security+11

100問 • 2年前

問題一覧

QUESTION 1012 An information security officer at a credit card transaction company is conducting a framework- mapping exercise with the internal controls. The company recently established a new office in Europe. To which of the following frameworks should the security officer map the existing controls? (Choose two.)

PCIDSS, GDPR

QUESTION 1013 A customer called a company's security team to report that all invoices the customer has received over the last five days from the company appear to have fraudulent banking details. An investigation into the matter reveals the following: - The manager of the accOunts payable department is using the same password across multiple external websites and the corporate account. - One of the websites the manager used recently experienced a data breach. - The manager's corporate email account was successfully accessed in the last five days by an IPaddress located in a foreign country. Which of the following attacks has most likely been used to compromise the manager's corporate account?

Credential stuffing

QUESTION 1014 An organization's corporate offices were destroyed due to a natural disaster, so the organization is now setting up offices in a temporary work space. Which of the following will the organization most likely consult?

The business continuity plan

QUESTION 1015 Security analysts notice a server login from a user who has been on vacation for two weeks. The analysts confirm that the user did not log in to the system while on vacation. After reviewing packet capture logs, the analysts notice the following: username:..smithJA... Password: 944d3697d8880ed401b5ba2c77811 Which of the following occurred?

An atacker used a pass-the-hash attack to gain access.

QUESTION 1016 A security analyst is taking part in an evaluation process that analyzes and categorizes threat actors of real-world events in order to improve the incident response team's process. Which of the following is the analyst most likely participating in?

Walk-through

QUESTION 1017 A network manager wants to protect the company's VPN by multifactor authentication that uses: - Something you know - Something you have - Somewhere you are Which of the following would accomplish the manager's goal?

Password, authentication token, thumbprint

QUESTION 1018 Which of the following terms should be included in a contract to help a company monitor the ongoing security maturity of a new vendor?

A right-to-audit clause allowing for annual security audits

QUESTION 1019 Which of the following cloud models provides clients with servers, storage, and networks but nothing else?

IaaS

QUESTION 1020 A marketing coordinator is trying to access a social media application on a company laptop but is getting blocked. The coordinator opens a help desk ticket to report the issue. Which of the following documents should a security analyst review to determine whether accessing social media applications on a company device is permitted?

Acceptable use policy

QUESTION 1021 Law enforcement officials sent a company a notification that states electronically stored information and paper documents cannot be destroyed. Which of the following explains this process?

Legal hold

QUESTION 1022 A company wants to deploy decoy systems alongside production systems in order to entice threat actors and to learn more about attackers. Which of the following best describes these systems?

Honeypots

QUESTION 1024 A company has installed badge readers for building access but is finding unauthorized individuals roaming the hallways. Which of the following is the most likely cause?

Tailgating

QUESTION 1025 An organization routes all of its traffic through a VPN. Most users are remote and connect into a corporate data center that houses confidential information. There is a firewall at the internet border, followed by a DLP appliance, the VPN server, and the data center itself. Which of the following is the weakest design element?

Encrypted VPN traffic will not be inspected when entering or leaving the network.

QUESTION 1023 A company's help desk received several AV alerts indicating Mimikatz attempted to run on the remote systems. Several users also reported that the new company flash drives they picked up in the break room only have 512KB of storage. Which of the following is most likely the cause?

The GPO blocking the flash drives is being bypassed by a malicious flash drive that is attempting to harvest plaintext credentials from memory.

QUESTION 1026 Which of the following is the best method for ensuring non-repudiation?

Digital certificate

QUESTION 1027 Which of the following methods is the most effective for reducing vulnerabilities?

Using a scan-patch-scan process

QUESTION 1028 An organization is struggling with scaling issues on its VPN concentrator and internet circuit due to remote work. The organization is looking for a software solution that will allow it to reduce traffic on the VPN and internet circuit, while still providing encrypted tunnel access to the data center and monitoring of remote employee internet traffic. Which of the following will help achieve these objectives?

Deploying a SASE solution to remote employees

QUESTION 1029 Which of the following is the best reason to complete an audit in a banking environment?

Regulatory requirement

QUESTION 1030 After a recent ransomware attack on a company's system, an administrator reviewed the log files. Which of the following control types did the administrator use?

Detective

QUESTION 1031 A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?

Create a change control request.

QUESTION 1032 A security analyst reports a company policy violation in a case in which a large amount of sensitive data is being downloaded after hours from various mobile devices to an external site. Upon further investigation, the analyst notices that successful login attempts are being conducted with impossible travel times during the same time periods when the unauthorized downloads are occurring. The analyst also discovers a couple of WAPS are using the same SSID, but they have non-standard DHCP configurations and an overlapping channel. Which of the following attacks is being conducted?

Evil twin

QUESTION 1033 Several users have opened tickets with the help desk. The help desk has reassigned the tickets to a security analyst for further review. The security analyst reviews the following metrics:

Corporate PCs have been turned into a botnet.

QUESTION 1034 An engineer needs to deploy a security measure to identify and prevent data tampering within the enterprise. Which of the following will accomplish this goal?

FIM

QUESTION 1035 Which of the following mitigation techniques places devices in physically or logically separated networks and leverages policies to limit the types of communications that are allowed?

Host-based firewalls

QUESTION 1036 All security analysts' workstations at a company have network access to a critical server VLAN. The information security manager wants to further enhance the controls by requiring that all access to the secure VLAN be authorized only from a given single location. Which of the folowing will the information security manager most likely implement?

A jump server

QUESTION 1040 A Chief Information Security Officer (CISO) needs to create a policy set that meets international standards for data privacy and sharing. Which of the following should the CISO read and understand before writing the policies?

GDPR

QUESTION 1041 During an internal penetration test, a security analyst identified a network device that had accepted cleartext authentication and was configured with a default credential. Which of the following recommendations should the security analyst make to secure this device?

Configure SNMPV3.

QUESTION 1042 Developers are writing code and merging it into shared repositories several times a day, where it is tested automatically. Which of the following concepts does this best represent?

Continuous integration

QUESTION 1043 A large financial services firm recently released information regarding a security breach within its corporate network that began several years before. During the time frame in which the breach occurred, indicators show an attacker gained administrative access to the network through a file downloaded from a social media site and subsequently installed it without the user's knowledge. Since the compromise, the attacker was able to take command and control of the computer systems anonymously while obtaining sensitive corporate and personal employee information. Which of the following methods did the attacker most likely use to gain access?

A RAT

QUESTION 1044 Recent changes to a company's BYOD policy require all personal mobile devices to use a two- factor authentication method that is not something you know or have. Which of the following will meet this requirement?

Facial recognition

QUESTION 1045 A critical file server is being upgraded, and the systems administrator must determine which RAID level the new server will need to achieve parity and handle two simultaneous disk failures. Which of the following RAID levels meets this requirement?

RAID6

QUESTION 1046 A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?

Encryption

QUESTION 1047 A security assessment found that several embedded systems are running unsecure protocols. These systems were purchased two years ago, and the company that developed them is no longer in business. Which of the following constraints best describes the reason the findings cannot be remediated?

Unavailable patch

QUESTION 1048 A security engineer is concerned about using an agent on devices that relies completely on defined known-bad signatures. The security engineer wants to implement a tool with multiple components including the ability to track, analyze, and monitor devices without reliance on definitions alone. Which of the following solutions best fits this use case?

EDR

QUESTION 1049 A user's login credentials were recently compromised. During the investigation, the security analyst determined the user input credentials into a pop-up window when prompted to confirm the username and password. However, the trusted website does not use a pop-up for entering user credentials. Which of the following attacks occurred?

Cross-site scripting

QUESTION 1050 To reduce costs and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would best meet the needs of the organization?

SaaS

QUESTION 1051 A software development manager wants to ensure the authenticity of the code created by the company. Which of the following options is the most appropriate?

Performing code signing on company-developed software

QUESTION 1052 An organization is having difficulty correlating events from its individual AV, EDR, DLP, SWNG. WAF, MDM, HIPS, and CASB systems. Which of the following is the best way to improve the situation?

Utilize a SIEM to centralize logs and dashboards.

QUESTION 1053 A company's end Users are reporting that they are unable to reach external websites. After reviewing the performance data for the DNS severs, the analyst discovers that the CPU, disk. and memory usage are minimal, but the network interface is flooded with inbound traffic. Network logs show only a small number of DNS queries sent to this server. Which of the following best describes what the security analyst is seeing?

Reflected denial of service

QUESTION 1054 An audit identified PIl being utilized in the development environment of a critical application. The Chief Privacy Officer (CPO) is adamant that this data must be removed; however, the developers are concerned that without real data they cannot perform functionality tests and search for specific data. Which of the following should a security professional implement to best satisiy both the CPO's and the development team's requirements?

Data masking

QUESTION 1055 A security analyst is investigating a malware incident at a company. The malware is accessing a command-and-control website at www.comptia.com. All outbound Internet traffic is logged to a syslog server and stored in logfiles/messages. Which of the following commands would be best for the analyst to use on the syslog server to search for recent traffic to the command-and-control website?

tail -500 /logfiles/messages | grep www.comptia.com

A systems administrator set up an automated process that checks for vulnerabilities across the entire environment every morning. Which of the following activities is the systems administrator conducting?

Scanning

QUESTION 1057 An engineer is setting up a VDI environment for a factory location, and the business wants to deploy a low-cost solution to enable users on the shop floor to log in to the VDI environment directly. Which of the following should the engineer select to meet these requirements?

Thin clients

QUESTION 1058 A systems administrator receives the following alert from a file integrity monitoring tool: The hash of the cmd.exe file has changed. The systems administrator checks the OS logs and notices that no patches were applied in the last two months. Which of the following most likely occurred?

A rootkit was deployed.

QUESTION 1059 A security analyst was asked to evaluate a potential attack that occurred on a publicly accessible section of the company's website. The malicious actor posted an entry in an attempt to trick users into clicking the following: https://www.comptia.com/contact- us/%3 Fname%3 D %3Cscript %3 Ealert(document.cookie) %3C%2 Fscript%3E Which of the following was most likely observed?

XSS

QUESTION 1060 A Company's Chief Information Security Officer (CISO) recently warned the security manager that the company's Chief Executive Officer (CEO) is planning to publish a controversial opinion article in a national newspaper, which may result in new cyberattacks. Which of the following would be best for the security manager to use in a threat model?

Hacktivists

QUESTION 1061 Which of the following provides a catalog of security and privacy controls related to the United States federal information systems?

NIST 800-53

QUESTION 1062 An analyst is concerned about data leaks and wants to restrict access to internet services to authorized users only. The analyst also wants to control the actions each user can perform on each service. Which of the following would be the best technology for the analyst to consider Implementing?

CASB

QUESTION 1063 A grocery store is expressing security and reliability concerns regarding the on-site backup strategy currently being performed by locally attached disks. The main concerns are the physical security of the backup media and the durability of the data stored on these devices. Which of the following is a cost-effective approach to address these concerns?

Migrate to a cloud backup solution

QUESTION 1064 A security engineer needs to recommend a solution to defend against malicious actors misusing protocols and being allowed through network defenses. Which of the following will the engineer most likely recommend?

A next-generation firewall

QUESTION 1065 A company's legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?

Geolocation policy

QUESTION 1066 An organization suffered numerous multiday power outages at its current location. The Chief Executive Officer wants to create a disaster recovery strategy to resolve this issue. Which of the following options offer low-cost solutions? (Choose two.)

Cold site, Cloud backups

QUESTION 1067 A security analyst is reviewing the following logs:

Password spraying

C. Pass-the-hash D. Brute-force Answer: A QUESTION 1068 A security analyst discovers that one of the web APls is being abused by an unknown third party. Logs indicate that the third party is attempting to manipulate the parameters being passed to the APl endpoint. Which of the following solutions would best help to protect against the attack?

WAF

QUESTION 1069 An application owner reports suspicious activity on an internal financial application from various internal users within the past 14 days. A security analyst notices the following: - Financial transactions were occurring during irregular time frames and outside of business hours by unauthorized users. - Internal users in question were changing their passwords frequently during that time period. - A jump box that several domain administrator users use to connect to remote devices was recently compromised. - The authentication method used in the environment is NTLM. Which of the following types of attacks is most likely being used to gain unauthorized access?

Pass-the-hash

QUESTION 1070 During an incident, an EDR system detects an increase in the number of encrypted outbound connections from multiple hosts. A firewall is also reporting an increase in outbound connections that use random high ports. An analyst plans to review the correlated logs to find the source of the incident. Which of the following tools will best assist the analyst?

A SIEM

QUESTION 1071 A company recently suffered a breach in which an attacker was able to access the internal mail servers and directly access several user inboxes. A large number of email messages were later posted online. Which of the folowing would best prevent email contents from being released should another breach occur?

Implement S/MIME to encrypt the emails at rest.

QUESTION 1072 A company hired a consultant to perform an offensive security assessment covering penetration testing and social engineering. Which of the following teams will conduct this assessment activity?

Red

QUESTION 1073 Which of the following exercises should an organization use to improve its incident response process?

Tabletop

QUESTION 1074 An attacker is attempting to harvest user credentials on a client's website. A security analyst notices multiple attermpts of random usernames and passwords. When the analyst types in a random username and password, the logon screen displays the following message: The username you entered does not exist. Which of the following should the analyst recommend be enabled?

Error handling

QUESTION 1075 An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?

Compensating controls

QUESTION 1076 Which of the following describes the ability of code to target a hypervisor from inside a guest OS?

VM escape

QUESTION 1077 A local server recently crashed and the team is attempting to restore the server from a backup. During the restore process, the team notices the file size of each daily backup is large and will run out of space at the current rate. The current solution appears to do a full backup every night. Which of the following would use the least amount of storage space for backups?

A weekly, full backup with daily incremental backups

QUESTION 1078 A security analyst discovers several jpg photos from a cellular phone during a forensics investigation involving a compromised system. The analyst runs a forensics tool to gather file metadata. Which of the following would be part of the images if all the metadata is still intact?

The GPS location

QUESTION 1079 A financial analyst is expecting an email containing sensitive information from a client. When the email arrives the analyst receives an error and is unable to open the encrypted message. Which of the following is the most likely cause of the issue?

The S/MIME plug-in is not enabled

QUESTION 1080 A company develops a complex platform that is composed of a single application. After several issues with upgrades, the systems administrator recommends breaking down the application into unique, independent modules. Which of the following best identifies the systems administrator's recommendation?

Microservices

QUESTION 1081 Which of the following would be the best way to block unknown programs from executing?

Application allow list

A company is planning to install a guest wireless network so visitors will be able to access the internet. The stakeholders want the network to be easy to connect to so time is not wasted during meetings. The WAPS are configured so that power levels and antennas cover only the conference rooms where visitors will attend meetings. Which of the following would best protect the company's internal wireless network against visitors accessing company resources?

Configure the guest wireless network to be on a separate VLAN from the company's internal wireless network.

QUESTION 1083 An organization relies on third-party videoconferencing to conduct daily business. Recent security changes now require all remote workers to utilize a VPN to corporate resources. Which of the following would best maintain high-quality videoconferencing while minimizing latency when connected to the VPN?

Utilizing split tunneling so only traffic for corporate resources is encrypted

QUESTION 1084 A security analyst is scanning a company's public network and discovers a host is running a remote desktop that can be used to access the production network. Which of the following changes should the security analyst recommend?

Setting up a VPN and placing the jump server inside the firewall

QUESTION 1085 A company recently experienced a major breach. An investigation concludes that customer credit card data was stolen and exfiltrated through a dedicated business partner connection to a vendor,who is not held to the same security control standards. Which of the following is the most likely source of the breach?

Supply chain

QUESTION 1086 A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the greatest amount of control and security over company data and infrastructure?

VDI

QUESTION 1087 Which of the following threat actors is most likely to be motivated by ideology?

Hacktivist

QUESTION 1088 A user would like to install software and features that are not available with a mobile device's default software. Which of the following would all the user to install unauthorized software and enable new features?

Jailbreaking

QUESTION 1089 A user downloaded an extension for a browser and the user's device later became infected. The analyst who is investigating the incident saw various logs where the attacker was hiding activity by deleting data. The following was observed running: New-Partition -DiskNumber 2 -UseMaximumSize -Assign DriveLetter C| Format-Volume - DriveLetter C - FileSystemLabel "New"-FileSystem NTFS - Full -Force -Confirm:$false| Which of the following is the malware using to execute the atack?

PowerShell

QUESTION 1090 An organization recently acquired an ISO 27001 certification. Which of the following would most likely be considered a benefit of this certification?

It assures customers that the organization meets security standards

QUESTION 1091 A junior security analyst is reviewing web server logs and identifies the following pattern in the log file: htp://comptia.org/../../../etc/passwd Which of the following types of attacks is being attempted and how can it be mitigated?

Directory traversal; implement a WAF

QUESTION 1092 A security professional wants to enhance the protection of a critical environment that is used to store and managea company's encryption keys. The selected technology should be tamper resistant. Which of the following should the security professional implement to achieve the goal?

HSM

QUESTION 1093 Which of the following is the correct order of volatility from most to least volatile?

Cache memory, temporary filesystems, disk, archival media

QUESTION 1094 A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team. Which of the following best describes the threat actor in the ClSO's report?

Organized crime

QUESTION 1095 Which of the following agreements defines response time, escalation points, and performance metrics?

SLA

QUESTION 1096 A bakery has a secret recipe that it wants to protect. Which of the following objectives should be added to the company's security awareness training?

Insider threat detection

QUESTION 1097 Which of the following must be considered when designing a high-availability network? (Choose two.)

Ease of recovery, Responsiveness

QUESTION 1098 Which of the following strategies shifts risks that are not covered in an organization's risk strategy?

Risk transference

QUESTION 1099 A dynamic application vulnerability scan identified that code injection could be performed using a web form. Which of the following will be the best remediation to prevent this vulnerability?

Implement input validations

QUESTION 1100 A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

FIM

QUESTION 1101 An analyst is working on an email security incident in which the target opened an attachment containing a worm. The analyst wants to implement mitigation techniques to prevent further spread. Which of the following is the best course of action for the analyst to take?

Implement network segmentation

QUESTION 1103 Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?

SLE x ARO

QUESTION 1104 A security engineer is hardening existing solutions to reduce application vulnerabilities. Which of the following solutions should the engineer implement FIRST? (Choose two.)

Auto-update, Sandboxing

QUESTION 1105 Which of the following authentication methods is considered to be the LEAST secure?

SMS

QUESTION 1102 Sales team members have been receiving threatening voicemail messages and have reported these incidents to the IT security team. Which of the following would be MOST appropriate for the IT security team to analyze?

Session Initiation Protocol traffic logs

QUESTION 1106 Employees in the research and development business unit receive extensive training to ensure they understand how to best protect company data. Which of the following is the type of data these employees are most likely to use in day to-day work activities?

Intellectual property

QUESTION 1107 An audit report indicates multiple suspicious attempts to access company resources were made. These attempts were not detected by the company. Which of the following would be the best solution to implement on the company's network?

Intrusion prevention system

QUESTION 1108 An administrator identifies some locations on the third floor of the building that have a poor wireless signal Multiple users confirm the incident and report it is not an isolated event. Which of the following should the administrator use to find the areas with a poor or non-existent wireless signal?

Site survey

QUESTION 1109 Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal |P addresses?

Network segmentation

An attacker tricks a user into providing confidential information. Which of the following describes this form of malicious reconnaissance?

Social engineering

QUESTION 1111 A large bank with two geographically dispersed data centers is concerned about major power disruptions at both locations. Every day each location experiences very brief outages that last for a few seconds. However, during the summer a high risk of intentional under-voltage events that could last up to an hour exists, particularly at one of the locations near an industrial smelter. Which of the following is the best solution to reduce the risk of data loss?

Generator

QUESTION 1113 An organization would like to store customer data on a separate part of the network that is not accessible to users on the mam corporate network. Which of the following should the administrator use to accomplish this goal?

Isolation

QUESTION 1114 A company is adding a clause to its AUP that states employees are not alowed to modify the operating system on mobile devices. WNhich of the following vulnerabilities is the organization addressing?

Jailbreaking

100

QUESTION 1115 A company is expanding its threat surface program and allowing individuals to security test the company's internet-facing application. The company will compensate researchers based on the vulnerabilities discovered. Which of the following best describes the program the company is setting up?

Bug bounty

security+1

security+1

security+2

security+2

security+6

security+6

security+7

security+7

security+8

security+8

security+9

security+9

security+10

security+10

security+12

security+12

cysa+1

cysa+1

cysa+2

cysa+2

cysa+3

cysa+3

A+1

A+1

問題一覧

PCIDSS, GDPR

Credential stuffing

The business continuity plan

An atacker used a pass-the-hash attack to gain access.

Walk-through

Password, authentication token, thumbprint

QUESTION 1018 Which of the following terms should be included in a contract to help a company monitor the ongoing security maturity of a new vendor?

A right-to-audit clause allowing for annual security audits

QUESTION 1019 Which of the following cloud models provides clients with servers, storage, and networks but nothing else?

IaaS

Acceptable use policy

Legal hold

Honeypots

QUESTION 1024 A company has installed badge readers for building access but is finding unauthorized individuals roaming the hallways. Which of the following is the most likely cause?

Tailgating

Encrypted VPN traffic will not be inspected when entering or leaving the network.

The GPO blocking the flash drives is being bypassed by a malicious flash drive that is attempting to harvest plaintext credentials from memory.

QUESTION 1026 Which of the following is the best method for ensuring non-repudiation?

Digital certificate

QUESTION 1027 Which of the following methods is the most effective for reducing vulnerabilities?

Using a scan-patch-scan process

Deploying a SASE solution to remote employees

QUESTION 1029 Which of the following is the best reason to complete an audit in a banking environment?

Regulatory requirement

QUESTION 1030 After a recent ransomware attack on a company's system, an administrator reviewed the log files. Which of the following control types did the administrator use?

Detective

QUESTION 1031 A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?

Create a change control request.

Evil twin

Corporate PCs have been turned into a botnet.

QUESTION 1034 An engineer needs to deploy a security measure to identify and prevent data tampering within the enterprise. Which of the following will accomplish this goal?

FIM

QUESTION 1035 Which of the following mitigation techniques places devices in physically or logically separated networks and leverages policies to limit the types of communications that are allowed?

Host-based firewalls

A jump server

GDPR

Configure SNMPV3.

QUESTION 1042 Developers are writing code and merging it into shared repositories several times a day, where it is tested automatically. Which of the following concepts does this best represent?

Continuous integration

A RAT

Facial recognition

RAID6

QUESTION 1046 A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?

Encryption

Unavailable patch

EDR

Cross-site scripting

SaaS

QUESTION 1051 A software development manager wants to ensure the authenticity of the code created by the company. Which of the following options is the most appropriate?

Performing code signing on company-developed software

Utilize a SIEM to centralize logs and dashboards.

Reflected denial of service

Data masking

tail -500 /logfiles/messages | grep www.comptia.com

Scanning

Thin clients

A rootkit was deployed.

XSS

Hacktivists

QUESTION 1061 Which of the following provides a catalog of security and privacy controls related to the United States federal information systems?

NIST 800-53

CASB

Migrate to a cloud backup solution

A next-generation firewall

Geolocation policy

Cold site, Cloud backups

QUESTION 1067 A security analyst is reviewing the following logs:

Password spraying

WAF

Pass-the-hash

A SIEM

Implement S/MIME to encrypt the emails at rest.

Red

QUESTION 1073 Which of the following exercises should an organization use to improve its incident response process?

Tabletop

Error handling

Compensating controls

QUESTION 1076 Which of the following describes the ability of code to target a hypervisor from inside a guest OS?

VM escape

A weekly, full backup with daily incremental backups

The GPS location

The S/MIME plug-in is not enabled

Microservices

QUESTION 1081 Which of the following would be the best way to block unknown programs from executing?

Application allow list

Configure the guest wireless network to be on a separate VLAN from the company's internal wireless network.

Utilizing split tunneling so only traffic for corporate resources is encrypted

Setting up a VPN and placing the jump server inside the firewall

Supply chain

VDI

QUESTION 1087 Which of the following threat actors is most likely to be motivated by ideology?

Hacktivist

Jailbreaking

PowerShell

QUESTION 1090 An organization recently acquired an ISO 27001 certification. Which of the following would most likely be considered a benefit of this certification?

It assures customers that the organization meets security standards

Directory traversal; implement a WAF

HSM

QUESTION 1093 Which of the following is the correct order of volatility from most to least volatile?

Cache memory, temporary filesystems, disk, archival media

Organized crime

QUESTION 1095 Which of the following agreements defines response time, escalation points, and performance metrics?

SLA

QUESTION 1096 A bakery has a secret recipe that it wants to protect. Which of the following objectives should be added to the company's security awareness training?

Insider threat detection

QUESTION 1097 Which of the following must be considered when designing a high-availability network? (Choose two.)

Ease of recovery, Responsiveness

QUESTION 1098 Which of the following strategies shifts risks that are not covered in an organization's risk strategy?

Risk transference

Implement input validations

FIM

Implement network segmentation

QUESTION 1103 Which of the following can be used to calculate the total loss expected per year due to a threat targeting an asset?

SLE x ARO

QUESTION 1104 A security engineer is hardening existing solutions to reduce application vulnerabilities. Which of the following solutions should the engineer implement FIRST? (Choose two.)

Auto-update, Sandboxing

QUESTION 1105 Which of the following authentication methods is considered to be the LEAST secure?

SMS

Session Initiation Protocol traffic logs

Intellectual property

Intrusion prevention system

Site survey

QUESTION 1109 Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal |P addresses?

Network segmentation

An attacker tricks a user into providing confidential information. Which of the following describes this form of malicious reconnaissance?

Social engineering

Generator

Isolation

Jailbreaking

100

Bug bounty