- All Exams Instant Download
Which of the following BEST explains why secure LDAP is not working?
A company that uses AD is migrating services from LDAP to secure LDAP. During the pilot phase, services are not connecting properly to secure LDAP. Block is an except of output from the troubleshooting session: Which of the following BEST explains why secure LDAP is not working? (Select TWO.)A ....
Which of the following would BEST mitigate this vulnerability?
A security analyst discovered that the company’s WAF was not properly configured. The main web server was breached, and the following payload was found in one of the malicious requests: Which of the following would BEST mitigate this vulnerability?A . CAPTCHAB . Input validationC . Data encodingD . Network intrusion...
Which of the following would be BEST to use to store customer keys?
A company publishes several APIs for customers and is required to use keys to segregate customer data sets. Which of the following would be BEST to use to store customer keys?A . A trusted platform moduleB . A hardware security moduleC . A localized key storeD . A public key...
Which of the following actions would BEST address the potential risks by the activity in the logs?
A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/auth.log: graphic.ssh_auth_log. Which of the following actions would BEST address the potential risks by the activity in the logs?A ....
Which of the following should the security team recommend FIRST?
A university issues badges through a homegrown identity management system to all staff and students. Each week during the summer, temporary summer school students arrive and need to be issued a badge to access minimal campus resources. The security team received a report from an outside auditor indicating the homegrown...
Which of the following should be implemented to BEST manage the risk?
The Chief information Officer (CIO) of a large bank, which uses multiple third-party organizations to deliver a service, is concerned about the handling and security of customer data by the parties. Which of the following should be implemented to BEST manage the risk?A . Establish a review committee that assesses...
Which of the following solutions should the security architect recommend?
A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer’s laptop was impacted while working from home. The goal is to prevent further endpoint disruption. The edge network is protected by a web proxy. Which of the...
Which of the following response actions should the analyst take FIRST?
A security analyst notices a number of SIEM events that show the following activity: Which of the following response actions should the analyst take FIRST?A . Disable powershell.exe on all Microsoft Windows endpoints.B . Restart Microsoft Windows Defender.C . Configure the forward proxy to block 40.90.23.154.D . Disable local administrator...
Which of the following phases establishes the identification and prioritization of critical systems and functions?
An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items. Which of the following phases establishes the identification and prioritization of critical systems and functions?A . Review a recent gap analysis.B . Perform a cost-benefit analysis.C . Conduct a business impact...
Which of the following must the company do to ensure GDPR compliance?
A company is preparing to deploy a global service. Which of the following must the company do to ensure GDPR compliance? (Choose two.)A . Inform users regarding what data is stored.B . Provide opt-in/out for marketing messages.C . Provide data deletion capabilities.D . Provide optional data encryption.E . Grant data...
