Q 31-45 Flashcards
Remote workers in an organization use company-provided laptops with locally installed applications and locally stored data. Users can store data on a remote server using an encrypted connection. The organization discovered data stored on a laptop had been made available to the public. What security solution would mitigate the risk of future data disclosures?
FDE- Full Disk Encryption
What risk is specifically associated with hosting applications in the public cloud?
Shared tenancy
Which functions serve as preventive, detective, and deterrent controls to reduce the risk of physical theft?
Mantraps & Security Guards
A major clothing company recently lost a large amount of proprietary information. The security officer must find a solution to ensure this never happens again. What is the best technical implementation to prevent this from happening again?
Configure DLP Solutions
A network analyst is setting up a wireless access point for a home office in a remote, rural location. The requirement is that users need to connect to the access point securely but do not want to have to remember passwords. What should the network analyst enable to meet the requirement?
WPS
The spread of misinformation surrounding the outbreak of a novel virus on Election Day led eligible voters choosing not to take the risk of going to the polls. This is an example of:
An influence campaign
What would most likely be identified by a credentialed scan but would be missed by an uncredentialed scan?
Missing patches for third-party software on Windows workstations and servers
A security analyst want to verify that a client-server (non-web) application is sending encrypted traffic. What should the analyst use?
Tcpdump
The Chief Information Security Officer directed a risk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access. What is the BEST security solution to reduce this risk?
CASB (Cloud Access Security Broker)
A company reduced the area utilized in its data center by creating virtual networking through automation and by creating provisioning routes and rules through scripting. What does this example describe?
IaC- Infrastructure as Code
A security incident has been resolved. What Best describes the importance of the final phase of the incident response plan?
It examines and documents how well the teams responded, discovers what caused the incident, and determines how the incident can be avoided in the future.
When planning to build a virtual environment, an administrator needs to achieve the following:
1. Establish policies to limit who can create new VMs.
2. Allocate resources according to actual utilization.
3. Require justification for requests outside of the standard requirements.
4. Create standardized categories based on size and resource requirements.
What is the administrator most likely trying to do?
Avoid VM sprawl
An organization wants to integrate its incident response processes into a workflow with automated decision points and actions based on predefined playbooks. What should the organization implement?
SOAR (Security orchestration, automation, and response)
The Chief Technology Officer of a local college would like visitors to utilize the school’s WiFi but must be able to associate potential malicious activity to a specific person. What would best allow this objective to be met?
Deploying a captive portal to capture visitors’ MAC addresses and names
During an incident, a company’s CIRT determines it is necessary to observe the continued network-based transactions between a callback domain and the malware running on an enterprise PC. What technique would be best to enable this activity while reducing the risk of lateral spread and the risk that the adversary would notice any changes?
Create and apply micro-segmentation rules
