- All Exams Instant Download
Which of the following encryption techniques should the security administrator use?
A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?A . PartitionB . AsymmetricC . Full diskD . DatabaseView AnswerAnswer: C Explanation: Full disk encryption (FDE) is a technique that encrypts all the data on a hard drive,...
50.10.25 32 port 53
50.10.25 32 port 53 D. Access list outbound permit 10.50.10.25 32 0.0.0.0/0 port 53 Access list outbound deny 0.0.0.0.0.0.0.0.0/0 port 53View AnswerAnswer: D Explanation: The correct answer is D because it allows only the device with the IP address 10.50.10.25 to send outbound DNS requests on port 53, and denies...
Which of the following is required for an organization to properly manage its restore process in the event of system failure?
Which of the following is required for an organization to properly manage its restore process in the event of system failure?A . IRPB . DRPC . RPOD . SDLCView AnswerAnswer: B Explanation: A disaster recovery plan (DRP) is a set of policies and procedures that aim to restore the normal...
Which of the following provides the details about the terms of a test with a third-party penetration tester?
Which of the following provides the details about the terms of a test with a third-party penetration tester?A . Rules of engagementB . Supply chain analysisC . Right to audit clauseD . Due diligenceView AnswerAnswer: A Explanation: Rules of engagement are the detailed guidelines and constraints regarding the execution of...
Which of the following best addresses the risks associated with procuring counterfeit hardware?
A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit hardware?A . A thorough analysis of the supply chainB . A legally enforceable corporate acquisition policyC . A right to audit clause in vendor contracts and SOWsD...
Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?
Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?A . FinesB . Audit findingsC . SanctionsD . Reputation damageView AnswerAnswer: A Explanation: PCI DSS is the Payment Card Industry Data Security Standard, which is a set of security requirements...
Which of the following best describes this policy?
A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?A . EnumerationB . SanitizationC . DestructionD . InventoryView AnswerAnswer: B Explanation: Sanitization is the process of removing sensitive data from a storage device or a system before...
Which of the following security techniques is the IT manager setting up?
An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?A . HardeningB . Employee monitoringC . Configuration...
Which of the following security benefits do these actions provide?
A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs. Which of the following security benefits do these actions provide? (Choose two.)A . If a security incident occurs on the device, the correct employee can be notified.B . The security team will be...
Which of the following is a hardware-specific vulnerability?
Which of the following is a hardware-specific vulnerability?A . Firmware versionB . Buffer overflowC . SQL injectionD . Cross-site scriptingView AnswerAnswer: A Explanation: Firmware is a type of software that is embedded in a hardware device, such as a router, a printer, or a BIOS chip. Firmware controls the basic...
