Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
601
| Question | Answer |
|---|---|
| 329 The human resources department of a large online retailer has received multiple customer complaints about the rudeness of the automated chatbots It uses to interface and assist online shoppers. The system, which continuously learns and adapts, was w | C |
| 330 Joe. a security analyst, recently performed a network discovery to fully understand his organization's electronic footprint from a "public" perspective. Joe ran a set of commands and received the following output: Which of the following | AD |
| 331 A systems administrator needs to install a new wireless network for authenticated guest access. The wireless network should support 802.1X using the most secure encryption and protocol available. Perform the following slops: 1. Configure the | guest01 Password: guestpass Answe |
| 332 Hotspot ;q The security administration has installed a new firewall which implements an implicit DENY policy by default. INSTRUCTIONS Click on the firewall and configure it to allow ONLY the following communication: The Account | _____________ e: Implicit deny is the default security stance that says if you aren't specifically granted access or privileges for a resource, you're denied access by default. Rule #1 allows the Accounting workstation to O |
| 333 An organization's corporate offices were destroyed due to a natural disaster, so the organization is now setting up offices in a temporary work space. Which of the following will the organization MOST likely consult? A. The business continuity | B _____________ e: Disaster recovery is prepping to recover the IT operations after a disaster has occurred. Business continuity is ensure the IT operations are working DURING a disaster. |
| 334 An organization recently recovered from a data breach. During the root cause analysis, the organization determined the source of the breach to be a personal cell phone that had been reported lost. Which of the following solutions should the organiza | A |
| 335 An organization relies on third-party video conferencing to conduct daily business. Recent security changes now require all remote workers to utilize a VPN to corporate resources. Which of the following would BEST maintain high-quality video confere | D |
| 336 A company just developed a new web application for a government agency. The application must be assessed and authorized prior to being deployed. Which of the following is required to assess the vulnerabilities resident in the application? A. Re | C |
| 337 A user must introduce a password and a USB key to authenticate against a secure computer, and authentication is limited to the state in which the company resides. Which of the following authentication concepts are in use? A. Something you know, | A |
| 338 A bank detects fraudulent activity on user's account. The user confirms transactions completed yesterday on the bank's website at A security analyst then examines the user's Internet usage logs and observes the following out | A |
| 339 A company's help desk received several AV alerts indicating Mimikatz attempted to run on the remote systems. Several users also reported that the new company flash drives they picked up in the break room only have 512KB of storage. Which of the foll | B |
| 340 A security analyst is reviewing a penetration-testing report from a third-party contractor. The penetration testers used the organization's new API to bypass a driver to perform privilege escalation on the organization's web servers. Upon looking at | D _____________ e: When an application attempts to call an older driver, the operating system intercepts the call and redirects it to run the shim code instead. |
| 341 Which of the following utilize a subset of real data and are MOST likely to be used to assess the features and functions of a system and how it interacts or performs from an end user's perspective against defined test cases? (Choose two.) A. Pr | BE |
| 342 A network administrator is concerned about users being exposed to malicious content when accessing company cloud applications. The administrator wants to be able to block access to sites based on the AUP. The users must also be protected because man | B _____________ e: A secure web gateway (SWG) protects users from web-based threats in addition to applying and enforcing corporate acceptable use policies. |
| 343 An information security officer at a credit card transaction company is conducting a framework- mapping exercise with the internal controls. The company recently established a new office in Europe. To which of the following frameworks should the sec | BD |
| 344 Several large orders of merchandise were recently purchased on an e-commerce company's website. The totals for each of the transactions were negative values, resulting in credits on the customers' accounts. Which of the following should be implement | A |
| 345 To mitigate the impact of a single VM being compromised by another VM on the same hypervisor, an administrator would like to utilize a technical control to further segregate the traffic. Which of the following solutions would BEST accomplish this ob | A |
| 346 A nationwide company is experiencing unauthorized logins at all hours of the day. The logins appear to originate from countries in which the company has no employees. Which of the following controls should the company consider using as part of its | EF _____________ e: Time-based authentication is a special procedure to prove an individual's identity and authenticity on appearance simply by detecting its presence at a scheduled time of day or within a scheduled time int |
| 347 An organization has expanded its operations by opening a remote office. The new office is fully furnished with office resources to support up to 50 employees working on any given day. Which of the following VPN solutions would BEST support the new o | C _____________ e: Site-to-site VPN provides secure connectivity between two or more geographically dispersed locations, such as a main office and a remote office. It is a good choice when multiple users need to access network |
| 348 A security analyst has been reading about a newly discovered cyber attack from a known threat actor. Which of the following would BEST support the analyst's review of the tactics, techniques, and protocols the threat actor was observed using in prev | B _____________ e: The MITRE ATT&CK Framework was created by MITRE in 2013 to document attacker tactics and techniques based on real-world observations. This index continues to evolve with the threat landscape and has become |
| 349 Which of the following is the correct order of volatility from MOST to LEAST volatile? A. Memory, temporary filesystems, routing tables, disk, network storage B. Cache, memory, temporary filesystems, disk, archival media C. Memory, disk, te | B |
| 350 After installing a Windows server, a cybersecurity administrator needs to harden it, following security best practices. Which of the following will achieve the administrator's goal? (Choose two.) A. Disabling guest accounts B. Disabling servi | AD |
| 351 Accompany deployed a WiFi access point in a public area and wants to harden the configuration to make it more secure. After performing an assessment, an analyst identifies that the access point is configured to use WPA3, AES, WPS, and RADIUS. Which | D _____________ e: Wifi Protected Setup - Even though WPS offers this convenience, it is appallingly insecure. Wireless networks with WPS enabled are highly vulnerable to cybersecurity threats. Attackers can easily target th |
| 352 Which of the following distributes data among nodes, making it more difficult to manipulate the data while also minimizing downtime? A. MSSP B. Public cloud C. Hybrid cloud D. Fog computing Answe | D _____________ e: Computing uses multiple nodes while Edge computing uses single node. |
| 353 A500 is implementing an insider threat detection program, The primary concern is that users may be accessing confidential data without authorization. Which of the fallowing should be deployed to detect a potential insider threat? A. A honeyfile | A |
| 354 A security assessment found that several embedded systems are running unsecure protocols. These Systems were purchased two years ago and the company that developed them is no longer in business. Which of the following constraints BEST describes th | D |
| 355 A security analyst needs to find real-time data on the latest malware and IoCs. Which of the following would BEST describes the solution the analyst should pursue? A. Advisories and bulletins B. Threat feeds C. Security news articles D. P | B |
| 356 A web server has been compromised due to a ransomware attack. Further investigation reveals the ransomware has been in the server for the past 72 hours. The systems administrator needs to get the services back up as soon as possible. Which of the fo | C Ransomware will most likely render the web server unusable and must be isolated for forensic investigation. This will leave the only option to start a new web server from scratch and restore the last full backup, plus any differential or incremental b |
| 357 Which of the following would cause a Chief Information Security Officer (CISO) the MOST concern regarding newly installed Internet-accessible 4K surveillance cameras? A. An inability to monitor 100%, of every facility could expose the company t | A |
| 358 A financial institution would like to store its customer data in a cloud but still allow the data to be accessed and manipulated while encrypted. Doing so would prevent the cloud service provider from being able to decipher the data due to its sensi | C _____________ e: Homomorphic encryption is a form of encryption that permits users to perform computations on its encrypted data without first decrypting it. |
| 359 A major political party experienced a server breach. The hacker then publicly posted stolen internal communications concerning campaign strategies to give the opposition party an advantage. Which of the following BEST describes these threat actors? | B _____________ e: State actor - A type of threat actor that is supported by the resources of its host country's military and security services. |
| 360 Which of the following often operates in a client-server architecture to act as a service repository, providing enterprise consumers access to structured threat intelligence data? A. STIX B. CIRT C. OSINT D. TAXII Answe | A _____________ e: STIX is acting as a service repository (which is asked in a ;q)providing enterprise consumers access to structured threat intelligence data, TAXII is a vector or transport for STIX data . |
| 361 A security analyst is reviewing the following output from a system: Which of the following is MOST likely being observed? A. ARP poisoning B. Man in the middle C. Denial of service D. DNS poisoning Answe | C _____________ e: Once you realize the destination IP and port are on the left the answer is easier to understand. Multiple source ports trying to connect to the same destination IP and port means DOS. |
| 362 Which of the following would a European company interested in implementing a technical, handson set of security standards MOST likely choose? A. GDPR B. CIS controls C. ISO 27001 D. ISO 37000 Answe | A _____________ e: In the wake of technological developments and globalisation and the constitutionalisation of the fundamental right to data protection in the EU, the General Data Protection Regulation (GDPR) aims to harmonis |
| 363 A security researcher is attempting to gather data on the widespread use of a Zero-day exploit. Which of the following will the researcher MOST likely use to capture this data? A. A DNS sinkhole B. A honeypot C. A vulnerability scan D. cv | B |
| 364 An engineer is setting up a VDI environment for a factory location, and the business wants to deploy a low-cost solution to enable users on the shop floor to log in to the VDI environment directly. Which of the following should the engineer select t | C |
| 365 A security analyst is reviewing the following command-line output: Which of the following Is the analyst observing? A. IGMP spoofing B. URL redirection C. MAC address cloning D. DNS poisoning Answe | C |
| 366 While reviewing the wireless router, the systems administrator of a small business determines someone is spoofing the MAC address of an authorized device. Given the table below: Which of the following should be the administrator's NEXT s | B _____________ e: The ;q is if the unknown hostname is a rogue system. Ping will not help. Will only show it is connected and he already knows that. Denying access to the internet is not detecting anything and MAC filtering c |
| 367 Which of the following should a data owner require all personnel to sign to legally protect intellectual property? A. An NDA B. An AUP C. An ISA D. An MOU Answe | A |
| 368 A security administrator needs to inspect in-transit files on the enterprise network to search for Pll, credit card data, and classification words. Which of the following would be the BEST to use? A. IDS solution B. EDR solution C. HIPS sof | D |
| 369 A security analyst must determine if either SSH or Telnet is being used to log in to servers. Which of the following should the analyst use? A. logger B. Metasploit C. tcpdump D. netstat Answe | D |
| 370 A security administrator is trying to determine whether a server is vulnerable to a range of attacks. After using a tool, the administrator obtains the following output: Which of the following attacks was successfully implemented based o | D _____________ e: Directory traversal is a type of HTTP exploit that is used by attackers to gain unauthorized access to restricted directories and files. |
| 371 An organization's finance department is implementing a policy to protect against collusion. Which of the following control types and corresponding procedures should the organization implement to fulfill this policy's requirement? (Choose two.) | DE |
| 372 A security analyst is investigating a vulnerability in which a default file permission was set incorrectly. The company uses non-credentialed scanning for vulnerability management. Which of the following tools can the analyst use to verify the perm | C _____________ e: chmod is used to change the permissions and using a command such as "ls -l" you can see the permissions r*w*x (read, write, execute). |
| 373 A Chief Security Officer (CSO) is concerned about the volume and integrity of sensitive information that is exchanged between the organization and a third party through email. The CSO is particularly concerned about an unauthorized party who is inte | D |
| 374 Which of the following BEST describes the MFA attribute that requires a callback on a predefined landline? A. Something you exhibit B. Something you can do C. Someone you know D. Somewhere you are Answe | B _____________ e: Something you can do: The only reason you can call that landline is because you can see the number at that time. No one else can. |
| 375 A multinational organization that offers web-based services has datacenters that are located only in the United States; however, a large number of its customers are in Australia, Europe, and China. Payments for services are managed by a third party | A |
| 376 A remote user recently took a two-week vacation abroad and brought along a corporate-owned laptop. Upon returning to work, the user has been unable to connect the laptop to the VPN. Which of the following is the MOST likely reason for the user's ina | AB |
| 377 The concept of connecting a user account across the systems of multiple enterprises is BEST known as: A. federation. B. a remote access policy. C. multifactor authentication. D. single sign-on. Answe | A _____________ e: SSO allows users to use a single set of credentials to access multiple systems within a single organization (a single domain) while Federation allow users to access systems across multiple organizations. |
| 378 A Chief Executive Officer (CEO) is dissatisfied with the level of service from the company's new service provider. The service provider is preventing the CEO. from sending email from a work account to a personal account. Which of the following types | D _____________ e: DLP is one to the service MSSP provides. |
| 379 Entering a secure area requires passing through two doors, both of which require someone who is already inside to initiate access. Which of the following types of physical security controls does this describe? A. Cameras B. Faraday cage C. | C _____________ e: Security vestibules provide additional protection by adding a secured space. Vestibules are secured spaces with two of more sets of doors and an office sign-in area. |
| 380 The lessons-learned analysis from a recent incident reveals that an administrative office worker received a call from someone claiming to be from technical support. The caller convinced the office worker to visit a website, and then download and ins | C _____________ e: Application Whitelisting - aimed at preventing malicious programs from running on a network. It monitors the operating system, in real-time, to prevent any unauthorized files from executing. |
| 381 A security administrator has noticed unusual activity occurring between different global instances and workloads and needs to identify the source of the unusual traffic. Which of the following log sources would be BEST to show the source of the unus | C |
| 382 A manufacturing company has several one-off legacy information systems that cannot be migrated to a newer OS due to software compatibility issues. The Oss are still supported by the vendor, but the industrial software is no longer supported. The Chi | D _____________ e: Since they are still testing out the OS patch using non-production devices, they need a backup for their rollback plan. Hence, they need Full backup just in case everything goes wrong right after the OS patc |
| 383 Which of the following terms should be included in a contract to help a company monitor the ongoing security maturity of a new vendor? A. A right-to-audit clause allowing for annual security audits B. Requirements for event logs to be kept fo | A |
| 384 An incident, which is affecting dozens of systems, involves malware that reaches out to an Internet service for rules and updates. The IP addresses for the Internet host appear to be different in each case. The organization would like to determine a | C |
| 385 Which of the following represents a biometric FRR? A. Authorized users being denied access B. Users failing to enter the correct PIN C. The denied and authorized numbers being equal D. The number of unauthorized users being granted access | A |
| 386 A web server administrator has redundant servers and needs to ensure failover to the secondary server when the primary server goes down. Which of the following should the administrator implement to avoid disruption? A. NIC teaming B. High ava | B |
| 387 Which of the following is a cryptographic concept that operates on a fixed length of bits? A. Block cipher B. Hashing C. Key stretching D. Salting Answe | A _____________ e: Single-key or symmetric-key encryption algorithms create a fixed length of bits known as a block cipher with a secret key that the creator/sender uses to encipher data (encryption) and the receiver uses to |
| 388 An organization regularly scans its infrastructure for missing security patches but is concerned about hackers gaining access to the scanner's account. Which of the following would be BEST to minimize this risk? A. Require a complex, eight-char | D |
| 389 The new Chief Executive Officer (CEO) of a large company has announced a partnership with a vendor that will provide multiple collaboration applications to make remote work easier. The company has a geographically dispersed staff located in numerous | D _____________ e: If you have several applications that you need to deploy together, instead of creating multiple deployments, create an application group. You can send the app group to a user or device collection as a single |
| 390 A Chief Security Officer (CSO) was notified that a customer was able to access confidential internal company files on a commonly used file-sharing service. The file-sharing service is the same one used by company staff as one of its approved third-p | A |
| 391 Which of the following is a reason why an organization would define an AUP? A. To define the lowest level of privileges needed for access and use of the organization's resources B. To define the set of rules and behaviors for users of the org | B |
| 392 A security analyst needs to perform periodic vulnerably scans on production systems. Which of the following scan types would produce the BEST vulnerability scan report? A. Port B. Intrusive C. Host discovery D. Credentialed Answe | D |
| 393 To further secure a company's email system, an administrator is adding public keys to DNS records in the company's domain Which of the following is being used? A. PFS B. SPF C. DMARC D. DNSSEC Answe | D |
| 394 An.. that has a large number of mobile devices is exploring enhanced security controls to manage unauthorized access if a device is lost or stolen. Specifically, if mobile devices are more than 3mi (4 8km) from the building, the management team woul | A |
| 395 A customer called a company's security team to report that all invoices the customer has received over the last five days from the company appear to have fraudulent banking details. An investigation into the matter reveals the following: - The | D |
| 396 An organization has implemented a two-step verification process to protect user access to data that 6 stored in the could. Each employee now uses an email address of mobile number a code to access the data. Which of the following authentication m | D |
| 397 A company Is concerned about is security after a red-team exercise. The report shows the team was able to reach the critical servers due to the SMB being exposed to the Internet and running NTLMV1, Which of the following BEST explains the findings? | C |
| 398 Which of the following would be BEST for a technician to review to determine the total risk an organization can bear when assessing a "cloud-first" adoption strategy? A. Risk matrix B. Risk tolerance C. Risk register D. Risk appetite | B |
| 399 A network manager is concerned that business may be negatively impacted if the firewall in its datacenter goes offline. The manager would like to Implement a high availability pair to: A. decrease the mean ne between failures B. remove the si | B |
| 400 A recent security assessment revealed that an actor exploited a vulnerable workstation within an organization and has persisted on the network for several months. The organization realizes the need to reassess its security strategy for mitigating | D |
| 401 A security analyst is concerned about traffic initiated to the dark web form the corporate LAN. Which of the following networks should the analyst monitor? A. SFTP B. AS C. Tor D. IoC Answe | C |
| 402 A global company is experiencing unauthorized logging due to credential theft and account lockouts caused by brute-force attacks. The company is considering implementing a third-party identity provider to help mitigate these attacks. Which of the fo | B |
| 403 A systems administrator needs to install the same X.509 certificate on multiple servers. Which of the following should the administrator use? A. Key escrow B. A self-signed certificate C. Certificate chaining D. An extended validation cer | B |
| 404 n organization plans to transition the intrusion detection and prevention techniques on a critical subnet to an anomaly-based system. Which of the following does the organization need to determine for this to be successful? A. The baseline B. | A |
| 405 A small business office is setting up a wireless infrastructure with primary requirements centered around protecting customer information and preventing unauthorized access to the business network. Which of the following would BEST support the offic | BD |
| 406 A company just implemented a new telework policy that allows employees to use personal devices for official email and file sharing while working from home. Some of the requirements are: - Employees must provide an alternate work location (i.e., | C |
| 407 A security administrator is analyzing the corporate wireless network. The network only has two access points running on channels 1 and 11. While using airodump-ng, the administrator notices other access points are running with the same corporate ESS | B _____________ e: Evil twin attacks are a type of Man in the Middle (MitM) attack in which a fake Wi-Fi network is set up to steal information or further infiltrate a connecting device. This is often done in public settings w |
| 408 During a security assessment, a security analyst finds a file with overly permissive permissions. Which of the following tools will allow the analyst to reduce the permissions for the existing users and groups and remove the set-user-ID bit from the | C _____________ e: Chmod is the Linux command used to change access permissions of a file. The general form of the command is chmod <options> <permissions> <filename> |
| 409 A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the access point to improve security. Which of the following configuration should an analyst enable to improve security? (Select Two) A. RADIUS B | AF |
| 410 A security engineer obtained the following output from a threat intelligence source that recently performed an attack on the company's serve | Which of the following BEST describes this kind of attack? A. Directory traversal B. SQL injection C. API D. Request forgery Answe |
| 411 The spread of misinformation surrounding the outbreak of a novel virus on election day led to eligible voters choosing not to take the risk of going the polls. This is an example of: A. prepending. B. an influence campaign C. a watering-hol | B |
| 412 A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective? A. A reverse proxy B. A decryption certificate C. A split-tunnel VPN D. | B |
| 413 An enterprise needs to keep cryptographic keys in a safe manner. Which of the following network appliances can achieve this goal? A. HSM B. CASB C. TPM D. DLP Answe | A |
| 414 Ann, a forensic analyst, needs to prove that the data she originally acquired has remained unchanged while in her custody. Which of the following should Ann use? A. Chain of custody B. Checksums C. Non-repudiation D. Legal hold Answe | B |
| 415 The following are the logs of a successful attack. Which of the following controls would be BEST to use to prevent such a breach in the future? A. Password history B. Account expiration C. Password complexity D. Account lockout | D |
| 416 An organization recently acquired an ISO 27001 certification. Which of the following would MOST likely be considered a benefit of this certification? A. It allows for the sharing of digital forensics data across organizations B. It provides i | E |
| 417 Which of the following is the MOST secure but LEAST expensive data destruction method for data that is stored on hard drives? A. Pulverizing B. Shredding C. Incinerating D. Degaussing Answe | B _____________ e: Shredding is the most secure and cost effective way to dispose of all types of end-of-life hard drives and media tapes. |
| 418 Server administrators want to configure a cloud solution so that computing memory and processor usage is maximized most efficiently across a number or virtual servers. They also need to avoid potential denial-of-service situations caused by availabi | A _____________ e: Dynamic resource allocation lets you scale resources up or down as needed to be more efficient. |
| 419 A company is required to continue using legacy software to support a critical service. Which of the following BEST explains a risk of this practice? A. Default system configuration B. Unsecure protocols C. Lack of vendor support D. Weak e | C _____________ e: Lack of vendor support implies no security patches. Unsecure protocols are not necessarily always the case. |
| 420 A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties? A. An incident response plan B. A communication | A |
| 421 A company wants to modify its current backup strategy to minimize the number of backups that would need to be restored in case of data loss. Which of the following would be the BEST backup strategy to implement? A. Incremental backups followed | E _____________ e: Differential backups are quicker than full backups because so much less data is being backed up. But the amount of data being backed up grows with each differential backup until the next full back up. Diff |
| 422 While investigating a recent security incident, a security analyst decides to view all network connections on a particular server, Which of the following would provide the desired information? A. arp B. nslookup C. netstat D. nmap An | C _____________ e: Nmap is a Network mapping tool. That means it's used to discover information about hosts on a network (their ip, open ports, etc). Where netstat is a network statistic tool used to list active connections. |
| 423 Joe, an employee, is transferring departments and is providing copies of his files to a network share folder for his previous team to access. Joe is granting read-write-execute permissions to his manager but giving read-only access to the rest of th | A _____________ e: The file permissions according to the file system access control list (FACL) are rw-rw-r–. The first 'rw-' are the file owner permissions (read and write). The second 'rw-' are the group permissions (read |
| 424 When implementing automation with loT devices, which of the following should be considered FIRST to keep the network secure? A. 2-Wave compatibility B. Network range C. Zigbee configuration D. Communication protocols Answe | C _____________ e: Zigbee is a wireless specification to address the needs of low-cost, low-power wireless IoT data networks. |
| 425 A new vulnerability in the SMB protocol on the Windows systems was recently discovered, but no patches are currently available to resolve the issue. The security administrator is concerned that servers in the company's DMZ will be vulnerable to exte | BF _____________ e: SMB use TCP Port 139, 445 and UDP Port 137, 138. |
| 426 A major clothing company recently lost a large amount of proprietary information The security officer must find a solution to ensure this never happens again. Which of the following is the BEST technical implementation to prevent this from happeni | A |
| 427 Which of the following types of attacks is specific to the individual it targets? A. Whaling B. Pharming C. Smishing D. Credential harvesting Answe | A _____________ e: What Is a Whaling Attack? A whaling attack is a type of phishing attack where a particularly important person in the organization is targeted. It hinges on the cyber criminal pretending to be a senior me |
| 428 A financial analyst has been accused of violating the company's AUP and there is forensic evidence to substantiate the allegation. Which of the following would dispute the analyst's claim of innocence? A. Legal hold B. Order of volatility C | C |
| 429 A large financial services firm recently released information regarding a security bfeach within its corporate network that began several years before. During the time frame in which the breach occurred, indicators show an attacker gained administra | D |
| 430 Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO) A. Block cipher B. Hashing C. Private key D. Perfect forward secrecy E. Salting F. Symmetric keys An | BC |
| 431 A security administrator is setting up a SIEM to help monitor for notable events across the enterprise. Which of the following control types does this BEST represent? A. Preventive B. Compensating C. Corrective D. Detective Answe | D |
| 432 Which of the following BEST describes a social-engineering attack that relies on an executive at a small business visiting a fake banking website where credit card and account details are harvested? Whaling Spam Invoice scam Pharming D | |
| 433 A systems administrator is considering different backup solutions for the IT infrastructure. The company is looking for a solution that offers the fastest recovery time while also saving the most amount of storage used to maintain the backups. Which | B |
| 434 A retail company that is launching a new website to showcase the company’s product line and other information for online shoppers registered the following URLs: www.companysite.com shop.companysite.com about-us.companysite.com contact-u | D |
| 435 An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud pr | A _____________ e: A service-level agreement (SLA) defines the level of service expected by a customer from a supplier, laying out the metrics by which that service is measured, and the remedies or penalties, if any, should th |
| 436 A network analyst is setting up a wireless access point for a home office in a remote, rural location. The requirement is that users need to connect to the access point securely but do not want to have to remember passwords. Which of the following | D |
| 437 A security analyst wants to verify that a client-server (non-web) application is sending encrypted traffic. Which of the following should the analyst use? A. openssl B. hping C. netcat D. tcpdump Answe | D |
| 438 A security engineer needs to create a network segment that can be used for servers that require connections from untrusted networks. When of the following should the engineer implement? A. An air gap B. A hot site C. A VLAN D. A screened | D |
Created by:
user-1818547