Set 9

QUESTION 277 Which of the following environments minimizes end-user disruption and is MOST likely to be used to assess the impacts of any database migrations or major system changes by using the final version of the code? A. Staging B. Test C. Production D. Development

B. Test

QUESTION 286 The website http://ompanywebsite.com requires users to provide personal Information, Including security QUESTION 2responses, for registration. Which of the following would MOST likely cause a data breach? A. Lack of input validation B. Open permissions C. Unsecure protocol D. Missing patches

C. Unsecure protocol

QUESTION 292 A security analyst is configuring a large number of new company-issued laptops. The analyst received the following requirements: - The devices will be used internationally by staff who travel extensively. - Occasional personal use is acceptable due to the travel requirements. - Users must be able to install and configure sanctioned programs and productivity suites. - The devices must be encrypted - The devices must be capable of operating in low-bandwidth environments. Which of the following would provide the GREATEST benefit to the security posture of the devices? A. Configuring an always-on VPN B. Implementing application whitelisting C. Requiring web traffic to pass through the on-premises content filter D. Setting the antivirus DAT update schedule to weekly

A. Configuring an always-on VPN

QUESTION 284 A security analyst Is hardening a Linux workstation and must ensure It has public keys forwarded to remote systems for secure login. Which of the following steps should the analyst perform to meet these requirements? (Select TWO). A. Forward the keys using ssh-copy-id. B. Forward the keys using scp. C. Forward the keys using ash -i. D. Forward the keys using openssl -s. E. Forward the keys using ssh-keyger.

A. Forward the keys using ssh-copy-id. D. Forward the keys using openssl -s.

QUESTION 278 An information security incident recently occurred at an organization, and the organization was required to report the incident to authorities and notify the affected parties. When the organization's customers became of aware of the incident, some reduced their orders or stopped placing orders entirely. Which of the following is the organization experiencing? A. Reputation damage B. Identity theft C. Anonymlzation D. Interrupted supply chain

A. Reputation damage

QUESTION 265 A security manager for a retailer needs to reduce the scope of a project to comply with PCI DSS. The PCI data is located in different offices than where credit cards are accepted. All the offices are connected via MPLS back to the primary datacenter. Which of the following should the security manager implement to achieve the objective? A. Segmentation B. Containment C. Geofencing D. Isolation

A. Segmentation

QUESTION 282 A large enterprise has moved all Hs data to the cloud behind strong authentication and encryption. A sales director recently had a laptop stolen and later, enterprise data was round to have been compromised database. Which of the following was the MOST likely cause? A. Shadow IT B. Credential stuffing C. SQL injection D. Man-in-the-browser E. Bluejacking

A. Shadow IT

QUESTION 263 A forensics examiner is attempting to dump password cached in the physical memory of a live system but keeps receiving an error message. Which of the following BEST describes the cause of the error? A. The examiner does not have administrative privileges to the system B. The system must be taken offline before a snapshot can be created C. Checksum mismatches are invalidating the disk image D. The swap file needs to be unlocked before it can be accessed

A. The examiner does not have administrative privileges to the system

QUESTION 274 An attacker is exploiting a vulnerability that does not have a patch available. Which of the following is the attacker exploiting? A. Zero-day B. Default permissions C. Weak encryption D. Unsecure root accounts

A. Zero-day

QUESTION 269 A security analyst is logged into a Windows file server and needs to see who is accessing files and from which computers. Which of the following tools should the analyst use? A. netstat B. net share C. netcat D. nbtstat E. net session

A. netstat

QUESTION 273 A company has decided to move its operations to the cloud. It wants to utilize technology that will prevent users from downloading company applications for personal use, restrict data that is uploaded, and have visibility into which applications are being used across the company. Which of the following solutions will BEST meet these requirements? A. An NGFW B. A CASB C. Application whitelisting D. An NG-SWG

B. A CASB

QUESTION 289 An attacker is trying to gain access by installing malware on a website that is known to be visited by the target victims. Which of the following is the attacker MOST likely attempting? A. A spear-phishing attack B. A watering-hole attack C. Typo squatting D. A phishing attack

B. A watering-hole attack

QUESTION 290 Which of the following types of controls is a CCTV camera that is not being monitored? A. Detective B. Deterrent C. Physical D. Preventive

B. Deterrent

QUESTION 283 During a routine scan of a wireless segment at a retail company, a security administrator discovers several devices are connected to the network that do not match the company's naming convention and are not in the asset Inventory. WiFi access Is protected with 255-Wt encryption via WPA2. Physical access to the company's facility requires two-factor authentication using a badge and a passcode. Which of the following should the administrator implement to find and remediate the Issue? (Select TWO). A. Check the SIEM for failed logins to the LDAP directory. B. Enable MAC filtering on the switches that support the wireless network. C. Run a vulnerability scan on all the devices in the wireless network D. Deploy multifactor authentication for access to the wireless network E. Scan the wireless network for rogue access points. F. Deploy a honeypot on the network

B. Enable MAC filtering on the switches that support the wireless network. E. Scan the wireless network for rogue access points.

QUESTION 280 Following a prolonged datacenter outage that affected web-based sales a company has decided to move its operations to a private cloud solution. The security team has received the following requirements: - There must be visibility into how teams are using cloud-based services. - The company must be able to identify when data related to payment cards is being sent to the cloud. - Data must be available regardless of the end user's geographic location - Administrators need a single pane-of-glass view into traffic and trends. Which of the following should the security analyst recommend? A. Create firewall rules to restrict traffic to other cloud service providers. B. Install a DLP solution to monitor data in transit. C. Implement a CASB solution. D. Configure a web-based content filter.

B. Install a DLP solution to monitor data in transit.

QUESTION 293 A privileged user at a company stole several proprietary documents from a server. The user also went into the log files and deleted all records of the incident. The systems administrator has Just informed investigators that other log files are available for review. Which of the following did the administrator MOST likely configure that will assist the investigators? A. Memory dumps B. The syslog server C. The application logs D. The log retention policy

B. The syslog server

QUESTION 287 The process of passively gathering information poor to launching a cyberattack is called: A. tailgating B. reconnaissance C. pharming D. prepending

B. reconnaissance

QUESTION 281 A security engineer has enabled two-factor authentication on all workstations. Which of the following approaches are the MOST secure? (Select TWO). A. Password and security question B. Password and CAPTCHA C. Password and smart card D. Password and fingerprint E. Password and one-time token F. Password and voice

C. Password and smart card D. Password and fingerprint

QUESTION 270 After consulting with the Chief Risk Officer (CRO). A manager decides to acquire cybersecurity insurance for the company. Which of the following risk management strategies is the manager adopting? A. Risk acceptance B. Risk avoidance C. Risk transference D. Risk mitigation

C. Risk transference

QUESTION 291 A cybersecurity administrator is using iptables as an enterprise firew ll. The administrator created some rules, but the network now seems to be unresponsive All connections are being dropped by the firewall. Which of the following would be the BEST option to remove the rules? A. # iptables -t mangle -X B. # iptables -F C. # iptables -Z D. # iptables -P INPUT -j DROP

D. # iptables -P INPUT -j DROP

QUESTION 262 Which of the following would BEST identify and remediate a data-loss event in an enterprise using third-party, web-based services and file-sharing platforms? A. SIEM B. CASB C. UTM D. DLP

D. DLP

QUESTION 285 A company recently experienced an attack in which a malicious actor was able to exfiltrate data by cracking stolen passwords, using a rainbow table the sensitive data. Which of the following should a security engineer do to prevent such an attack in the future? A. Use password hashing. B. Enforce password complexity. C. Implement password salting. D. Disable password reuse.

D. Disable password reuse.

QUESTION 264 To reduce costs and overhead, an organization wants to move from an on-premises email solution to a cloud-based email solution. At this time, no other services will be moving. Which of the following cloud models would BEST meet the needs of the organization? A. MaaS B. laaS C. SaaS D. PaaS

D. PaaS

QUESTION 266 A company is launching a new internet platform for its clients. The company does not want to implement its own authorization solution but instead wants to rely on the authorization provided by another platform. Which of the following is the BEST approach to implement the desired solution? A. OAuth B. TACACS+ C. SAML D. RADIUS

D. RADIUS

QUESTION 261 A security engineer needs to implement an MDM solution that complies with the corporate mobile device policy. The policy states that in order for mobile users to access corporate resources on their devices the following requirements must be met: - Mobile device OSs must be patched up to the latest release - A screen lock must be enabled (passcode or biometric) - Corporate data must be removed if the device is reported lost or stolen Which of the following controls should the security engineer configure? (Select TWO) A. Containerization B. Storage segmentation C. Posturing D. Remote wipe E. Full-device encryption F. Geofencing

D. Remote wipe E. Full-device encryption

QUESTION 267 The facilities supervisor for a government agency is concerned about unauthorized access to environmental systems in the event the staff WiFi network is breached. Which of the blowing would BEST address this security concern? A. install a smart meter on the staff WiFi. B. Place the environmental systems in the same DHCP scope as the staff WiFi. C. Implement Zigbee on the staff WiFi access points. D. Segment the staff WiFi network from the environmental systems network.

D. Segment the staff WiFi network from the environmental systems network.

QUESTION 279 An attacker is attempting to exploit users by creating a fake website with the URL users. Which of the following social-engineering attacks does this describe? A. Information elicitation B. Typo squatting C. Impersonation D. Watering-hole attack

D. Watering-hole attack

QUESTION 288 An attacked is attempting to exploit users by creating a fake website with the URL www.validwebsite.com. The attacker s intent is to imitate the look and feel of a legitimate website to obtain personal information from unsuspecting users. Which of the following social-engineering attacks does this describe? A. Information elicitation B. Typo squatting C. Impersonation D. Watering-hole attack

D. Watering-hole attack

QUESTION 276 A company is upgrading its wireless infrastructure to WPA2-Enterprise using EAP-TLS. Which of the following must be part of the security architecture to achieve AAA? (Select TWO) A. DNSSEC B. Reverse proxy C. VPN concentrator D. PKI E. Active Directory F. RADIUS

E. Active Directory F. RADIUS

QUESTION 271 A company is designing the layout of a new datacenter so it will have an optimal environmental temperature. Which of the following must be included? (Select TWO) A. An air gap B. A cold aisle C. Removable doors D. A hot aisle E. An loT thermostat F. A humidity monitor

E. An loT thermostat F. A humidity monitor