Which of the following is an appropriate security control the company should implement?
Topic 2, Exam Pool B A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following: The security engineer looks at the code with a developer, and they determine the log entry is created when...
Which of the following processes would BEST satisfy this requirement?
During a remodel, a company’s computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The...
Which of the following technologies would mitigate the manipulation of memory segments?
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user’s workstation: graphic.linux_randomization.prg Which of the following technologies would mitigate the manipulation of memory segments?A . NX bitB . ASLRC . DEPD . HSMView AnswerAnswer: B Explanation: https://eklitzke.org/memory-protection-and-aslr ASLR (Address Space Layout Randomization)...
Which of the following solutions would BEST meet these requirements?
A company plans to build an entirely remote workforce that utilizes a cloud-based infrastructure. The Chief Information Security Officer asks the security engineer to design connectivity to meet the following requirements: Only users with corporate-owned devices can directly access servers hosted by the cloud provider. The company can control what...
Which of the following will MOST likely secure the data on the lost device?
A company is migrating from company-owned phones to a BYOD strategy for mobile devices. The pilot program will start with the executive management team and be rolled out to the rest of the staff in phases. The company’s Chief Financial Officer loses a phone multiple times a year. Which of...
Which of the following is the BEST option to resolve the board’s concerns for this email migration?
A financial services company wants to migrate its email services from on-premises servers to a cloud-based email solution. The Chief information Security Officer (CISO) must brief board of directors on the potential security concerns related to this migration. The board is concerned about the following. * Transactions being required by...
Which of the following BEST describes the reason why traditional methods of addressing risk may not be possible in the cloud?
An organization is preparing to migrate its production environment systems from an on-premises environment to a cloud service. The lead security architect is concerned that the organization's current methods for addressing risk may not be possible in the cloud environment. Which of the following BEST describes the reason why traditional...
Which of the following historian server locations will allow the business to get the required reports in an ОТ and IT environment?
An energy company is required to report the average pressure of natural gas used over the past quarter. A PLC sends data to a historian server that creates the required reports. Which of the following historian server locations will allow the business to get the required reports in an ОТ...
Which of the following attack types is the threat analyst seeing?
A threat analyst notices the following URL while going through the HTTP logs. Which of the following attack types is the threat analyst seeing?A . SQL injectionB . CSRFC . Session hijackingD . XSSView AnswerAnswer: D Explanation: XSS stands for cross-site scripting, which is a type of attack that injects...
Which of the following is a benefit of using steganalysis techniques in forensic response?
UESTION NO: 36 Which of the following is a benefit of using steganalysis techniques in forensic response?A . Breaking a symmetric cipher used in secure voice communicationsB . Determining the frequency of unique attacks against DRM-protected mediaC . Maintaining chain of custody for acquired evidenceD . Identifying least significant bit...