CNL_CH_9

49問 • 2年前

問題一覧

A security architect is required to deploy to conference rooms some workstations that will allow sensitive data to be displayed on large screens. Due to the nature of the data, it cannot be stored in the conference rooms. The fileshare is located in a local data center. Which of the following should the security architect recommend to BEST meet the requirement?

VDI and thin clients

A company needs to enhance its ability to maintain a scalable cloud Infrastructure. The Infrastructure needs to handle the unpredictable loads on the company's web application. Which of the following cloud concepts would BEST address these requirements?

Containers

A security analyst has been asked by the Chief Information Security Officer to; ● develop a secure method of providing centralized management of infrastructure ● reduce the need to constantly replace aging end user machines ● provide a consistent user desktop experience Which of the following BEST meets these requirements?

VDI

An organization is planning to roll out a new mobile device policy and issue each employee a new laptop. These laptops would access the users' corporate operating system remotely and allow them to use the laptops for purposes outside of their job roles. Which of the following deployment models is being utilized?

COPE and VDI

An organization would like to give remote workers the ability to use applications hosted inside the corporate network. Users will be allowed to use their personal computers or they will be provided organization assets. Either way no data or applications will be installed locally on any user systems. Which of the following mobile solutions would accomplish these goals?

VDI

A company is switching to a remote work model for all employees. All company and employee resources will be in the cloud. Employees must use their personal computers to access the cloud computing environment. The company will manage the operating system. Which of the following deployment models is the company implementing?

VDI

A recent audit cited a risk involving numerous low-criticality vulnerabilities created by a web application using a third-party library. The development staff state there are still customers using the application even though it is end of life and it would be a substantial burden to update the application for compatibility with more secure libraries. Which of the following would be the MOST prudent course of action?

Use containerization to segment the application from other applications to eliminate the risk

While researching a data exfiltration event, the security team discovers that a large amount of data was transferred to a file storage site on the internet. Which of the following controls would work best to reduce the risk of further exfiltration using this method?

Data Loss Prevention

An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal?

HSM

A Chief Security Officer (CSO) is concerned about the amount of PII that is stored locally on each salesperson’s laptop. The sales department has a higher-than-average rate of lost equipment. Which of the following recommendations would BEST address the CSO’s concern?

Implement managed FDE

A user is trying unsuccessfully to send images via SMS. The user downloaded the images from a corporate email account on a work phone. Which of the following policies is preventing the user from completing this action?

Content Management

A company recently enhanced mobile device configuration by implementing a set of security controls: biometrics, context-aware authentication, and full device encryption. Even with these settings in place, an unattended phone was used by a malicious actor to access corporate data. Which of the following additional controls should be put in place first?

Screen Lock Timer

A security proposal was set up to track requests for remote access by creating a baseline of the users' common sign-in properties. When a baseline deviation is detected, an MFA challenge will be triggered. Which of the following should be configured in order to deploy the proposal?

Context-aware authentication

A company is working on mobile device security after a report revealed that users granted non-verified software access to corporate data. Which of the following is the MOST effective security control to mitigate this risk?

Block access to application stores

A business operations manager is concerned that a PC that is critical to business operations will have a costly hardware failure soon. The manager is looking for options to continue business operations without incurring large costs. Which of the following would mitigate the manager's concerns?

Perform a physical-to-virtual migration

An organization has a growing workforce that is mostly driven by additions to the sales department. Each newly hired salesperson relies on a mobile device to conduct business. The Chief Information Officer (CIO) is wondering if the organization may need to scale down just as quickly as it scaled up. The ClO is also concerned about the organization's security and customer privacy. Which of the following would be BEST to address the ClO’s concerns?

Implement BYOD for the sales department while leveraging the MDM

Field workers in an organization are issued mobile phones on a daily basis. All the work is performed within one city and the mobile phones are not used for any purpose other than work. The organization does not want these phones used for personal purposes. The organization would like to issue the phones to workers as permanent devices so the phones do not need to be reissued every day. Given the conditions described, which of the following technologies would BEST meet these requirements?

Mobile device management

An organization discovers that unauthorized applications have been installed on company provided mobile phones. The organization issues these devices, but some users have managed to bypass the security controls. Which of the following is the MOST likely issue, and how can the organization BEST prevent this from happening?

Some advanced users are jailbreaking the OS and bypassing the controls. Implement an MDM solution to control access to company resources.

An organization that has a large number of mobile devices is exploring enhanced security controls to manage unauthorized access if a device is lost or stolen. Specifically, if mobile devices are more than 3 mil (4,8km) from the building, the management team would like to have the security team alerted and server resources restricted on those devices. Which of the following controls should the organization implement?

Geofencing

A hospital's administration is concerned about a potential loss of patient data that is stored on tablets. A security administrator needs to implement controls to alert the SOC any time the devices are near exits. Which of the following would BEST achieve this objective?

Geofencing

The Chief Executive Officer (CEO) of an organization would like staff members to have the flexibility to work from home anytime during business hours, including during a pandemic or crisis. However, the CEO is concerned that some staff members may take advantage of the flexibility and work from high-risk countries while on holidays, work to a third-party organization in another country. The Chief information Officer (CIO) believes the company can implement some basic to mitigate the majority of the risk. Which of the following would be BEST to mitigate the CEO's concern? (Select TWO)

Geolocation, Time-of-day restrictions

An engineer wants to access sensitive data from a corporate-owned mobile device. Personal data is not allowed on the device. Which of the following MDM configurations must be considered when the engineer travels for business?

Screen locks

A company recently transitioned to a strictly BYOD culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the following technologies would be BEST to balance the BYOD culture while also protecting the company’s data?

Containerization

A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices the following requirements must be met: • Mobile device OSs must be patched up to the latest release (posturing) • A screen lock must be enabled (passcode or biometric) (posturing) • Corporate data must be removed if the device is reported lost or stolen Which of the following controls should the security engineer configure? (Select TWO)

Posturing, Remote wipe

A company is adopting a BYOD policy and is looking for a comprehensive solution to protect company information on user devices. Which of the following solutions would BEST support the policy?

Mobile Device Management

A company provides mobile devices to its users to permit access to email and enterprise applications. The company recently started allowing users to select from several different vendors and device models. When configuring the MDM, which of the following is a key security implication of this heterogeneous device approach?

Certain devices are inherently less secure than others, so compensatory controls will be needed to address the delta between device vendors.

An organization recently recovered from a data breach. During the root cause analysis, the organization determined the source of the breach to be a personal cell phone that had been reported lost. Which of the following solutions should the organization implement to reduce the likelihood of future data breaches?

MDM (Mobile Device Management)

A security analyst needs to implement security features across smartphones, laptops, and tablets. Which of the following would be the MOST effective across heterogeneous platforms?

Applying MDM software

A company just implemented a new telework policy that allows employees to use personal devices for official email and file sharing while working from home. Some of the requirements are: ● Employees must provide an alternate work location (i.e., a home address) ● Employees must install software on the device that will prevent the loss of proprietary data but will not restrict any other software from being installed. Which of the following BEST describes the MDM options the company is using?

Application management, remote wipe, geofencing, context-aware authentication, and containerization

When implementing automation with loT devices, which of the following should be considered FIRST to keep the network secure?

Communication protocols

A security analyst needs to implement an MDM solution for BYOD users that will allow the company to retain control over company emails residing on the devices and limit data exfiltration that might occur if the devices are lost or stolen. Which of the following would BEST meet these requirements? (Select TWO)

Full-device encryption, Containerization

A root cause analysis reveals that a web application outage was caused by one of the company’s developers uploading a newer version of the third-party libraries that were shared among several applications. Which of the following implementations would be BEST to prevent the issue from recurring?

Containerization

A company would like to provide flexibility for employees on device preference. However, the company is concerned about supporting too many different types of hardware. Which of the following deployment models will provide the needed flexibility with the GREATEST amount of control and security over company data and infrastructure?

CYOD

A new plug-and-play storage device was installed on a PC in the corporate environment. Which of the following safeguards will BEST help to protect the PC from malicious files on the storage device?

Change the default settings on the PC

A security an analyst needs to implement security features across smartphones. laptops, and tablets Which of the following would be the MOST effective across heterogeneous platforms?

Applying MDM software

A security analyst has been asked by the Chief Information Security Officer to: ● develop a secure method of providing centralized management of infrastructure ● reduce the need to constantly replace aging end user machines ● provide a consistent user desktop experience Which of the following BEST meets these requirements?

VDI

An employee's company account was used in a data breach Interviews with the employee revealed: ● The employee was able to avoid changing passwords by using a previous password again. ● The account was accessed from a hostile, foreign nation, but the employee has never traveled to any other countries. Which of the following can be implemented to prevent these issues from reoccurring? (Select TWO)

Password history, Geofencing

A company recently decided to allow its employees to use their personally owned devices for tasks like checking email and messaging via mobile applications. The company would like to use MDM, but employees are concerned about the loss of personal data. Which of the following should the IT department implement to BEST protect the company against company data loss while still addressing the employees’ concerns?

Configure the MDM software to enforce the use of PINs to access the phone.

Which of the following should be addressed first on security devices before connecting to the network?

Default settings

Which of the following would cause a Chief Information Security Officer (CISO) the MOST concern regarding newly installed Internet-accessible 4K surveillance cameras?

The cameras could be compromised if not patched in a timely manner.

A company wants to enable BYOD for checking email and reviewing documents. Many of the documents contain sensitive organizational information. Which of the following should be deployed first before allowing the use of personal devices to access company data?

MDM

Which of the following is constantly scanned by internet bots and has the highest risk of attack in the case of the default configurations?

Surveillance systems

Which of the following is a primary security concern for a company setting up a BYOD program?

Jailbreaking

Which of the following allow access to remote computing resources, an operating system and centralized configuration and data?

Thin client

A company recently completed the transition from data centers to the cloud. Which of the following solutions will best enable the company to detect security threats in applications that run in isolated environments within the cloud environment?

Container security

An engineer wants to inspect traffic to a cluster of web servers in a cloud environment. Which of the following solutions should the engineer implement? (Select two).

CASB, WAF

Which of the following models offers third-party-hosted, on-demand computing resources that can be shared with multiple organizations over the internet?

Public cloud

A company is adding a clause to its AUP that states employees are not allowed to modify the operating system on mobile devices. Which of the following vulnerabilities is the organization addressing?

Jailbreaking

A security professional wants to enhance the protection of a critical environment that is used to store and manage a company's encryption keys. The selected technology should be tamper resistant. Which of the following should the security professional implement to achieve the goal?

HSM

CNL_CH_1

Son Cagrı · 3回閲覧 · 185問 · 2年前

CNL_CH_1