QUESTION 121
A systems administrator configures a new application. The next day, a security analyst reviews the logs and identifies multiple accounts that had been created overnight with administrative privileges and connections from different countries. Which of the following solutions would have prevented this incident?
A. Applying input validation
B. Changing the default credentials
C. Installing a honeynet
D. Deploying a WAF
Correct Answer: B
QUESTION 122
Alerts from email protection systems and MSSPs must be entered into an IT service management system and assigned to the security team. Which of the following should an organization implement to enable this functionality?
A. Automated compliance monitoring
B. Automated ticket creation
C. Automated vulnerability scans
D. Automated indicator sharing
Correct Answer: B
QUESTION 123
Which of the following is a prerequisite for a DLP solution?
A. Data destruction
B. Data sanitization
C. Data classification
D. Data masking
Correct Answer: C
QUESTION 124
A university uses two different cloud solutions for storing student data. Which of the following does this represent?
A. Load balancer
B. Parallel processing
C. Platform diversity
D. Clustering
Correct Answer: C
QUESTION 125
Which of the following activities should a systems administrator perform to quarantine a potentially infected system?
A. Move the device into an air-gapped environment.
B. Disable remote log-in through Group Policy.
C. Convert the device into a sandbox.
D. Remote wipe the device using the MDM platform.
Correct Answer: A
QUESTION 126
A company’s accounts payable clerk receives a message from a vendor asking to change their bank account before paying an invoice. The clerk makes the change and sends the payment to the new account Days later, the clerk receives another message from the same vendor with a request for a missing payment to the original bank account Which of the following has most likely occurred?
A. Phishing campaign
B. Data exfiltration
C. Pretext calling
D. Business email compromise
Correct Answer: D
QUESTION 127
Which of the following is a risk for a company using end-of-life applications on its network?
A. Default credentials
B. Open service ports
C. Vulnerable software
D. Insecure networks
Correct Answer: C
QUESTION 128
A company is in the process of cutting jobs to manage costs. The Chief Information Security Officer is concerned about the increased risk of an insider threat. Which of the following would most likely help the security awareness team address this potential threat?
A. Immediately disable the accounts of staff who are likely to be terminated.
B. Train supervisors to identify and manage disgruntled employees.
C. Configure DLP to monitor staff who will be terminated.
D. Raise awareness for business leaders on social engineering techniques.
Correct Answer: B
QUESTION 129
Which of the following should a security analyst use to prioritize the remediation of a vulnerability?
A. OSINT
B. CVE
C. loC
D. CVSS
Correct Answer: D
QUESTION 130
Which of the following data protection strategies can be used to confirm file integrity?
A. Masking
B. Encryption
C. Hashing
D. Obfuscation
Correct Answer: C
QUESTION 131
A systems administrator needs to provide traveling employees with a security measure that will protect company devices regardless of where they are working. Which of the following should the administrator implement?
A. Isolation
B. Segmentation
C. ACL
D. HIPS
Correct Answer: D
QUESTION 132
An organization failed to account for the right-to-be-forgotten regulations. Which of the following impacts might this action have on the company?
A. Fines
B. Data breaches
C. Revenue loss
D. Blackmail
Correct Answer: A
QUESTION 133
Which of the following is an internal audit team’s function within risk management?
A. Define an organization’s exposure posture.
B. Implement an organization’s regulatory requirements.
C. Assess an organization’s policy compliance.
D. Define and update an organization’s control monitoring
Correct Answer: C
QUESTION 134
A user’s system became infected when malware was downloaded and extracted. The malware is now active in the computer’s volatile storage. Which of the following best describes the technique leveraged by the malware?
A. Race condition
B. Zero-day exploit
C. Buffer overflow
D. Memory injection
Correct Answer: D
QUESTION 135
Which of the following factors must a systems administrator take into consideration first when reviewing options to remediate a vulnerability on an end-of-life software system in production?
A. Patch availability
B. Cost
C. Ease of rollback
D. Responsiveness
Correct Answer: A
QUESTION 136
A Chief Information Security Officer (CISO) has developed information security policies that relate to the software development methodology. Which of the following would the CISO most likely include in the organization’s documentation?
A. Peer review requirements
B. Multifactor authentication
C. Branch protection tests
D. Secrets management configurations
Correct Answer: C
QUESTION 137
A security report shows that during a two-week test period, 80% of employees unwittingly disclosed their SSO credentials when accessing an external website. The organization purposely created the website to simulate a cost-free password complexity test. Which of the following would best help reduce the number of visits to similar websites in the future?
A. Block all outbound traffic from the intranet.
B. Introduce a campaign to recognize phishing attempts.
C. Restrict internet access for the employees who disclosed credentials.
D. Implement a deny list of websites.
Correct Answer: B
QUESTION 138
Which of the following cryptographic solutions is used to hide the fact that communication is occurring?
A. Steganography
B. Data masking
C. Tokenization
D. Private key
Correct Answer: A
QUESTION 139
A government official receives a blank envelope containing photos and a note instructing the official to wire a large sum of money by midnight to prevent the photos from being leaked on the internet. Which of the following best describes the threat actor’s intent?
A. Organized crime
B. Philosophical beliefs
C. Espionage
D. Blackmail
Correct Answer: D
QUESTION 140
Which of the following is the best way to validate the integrity and availability of a disaster recovery site?
A. Lead a simulated failover.
B. Conduct a tabletop exercise.
C. Periodically test the generators.
D. Develop requirements for database encryption.
Correct Answer: A
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.