zone
B. An SSH server within the corporate LAN
C. A reverse proxy on the firewall
D. An MDM solution with conditional access
Correct Answer: A
QUESTION 46
Which of the following should a systems administrator set up to increase the resilience of an application by splitting the traffic between two identical sites?
A. Load balancing
B. Geographic disruption
C. Failover
D. Parallel processing
Correct Answer: A
QUESTION 47
Which of the following best describes the importance of implementing filesystem journaling?
A. Replication to a secondary form of media reduces the risk of failure when the secondary media is remote.
B. The recovery time always exceeds the RTO and RPO requirements during system downtime.
C. A point-in-time backup provides faster data recovery if data on a disk is corrupted.
D. A log of changes can enable recovery to a desired state after a failure.
Correct Answer: D
QUESTION 48
A business analyst develops a questionnaire to interview key stakeholders about business priorities in case of a cybersecurity incident. Which of the following are most likely the stakeholders’ priorities?(Select two)
A. Return on investment on cybersecurity
B. Statistics about incident annualized rate of occurrence
C. Risk management strategies and plans
D. A financial annualized loss expectancy report
E. The system’s required recovery time objective
F. IT assets and which business processes they support
Correct Answer: EF
QUESTION 49
A technician is setting up a public-facing web server and needs to ensure traffic is secure. Which of the following steps should the technician take to begin this process?
A. Domain validation
B. DNS filtering
C. Wildcard creation
D. CSR generation
Correct Answer: D
QUESTION 50
A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch jobs locally and does not generate traffic, but the process is now generating outbound traffic over random high ports. Which of the following vulnerabilities has likely been exploited in this software?
A. Memory injection
B. Race condition
C. Side loading
D. SQL injection
Correct Answer: A
QUESTION 51
Employees receive a text message containing a link to a web page that prompts the user to enter their ID and a work phone number. The text message appears to come from the Chief Executive Officer, but it is later discovered that the message is not legitimate. Which of the following does this best represent?(Select two)
A. Misinformation
B. Smishing
C. Impersonation
D. Typosquatting
E. Pretexting
F. Phishing
Correct Answer: BE
QUESTION 52
Which of the following types of vulnerabilities is primarily caused by improper use and management of cryptographic certificates?
A. Misconfiguration
B. Resource reuse
C. Insecure key storage
D. Weak cipher suites
Correct Answer: A
QUESTION 53
A university employee has logged on to an academic server and attempted to guess the system administrators’ login credentials. Which of the following security measures should the university have implemented to detect the employee’s attempts to gain access to the administrators’ accounts?
A. Two-factor authentication
B. Firewall
C. Intrusion prevention system
D. User activity logs
Correct Answer: D
QUESTION 54
An administrator plans to apply a critical patch to a critical system. Which of the following is the first thing the administrator should do?
A. Test the patch in production after hours.
B. Submit a change management request.
C. Remove the application from the allow list.
D. Request exception from the system owner.
Correct Answer: B
QUESTION 55
Which of the following will best provide guidance for appropriate actions to take after a compromise?
A. Incident response plan
B. Information security policy
C. Software development life cycle
D. Vulnerability management process
Correct Answer: A
QUESTION 56
Which of the following will help reduce alert fatigue?
A. Penetration testing
B. Compensating controls
C. Rule tuning
D. Log aggregation
Correct Answer: C
QUESTION 57
Which of the following best explains why data classification is important in a security strategy?
A. It helps define access control and protection levels based on data sensitivity.
B. It allows organizations to encrypt all data using the same algorithm and key.
C. It determines which business units can physically store data on site.
D. It enforces compliance efforts by mapping controls to regulatory data categories.
Correct Answer: A
QUESTION 58
A company uses its backups to recover from a ransomware attack. Which of the following best guarantees that the backups are not infected?
A. Immutability
B. Destruction
C. Sanitization
D. Retention
Correct Answer: A
QUESTION 59
A security administrator wants to determine if the company’s social engineering training is effective. Which of the following should the administrator do to complete this task?
A. Set up a honeypot.
B. Send out a survey.
C. Set up a focus group.
D. Conduct a phishing campaign.
Correct Answer: D
QUESTION 60
A security analyst investigates an incident in which a PowerShell script was identified as a potential IoC. Which of the following will best help the analyst identify an attempt to compromise the system?
A. SNMP logs
B. Firewall logs
C. EDR logs
D. IPS logs
Correct Answer: C
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.