QUESTION 141
Which of the following would help reduce alert fatigue?
A. Penetration testing
B. Compensating controls
C. Rule tuning
D. Log aggregation
Correct Answer: C
QUESTION 142
A user downloads a patch from an unknown repository to update their device. After applying the patch, the system becomes unresponsive. An incident response team receives alerts sent by an FIM platform and indicates that the hashes of the operating system files have changed. Which of the following attacks most likely occurred?
A. Logic bomb
B. Keylogger
C. Ransomware
D. Rootkit
Correct Answer: D
QUESTION 143
An administrator investigating an incident is concerned about the downtime of a critical server due to a failed drive. Which of the following would the administrator use to estimate the time needed to fix the issue?
A. MTTR
B. MTBF
C. RTO
D. RPO
Correct Answer: A
QUESTION 144
A site reliability engineer is designing a recovery strategy that requires quick fail over to an identical site if the primary facility goes down. Which of the following types of sites should the engineer consider?
A. Recovery site
B. Hot site
C. Cold site
D. Warm site
Correct Answer: B
QUESTION 145
Which of the following would be the best way to test resiliency in the event of a primary power failure?
A. Parallel processing
B. Tabletop exercise
C. Simulation testing
D. Production failover
Correct Answer: D
QUESTION 146
Which of the following is a strategy to protect stored passwords?
A. Encryption
B. Hashing
C. Masking
D. Tokenization
Correct Answer: B
QUESTION 147
Which of the following describes the reason root cause analysis should be conducted as part of incident response?
A. To gather IoCs for the investigation
B. To discover which systems have been affected
C. To eradicate any trace of malware on the network
D. To prevent future incidents of the same nature
Correct Answer: D
QUESTION 148
An application security engineer is working to address issues stemming from situations where necessary approvals and testing were not done before code was introduced into the production environment. Which of the following would be the most appropriate for the engineer to require?
A. Regression testing
B. Branch protection
C. Impact assessment
D. Static analysis
Correct Answer: B
QUESTION 149
A security manager needs an automated solution that will take immediate action to protect an organization against inbound malicious traffic. Which of the following is the best solution?
A. UEM
B. IPS
C. WAF
D. VPN
Correct Answer: B
QUESTION 150
Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Select two).
A. Fencing
B. Video surveillance
C. Badge access
D. Access control vestibule
E. Sign-in sheet
F. Sensor
Correct Answer: CD
QUESTION 151
An enterprise is working with a third party and needs to allow access between the internal networks of both parties for a secure file migration. The solution needs to ensure encryption is applied to all traffic that is traversing the networks. Which of the following solutions should most likely be implemented?
A. EAP
B. IPSec
C. SD-WAN
D. TLS
Correct Answer: B
QUESTION 152
Which of the following is a strategy to protect stored passwords?
A. Encryption
B. Hashing
C. Masking
D. Tokenization
Correct Answer: B
QUESTION 153
The Chief Information Security Officer (CISO) of a medium-sized business plans to modernize the existing security infrastructure and address issues with legacy software and assets. Which of the following should the CISO use to determine the scope of the legacy infrastructure and develop a risk-based approach to modernization?
A. Angry IP Scanner
B. WASP Web Security Testing Guide
C. CIS benchmarks
D. Metasploit Framework
Correct Answer: C
QUESTION 154
Which of the following threat actors will most likely use multiple zero-day vulnerabilities to target government research organizations to steal IPs?
A. Nation-state
B. Hacktivist
C. Unskilled attacker
D. Insider threat
Correct Answer: A
QUESTION 155
A company performs a risk assessment on the information security program each year. Which of the following best describes this risk assessment?
A. Recurring
B. Ad hoc
C. One time
D. Continuous
Correct Answer: A
QUESTION 156
A security analyst estimates that a small security incident will cost $10,000 and will occur twice per year. The analyst recommends a budget of $20,000 for next year. Which of the following does the $10,000 represent?
A. ARO
B. SLE
C. ALE
D. RPO
Correct Answer: B
QUESTION 157
A security architect is designing an environment in which certain systems must not be able to access the internet. Which of the following describes this configuration?
A. Air-gapped
B. Serverless
C. Isolated
D. Segmented
Correct Answer: A
QUESTION 158
Which of the following principles requires that a company must keep files or records for a prescribed period of time before it disposes of those files or records?
A. Data verification
B. Data backups
C. Data archiving
D. Data retention
Correct Answer: D
QUESTION 159
While accessing a banking website, a user notices that the cursor keeps disappearing and there seems to be a lag when entering login information. Which of the following best describes this type of attack?
A. Keylogger
B. Rootkit
C. Worm
D. DoS
Correct Answer: A
QUESTION 160
A security administrator wants to increase a company’s technical defenses after two users experienced payroll fraud due to phishing attacks. Which of the following should the administrator do?
A. Conduct internal phishing campaigns with continuous training for all users on how to recognize phishing attempts.
B. Deploy more secure email gateways and block any email coming from unknown or suspicious domains.
C. Install advanced EDR software on all user workstations and configure alerts to report suspicious communications.
D. Keep web browsers updated to patch known vulnerabilities and use DNS block lists to prevent users from visiting known malicious sites.
Correct Answer: B
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.