A) Antivirus
B) Patch management
C) Log monitoring
D) Application whitelisting
E) Awareness training
Correct Answer
verified
Multiple Choice
A) The filtering of sensitive data out of data flows at geographic boundaries.
B) Removing potential bottlenecks in data transmission paths.
C) The transfer of corporate data onto mobile corporate devices.
D) The migration of data into and out of the network in an uncontrolled manner.
Correct Answer
verified
Multiple Choice
A) Web application firewall
B) SIEM
C) IPS
D) UTM
E) File integrity monitor
Correct Answer
verified
Multiple Choice
A) MSA
B) RFP
C) NDA
D) RFI
E) MOU
F) RFQ
Correct Answer
verified
Multiple Choice
A) Pivoting from the compromised, moving laterally through the enterprise, and trying to exfiltrate data and compromise devices.
B) Conducting a social engineering attack attempt with the goal of accessing the compromised box physically.
C) Exfiltrating network scans from the compromised box as a precursor to social media reconnaissance
D) Open-source intelligence gathering to identify the network perimeter and scope to enable further system compromises.
Correct Answer
verified
Multiple Choice
A) Asymmetric
B) Symmetric
C) Homomorphic
D) Ephemeral
Correct Answer
verified
Multiple Choice
A) Code repositories
B) Security requirements traceability matrix
C) Software development lifecycle
D) Roles matrix
E) Implementation guide
Correct Answer
verified
Multiple Choice
A) Isolate all of the PHI on its own VLAN and keep it segregated at Layer 2
B) Immediately encrypt all PHI with AES-256
C) Delete all PHI from the network until the legal department is consulted
D) Consult the legal department to determine legal requirements
Correct Answer
verified
Multiple Choice
A) Penetration tests
B) Vulnerability assessment
C) Tabletop exercises
D) Blue-team operations
Correct Answer
verified
Multiple Choice
A) eFuse
B) NFC
C) GPS
D) Biometric
E) USB 4.1
F) MicroSD
Correct Answer
verified
Multiple Choice
A) Schedule weekly reviews of al unit test results with the entire development team and follow up between meetings with surprise code inspections.
B) Develop and implement a set of automated security tests to be installed on each development team leader's workstation.
C) Enforce code quality and reuse standards into the requirements definition phase of the waterfall development process.
D) Deploy an integrated software tool that builds and tests each portion of code committed by developers and provides feedback.
Correct Answer
verified
Multiple Choice
A) Remote desktop
B) VoIP
C) Remote assistance
D) Email
E) Instant messaging
F) Social media websites
Correct Answer
verified
Multiple Choice
A) Nation-state-sponsored attackers conducting espionage for strategic gain.
B) Insiders seeking to gain access to funds for illicit purposes.
C) Opportunists seeking notoriety and fame for personal gain.
D) Hacktivists seeking to make a political statement because of socio-economic factors.
Correct Answer
verified
Multiple Choice
A) Refer to and follow procedures from the company's incident response plan.
B) Call a press conference to explain that the company has been hacked.
C) Establish chain of custody for all systems to which the systems administrator has access.
D) Conduct a detailed forensic analysis of the compromised system.
E) Inform the communications and marketing department of the attack details.
Correct Answer
verified
Multiple Choice
A) Randomly calling customer employees and posing as a help desk technician requiring user password to resolve issues
B) Posing as a copier service technician and indicating the equipment had "phoned home" to alert the technician for a service call
C) Simulating an illness while at a client location for a sales call and then recovering once listening devices are installed
D) Obtaining fake government credentials and impersonating law enforcement to gain access to a company facility
Correct Answer
verified
Multiple Choice
A) Single-tenant private cloud
B) Multitenant SaaS cloud
C) Single-tenant hybrid cloud
D) Multitenant IaaS cloud
E) Multitenant PaaS cloud
F) Single-tenant public cloud
Correct Answer
verified
Multiple Choice
A) Facial recognition
B) Swipe pattern
C) Fingerprint scanning
D) Complex passcode
E) Token card
Correct Answer
verified
Multiple Choice
A) Access control list
B) Security requirements traceability matrix
C) Data owner matrix
D) Roles matrix
E) Data design document
F) Data access policies
Correct Answer
verified
Multiple Choice
A) Message 1
B) Message 2
C) Message 3
D) Message 4
Correct Answer
verified
Multiple Choice
A) The solution employs threat information-sharing capabilities using a proprietary data model.
B) The RFP is issued by a financial institution that is headquartered outside of the vendor's own country.
C) The overall solution proposed by the vendor comes in less that the TCO parameter in the RFP.
D) The vendor's proposed solution operates below the KPPs indicated in the RFP.
Correct Answer
verified
Showing 101 - 120 of 442
Related Exams