- All Exams Instant Download
When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:
When systems, hardware, or software are not supported by the original vendor, it is a vulnerability known as:A . system sprawlB . end-of-life systemsC . resource exhaustionD . a default configurationView AnswerAnswer: B
Which of the following can be provided to an AAA system for the identification phase?
Which of the following can be provided to an AAA system for the identification phase?A . UsernameB . PermissionsC . One-time tokenD . Private certificateView AnswerAnswer: A
When performing data acquisition on a workstation, which of the following should be captured based on memory volatility? (Choose two.)
When performing data acquisition on a workstation, which of the following should be captured based on memory volatility? (Choose two.)A . USB-attached hard diskB . Swap/pagefileC . Mounted network storageD . ROME . RAMView AnswerAnswer: BE
Which of the following is the BEST solution for security analyst to process the request?
An application team is performing a load-balancing test for a critical application during off-hours and has requested access to the load balancer to review which servers are up without having the administrator on call. The security analyst is hesitant to give the application team full access due to other critical...
Which of the following has been specified?
An organization has determined it can tolerate a maximum of three hours of downtime. Which of the following has been specified?A . RTOB . RPOC . MTBFD . MTTRView AnswerAnswer: A
Which of the following certificate formats should the engineer use to obtain the information in the required format?
A security engineer is configuring a system that requires the X.509 certificate information to be pasted into a form field in Base64 encoded format to import it into the system. Which of the following certificate formats should the engineer use to obtain the information in the required format?A . PFXB...
Which of the following is the BEST explanation of why control diversity is important in a defense-in-depth architecture?
Which of the following is the BEST explanation of why control diversity is important in a defense-in-depth architecture?A . Social engineering is used to bypass technical controls, so having diversity in controls minimizes the risk of demographic exploitationB . Hackers often impact the effectiveness of more than one control, so...
With which of the following is the device MOST likely infected?
Ann. An employee in the payroll department, has contacted the help desk citing multiple issues with her device, including: - Slow performance - Word documents, PDFs, and images no longer opening - A pop-up Ann states the issues began after she opened an invoice that a vendor emailed to her....
Which of the following access control models has been applied to this user’s account?
A user has attempted to access data at a higher classification level than the user’s account is currently authorized to access. Which of the following access control models has been applied to this user’s account?A . MACB . DACC . RBACD . ABACView AnswerAnswer: A
Which of the following should the administrator implement to meet the above requirements?
A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements: - All access must be correlated to a user account. - All user accounts must be assigned to a single individual. -...
