Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?
Which of the following environments would MOST likely be used to assess the execution of component parts of a system at both the hardware and software levels and to measure performance characteristics?A . TestB . StagingC . DevelopmentD . ProductionView AnswerAnswer: A Explanation: The test environment is used to assess...
Which of the following should the organization use to inform the affected parties?
A security researcher has alerted an organization that its sensitive user data was found for sale on a website. Which of the following should the organization use to inform the affected parties?A . An incident response planB . A communications planC . A business continuity planD . A disaster recovery...
Which of the following BEST describes what is happening?
one of the attendees starts to notice delays in the connection. and the HTTPS site requests are reverting to HTTP. Which of the following BEST describes what is happening?A . Birthday collision on the certificate keyB . DNS hacking to reroute trafficC . Brute force to the access pointD ....
Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)
Which of the following cryptographic concepts would a security engineer utilize while implementing non-repudiation? (Select TWO)A . Block cipherB . HashingC . Private keyD . Perfect forward secrecyE . SaltingF . Symmetric keysView AnswerAnswer: B, C Explanation: Non-repudiation is the ability to ensure that a party cannot deny a previous...
Which of the following should the analyst perform to understand the threat and retrieve possible IoCs?
A security analyst is investigating a phishing email that contains a malicious document directed to the company's Chief Executive Officer (CEO). Which of the following should the analyst perform to understand the threat and retrieve possible IoCs?A . Run a vulnerability scan against the CEOs computer to find possible vulnerabilitiesB...
As the devices are not enrolled to the domain and do not have policies applied to them, which of the following are best practices for authentication and infrastructure security?
A cybersecurity administrator needs to allow mobile BYOD devices to access network resources. As the devices are not enrolled to the domain and do not have policies applied to them, which of the following are best practices for authentication and infrastructure security? (Select TWO).A . Create a new network for...
Which of the following BEST describes the attack the company is experiencing?
A security analyst has received several reports of an issue on an internal web application. Users state they are having to provide their credentials twice to log in. The analyst checks with the application team and notes this is not an expected behavior. After looking at several logs, the analyst...
Which of the following should the organization consult for the exact requirements for the cloud provider?
An organization would like to remediate the risk associated with its cloud service provider not meeting its advertised 99.999% availability metrics. Which of the following should the organization consult for the exact requirements for the cloud provider?A . SLAB . BPAC . NDAD . MOUView AnswerAnswer: A Explanation: The Service...
Which of the following will this practice reduce?
A company installed several crosscut shredders as part of increased information security practices targeting data leakage risks. Which of the following will this practice reduce?A . Dumpster divingB . Shoulder surfingC . Information elicitationD . Credential harvestingView AnswerAnswer: A Explanation: Crosscut shredders are used to destroy paper documents and reduce...
Which of the following is MOST likely occurring?
A customer has reported that an organization's website displayed an image of a smiley (ace rather than the expected web page for a short time two days earlier. A security analyst reviews log tries and sees the following around the lime of the incident: Which of the following is MOST...