QUESTION 101
Which of the following tools is best for logging and monitoring in a cloud environment?
A. IPS
B. FIM
C. NAC
D. SIEM
Correct Answer: D
QUESTION 102
A security analyst assesses the deployment of a security appliance. The security appliance must perform the following functions:
1. The appliance should monitor all traffic to and from the internet.
2. The appliance should monitor all east-west traffic inside the data center.
3. The appliance should be able to detect and block malicious lateral movement.
4. The appliance network interface is bandwidth-limited to 1G.
Which of the following should the security analyst implement for a compliant and scalable deployment? (Select two).
A. Install the appliance in an in-line mode to ensure comprehensive monitoring.
B. Deploy the appliance in fail-closed mode to ensure higher security.
C. Ensure the appliance console is only accessible from a central jump box.
D. Implement an IPSec tunnel between the appliance and border routers.
E. Configure API integrations between the appliance and network device to filter traffic.
F. Set up a tap and send network connections’ metadata to the appliance.
Correct Answer: EF
QUESTION 103
A security officer is implementing a security awareness program and is placing security-themed posters around the building and is assigning online user training. Which of the following would the security officer most likely implement?
A. Password policy
B. Access badges
C. Phishing campaign
D. Risk assessment
Correct Answer: C
QUESTION 104
Which of the following will oversee a cybersecurity program and provide guidance on risk appetite for an organization?
A. Government regulators
B. Board of directors
C. Steering committees
D. Data owners
Correct Answer: B
QUESTION 105
An organization plans to increase security controls for devices that connect to its internal network The additional security control must perform port-based authentication as part of the connection process. Which of the following should the organization implement?
A. EDR
B. SASE
C. 802.1X
D. WPA3
Correct Answer: C
QUESTION 106
The Chief Information Security Officer gives the security community the opportunity to report vulnerabilities on the organization’s public-facing assets. Which of the following does this scenario best describe?
A. Bug bounty
B. Red teaming
C. Open-source intelligence
D. Third-party information sharing
Correct Answer: A
QUESTION 107
Which of the following explains the difference between data masking and data tokenization?
A. Data masking is typically a non-reversible process, while data tokenization is reversible.
B. Data masking uses encryption, while data tokenization replaces data with null values.
C. Data masking uses one-to-one data mapping, while data tokenization uses one-to-many data mapping.
D. Data masking implements a random function, while data tokenization implements a pseudo-random function.
Correct Answer: A
QUESTION 108
An IT administrator needs to ensure data retention standards are implemented on an enterprise application. Which of the following describes the administrator’s role?
A. Processor
B. Custodian
C. Privacy officer
D. Owner
Correct Answer: B
QUESTION 109
Which of the following is a primary security concern for a company setting up a BYOD program?
A. End of life
B. Buffer overflow
C. VM escape
D. Jailbreaking
Correct Answer: D
QUESTION 110
Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?
A. Integrity
B. Availability
C. Confidentiality
D. Non-repudiation
Correct Answer: C
QUESTION 111
A systems administrator is creating a script that would save time and prevent human error when performing account creation for a large number of end users. Which of the following would be a good use case for this task?
A. Off-the-shelf software
B. Orchestration
C. Baseline
D. Policy enforcement
Correct Answer: B
QUESTION 112
A software developer released a new application and is distributing application files via the developer’s website. Which of the following should the developer post on the website to allow users to verify the integrity of the downloaded files?
A. Hashes
B. Certificates
C. Algorithms
D. Salting
Correct Answer: A
QUESTION 113
The Chief Information Security Officer (CISO) has determined the company is non-compliant with local data privacy regulations. The CISO needs to justify the budget request for more resources. Which of the following should the CISO present to the board as the direct consequence of non-compliance?
A. Fines
B. Reputational damage
C. Sanctions
D. Contractual implications
Correct Answer: A
QUESTION 114
An employee emailed a new systems administrator a malicious web link and convinced the administrator to change the email server’s password. The employee used this access to remove the mailboxes of key personnel. Which of the following security awareness concepts would help prevent this threat in the future?
A. Recognizing phishing
B. Providing situational awareness training
C. Using password management
D. Reviewing email policies
Correct Answer: A
QUESTION 115
Which of the following would a systems administrator follow when upgrading the firmware of an organization’s router?
A. Software development life cycle
B. Risk tolerance
C. Certificate signing request
D. Maintenance window
Correct Answer: D
QUESTION 116
A company is concerned about theft of client data from decommissioned laptops. Which of the following is the most cost-effective method to decrease this risk?
A. Wiping
B. Recycling
C. Shredding
D. Deletion
Correct Answer: A
QUESTION 117
A nation-state attacker gains access to the email accounts of several journalists by compromising a website that the journalists frequently use. Which of the following types of attacks describes this example?
A. On-path
B. Watering-hole
C. Typosquatting
D. Brand impersonation
Correct Answer: B
QUESTION 118
Which of the following is a vulnerability concern for end-of-life hardware?
A. Failure to follow hardware disposal procedures could result in unintended data release.
B. The supply chain may not have replacement hardware.
C. Newly released software may require computing resources not available on legacy hardware.
D. The vendor may stop providing patches and updates.
Correct Answer: D
QUESTION 119
Which of the following should be used to prevent changes to system-level data?
A. NIDS
B. DLP
C. NAC
D. FIM
Correct Answer: D
QUESTION 120
A company wants to ensure that only authorized devices can enter an environment. Which of the following will the company most likely use to implement the control?
A. Access lists
B. Remote connection
C. Screened subnets
D. Centralized proxy
Correct Answer: A
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.