- All Exams Instant Download
Which of the following is needed to meet the objective?
A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?A . A reverse proxyB . A decryption certificateC . A split-tunnel VPND . Load-balanced serversView AnswerAnswer: B Explanation: By deploying a WAF...
Which of the following describes the ability of code to target a hypervisor from inside a guest OS?
Which of the following describes the ability of code to target a hypervisor from inside a guest OS?A . Fog computingB . VM escapeC . Software-defined networkingD . Image forgeryE . Container breakoutView AnswerAnswer: B
Which of the following refers to what the administrator is doing?
An email systems administrator is configuring the mail server to prevent spear phishing attacks through email messages. Which of the following refers to what the administrator is doing?A . Risk avoidanceB . Risk mitigationC . Risk transferenceD . Risk acceptanceView AnswerAnswer: B
Which of the following is a benefit of credentialed vulnerability scans?
Which of the following is a benefit of credentialed vulnerability scans?A . Credentials provide access to scan documents to identify possible data theft.B . The vulnerability scanner is able to inventory software on the target.C . A scan will reveal data loss in real time.D . Black-box testing can be...
In which of the following ways did the competitor apply media sanitation?
A dumpster diver was able 10 retrieve hard drives from a competitor's trash bin. After installing the and hard drives and running common date recovery software. Sensitive information was recovered. In which of the following ways did the competitor apply media sanitation?A . PulverizingB . DegaussingC . EncryptingD . FormattingView...
Which of the following would reduce the attack surface added by the service and account?
A systems administrator is installing and configuring an application service that requires access to read and write to log and configuration files on a local hard disk partition. The service must run as an account with authorization to interact with the file system. Which of the following would reduce the...
Which of the following security issues has been discovered based on the output?
An analyst is currently looking at the following output: Which of the following security issues has been discovered based on the output?A . Insider threatB . License compliance violationC . Unauthorized softwareD . Miscongured admin permissionsView AnswerAnswer: B
With which of the following types of malware is the code associated?
A security administrator found the following piece of code referenced on a domain controller's task scheduler: $var = GetDomainAdmins If $var != ‘fabio’ SetDomainAdmins = NULL With which of the following types of malware is the code associated?A . RATB . BackdoorC . Logic bombD . Crypto-malwareView AnswerAnswer: C
Which of the following is the systems administrator MOST likely to suggest to the Chief Information Security Officer (CISO) based on the above?
A company recently updated its website to increase sales. The new website uses PHP forms for leads and provides a directory with sales staff and their phone numbers. A systems administrator is concerned about the new website and provides the following log to support the concern: Which of the following...
Which of the following should the technician use to validate this assumption?
A technician, who is managing a secure B2B connection, noticed the connection broke last night. All networking equipment and media are functioning as expected, which leads the technician to QUESTION NO: certain PKI components. Which of the following should the technician use to validate this assumption? (Choose two.)A . PEMB...
