Which of the following should the security engineer do to ensure the logs are being properly retained?
An audit finding reveals that a legacy platform has not retained loos for more than 30 days The platform has been segmented due to its interoperability with newer technology. As a temporary solution, the IT department changed the log retention to 120 days . Which of the following should the...
Which of the following solutions should the organization implement to b»« reduce the risk of OYOD devices?
During a gap assessment, an organization notes that OYOD usage is a significant risk. The organization implemented administrative policies prohibiting BYOD usage However, the organization has not implemented technical controls to prevent the unauthorized use of BYOD assets when accessing the organization's resources . Which of the following solutions should...
A security architect is establishing requirements to design resilience in un enterprise system trial will be extended to other physical locations.
A security architect is establishing requirements to design resilience in un enterprise system trial will be extended to other physical locations. The system must • Be survivable to one environmental catastrophe • Re recoverable within 24 hours of critical loss of availability • Be resilient to active exploitation of one...
Which of the following is the most appropriate for the engineer to deploy?
A systems engineer is configuring a system baseline for servers that will provide email services. As part of the architecture design, the engineer needs to improve performance of the systems by using an access vector cache, facilitating mandatory access control and protecting against: • Unauthorized reading and modification of data...
Which of the following is the b«« way to fix this issue?
A security analyst received a report that an internal web page is down after a company-wide update to the web browser Given the following error message: Which of the following is the b«« way to fix this issue? A. Rewriting any legacy web functions B. Disabling all deprecated ciphers C....
You are a security analyst tasked with interpreting an Nmap scan output from company’s privileged network.
You are a security analyst tasked with interpreting an Nmap scan output from company’s privileged network. The company’s hardening guidelines indicate the following: There should be one primary server or service per device. Only default ports should be used. Non-secure protocols should be disabled. INSTRUCTIONS Using the Nmap output, identify...
Which of the following will best reduce the application's privilege escalation attack surface?
A security engineer wants to reduce the attack surface of a public-facing containerized application. Which of the following will best reduce the application's privilege escalation attack surface? A. Implementing the following commands in the Dockerfile: RUN echo user:x:1000:1000iuser:/home/user:/dew/null > /ete/passwd B. Installing an EDR on the container's host with reporting...
Which of the following best describes the action the architect should take-?
A global manufacturing company has an internal application mat is critical to making products This application cannot be updated and must Be available in the production area A security architect is implementing security for the application . Which of the following best describes the action the architect should take-? A....
Which of the following components provides the best foundation to achieve this goal?
An organization wants to implement a platform to better identify which specific assets are affected by a given vulnerability . Which of the following components provides the best foundation to achieve this goal?A . SASEB . CMDBC . SBoMD . SLMView AnswerAnswer: B Explanation: A Configuration Management Database (CMDB) provides...
Which of the following solutions best meet these requirements?
A software development team requires valid data for internal tests. Company regulations, however do not allow the use of this data in cleartext . Which of the following solutions best meet these requirements?A . Configuring data hashingB . Deploying tokenizationC . Replacing data with null recordD . Implementing data obfuscationView...