An organization supports a large number of remote users. Which of the following is the BEST option to protect the data on the remote users' laptops? A. Require the use of VPNs. B. Require employees to sign an NDA C. Implement a DLP solution. D. Use whole disk encryption. .
An organization's Chief Information Security Officer is concerned the proper control are not in place to
identify a malicious insider Which of the following techniques would be BEST to identify employees who
attempt to steal data or do harm to the organization?
E un pic incurcata asta
A Place a text file named Passwords txt on the local file server and create a SIEM alert when the file is
accessed B Segment the network so workstations are segregated from servers and implement detailed logging on the
jumpbox C Perform a review of all users with privileged access and monitor web activity logs from the
organization's proxy Analyze logs to determine if a user is consuming large amounts of bandwidth at odd hours of the day.
An organization is focused on restructuring its data governance programs, and an analyst has been tasked with surveying sensitive data within the organization.
Which of the following is the MOST accurate method for the security analyst to complete this assignment? A. Perform an enterprise-wide discovery scan. B. Consult with an internal data custodian. C. Review enterprise-wide asset inventory. D. Create a survey and distribute it to data owners. .
A security technician is testing a solution that will prevent outside entities from spoofing the company's email domain, which is comptia.org. The testing is successful, and the security technician is prepared to fully implement the solution.
Which of the following actions should the technician take to accomplish this task? A. Add TXT @ “v=spfl mx include:_spf.comptia.org -all” to the DNS record. B. Add TXT @ "v=spf1 mx include:_spf.comptia.org גˆ’all" to the email server. C. Add TXT @ "v=spf1 mx include:_spf.comptia.org +all" to the domain controller. D. Add TXT @ "v=spf1 mx include:_spf.comptia.org +all" to the web server.
.
A security analyst notices the following proxy log entries
Which of the following is the user attempting to do based on the log entries?
Ambigua asta A. Use a DoS attack on external hosts. B. Exfiltrate data. C. Scan the network. D. Relay email.
An analyst receives an alert from the continuous-monitoring solution about unauthorized changes to the firmware versions on several field devices. The asset owners confirm that no firmware version updates were performed by authorized technicians, and customers have not reported any performance issues or outages.
Which of the following actions would be BEST for the analyst to recommend to the asset owners to secure the devices from further exploitation? A. Change the passwords on the devices. B. Implement BIOS passwords. C. Remove the assets from the production network for analysis. D. Report the findings to the threat intel community.
A. Patch or reimage the device to complete the recovery. B. Restart the antiviruses running processes. C. Isolate the host from the network to prevent exposure. D. Confirm the workstation's signatures against the most current signatures. .
A company's security team recently discovered a number of workstations that are at the end of life. The workstation vendor informs the team that the product is no longer supported, and patches are no longer available. The company is not prepared to cease its use of these workstations. Which of the following would be the
BEST method to protect these workstations from threats?
A. Deploy whitelisting to the identified workstations to limit the attack surface. B. Determine the system process criticality and document it. C. Isolate the workstations and air gap them when it is feasible. D. Increase security monitoring on the workstations.
A security analyst is logged on to a jump server to audit the system configuration and status. The
organization's policies for access to and configuration of the jump server include the following:
• No network access is allowed to the internet.
• SSH is only for management of the server.
• Users must utilize their own accounts, with no direct login as an administrator.
• Unnecessary services must be disabled.
The analyst runs netstar with elevated permissions and receives the following output A.Unnecessary services must be disabled. B.SSH is only for management of the server. C. No network access is allowed to the internet. D. Users must utilize their own accounts, with no direct login as an administrator.
Which of the following software assessment methods would be BEST for gathering data related to an application's availability during peak times?
A. Security regression testing B. Stress testing C. Static analysis testing D. Dynamic analysis testing E. User acceptance testing.
A security analyst has discovered that developers have installed browsers on all development servers in the company's cloud infrastructure and are using them to browse the Internet.
Which of the following changes should the security analyst make to BEST protect the environment? A. Create a security rule that blocks Internet access in the development VPC B. Place a jumpbox in between the developers` workstations and the development VPC C. Remove the administrator`s profile from the developer user group in identity and access management D. Create an alert that is triggered when a developer installs an application on a server.
Which of the following is the BEST way to gather patch information on a specific server? A. Event Viewer B. Custom script C. SCAP software D. CI/CD.
An organization is developing software to match customers' expectations. Before the software goes into production, it must meet the following quality assurance guidelines:Uncover all the software vulnerabilities.
✑ Safeguard the interest of the software's end users.
✑ Reduce the likelihood that a defective program will enter production.
✑ Preserve the interests of the software producer.
Which of the following should be performed FIRST? A. Run source code against the latest OWASP vulnerabilities. B. Document the life-cycle changes that took place. C. Ensure verification and validation took place during each phase. D. Store the source code in a software escrow. E. Conduct a static analysis of the code. .
|
