231-245
QUESTION 241 Following a prolonged datacenter outage that affected web-based sales, a company has decided to move its operations to a private cloud solution. The security team has received the following requirements: There must be visibility into how teams are using cloud-based services. The company must be able to identify when data related to payment cards is being sent to the cloud. Data must be available regardless of the end user's geographic location Administrators need a single pane-of-glass view into traffic and trends. Which of the following should the security analyst recommend? Create firewall rules to restrict traffic to other cloud service providers. Install a DLP solution to monitor data in transit. Implement a CASB solution. Configure a web-based content filter.
Install a DLP solution to monitor data in transit.
QUESTION 240 An attacker is attempting to exploit users by creating a fake website with the URL users. Which of the following social-engineering attacks does this describe? Information elicitation Typo squatting Impersonation Watering-hole attack
Watering-hole attack
QUESTION 235 An attacker is exploiting a vulnerability that does not have a patch available. Which of the following is the attacker exploiting? Zero-day Default permissions Weak encryption Unsecure root accounts
Zero-day
QUESTION 238 Which of the following environments minimizes end-user disruption and is MOST likely to be used to assess the impacts of any database migrations or major system changes by using the final version of the code? Staging Test Production Development
Test
QUESTION 234 A company has decided to move its operations to the cloud. It wants to utilize technology that will prevent users from downloading company applications for personal use, restrict data that is uploaded, and have visibility into which applications are being used across the company. Which of the following solutions will BEST meet these requirements? An NGFW A CASB Application whitelisting An NG-SWG
A CASB
QUESTION 232 A company is designing the layout of a new datacenter so it will have an optimal environmental temperature Which of the following must be included? (Select TWO) An air gap A cold aisle Removable doors A hot aisle An loT thermostat A humidity monitor
A cold aisle A hot aisle
QUESTION 237 A company is upgrading its wireless infrastructure to WPA2-Enterprise using EAP-TLS. Which of the following must be part of the security architecture to achieve AAA? (Select TWO) DNSSEC Reverse proxy VPN concentrator PKI Active Directory RADIUS
Active Directory RADIUS
QUESTION 233 A security analyst is investigating an incident to determine what an attacker was able to do on a compromised laptop. The analyst reviews the following SIEM log: Which of the following describes the method that was used to compromise the laptop? An attacker was able to move laterally from PC1 to PC2 using a pass-the-hash attack An attacker was able to bypass application whitelisting by emailing a spreadsheet attachment with an embedded PowerShell in the file An attacker was able to install malware to the CAasdf234 folder and use it to gam administrator nights and launch Outlook An attacker was able to phish user credentials successfully from an Outlook user profile
An attacker was able to move laterally from PC1 to PC2 using a pass-the-hash attack
QUESTION 236 An attacker has successfully exfiltrated several non-salted password hashes from an online system. Given the logs below: Which of the following BEST describes the type of password attack the attacker is performing? Dictionary Pass-the-hash Brute-force Password spraying
Dictionary
QUESTION 244 During a routine scan of a wireless segment at a retail company, a security administrator discovers several devices are connected to the network that do not match the company's naming convention and are not in the asset Inventory. WiFi access Is protected with 255-Wt encryption via WPA2. Physical access to the company's facility requires two-factor authentication using a badge and a passcode Which of the following should the administrator implement to find and remediate the Issue? (Select TWO). Check the SIEM for failed logins to the LDAP directory. Enable MAC filtering on the switches that support the wireless network. Run a vulnerability scan on all the devices in the wireless network Deploy multifactor authentication for access to the wireless network Scan the wireless network for rogue access points. Deploy a honeypot on the network
Enable MAC filtering on the switches that support the wireless network. Scan the wireless network for rogue access points.
QUESTION 245 A security analyst Is hardening a Linux workstation and must ensure It has public keys forwarded to remote systems for secure login Which of the following steps should the analyst perform to meet these requirements? (Select TWO). Forward the keys using ssh-copy-id. Forward the keys using scp. Forward the keys using ash -i. Forward the keys using openssl -s. Forward the keys using ssh-keyger.
Forward the keys using ssh-copy-id. Forward the keys using openssl -s.
QUESTION 242 A security engineer has enabled two-factor authentication on all workstations. Which of the following approaches are the MOST secure? (Select TWO). Password and security question Password and CAPTCHA Password and smart card Password and fingerprint Password and one-time token Password and voice
Password and smart card Password and fingerprint
QUESTION 239 An information security incident recently occurred at an organization, and the organization was required to report the incident to authorities and notify the affected parties. When the organization's customers became of aware of the incident, some reduced their orders or stopped placing orders entirely. Which of the following is the organization experiencing? Reputation damage Identity theft Anonymlzation Interrupted supply chain
Reputation damage
QUESTION 231 After consulting with the Chief Risk Officer (CRO). a manager decides to acquire cybersecurity insurance for the company Which of the following risk management strategies is the manager adopting? Risk acceptance Risk avoidance Risk transference Risk mitigation
Risk transference
QUESTION 243 A large enterprise has moved all Hs data to the cloud behind strong authentication and encryption A sales director recently had a laptop stolen and later, enterprise data was round to have been compromised database. Which of the following was the MOST likely cause? Shadow IT Credential stuffing SQL injection Man-in-the-browser Bluejacking
Shadow IT