- All Exams Instant Download
Which of the following types of controls is the company setting up?
A company is planning to set up a SIEM system and assign an analyst to review the logs on a weekly basis. Which of the following types of controls is the company setting up?A . CorrectiveB . PreventiveC . DetectiveD . DeterrentView AnswerAnswer: C Explanation: A detective control is a...
Which of the following would be the best way to handle a critical business application that is running on a legacy server?
Which of the following would be the best way to handle a critical business application that is running on a legacy server?A . SegmentationB . IsolationC . HardeningD . DecommissioningView AnswerAnswer: B Explanation: A legacy server is a server that is running outdated or unsupported software or hardware, which may...
Which of the following would accomplish the manager's goal?
A network manager wants to protect the company's VPN by implementing multifactor authentication that uses: . Something you know . Something you have . Something you are Which of the following would accomplish the manager's goal?A . Domain name, PKI, GeolP lookupB . VPN IP address, company ID, facial structureC...
Which of the following security benefits do these actions provide?
A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs. Which of the following security benefits do these actions provide? (Choose two.) A. If a security incident occurs on the device, the correct employee can be notified. B. The security team will be...
Which of the following would be most relevant for the analyst to evaluate?
An analyst is evaluating the implementation of Zero Trust principles within the data plane. Which of the following would be most relevant for the analyst to evaluate?A . Secured zonesB . Subject roleC . Adaptive identityD . Threat scope reductionView AnswerAnswer: A Explanation: Secured zones are a key component of...
Which of the following most likely occurred?
A systems administrator receives the following alert from a file integrity monitoring tool: The hash of the cmd.exe file has changed. The systems administrator checks the OS logs and notices that no patches were applied in the last two months. Which of the following most likely occurred?A . The end...
Which of the following strategies does this represent?
A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?A . AcceptB . TransferC . MitigateD . AvoidView AnswerAnswer: B Explanation: Cyber insurance is a type of insurance that covers the financial losses and liabilities that result from cyberattacks,...
Which of the following should a security administrator adhere to when setting up a new set of firewall rules?
Which of the following should a security administrator adhere to when setting up a new set of firewall rules?A . Disaster recovery planB . Incident response procedureC . Business continuity planD . Change management procedureView AnswerAnswer: D Explanation: A change management procedure is a set of steps and guidelines that...
Which of the following best describes the actions taken by the organization?
An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?A . ExceptionB . SegmentationC . Risk transferD . Compensating controlsView AnswerAnswer: D Explanation: Compensating controls are alternative security measures that are implemented...
Which of the following types of social engineering attacks occurred?
An employee clicked a link in an email from a payment website that asked the employee to update contact information. The employee entered the log-in information but received a “page not found” error message. Which of the following types of social engineering attacks occurred?A . Brand impersonationB . PretextingC ....
