[Apr 26, 2023] CompTIA SY0-601 Exam Dumps Files, Q1/469: Which of the following are the BEST ways to implement remote home access to a company's intranet systems

Join the discussion

Question 1/469

Which of the following are the BEST ways to implement remote home access to a company's intranet systems if establishing an always-on VPN is not an option? (Select Two)

A. Install VPN concentrations at home offices

B. Configure SNMPv3 server and clients.

C. Establish SSH access to a jump server

D. Implement a SSO solution

E. Create NAT on the firewall for intranet systems

F. Enable MFA for intranet systems

Add Comments

Other Question (469q): Q1. Which of the following are the BEST ways to implement remote home access to a company's in...; Q2. A cybersecurity analyst reviews the log files from a web server and sees a series of files...; Q3. A systems administrator is considering different backup solutions for the IT infrastructur...; Q4. Hackers recently attacked a company's network and obtained several unfavorable pictures fr...; Q5. A company recently experienced an inside attack using a corporate machine that resulted in...; Q6. A security analyst receives a SIEM alert that someone logged in to the appadmin test accou...; Q7. The cost of 'Cmovable media and the security risks of transporting data have become too gr...; Q8. Asecurity engineer needs to recommend a solution to defend against malicious actors misusi...; Q9. An engineer needs to deploy a security measure to identify and prevent data tampering with...; Q10. Which of the following would an organizaton use to assign a value to risks based on probab...; Q11. An information security officer at a credit card transaction company is conducting a frame...; Q12. Which of the following is a benefit of including a risk management framework into an organ...; Q13. A security analyst has been asked to investigate a situation after the SOC started to rece...; Q14. A user reports trouble using a corporate laptop. The laptop freezes and responds slowly wh...; Q15. Following a prolonged datacenter outage that affected web-based sales a company has decide...; Q16. A retail company that is launching a new website to showcase the company's product line an...; Q17. An end user reports a computer has been acting slower than normal for a few weeks, During ...; Q18. A company suspects that some corporate accounts were compromised. The number of suspicious...; Q19. A security analyst is investigation an incident that was first reported as an issue connec...; Q20. A company recently added a DR site and is redesigning the network. Users at the DR site ar...; Q21. The chief compliance officer from a bank has approved a background check policy for all ne...; Q22. A public relations team will be taking a group of guest on a tour through the facility of ...; Q23. Ann, a customer, received a notification from her mortgage company stating her PII may be ...; Q24. An end user reports a computer has been acting slower than normal for a few weeks, During ...; Q25. A security analyst is concerned about traffic initiated to the dark web form the corporate...; Q26. To mitigate the impact of a single VM being compromised by another VM on the same hypervis...; Q27. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q28. A penetration tester gains access to a network by exploiting a vulnerability on a public-f...; Q29. Which of the following BEST reduces the security risks introduced when running systems tha...; Q30. A global pandemic is forcing a private organization to close some business units and reduc...; Q31. When planning to build a virtual environment, an administrator need to achieve the followi...; Q32. Given the following logs: (Exhibit) Which of the following BEST describes the type of atta...; Q33. A user enters a password to log in to a workstation and is then prompted to enter an authe...; Q34. An organization recently acquired an ISO 27001 certification. Which of the following would...; Q35. Which of the following will MOST likely cause machine learning and Al-enabled systems to o...; Q36. A security analyst has been asked to investigate a situation after the SOC started to rece...; Q37. An organization is building backup sever moms in geographically diverse locations. The Chi...; Q38. A corporate security team needs to secure the wireless perimeter of its physical facilitie...; Q39. Developers are about to release a financial application, but the number of fields on the f...; Q40. An attack has occurred against a company. INSTRUCTIONS You have been tasked to do the foll...; Q41. A network engineer created two subnets that will be used for production and development se...; Q42. A security analyst is working on a project to implement a solution that monitors network c...; Q43. A security analyst is reviewing a penetration-testing report from a third-party contractor...; Q44. A company uses specially configured workstations for any work that requires administrator ...; Q45. A penetration tester gains access to a network by exploiting a vulnerability on a public-f...; Q46. A company recently set up an e-commerce portal to sell its product online. The company wan...; Q47. Which of the following is an effective tool to stop or prevent the exfiltration of data fr...; Q48. A company recently added a DR site and is redesigning the network. Users at the DR site ar...; Q49. An organization is concerned about intellectual property theft by employee who leave the o...; Q50. An organization's RPO for a critical system is two hours. The system is used Monday throug...; Q51. A remote user recently took a two-week vacation abroad and brought along a corporate-owned...; Q52. A financial nstitution wauid like to stare its customer data in a coud but still allaw the...; Q53. An organization's corporate offices were destroyed due to a natural disaster, so the organ...; Q54. A network engineer at a company with a web server is building a new web environment with t...; Q55. A company was compromised, and a security analyst discovered the attacker was able to get ...; Q56. An information security policy stales that separation of duties is required for all highly...; Q57. Which of the following processes will eliminate data using a method that will allow the st...; Q58. A university with remote campuses, which all use different service providers, loses Intern...; Q59. During a recent penetration test, the tester discovers large amounts of data were exfiltra...; Q60. A Chief Security Officer is looking for a solution that can reduce the occurrence of custo...; Q61. An engineer is configuring AAA authentication on a Cisco MDS 9000 Series Switch. The LDAP ...; Q62. A company recently added a DR site and is redesigning the network. Users at the DR site ar...; Q63. Developers are about to release a financial application, but the number of fields on the f...; Q64. A security analyst is looking for a solution to help communicate to the leadership team th...; Q65. A researcher has been analyzing large data sets for the last ten months. The researcher wo...; Q66. A company is providing security awareness training regarding the importance of not forward...; Q67. An analyst is reviewing logs associated with an attack. The logs indicate an attacker down...; Q68. Which of the following would MOST likely support the integrity of a voting machine?...; Q69. A security engineer is setting up passwordless authentication for the first time. INSTRUCT...; Q70. A company recently moved into a new annex of the building. Following the move, the help de...; Q71. After entering a username and password, and administrator must draw a gesture on a touch s...; Q72. An organization's Chief Information Security Officer is creating a position that will be r...; Q73. A junior systems administrator noticed that one of two hard drives in a server room had a ...; Q74. A security administrator has discovered that workstations on the LAN are becoming infected...; Q75. Which of the following cryptographic concepts would a security engineer utilize while impl...; Q76. The exploitation of a buffer-overrun vulnerability in an application will MOST likely lead...; Q77. Leveraging the information supplied below, complete the CSR for the server to set up TLS (...; Q78. Which of the following will MOST likely cause machine learning and Al-enabled systems to o...; Q79. A security engineer needs to Implement the following requirements: * All Layer 2 switches ...; Q80. A penetration tester gains access to the network by exploiting a vulnerability on a public...; Q81. A customer has reported that an organization's website displayed an image of a smiley (ace...; Q82. Entering a secure area requires passing through two doors, both of which require someone w...; Q83. Against the recommendation of the IT security analyst, a company set all user passwords on...; Q84. A business is looking for a cloud service provider that offers a la carte services, includ...; Q85. Which of the following is a detective and deterrent control against physical intrusions?...; Q86. An organization wants to host an externally accessible web server that will not contain se...; Q87. The Chief Information Security Officer (CISO) has decided to reorganize security staff to ...; Q88. A junior security analyst is reviewing web server logs and identifies the following patter...; Q89. A preventive control differs from a compensating control in that a preventive control is:...; Q90. A security analyst Is hardening a Linux workstation and must ensure It has public keys for...; Q91. A well-known organization has been experiencing attacks from APIs. The organization is con...; Q92. A large industrial system's smart generator monitors the system status and sends alerts to...; Q93. A forensics investigator is examining a number of unauthorized payments the were reported ...; Q94. A newly purchased corporate WAP needs to be configured in the MOST secure manner possible....; Q95. Employees at a company are receiving unsolicited text messages on their corporate cell pho...; Q96. A security analyst is looking for a solution to help communicate to the leadership team th...; Q97. A security researching is tracking an adversary by noting its attack and techniques based ...; Q98. In the middle of a cybersecurity, a security engineer removes the infected devices from th...; Q99. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q100. A technician needs to prevent data loss in a laboratory. The laboratory is not connected t...; Q101. A security analyst was deploying a new website and found a connection attempting to authen...; Q102. A developer is concerned about people downloading fake malware-infected replicas of a popu...; Q103. Joe. a security analyst, recently performed a network discovery to fully understand his or...; Q104. An organization implemented a process that compares the settings currently configured on s...; Q105. An analyst is reviewing logs associated with an attack. The logs indicate an attacker down...; Q106. An n that has a large number of mobile devices is explonng enhanced secunty controls to ma...; Q107. A company is receiving emails with links to phishing sites that look very similar to the c...; Q108. An IT security manager requests a report on company information that is publicly available...; Q109. Server administrators want to configure a cloud solution so that computing memory and proc...; Q110. A company wants to deploy PKI on its Internet-facing website. The applications that are cu...; Q111. Which of the following are the MOST likely vectors for the unauthorized inclusion of vulne...; Q112. During an incident response, a security analyst observes the following log entry on the we...; Q113. A security analyst was deploying a new website and found a connection attempting to authen...; Q114. While reviewing an alert that shows a malicious request on one web application, a cybersec...; Q115. A security analyst was asked to evaluate a potential attack that occurred on a publicly ac...; Q116. Which of the following would be BEST to establish between organizations to define the resp...; Q117. A customer called a company's security team to report that all invoices the customer has r...; Q118. A retail executive recently accepted a job with a major competitor. The following week, a ...; Q119. A bank detects fraudulent activity on user's account. The user confirms transactions compl...; Q120. You received the output of a recent vulnerability assessment. Review the assessment and sc...; Q121. A small business just recovered from a ransomware attack against its file servers by purch...; Q122. A customer service representative reported an unusual text message that was sent to the he...; Q123. A security analyst needs to determine how an attacker was able to use User3 to gain a foot...; Q124. A Chief Security Officer (CSO) has asked a technician to devise a solution that can detect...; Q125. A local coffee shop runs a small WiFi hot-spot for its customers that utilizes WPA2-PSK. T...; Q126. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q127. An organization is building backup server rooms in geographically diverse locations The Ch...; Q128. A Chief Information Officer receives an email stating a database will be encrypted within ...; Q129. A security analyst sees the following log output while reviewing web logs: (Exhibit) Which...; Q130. An organization's RPO for a critical system is two hours. The system is used Monday throug...; Q131. A company would like to provide flexibility for employees on device preference. However, t...; Q132. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q133. A company uses specially configured workstations tor any work that requires administrator ...; Q134. Two organizations plan to collaborate on the evaluation of new SIEM solutions for their re...; Q135. A company's cybersecurity department is looking for a new solution to maintain high availa...; Q136. After gaining access to a dual-homed (i.e.. wired and wireless) multifunction device by ex...; Q137. After a phishing scam for a user's credentials, the red team was able to craft a payload t...; Q138. An organization is planning to open other datacenters to sustain operations in the event o...; Q139. A user's account is constantly being locked out. Upon further review, a security analyst f...; Q140. An attacker has successfully exfiltrated several non-salted password hashes from an online...; Q141. Which of the following provides the BEST protection for sensitive information and data sto...; Q142. The board of doctors at a company contracted with an insurance firm to limit the organizat...; Q143. A security analyst is hardening a network infrastructure. The analyst is given the followi...; Q144. The SOC for a large MSSP is meeting to discuss the lessons learned from a recent incident ...; Q145. A newly purchased corporate WAP needs to be configured in the MOST secure manner possible....; Q146. An attacker was easily able to log in to a company's security camera by performing a baste...; Q147. As part of annual audit requirements, the security team performed a review of exceptions t...; Q148. After a recent security incident, a security analyst discovered that unnecessary ports wer...; Q149. A security analyst is investigating some users who are being redirected to a fake website ...; Q150. A security analyst is investigation an incident that was first reported as an issue connec...; Q151. A SOC is implementing an insider-threat-detection program. The primary concern is that use...; Q152. A smart retail business has a local store and a newly established and growing online store...; Q153. A cybersecurity administrator is using iptables as an enterprise firewall. The administrat...; Q154. A company would like to provide flexibility for employees on device preference. However, t...; Q155. An attacker has determined the best way to impact operations is to infiltrate third-party ...; Q156. A software company is analyzing a process that detects software vulnerabilities at the ear...; Q157. The compliance team requires an annual recertification of privileged and non-privileged us...; Q158. Which of the following is an example of risk avoidance?...; Q159. A systems administrator is looking for a solution that will help prevent OAuth application...; Q160. A security analyst is investigation an incident that was first reported as an issue connec...; Q161. A recent audit cited a risk involving numerous low-criticality vulnerabilities created by ...; Q162. Which of the following are requirements that must be configured for PCI DSS compliance? (C...; Q163. A company Is concerned about is security after a red-team exercise. The report shows the t...; Q164. A newly purchased corporate WAP needs to be configured in the MOST secure manner possible....; Q165. A security engineer needs to implement an MDM solution that complies with the corporate mo...; Q166. A security analyst is investigating some users who are being redirected to a fake website ...; Q167. Which of the following would detect intrusions at the perimeter of an airport?...; Q168. Which of the following BEST describes the team that acts as a referee during a penetration...; Q169. Users at organization have been installing programs from the internet on their workstation...; Q170. Which of the following is used to ensure that evidence is admissible in legal proceedings ...; Q171. A penetration tester was able to compromise an internal server and is now trying to pivot ...; Q172. A network administrator has been alerted that web pages are experiencing long load times. ...; Q173. Interiprsing a secure area requires passing though two doors, both of which require someon...; Q174. A security analyst needs to determine how an attacker was able to use User3 to gain a foot...; Q175. Which of the following would MOST likely be identified by a credentialed scan but would be...; Q176. A user downloaded an extension for a browser, and the user's device later became infected....; Q177. During a recent security incident at a multinational corporation a security analyst found ...; Q178. An enterprise has hired an outside security firm to conduct penetration testing on its net...; Q179. Several attempts have been made lo pick the door lock of a secure facility As a result the...; Q180. An organization's help desk is flooded with phone calls from users stating they can no lon...; Q181. An end user reports a computer has been acting slower than normal for a few weeks. During ...; Q182. A vulnerability assessment report will include the CVSS score of the discovered vulnerabil...; Q183. Data exftitration analysis indicates that an attacker managed to download system configura...; Q184. A security administrator suspects there may be unnecessary services running on a server. W...; Q185. Which of the following will Increase cryptographic security?...; Q186. During a trial, a judge determined evidence gathered from a hard drive was not admissible....; Q187. Hotspot Question The security administration has installed a new firewall which implements...; Q188. Which of the following will MOST likely cause machine learning and Al-enabled systems to o...; Q189. An attack has occurred against a company. INSTRUCTIONS You have been tasked to do the foll...; Q190. A recent security assessment revealed that an actor exploited a vulnerable workstation wit...; Q191. Which of the following BEST describes when an organization utilizes a ready-to-use applica...; Q192. Which of the following BEST describes the MFA attribute that requires a callback on a pred...; Q193. Against the recommendation of the IT security analyst, a company set all user passwords on...; Q194. A security analyst has been tasked with creating a new WiFi network for the company. The r...; Q195. A security administrator needs to create a RAID configuration that is focused on high read...; Q196. While reviewing pcap data, a network security analyst is able to locate plaintext username...; Q197. A security engineer is setting up passwordless authentication for the first time. INSTRUCT...; Q198. Hotspot Question Select the appropriate attack and remediation from each drop-down list to...; Q199. During an incident response, a security analyst observes the following log entry on the we...; Q200. A Chief Information Security Officer (CISO) is concerned about the organization's ability ...; Q201. A security analyst is configuring a large number of new company-issued laptops. The analys...; Q202. A SOC operator is analyzing a log file that contains the following entries: (Exhibit)...; Q203. Historically. a company has had issues with users plugging in personally owned removable m...; Q204. A security analyst is reviewing the following attack log output: (Exhibit) Which of the fo...; Q205. A security analyst is investigation an incident that was first reported as an issue connec...; Q206. Customers reported their antivirus software flagged one of the company's primary software ...; Q207. A software company adopted the following processes before releasing software to production...; Q208. A company recently added a DR site and is redesigning the network. Users at the DR site ar...; Q209. An analyst visits an internet forum looking for information about a tool. The analyst find...; Q210. A retail company that is launching a new website to showcase the company's product line an...; Q211. Leveraging the information supplied below, complete the CSR for the server to set up TLS (...; Q212. A university with remote campuses, which all use different service providers, loses Intern...; Q213. A security analyst needs to be able to search and correlate logs from multiple sources in ...; Q214. An organization relies on third-party video conferencing to conduct daily business. Recent...; Q215. A user reports constant lag and performance issues with the wireless network when working ...; Q216. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q217. Which of the following is the MOST secure but LEAST expensive data destruction method for ...; Q218. one of the attendees starts to notice delays in the connection. and the HTTPS site request...; Q219. A security engineer is setting up passwordless authentication for the first time. INSTRUCT...; Q220. A network administrator has been asked to install an IDS to improve the security posture o...; Q221. A security administrator is trying to determine whether a server is vulnerable to a range ...; Q222. A user reports trouble using a corporate laptop. The laptop freezes and responds slowly wh...; Q223. A dynamic application vulnerability scan identified code injection could be performed usin...; Q224. A cybersecurity analyst reviews the log files from a web server and sees a series of files...; Q225. A security engi is cor that the gy tor on endpoints ts too heavily dependent on previously...; Q226. Which of the following describes a social engineering technique that seeks to exploit a pe...; Q227. An analyst is trying to identify insecure services that are running on the internal networ...; Q228. A user reports constant lag and performance issues with the wireless network when working ...; Q229. A user received an SMS on a mobile phone that asked for bank details. Which of the followi...; Q230. A security monitoring company offers a service that alerts its customers if their credit c...; Q231. The cost of removable media and the security risks of transporting data have become too gr...; Q232. Several users have opened tickets with the help desk. The help desk has reassigned the tic...; Q233. Which of the following is a reason to publish files' hashes?...; Q234. A security analyst needs to perform periodic vulnerably scans on production systems. Which...; Q235. A software company is analyzing a process that detects software vulnerabilities at the ear...; Q236. During an asset inventory, several assets, supplies, and miscellaneous items were noted as...; Q237. A security administrator is managing administrative access to sensitive systems with the f...; Q238. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q239. A company is setting up a web server on the Internet that will utilize both encrypted and ...; Q240. Which of the following is a known security nsk associated with data archives that contain ...; Q241. A newly purchased corporate WAP needs to be configured in the MOST secure manner possible....; Q242. In which of the following risk management strategies would cybersecurity insurance be used...; Q243. A new security engineer has started hardening systems. One of the hardening techniques the...; Q244. Due to unexpected circumstances, an IT company must vacate its main office, forcing all op...; Q245. The new Chief Executive Officer (CEO) of a large company has announced a partnership with ...; Q246. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q247. A dynamic application vulnerability scan identified code injection could be performed usin...; Q248. A security Daalyst is taking part in an evaluation process that analyzes and categorizes t...; Q249. A newly purchased corporate WAP needs to be configured in the MOST secure manner possible....; Q250. The Chief Information Security Officer directed a risk reduction in shadow IT and created ...; Q251. A user's laptop constantly disconnects from the Wi-Fi network. Once the laptop reconnects,...; Q252. The security administrator has installed a new firewall which implements an implicit DENY ...; Q253. ihic ofthe lowing iste BEST resnon to meitsin frciona ani SSUES Rane ETS or cricai?...; Q254. A company recently experienced an attack during which its main website was directed to the...; Q255. A large financial services firm recently released information regarding a security breach ...; Q256. An organization relies on third-party video conferencing to conduct daily business. Recent...; Q257. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q258. Which of the following can be used by a monitoring tool to compare values and detect passw...; Q259. A security engineer needs to create a network segment that can be used for servers that re...; Q260. The lessons-learned analysis from a recent incident reveals that an administrative office ...; Q261. A digital forensics team at a large company is investigating a case in which malicious cod...; Q262. A security analyst is preparing a threat for an upcoming internal penetration test. The an...; Q263. The new Chief Executive Officer (CEO) of a large company has announced a partnership with ...; Q264. A global pandemic is forcing a private organization to close some business units and reduc...; Q265. A security analyst is reviewing the following attack log output: (Exhibit) Which of the fo...; Q266. A small business just recovered from a ransomware attack against its file servers by purch...; Q267. Law enforcement officials sent a company a notification that states electronically stored ...; Q268. DDoS attacks are causing an overload on the cluster of cloud servers. A security architect...; Q269. A security analyst b concerned about traffic initiated to the dark web from the corporate ...; Q270. Which of the following will MOST likely cause machine learning and Al-enabled systems to o...; Q271. A Chief Security Officer (CSO) was notified that a customer was able to access confidentia...; Q272. A network administrator needs to build out a new datacenter, with a focus on resiliency an...; Q273. A security engineer is setting up passwordless authentication for the first time. INSTRUCT...; Q274. While reviewing an alert that shows a malicious request on one web application, a cybersec...; Q275. A security analyst needs to be able to search and correlate logs from multiple sources in ...; Q276. After a phishing scam for 9 user's credentals, the red team was able to craft a payload to...; Q277. A user reports trouble using a corporate laptop. The laptop freezes and responds slowly wh...; Q278. Which of the following should a technician consider when selecting an encryption method fo...; Q279. A company recently added a DR site and is redesigning the network. Users at the DR site ar...; Q280. While checking logs, a security engineer notices a number of end users suddenly downloadin...; Q281. A company recently added a DR site and is redesigning the network. Users at the DR site ar...; Q282. Which of the following organizational policies are MOST likely to detect fraud that is bei...; Q283. A network administrator has been asked to design a solution to improve a company's securit...; Q284. A security engineer is reviewing log files after a third discovered usernames and password...; Q285. Which of the following in the incident response process is the BEST approach to improve th...; Q286. A user downloaded an extension for a browser, and the user's device later became infected....; Q287. An engineer is setting up a VDI environment for a factory tocation, and the business wants...; Q288. A company recently implemented a new security system. In the course of configuration, the ...; Q289. A company is implementing a DLP solution on the file server. The file server has Pll. fina...; Q290. A security analyst is investigating suspicious traffic on the web server located at IP add...; Q291. A forensics investigator is examining a number of unauthorized payments the were reported ...; Q292. Acritical file server is being upgraded and the systems administrator must determine which...; Q293. An organization recently recovered from a data breach. During the root cause analysis, the...; Q294. An organization is outlining data stewardship roles and responsibilities. Which of the fol...; Q295. The website http://companywebsite.com requires users to provide personal information inclu...; Q296. A company is setting up a web server on the Internet that will utilize both encrypted and ...; Q297. A newly purchased corporate WAP needs to be configured in the MOST secure manner possible....; Q298. A critical file server is being upgraded and the systems administrator must determine whic...; Q299. A security analyst Is hardening a Linux workstation and must ensure It has public keys for...; Q300. Which of the following is a benefit of including a risk management framework into an organ...; Q301. During a security assessment, a security finds a file with overly permissive permissions. ...; Q302. A security analyst is reviewing logs on a server and observes the following output: (Exhib...; Q303. A desktop support technician recently installed a new document-scanning software program o...; Q304. An IT security manager requests a report on company information that is publicly available...; Q305. Which of the following explains why RTO is included in a BIA?...; Q306. Which of the following types of attacks is specific to the individual it targets?...; Q307. A security analyst is responding to an alert from the SIEM. The alert states that malware ...; Q308. A securily analysl has receved several reporls of an issue on an inlemal web application. ...; Q309. A Chief Security Officer (CSO) is concerned that cloud-based services are not adequately p...; Q310. A security an analyst needs to implement security features across smartphones. laptops, an...; Q311. Which of the following would BEST provide detective and corrective controls for thermal re...; Q312. A researcher has been analyzing large data sets for the last ten months. The researcher wo...; Q313. Which of the following risk management strategies would an organization use to maintain a ...; Q314. A security administrator checks the table of a network switch, which shows the following o...; Q315. Which of the following allows for functional test data to be used in new systems for testi...; Q316. A security engineer is setting up passwordless authentication for the first time. INSTRUCT...; Q317. An organization has implemented a two-step verification process to protect user access to ...; Q318. A security administrator Installed a new web server. The administrator did this to Increas...; Q319. A junior security analyst iss conducting an analysis after passwords were changed on multi...; Q320. A network administrator is concerned about users being exposed to malicious content when a...; Q321. Which of the following provides a catalog of security and privacy controls related to the ...; Q322. An analyst is reviewing logs associated with an attack. The logs indicate an attacker down...; Q323. The Chief Executive Officer (CEO) of an organization would like staff members to have the ...; Q324. During a recent incident an external attacker was able to exploit an SMB vulnerability ove...; Q325. An organization is migrating several SaaS applications that support SSO. The security mana...; Q326. Which of the following BEST describes the MFA attribute that requires a callback on a pred...; Q327. An end user reports a computer has been acting slower than normal for a few weeks. During ...; Q328. A security analyst needs to produce a document that details how a security incident occurr...; Q329. The Chief Information Security Officer wants to pilot a new adaptive, user-based authentic...; Q330. Which of the following is a physical security control that ensures onty the authorized use...; Q331. Which of the following would a European company interested in implementing a technical, ha...; Q332. During an incident response, a security analyst observes the following log entry on the we...; Q333. A company uses wireless tor all laptops and keeps a very detailed record of its assets, al...; Q334. A cybersecurity analyst reviews the log files from a web server and sees a series of files...; Q335. A customer has reported that an organization's website displayed an image of a smiley (ace...; Q336. During an incident response, a security analyst observes the following log entry on the we...; Q337. A security analyst is concerned about critical vulnerabilities that have been detected on ...; Q338. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q339. A security analyst is using a recently released security advisory to review historical log...; Q340. A recent security assessment revealed that an actor explolied a vuinerable workstation wil...; Q341. Which of the following is the MOST likely reason for securing an air-gapped laboratory HVA...; Q342. Which of the following environments would MOST likely be used to assess the execution of c...; Q343. A startup company is using multiple SaaS and IaaS platform to stand up a corporate infrast...; Q344. A SECURITY ANALYST NEEDS TO FIND REAL-TIME DATA ON THE LATEST MALWARE AND loCs WHICH OF TH...; Q345. A Chief Executive Officer's (CEO) personal information was stolen in a social engineering ...; Q346. A user contacts the help desk to report the following: * Two days ago, a pop-up browser wi...; Q347. A security analyst needs to determine how an attacker was able to use User3 to gain a foot...; Q348. A security analyst is investigating some users who are being redirected to a fake website ...; Q349. An information security policy stales that separation of duties is required for all highly...; Q350. During an incident response, a security analyst observes the following log entry on the we...; Q351. All security analysts workstations at a company have network access to a critical server V...; Q352. A security analyst is investigating an incident to determine what an attacker was able to ...; Q353. fier segmenting the network, the network manager wants to control the traffic between the ...; Q354. Which biometric error would allow an unauthorized user to access a system?...; Q355. A security analyst has been asked by the Chief Information Security Officer to * develop a...; Q356. A security administrator Is managing administrative access to sensitive systems with the f...; Q357. An organization is developing an authentication service for use at the entry and exit port...; Q358. A company was compromised, and a security analyst discovered the attacker was able to get ...; Q359. Which of the following must be in place before implementing a BCP?...; Q360. A company discovered that terabytes of data have been exfiltrated over the past year after...; Q361. Several users have opened tickets with the help desk. The help desk has reassigned the tic...; Q362. Server administrator want to configure a cloud solution so that computing memory and proce...; Q363. A security administrator is trying to determine whether a server is vulnerable to a range ...; Q364. An attacker was easily able to log in to a company's security camera by performing a baste...; Q365. Security analysts notice a server login from a user who has been on vacation for two weeks...; Q366. A security engineer is setting up passwordless authentication for the first time. INSTRUCT...; Q367. A bank detects fraudulent activity on user's account. The user confirms transactions compl...; Q368. nteping a secure area requires passing though two doors, both of which require someone who...; Q369. A security analyst is tasked with defining the "something you are" factor of the company's...; Q370. After a phishing scam for a user's credentials, the red team was able to craft a payload t...; Q371. On which of the following is the live acquisition of data for forensic analysis MOST depen...; Q372. An enterprise needs to keep cryptographic keys in a safe manner. Which of the following ne...; Q373. A company recently experienced a significant data loss when proprietary Information was le...; Q374. A financial analyst has been accused of violating the company's AUP and there is forensic ...; Q375. During an incident response, a security analyst observes the following log entry on the we...; Q376. An organization has hired a red team to simulate attacks on its security posture. Which of...; Q377. An engineer wants to access sensitive data from a corporate-owned mobile device. Personal ...; Q378. Which of the following is MOST likely to contain ranked and ordered information on the lik...; Q379. The facilities supervisor for a government agency is concerned about unauthorized access t...; Q380. A user enters a username and a password at the login screen for a web portal. A few second...; Q381. During a security incident investigation, an analyst consults the company's SIEM and sees ...; Q382. A Chief Security Officer (CSO) has asked a technician to devise a solution that can detect...; Q383. A company recently experienced a data breach and the source was determined to be an execut...; Q384. A security analyst needs to make a recommendation for restricting access to certain segmen...; Q385. A help desk technician receives a phone call from someone claiming to be a part of the org...; Q386. An attacker is attempting to harvest user credentials on a client's wedsite, A security an...; Q387. The security administrator has installed a new firewall which implements an implicit DENY ...; Q388. A security manager runs Nessus scans of the network after every maintenance vandow Which o...; Q389. A database administrator needs to ensure all passwords are stored in a secure manner, so t...; Q390. A company recently suffered a breach in which an attacker was able to access the internal ...; Q391. A security analyst is running a vulnerability scan to check for missing patches during a s...; Q392. A pharmaceutical sales representative logs on to a laptop and connects to the public WiFi ...; Q393. An end user reports a computer has been acting slower than normal for a few weeks. During ...; Q394. An IT security manager requests a report on company information that is publicly available...; Q395. An organization's finance department is implementing a policy to protect against collusion...; Q396. A company is required to continue using legacy software to support a critical service. Whi...; Q397. During a security assessment, a security finds a file with overly permissive permissions. ...; Q398. A company is setting up a web server on the Internet that will utilize both encrypted and ...; Q399. Select the appropriate attack and remediation from each drop-down list to label the corres...; Q400. A network administrator is concerned about users being exposed to malicious content when a...; Q401. A company Is concerned about ts securkty afler a red-tearn exercise. The report shows the ...; Q402. A company is implementing a DLP solution on the file server. The file server has PII, fina...; Q403. A network administrator has been alerted that web pages are experiencing long load times. ...; Q404. A security analyst is reviewing the following command-line output: (Exhibit) Which of the ...; Q405. Which of the following control types fixes a previously identified issue and mitigates a r...; Q406. A user downloaded an extension for a browser, and the uses device later became infected. T...; Q407. Which of the following would MOST likely support the integrity of a voting machine?...; Q408. As part of a company's ongoing SOC maturation process, the company wants to implement a me...; Q409. Which of the following will MOST likely cause machine learning and Al-enabled systems to o...; Q410. Company engineers regularly participate in a public Internet forum with other engineers th...; Q411. An attacked is attempting to exploit users by creating a fake website with the URL www.val...; Q412. A security researcher has alerted an organization that its sensitive user data was found f...; Q413. DRAG DROP An attack has occurred against a company. INSTRUCTIONS You have been tasked to d...; Q414. A user attempts to load a web-based application, but the expected login screen does not ap...; Q415. A technician enables full disk encryption on a laptop that will be taken on a business tri...; Q416. A security engineer is hardening existing solutions to reduce application vulnerabilities....; Q417. A Chief Security Officer (CSO) is concerned about the volume and integrity of sensitive in...; Q418. An attack has occurred against a company. INSTRUCTIONS You have been tasked to do the foll...; Q419. Which of the following represents a biometric FRR?...; Q420. A security analyst is reviewing the following command-line output: (Exhibit) Which of the ...; Q421. Which of the following is the FIRST environment in which proper, secure coding should be p...; Q422. Which of the following in a forensic investigation should be priorities based on the order...; Q423. The spread of misinformation surrounding the outbreak of a novel virus on election day led...; Q424. A security analyst has been asked to investigate a situation after the SOC started to rece...; Q425. A network administrator has been alerted that web pages are experiencing long load times. ...; Q426. A Chief Security Officer (CSO) was notified that a customer was able to access confidentia...; Q427. A small company that does not have security staff wants to improve its security posture. W...; Q428. A security analyst is reviewing the following command-line output: (Exhibit) Which of the ...; Q429. Data exftitration analysis indicates that an attacker managed to download system configura...; Q430. A security analyst is using OSINT to gather information to verity whether company data is ...; Q431. An organization has various applications that contain sensitive data hosted in the cloud. ...; Q432. A COMPANY HAS DESCOVERED UNA mans DEVICE ARE USING ITS WIFI NETWORK, AND IT WANTS TO HARDE...; Q433. A SOC is currently being outsourced. Which of the following is being used?...; Q434. A security analyst has been asked to investigate a situation after the SOC started to rece...; Q435. A user enters a password to log in to a workstation and is then prompted to enter an authe...; Q436. An organization has hired a security analyst to perform a penetration test. The analyst ca...; Q437. After installing a Windows server, a cybersecurity administrator needs to harden it, follo...; Q438. A network administrator needs to build out a new datacenter, with a focus on resiliency an...; Q439. A security engineer is setting up passwordless authentication for the first time. INSTRUCT...; Q440. During a recent penetration test, the tester discovers large amounts of data were exfiltra...; Q441. An engineer is setting up a VDI environment for a factory location, and the business wants...; Q442. A security analyst has identified malware spreading through the corporate network and has ...; Q443. A forensics investigator is examining a number of unauthorized payments that were reported...; Q444. A Chief Information Officer is concerned about employees using company-issued laptops to s...; Q445. A root cause analysis reveals that a web application outage was caused by one of the compa...; Q446. An.. that has a large number of mobile devices is exploring enhanced security controls to ...; Q447. A company is switching to a remote work model for all employees. All company and employee ...; Q448. Which of the following is a reason to publish files' hashes?...; Q449. A security analyst is looking for a solution to help communicate to the leadership team th...; Q450. The security administrator has installed a new firewall which implements an implicit DENY ...; Q451. Data exftitration analysis indicates that an attacker managed to download system configura...; Q452. Which of the following is the BEST reason to maintain a functional and effective asset man...; Q453. A security manager has tasked the security operations center with locating all web servers...; Q454. Which of the following is a team of people dedicated testing the effectiveness of organiza...; Q455. Which of the following must be in place before implementing a BCP?...; Q456. A security proposal was set up to track requests for remote access by creating a baseline ...; Q457. A security analyst is configuring a large number of new company-issued laptops. The analys...; Q458. A security analyst is reviewing the output of a web server log and notices a particular ac...; Q459. A network engineer has been asked to investigate why several wireless barcode scanners and...; Q460. A security analyst is reviewing the output of a web server log and notices a particular ac...; Q461. The Chief Information Security Officer (CISO) has requested that a third-party vendor prov...; Q462. A financial institution would like to store its customer data in a cloud but still allow t...; Q463. Which of the following function as preventive, detective, and deterrent controls to reduce...; Q464. Which of the following is the MOST effective way to detect security flaws present on third...; Q465. The security team received a report of copyright infringement from the IP space of lire co...; Q466. A security analyst discovers several .jpg photos from a cellular phone during a forensics ...; Q467. A forensics investigator is examining a number of unauthorized payments the were reported ...; Q468. A security analyst is performing a packet capture on a series of SOAP HTTP requests for a ...; Q469. A database administrator needs to ensure all passwords are stored in a secure manner, so t...

Join the discussion

Question 1/469

Add Comments

Download PDF File