- All Exams Instant Download
Which of the following should the security consultant configure in the MDM policies for the tables?
An organization wants to control user accounts and privileged access to database servers. The organization wants to create an audit trail of account requests and approval. but also wants to facilitate operational efficiency when account and access changes are needed. The organization has the following account management practices: Which of...
Which of the following methods would BEST fit the needs of the CISO?
A chief information security officer (CISO) asks the security architect to design a method for contractors to access the company's internal wiki, corporate directory, and email services securely without allowing access to systems beyond the scope of their project. Which of the following methods would BEST fit the needs of...
Which of the following should the user do NEXT to protect the data on the device?
A user loses a COPE device. Which of the following should the user do NEXT to protect the data on the device?A . Call the company help desk to remotely wipe the device.B . Report the loss to authoritiesC . Check with corporate physical security for the device.D . Identify...
Which of the following security issues has been discovered based on the output?
An analyst is currently looking at the following output: Which of the following security issues has been discovered based on the output?A . Insider threatB . License compliance violationC . Unauthorized softwareD . Miscongured admin permissionsView AnswerAnswer: B
A company has a backup site with equipment on site without any data. This is an example of:
A company has a backup site with equipment on site without any data. This is an example of:A . a hot site.B . a cold site.C . a hot standby.D . a warrn site.View AnswerAnswer: D
During incident response procedures, technicians capture a unique identifier for a piece of malware running in memory.
During incident response procedures, technicians capture a unique identifier for a piece of malware running in memory. This captured information is referred to as:A . a hash value.B . the SSID . the GUIF . a system image.View AnswerAnswer: A
Following order of volatility, which of the following actions should be performed FIRST?
A user's laptop is being analyzed Because malware was discovered. The forensics analyst has taken the laptop off the corporate network. Following order of volatility, which of the following actions should be performed FIRST?A . Engage the human resources department.B . Clone me hard drive for analysis.C . Dump the...
Which of the following does the administrator need to implement to ensure this can be accomplished?
A security administrator is implementing a SIEM and needs to ensure events can be compared against each other based on when the events occurred and were collected. Which of the following does the administrator need to implement to ensure this can be accomplished?A . TOTPB . TKJPC . NTPD ....
After running an online password cracking tool, an attacker recovers the following password:
After running an online password cracking tool, an attacker recovers the following password: gh;jSKSTOi;618& Based on the above information, which of the following technical controls have been implemented (Select TWO).A . ComplexityB . EncryptionC . HashingD . LengthE . SaltingF . StretchingView AnswerAnswer: A,D
Which of the following should the security administrator recommend to preserve future audit tag integrity?
A security administrator has been conducting an account permissions review that has identified several users who belong to functional groups and groups responsible for auditing the functional groups' actions. Several recent outages have not been able to be traced to any user. Which of the following should the security administrator...
