Join the discussion
Question 1/346
Which of the following would be the most appropriate way to protect data in transit?
Correct Answer: C
Transport Layer Security (TLS) 1.3 is the latest version of the TLS protocol and provides strong encryption for securing data in transit between clients and servers. It offers improved security and performance compared to previous versions like SSL 3.0 and earlier TLS versions.
Add Comments
- Other Question (346q)
- Q1. Which of the following would be the most appropriate way to protect data in transit?...
- Q2. A company evaluates several options that would allow employees to have remote access to th...
- Q3. The private key for a website was stolen, and a new certificate has been issued. Which of ...
- Q4. A Chief Information Security Officer wants to monitor the company's servers for SQLi attac...
- Q5. Which of the following would be the best solution to deploy a low-cost standby site that i...
- Q6. Which of the following can be used to identify potential attacker activities without affec...
- Q7. A user's workstation becomes unresponsive and displays a ransom note demanding payment to ...
- Q8. Security controls in a data center are being reviewed to ensure data is properly protected...
- Q9. Which of the following threat actors is the most likely to be hired by a foreign governmen...
- Q10. Which of the following describes the difference between encryption and hashing?...
- Q11. An administrator at a small business notices an increase in support calls from employees w...
- Q12. A company's marketing department collects, modifies, and stores sensitive customer data. T...
- Q13. An administrator needs to perform server hardening before deployment. Which of the followi...
- Q14. A vendor needs to remotely and securely transfer files from one server to another using th...
- Q15. Which of the following would a systems administrator follow when upgrading the firmware of...
- Q16. An organization recently started hosting a new service that customers access through a web...
- Q17. Which of the following can a security director use to prioritize vulnerability patching wi...
- Q18. Which of the following would most likely mitigate the impact of an extended power outage o...
- Q19. Which of the following security concepts is the best reason for permissions on a human res...
- Q20. A company wants to improve the availability of its application with a solution that requir...
- Q21. An accountant is transferring information to a bank over FTP. Which of the following mitig...
- Q22. A security analyst is evaluating a SaaS application that the human resources department wo...
- Q23. A malicious update was distributed to a common software platform and disabled services at ...
- Q24. The Chief Information Security Officer wants to put security measures in place to protect ...
- Q25. Which of the following is the best reason to complete an audit in a banking environment?...
- Q26. An IT manager is increasing the security capabilities of an organization after a data clas...
- Q27. A company decided to reduce the cost of its annual cyber insurance policy by removing the ...
- Q28. A company is considering an expansion of access controls for an application that contracto...
- Q29. Which of the following is a reason environmental variables are a concern when reviewing po...
- Q30. Which of the following is a possible factor for MFA?...
- Q31. A security consultant is working with a client that wants to physically isolate its secure...
- Q32. An organization wants to implement a secure solution for remote users. The users handle se...
- Q33. Which of the following would enable a data center to remain operational through a multiday...
- Q34. A network administrator is working on a project to deploy a load balancer in the company's...
- Q35. Several employees received a fraudulent text message from someone claiming to be the Chief...
- Q36. Which of the following is a feature of a next-generation SIEM system?...
- Q37. Which of the following environments utilizes a subset of customer data and is most likely ...
- Q38. Which of the following activities is included in the post-incident review phase?...
- Q39. An enterprise has been experiencing attacks focused on exploiting vulnerabilities in older...
- Q40. Which of the following are the first steps an analyst should perform when developing a hea...
- Q41. A systems administrator is changing the password policy within an enterprise environment a...
- Q42. A security administrator documented the following records during an assessment of network ...
- Q43. Which of the following options will provide the lowest RTO and RPO for a database?...
- Q44. The Chief Information Officer (CIO) asked a vendor to provide documentation detailing the ...
- Q45. Which of the following threat actors would most likely deface the website of a high-profil...
- Q46. Which of the following addresses individual rights such as the right to be informed, the r...
- Q47. A company tested and validated the effectiveness of network security appliances within the...
- Q48. Which of the following can best protect against an employee inadvertently installing malwa...
- Q49. A company web server is initiating outbound traffic to a low-reputation, public IP on non-...
- Q50. An attacker submits a request containing unexpected characters in an attempt to gain unaut...
- Q51. A network engineer deployed a redundant switch stack to increase system availability. Howe...
- Q52. An employee clicks a malicious link in an email that appears to be from the company's Chie...
- Q53. Which of the following should a security operations center use to improve its incident res...
- Q54. A company is currently utilizing usernames and passwords, and it wants to integrate an MFA...
- Q55. An administrator is installing an SSL certificate on a new system. During testing, errors ...
- Q56. An organization's internet-facing website was compromised when an attacker exploited a buf...
- Q57. Which of the following is the primary purpose of a service that tracks log-ins and time sp...
- Q58. During a recent company safety stand-down, the cyber-awareness team gave a presentation on...
- Q59. The security operations center is researching an event concerning a suspicious IP address....
- Q60. An enterprise security team is researching a new security architecture to better protect t...
- Q61. A security administrator is working to secure company data on corporate laptops in case th...
- Q62. A company is developing a critical system for the government and storing project informati...
- Q63. A penetration tester enters an office building at the same time as a group of employees de...
- Q64. An organization experienced a security breach that allowed an attacker to send fraudulent ...
- Q65. An organization wants to deploy software in a container environment to increase security. ...
- Q66. A company is reviewing options to enforce user logins after several account takeovers. The...
- Q67. A company's legal department drafted sensitive documents in a SaaS application and wants t...
- Q68. A company is planning a disaster recovery site and needs to ensure that a single natural d...
- Q69. The Chief Information Security Officer (CISO) at a large company would like to gain an und...
- Q70. A company wants to implement MFA. Which of the following enables the additional factor whi...
- Q71. A security administrator is reissuing a former employee's laptop. Which of the following i...
- Q72. A small business uses kiosks on the sales floor to display product information for custome...
- Q73. An administrator assists the legal and compliance team with ensuring information about cus...
- Q74. A security engineer needs to configure an NGFW to minimize the impact of the increasing nu...
- Q75. Which of the following is used to validate a certificate when it is presented to a user?...
- Q76. In which of the following scenarios is tokenization the best privacy technique 10 use?...
- Q77. A customer has a contract with a CSP and wants to identify which controls should be implem...
- Q78. An organization disabled unneeded services and placed a firewall in front of a business-cr...
- Q79. A systems administrator would like to create a point-in-time backup of a virtual machine. ...
- Q80. A new employee accessed an unauthorized website. An investigation found that the employee ...
- Q81. Which of the following are cases in which an engineer should recommend the decommissioning...
- Q82. The number of tickets the help desk has been receiving has increased recently due to numer...
- Q83. Which of the following activities should be performed first to compile a list of vulnerabi...
- Q84. A security analyst needs to propose a remediation plan 'or each item in a risk register. T...
- Q85. Which of the following describes the most effective way to address OS vulnerabilities afte...
- Q86. While updating the security awareness training, a security analyst wants to address issues...
- Q87. A company wants to add an MFA solution for all employees who access the corporate network ...
- Q88. A company suffered a critical incident where 30GB of data was exfiltrated from the corpora...
- Q89. Which of the following should a company use to provide proof of external network security ...
- Q90. An organization experiences a cybersecurity incident involving a command-and-control serve...
- Q91. For an upcoming product launch, a company hires a marketing agency whose owner is a close ...
- Q92. Which of the following threat actors is the most likely to be motivated by profit?...
- Q93. Which of the following is used to quantitatively measure the criticality of a vulnerabilit...
- Q94. While troubleshooting a firewall configuration, a technician determines that a "deny any" ...
- Q95. An organization is required to provide assurance that its controls are properly designed a...
- Q96. One of a company's vendors sent an analyst a security bulletin that recommends a BIOS upda...
- Q97. SIMULATION 2 A security analyst is creating the first draft of a network diagram for the c...
- Q98. A company is implementing a vendor's security tool in the cloud. The security director doe...
- Q99. A utility company is designing a new platform that will host all the virtual machines used...
- Q100. A security administrator needs to create firewall rules for the following protocols: RTP, ...
- Q101. A security analyst discovers that a large number of employee credentials had been stolen a...
- Q102. Which of the following steps in the risk management process involves establishing the scop...
- Q103. Which of the following data roles is responsible for identifying risks and appropriate acc...
- Q104. An organization is struggling with scaling issues on its VPN concentrator and internet cir...
- Q105. A security administrator recently reset local passwords and the following values were reco...
- Q106. An employee fell for a phishing scam, which allowed an attacker to gain access to a compan...
- Q107. Which of the following is the phase in the incident response process when a security analy...
- Q108. While a school district is performing state testing, a security analyst notices all intern...
- Q109. A newly implemented wireless network is designed so that visitors can connect to the wirel...
- Q110. Which of the following is a risk of conducting a vulnerability assessment?...
- Q111. An organization recently updated its security policy to include the following statement: R...
- Q112. A company's accounting department receives an urgent payment message from the company's ba...
- Q113. A software development team asked a security administrator to recommend techniques that sh...
- Q114. A user is attempting to patch a critical system, but the patch fails to transfer. Which of...
- Q115. A company's end users are reporting that they are unable to reach external websites. After...
- Q116. Which of the following security concepts is being followed when implementing a product tha...
- Q117. Which of the following is the best way to provide secure remote access for employees while...
- Q118. A manager receives an email that contains a link to receive a refund. After hovering over ...
- Q119. A new vulnerability enables a type of malware that allows the unauthorized movement of dat...
- Q120. A penetration tester begins an engagement by performing port and service scans against the...
- Q121. A systems administrator is auditing all company servers to ensure. They meet the minimum s...
- Q122. After a recent vulnerability scan, a security engineer needs to harden the routers within ...
- Q123. Which of the following phases of an incident response involves generating reports?...
- Q124. A security analyst received a tip that sensitive proprietary information was leaked to the...
- Q125. Which of the following techniques would attract the attention of a malicious attacker in a...
- Q126. Which of the following best describes why me SMS DIP authentication method is more risky t...
- Q127. An accounting clerk sent money to an attacker's bank account after receiving fraudulent in...
- Q128. A new security regulation was announced that will take effect in the coming year. A compan...
- Q129. A new corporate policy requires all staff to use multifactor authentication to access comp...
- Q130. A company is discarding a classified storage array and hires an outside vendor to complete...
- Q131. To which of the following security categories does an EDR solution belong?...
- Q132. An administrator finds that all user workstations and servers are displaying a message tha...
- Q133. Hotspot Question Select the appropriate attack and remediation from each drop-down list to...
- Q134. A company is adding a clause to its AUP that states employees are not allowed to modify th...
- Q135. The security team has been asked to only enable host A (10.2.2.7) and host B (10.3.9.9) to...
- Q136. A security investigation revealed that malicious software was installed on a server using ...
- Q137. A security administrator is working to find a cost-effective solution to implement certifi...
- Q138. Which of the following is most likely associated with introducing vulnerabilities on a cor...
- Q139. While performing digital forensics, which of the following is considered the most volatile...
- Q140. An organization needs to monitor its users' activities in order to prevent insider threats...
- Q141. Which of the following enables the use of an input field to run commands that can view or ...
- Q142. Employees sign an agreement that restricts specific activities when leaving the company. V...
- Q143. Which of the following would most likely be deployed to obtain and analyze attacker activi...
- Q144. Which of the following is a hardware-specific vulnerability?...
- Q145. An administrator is installing an LDAP browser tool in order to view objects in the corpor...
- Q146. A systems administrator receives a text message from an unknown number claiming to be the ...
- Q147. A multinational bank hosts several servers in its data center. These servers run a busines...
- Q148. A security engineer needs to quickly identify a signature from a known malicious file. Whi...
- Q149. A development team is launching a new public-facing web product. The Chief Information Sec...
- Q150. A legal department must maintain a backup from all devices that have been shredded and rec...
- Q151. A CVE in a key back-end component of an application has been disclosed. The systems admini...
- Q152. Which of the following techniques can be used to sanitize the data contained on a hard dri...
- Q153. Malware spread across a company's network after an employee visited a compromised industry...
- Q154. A security engineer configured a remote access VPN. The remote access VPN allows end users...
- Q155. Which of the following describes the reason root cause analysis should be conducted as par...
- Q156. An engineer needs to find a solution that creates an added layer of security by preventing...
- Q157. Which of the following most likely describes why a security engineer would configure all o...
- Q158. A business needs a recovery site but does not require immediate failover. The business als...
- Q159. An employee receives a text message that appears to have been sent by the payroll departme...
- Q160. The executive management team is mandating the company develop a disaster recovery plan. T...
- Q161. Which of the following best describes the practice of researching laws and regulations rel...
- Q162. A security analyst is reviewing the source code of an application in order to identify mis...
- Q163. A coffee shop owner wants to restrict internet access to only paying customers by promptin...
- Q164. Which of the following is the most important element when defining effective security gove...
- Q165. Which of the following is a common data removal option for companies that want to wipe sen...
- Q166. An administrator finds that all user workstations and servers are displaying a message tha...
- Q167. Which of the following are the most likely vectors for the unauthorized or unintentional i...
- Q168. A company installed cameras and added signs to alert visitors that they are being recorded...
- Q169. A security team has been alerted to a flood of incoming emails that have various subject l...
- Q170. Which of the following documents details how to accomplish a technical security task?...
- Q171. A customer of a large company receives a phone call from someone claiming to work for the ...
- Q172. Which of the following describes the maximum allowance of accepted risk?...
- Q173. Which of the following allows for the attribution of messages to individuals?...
- Q174. Which of the following is the most important security concern when using legacy systems to...
- Q175. An organization implemented cloud-managed IP cameras to monitor building entry points and ...
- Q176. Which of the following best represents an application that does not have an on-premises re...
- Q177. A security report shows that during a two-week test period 80% of employees unwittingly di...
- Q178. A growing organization, which hosts an externally accessible application, adds multiple vi...
- Q179. A user would like to install software and features that are not available with a smartphon...
- Q180. Which of the following data states applies to data that is being actively processed by a d...
- Q181. A contractor is required to visually inspect the motherboards of all new servers that are ...
- Q182. An administrator has identified and fingerprinted specific files that will generate an ale...
- Q183. A security manager created new documentation to use in response to various types of securi...
- Q184. After conducting a vulnerability scan, a systems administrator notices that one of the ide...
- Q185. An analyst is evaluating the implementation of Zero Trust principles within the data plane...
- Q186. An administrator is creating a secure method for a contractor to access a test environment...
- Q187. Which of the following must be considered when designing a high-availability network? (Cho...
- Q188. Which of the following architectures is most suitable to provide redundancy for critical b...
- Q189. During an investigation, an incident response team attempts to understand the source of an...
- Q190. Which of the following organizational documents is most often used to establish and commun...
- Q191. Which of the following is a common source of unintentional corporate credential leakage in...
- Q192. Which of the following is a use of CVSS?
- Q193. A systems administrator uses a key to encrypt a message being sent to a peer in a differen...
- Q194. A company implemented an MDM policy 10 mitigate risks after repealed instances of employee...
- Q195. A business received a small grant to migrate its infrastructure to an off-premises solutio...
- Q196. While investigating a possible incident, a security analyst discovers the following log en...
- Q197. A security analyst scans a company's public network and discovers a host is running a remo...
- Q198. Which of the following is the act of proving to a customer that software developers are tr...
- Q199. A user is requesting Telnet access to manage a remote development web server. Insecure pro...
- Q200. A company's gate access logs show multiple entries from an employee's ID badge within a tw...
- Q201. A company wants to ensure employees are allowed to copy files from a virtual desktop durin...
- Q202. Which of the following factors are the most important to address when formulating a traini...
- Q203. A user needs to complete training at https://comptiatraining.com. After manually entering ...
- Q204. A security consultant needs secure, remote access to a client environment. Which of the fo...
- Q205. A security professional discovers a folder containing an employee's personal information o...
- Q206. Which of the following is most likely to be used as a just-in-time reference document with...
- Q207. A security analyst is reviewing the logs on an organization's DNS server and notices the f...
- Q208. A security analyst at an organization observed several user logins from outside the organi...
- Q209. A company's website is www.company.com. Attackers purchased the domain www.company.com. Wh...
- Q210. An organization is adopting cloud services at a rapid pace and now has multiple SaaS appli...
- Q211. A penetration test identifies that an SMBv1 is enabled on multiple servers across an organ...
- Q212. Which of the following best describes the risk present after controls and mitigating facto...
- Q213. A security analyst recently read a report about a flaw in several of the organization's pr...
- Q214. Which of the following threat vectors is most commonly utilized by insider threat actors a...
- Q215. A security analyst reviews domain activity logs and notices the following: (Exhibit) Which...
- Q216. An auditor discovered multiple insecure ports on some servers. Other servers were found to...
- Q217. Which of the following is the fastest and most cost-effective way to confirm a third-party...
- Q218. A company is in the process of migrating to cloud-based services. The company's IT departm...
- Q219. An organization designs an inbound firewall with a fail-open configuration while implement...
- Q220. Which of the following describes the procedures a penetration tester must follow while con...
- Q221. A cyber operations team informs a security analyst about a new tactic malicious actors are...
- Q222. A company hired a security manager from outside the organization to lead security operatio...
- Q223. A company wants to get alerts when others are researching and doing reconnaissance on the ...
- Q224. Which of the following should a systems administrator use to ensure an easy deployment of ...
- Q225. An enterprise is working with a third party and needs to allow access between the internal...
- Q226. A security team is in the process of hardening the network against externally crafted mali...
- Q227. A security analyst is assessing several company firewalls. Which of the following cools wo...
- Q228. Which of the following best practices gives administrators a set period to perform changes...
- Q229. Which of the following is most likely to be deployed to obtain and analyze attacker activi...
- Q230. A security analyst receives an alert from a corporate endpoint used by employees to issue ...
- Q231. An employee emailed a new systems administrator a malicious web link and convinced the adm...
- Q232. Which of the following is the best way to prevent an unauthorized user from plugging a lap...
- Q233. A security analyst is reviewing alerts in the SIEM related to potential malicious network ...
- Q234. While conducting a business continuity tabletop exercise, the security team becomes concer...
- Q235. Easy-to-guess passwords led to an account compromise. The current password policy requires...
- Q236. A security analyst created a fake account and saved the password in a non-readily accessib...
- Q237. In a rush to meet an end-of-year business goal, the IT department was told to implement a ...
- Q238. Which of the following examples would be best mitigated by input sanitization?...
- Q239. Which of the following is classified as high availability in a cloud environment?...
- Q240. Which of the following is the first step to take when creating an anomaly detection proces...
- Q241. A company recently decided to allow employees to work remotely. The company wants to prote...
- Q242. Which of the following activities should a systems administrator perform to quarantine a p...
- Q243. Which of the following most accurately describes the order in which a security engineer sh...
- Q244. Which of the following best protects sensitive data in transit across a geographically dis...
- Q245. During a security incident, the security operations team identified sustained network traf...
- Q246. A malicious actor is trying to access sensitive financial information from a company's dat...
- Q247. Which of the following control types is AUP an example of?...
- Q248. Which of the following threat actors is the most likely to seek financial gain through the...
- Q249. A systems administrator notices that a testing system is down. While investigating, the sy...
- Q250. Which of the following tools is best for logging and monitoring in a cloud environment?...
- Q251. A security officer is implementing a security awareness program and has placed security-th...
- Q252. A technician is deploying a new security camera. Which of the following should the technic...
- Q253. An employee who was working remotely lost a mobile device containing company data. Which o...
- Q254. Which of the following is an example of a data protection strategy that uses tokenization?...
- Q255. A company discovers suspicious transactions that were entered into the company's database ...
- Q256. A certificate authority needs to post information about expired certificates. Which of the...
- Q257. Which of the following is the best way to validate the integrity and availability of a dis...
- Q258. Which of the following best describe a penetration test that resembles an actual external ...
- Q259. Which of the following is best used to detect fraud by assigning employees to different ro...
- Q260. A security team is setting up a new environment for hosting the organization's on-premises...
- Q261. A company filed a complaint with its IT service provider after the company discovered the ...
- Q262. A client demands at least 99.99% uptime from a service provider's hosted security services...
- Q263. A systems administrator notices that the research and development department is not using ...
- Q264. A company needs to keep the fewest records possible, meet compliance needs, and ensure des...
- Q265. Which of the following attacks exploits a potential vulnerability as a result of using wea...
- Q266. Which of the following is the most common data loss path for an air-gapped network?...
- Q267. Which of the following explains why an attacker cannot easily decrypt passwords using a ra...
- Q268. A systems administrator discovers a system that is no longer receiving support from the ve...
- Q269. An organization needs to determine how many employees are accessing the building each day ...
- Q270. A systems administrator needs to ensure the secure communication of sensitive data within ...
- Q271. Which of the following describes an executive team that is meeting in a board room and tes...
- Q272. A company relies on open-source software libraries to build the software used by its custo...
- Q273. A company is changing its mobile device policy. The company has the following requirements...
- Q274. An organization wants to improve the company's security authentication method for remote e...
- Q275. Which of the following types of identification methods can be performed on a deployed appl...
- Q276. A government official receives a blank envelope containing photos and a note instructing t...
- Q277. A systems administrator is concerned about vulnerabilities within cloud computing instance...
- Q278. Which of the following can be used to compromise a system that is running an RTOS?...
- Q279. An organization wants to limit potential impact to its log-in database in the event of a b...
- Q280. A company has begun labeling all laptops with asset inventory stickers and associating the...
- Q281. A company that is located in an area prone to hurricanes is developing a disaster recovery...
- Q282. The author of a software package is concerned about bad actors repackaging and inserting m...
- Q283. A penetration test has demonstrated that domain administrator accounts were vulnerable to ...
- Q284. Several customers want an organization to verify its security controls are operating effec...
- Q285. An analyst is reviewing an incident in which a user clicked on a link in a phishing email....
- Q286. A company is required to use certified hardware when building networks. Which of the follo...
- Q287. After a company was compromised, customers initiated a lawsuit. The company's attorneys ha...
- Q288. A company requires hard drives to be securely wiped before sending decommissioned systems ...
- Q289. Which of the following should be used to ensure a device is inaccessible to a network-conn...
- Q290. A security team is addressing a risk associated with the attack surface of the organizatio...
- Q291. A recent penetration test identified that an attacker could flood the MAC address table of...
- Q292. After a recent ransomware attack on a company's system, an administrator reviewed the log ...
- Q293. Which of the following would be best suited for constantly changing environments?...
- Q294. A security analyst attempts to start a company's database server. When the server starts, ...
- Q295. Which of the following is a benefit of vendor diversity?...
- Q296. A security manager wants to reduce the number of steps required to identify and contain ba...
- Q297. During an annual review of the system design, an engineer identified a few issues with the...
- Q298. A security manager is implementing MFA and patch management. Which of the following would ...
- Q299. Which of the following cryptographic solutions protects data at rest?...
- Q300. Which of the following is an algorithm performed to verify that data has not been modified...
- Q301. Which of the following is the most likely to be used to document risks, responsible partie...
- Q302. A security engineer is implementing FDE for all laptops in an organization. Which of the f...
- Q303. A company is concerned about theft of client data from decommissioned laptops. Which of th...
- Q304. A threat actor was able to use a username and password to log in to a stolen company mobil...
- Q305. Which of the following is used to improve security and overall functionality without losin...
- Q306. Which of the following activities uses OSINT?
- Q307. A help desk employee receives a call from someone impersonating the Chief Executive Office...
- Q308. A company plans to secure its systems by: - Preventing users from sending sensitive data o...
- Q309. A company is changing its mobile device policy. The company has the following requirements...
- Q310. A systems administrator is working on a solution with the following requirements: - Provid...
- Q311. A group of developers has a shared backup account to access the source code repository. Wh...
- Q312. Which of the following agreement types is used to limit external discussions?...
- Q313. Which of the following involves an attempt to take advantage of database misconfigurations...
- Q314. Which of the following is the best way to consistently determine on a daily basis whether ...
- Q315. An organization recently started hosting a new service that customers access through a web...
- Q316. During a SQL update of a database, a temporary field that was created was replaced by an a...
- Q317. Which of the following would help ensure a security analyst is able to accurately measure ...
- Q318. An engineer needs to ensure that a script has not been modified before it is launched. Whi...
- Q319. A systems administrator receives the following alert from a file integrity monitoring tool...
- Q320. An enterprise is trying to limit outbound DNS traffic originating from its internal networ...
- Q321. Which of the following provides the details about the terms of a test with a third-party p...
- Q322. An organization wants to ensure the integrity of compiled binaries in the production envir...
- Q323. Which of the following considerations is the most important for an organization to evaluat...
- Q324. An employee recently resigned from a company. The employee was responsible for managing an...
- Q325. Which of the following teams is best suited to determine whether a company has systems tha...
- Q326. Which of the following should a systems administrator use to decrease the company's hardwa...
- Q327. A Chief Information Security Officer (CISO) has developed information security policies th...
- Q328. A security engineer is working to address the growing risks that shadow IT services are in...
- Q329. Which of the following is required for an organization to properly manage its restore proc...
- Q330. Client files can only be accessed by employees who need to know the information and have s...
- Q331. An analyst is reviewing job postings to ensure sensitive company information is not being ...
- Q332. The Chief Information Security Officer of an organization needs to ensure recovery from ra...
- Q333. A security administrator is configuring fileshares. The administrator removed the default ...
- Q334. A user, who is waiting for a flight at an airport, logs in to the airline website using th...
- Q335. A company prevented direct access from the database administrators' workstations to the ne...
- Q336. Which of the following is a common source of unintentional corporate credential leakage in...
- Q337. An engineer has ensured that the switches are using the latest OS, the servers have the la...
- Q338. Which of the following would a security administrator use to comply with a secure baseline...
- Q339. Which of the following is the best reason an organization should enforce a data classifica...
- Q340. A newly appointed board member with cybersecurity knowledge wants the board of directors t...
- Q341. A company hired a consultant to perform an offensive security assessment covering penetrat...
- Q342. SIMULATION 1 A systems administrator is configuring a site-to-site VPN between two branch ...
- Q343. Which of the following definitions best describes the concept of log correlation?...
- Q344. A hacker gained access to a system via a phishing attempt that was a direct result of a us...
- Q345. The Chief Information Security Officer (CISO) has determined the company is non-compliant ...
- Q346. Which of the following is a type of vulnerability that refers to the unauthorized installa...
