Linux+

what color do you like

A security analyst is reviewing alerts in the SIEM related to potential malicious network traffic coming from an employee’s corporate laptop. The security analyst has determined that additional data about the executable running on the machine is necessary to continue the investigation. Which of the following logs should the analyst use as a data source?

A cyber operations team informs a security analyst about a new tactic malicious actors are using to compromise networks. SIEM alerts have not yet been configured. Which of the following best describes what the security analyst should do to identify this behavior?

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

A security administrator would like to protect data on employees’ laptops. Which of the following encryption techniques should the security administrator use?

Which of the following security control types does an acceptable use policy best represent?

An IT manager informs the entire help desk staff that only the IT manager and the help desk lead will have access to the administrator console of the help desk software. Which of the following security techniques is the IT manager setting up?

Which of the following roles, according to the shared responsibility model, is responsible for securing the company’s database in an IaaS model for a cloud environment?

A client asked a security company to provide a document outlining the project, the cost, and the completion time frame. Which of the following documents should the company provide to the client?

A security team is reviewing the findings in a report that was delivered after a third party performed a penetration test. One of the findings indicated that a web application form field is vulnerable to cross-site scripting. Which of the following application security techniques should the security analyst recommend the developer implement to prevent this vulnerability?

Which of the following must be considered when designing a high-availability network? (Choose two).

A technician needs to apply a high-priority patch to a production system. Which of the following steps should be taken first?

Which of the following describes the reason root cause analysis should be conducted as part of incident response?

Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?

A company is developing a business continuity strategy and needs to determine how many staff members would be required to sustain the business in the case of a disruption. Which of the following best describes this step?

A company’s legal department drafted sensitive documents in a SaaS application and wants to ensure the documents cannot be accessed by individuals in high-risk countries. Which of the following is the most effective way to limit this access?

Which of the following is a hardware-specific vulnerability?

While troubleshooting a firewall configuration, a technician determines that a ‘deny any’ policy should be added to the bottom of the ACL. The technician updates the policy, but the new policy causes several company servers to become unreachable. Which of the following actions would prevent this issue?

An organization is building a new backup data center with cost-benefit as the primary requirement and RTO and RPO values around two days. Which of the following types of sites is the best for this scenario?

A company requires hard drives to be securely wiped before sending decommissioned systems to recycling. Which of the following best describes this policy?

A systems administrator works for a local hospital and needs to ensure patient data is protected and secure. Which of the following data classifications should be used to secure patient data?

What is the best action to take when noticing an unknown device connected to a secure network?

Which of the following describes a method to ensure data integrity?

An organization is concerned about the potential data loss from mobile devices. What is the best method to protect the data?

A company wants to ensure its network is resilient against DDoS attacks. What should they implement?

Which security concept ensures that only authorized parties can access data?

An analyst is tasked with ensuring that a web application is not vulnerable to SQL Injection. What should they recommend?

Which of the following is a best practice for securing IoT devices in a corporate environment?

What is the primary benefit of using biometric authentication?

During an audit, it was discovered that several employees were using shared accounts to log into sensitive systems. What should be done?

A security administrator needs to implement a solution that detects and prevents malware in real-time. What should they implement?

What should a security analyst implement to provide the highest level of confidentiality when sending sensitive data over the Internet?

Which of the following should be performed after installing a new piece of software to verify its authenticity?

An organization wants to improve its ability to detect phishing attacks. Which of the following would best help achieve this?

A company’s security policy mandates that all remote connections be logged and monitored. Which of the following technologies would best meet this requirement?

Which technology can be used to ensure data integrity during transit?

Which of the following is a common security issue found in cloud computing environments?

What type of security control is an intrusion detection system?

A company is considering implementing a new technique to improve encryption speeds. Which of the following should be the primary concern?

What is the main purpose of a security information and event management (SIEM) system?

Which of the following is a benefit of using subnetworks in a large organization?

A security analyst needs to ensure that an application is free of known vulnerabilities before deployment. Which of the following practices should be employed?

Which of the following technologies will help prevent a laptop from being accessed by unauthorized users?

A company’s network security policies require that all web traffic pass through a proxy server. What is the primary security benefit of this requirement?

What is the main security risk associated with implementing third-party JavaScript libraries in web applications?

Which of the following is the primary reason to implement a secure coding standard within an organization?

A company wants to ensure that the wireless traffic is protected from interception. Which of the following should be implemented?

Which method would be used to provide high availability in a cloud environment?

What is the main purpose of using security metrics within an organization?

A security consultant is conducting a penetration test and identifies a vulnerability that could potentially allow unauthorized file access. Which of the following tools did the consultant most likely use?

A business wants to limit the risk associated with handling customer credit card data. Which of the following is the best method for reducing this risk?

Which of the following methods to secure credit card data is best to use when a requirement is to see only the last four numbers on a credit card?

An administrator finds that all user workstations and servers are displaying a message that is associated with files containing an extension of .ryk. Which of the following types of infections is present on the systems?

A healthcare organization wants to provide a web application that allows individuals to digitally report health emergencies. Which of the following is the most important consideration during development?

Which of the following is the best reason to complete an audit in a banking environment?

A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?

Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centralized system?

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Select two).

An administrator assists the legal and compliance team with ensuring information about customer transactions is archived for the proper time period. Which of the following data policies is the administrator carrying out?

A systems administrator is working on a solution with the following requirements: Provide a secure zone, enforce a company-wide access control policy, reduce the scope of threats. Which of the following is the systems administrator setting up?

A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Which of the following should the administrator set up to achieve this goal?

Which of the following is the phase in the incident response process when a security analyst reviews roles and responsibilities?

A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from the vendor?

Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Select two).

Which of the following vulnerabilities is exploited when an attacker overwrites a register with a malicious address?

Which of the following would be the best way to handle a critical business application that is running on a legacy server?

A systems administrator wants to improve security after a recent data breach. Which of the following is the best first step?

A company is considering outsourcing their data storage. Which of the following would be the primary security concern?

What is the primary benefit of deploying an IDS over an IPS?

A network administrator needs to ensure that new web applications undergo security testing before deployment. Which of the following processes is designed to achieve this?

What type of cyber attack involves overwhelming the target with traffic to cause a denial of service?

A security consultant recommends that a company use cloud-based resources to improve scalability and reduce costs. Which of the following is the MOST important security consideration when implementing this recommendation?

A company needs to maintain the integrity of its data. Which of the following would be the best solution?

Which of the following security threats is directly related to the loss of availability?

A company wants to ensure that its internal communications remain confidential. What is the best method to achieve this?

A network security engineer is configuring a solution that allows a device to intercept HTTPS traffic and inspect the contents. What is this method commonly called?

An organization must store sensitive information for a certain period but must also ensure its destruction after that period. Which of the following policies is applicable?

Which of the following is a legal contract that specifies the terms of service between a vendor and client?

What is the primary purpose of data normalization in a database?

A company has deployed a new VPN for employees who work remotely. Which of the following protocols ensures the most secure remote connection?

A security analyst is investigating a breach and finds that an attacker gained access through an outdated web application. What type of attack was likely used?

Which of the following best practices gives administrators a set period to perform changes to an operational system to ensure availability and minimize business impacts?

Which of the following actions could a security engineer take to ensure workstations and servers are properly monitored for unauthorized changes and software?

An organization would like to calculate the time needed to resolve a hardware issue with a server. Which of the following risk management processes describes this example?

Which of the following risks can be mitigated by HTTP headers?

Which of the following describes the category of data that is most impacted when it is lost?

After performing an assessment, an analyst wants to provide a risk rating for the findings. Which of the following concepts should most likely be considered when calculating the ratings?

A security consultant needs secure, remote access to a client environment. Which of the following should the security consultant most likely use to gain access?

A systems administrator deployed a monitoring solution that does not require installation on the endpoints that the solution is monitoring. Which of the following is described in this scenario?

A security analyst is reviewing the source code of an application in order to identify misconfigurations and vulnerabilities. Which of the following kinds of analysis best describes this review?

Which of the following agreement types is used to limit external discussions?

A systems administrator is redesigning how devices will perform network authentication. Which of the following would best meet the requirements?

A company implemented an MDM policy to mitigate risks after repeated instances of employees losing company-provided mobile phones. Which of the following MDM features should be configured to best address this issue? (Select two).

Which of the following involves an attempt to take advantage of database misconfigurations?

An organization would like to store customer data on a separate part of the network that is not accessible to users on the main corporate network. Which of the following should the administrator use to accomplish this goal?

Which of the following is used to quantitatively measure the criticality of a vulnerability?

A systems administrator wants to prevent users from being able to access data based on their responsibilities. The administrator also wants to apply the required access structure via a simplified format. Which of the following should the administrator apply to the site recovery resource group?

One of a company’s vendors sent an analyst a security bulletin that recommends a BIOS update. Which of the following vulnerability types is being addressed by the patch?

A security analyst locates a potentially malicious video file on a server and needs to identify both the creation date and the file’s creator. Which of the following actions would most likely give the security analyst the information required?

One of a company’s vendors sent an analyst a security bulletin that recommends a BIOS update. Which of the following vulnerability types is being addressed by the patch?