Q 401-601 Flashcards by Richard Werner

The private key for a website was stolen, and a new certificate has been issued. Which of the following needs to be updated next?

A.SCEP
B.CRL
C.OCSP
D.CSR

CRL(Certificate Revocation List)

How well did you know this?

Not at all

Perfectly

An organization’s web servers host an online ordering system. The organization discovers that the servers are vulnerable to a malicious JavaScript injection, which could allow attackers to access customer payment information. Which of the following mitigation strategies would be most effective for preventing an attack on the organization’s web servers? (Choose two.)

A.Regularly updating server software and patches
B.Implementing strong password policies
C.Encrypting sensitive data at rest and in transit
D.Utilizing a web-application firewall
E.Performing regular vulnerability scans
F.Removing payment information from the servers

Regularly updating server software and patches AND Utilizing a web-application firewall

How well did you know this?

Not at all

Perfectly

A group of developers has a shared backup account to access the source code repository. Which of the following is best way to secure the backup account if there is an SSO failure?
A.RAS
B.EAP
C.SAML
D.PAM

PAM(Privileged access management)

How well did you know this?

Not at all

Perfectly

A security analyst wants to better understand the behavior of users and devices in order to gain visibility into potential malicious activities. The analyst needs a control to detect when actions deviate from a common baseline. Which of the following should the analyst use?
A.Intrusion prevention system
B.Sandbox
C.Endpoint detection and response
D.Antivirus

Endpoint detection and response

How well did you know this?

Not at all

Perfectly

A security architect wants to prevent employees from receiving malicious attachments by email. Which of the following functions should the chosen solution do?
A.Apply IP address reputation data.
B.Tap and monitor the email feed.
C.Scan email traffic inline.
D.Check SPF records.

Scan email traffic inline.

How well did you know this?

Not at all

Perfectly

Which of the following can be used to compromise a system that is running an RTOS?
A.Cross-site scripting
B.Memory injection
C.Replay attack
D.Ransomware

Memory injection

How well did you know this?

Not at all

Perfectly

Which of the following threat actors would most likely deface the website of a high-profile music group?
A.Unskilled attacker
B.Organized crime
C.Nation-state
D.Insider threat

Unskilled attacker

How well did you know this?

Not at all

Perfectly

Which of the following is the main consideration when a legacy system that is a critical part of a company’s infrastructure cannot be replaced?
A.Resource provisioning
B.Cost
C.Single point of failure
D.Complexity

Single point of failure

How well did you know this?

Not at all

Perfectly

An organization is implementing a COPE mobile device management policy. Which of the following should the organization include in the COPE policy? (Choose two.)
A.Remote wiping of the device
B.Data encryption
C.Requiring passwords with eight characters
D.Data usage caps
E.Employee data ownership
F.Personal application store access

Remote wiping of the device AND Data Encryption

How well did you know this?

Not at all

Perfectly

Which of the following should a security team do first before a new web server goes live?
A.Harden the virtual host.
B.Create WAF rules.
C.Enable network intrusion detection.
D.Apply patch management.

Harden the virtual host.

How well did you know this?

Not at all

Perfectly

A company discovered its data was advertised for sale on the dark web. During the initial investigation, the company determined the data was proprietary data. Which of the following is the next step the company should take?
A.Identify the attacker’s entry methods.
B.Report the breach to the local authorities.
C.Notify the applicable parties of the breach.
D.Implement vulnerability scanning of the company’s systems.

Report the breach to the local authorities.

How well did you know this?

Not at all

Perfectly

Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?
A.Degaussing
B.Drive shredder
C.Retention platform
D.Wipe tool

Wipe tool

How well did you know this?

Not at all

Perfectly

A systems administrator discovers a system that is no longer receiving support from the vendor. However, this system and its environment are critical to running the business, cannot be modified, and must stay online. Which of the following risk treatments is the most appropriate in this situation?
A.Reject
B.Accept
C.Transfer
D.Avoid

Transfer

How well did you know this?

Not at all

Perfectly

An organization wants to implement a secure solution for remote users. The users handle sensitive PHI on a regular basis and need to access an internally developed corporate application. Which of the following best meet the organization’s security requirements? (Choose two.)
A.Local administrative password
B.Perimeter network
C.Jump server
D.WAF
E.MFA
F.VPN

MFA And VPN

How well did you know this?

Not at all

Perfectly

Which of the following best describe the benefits of a microservices architecture when compared to a monolithic architecture? (Choose two.)
A.Easier debugging of the system
B.Reduced cost of ownership of the system
C.Improved scalability of the system
D.Increased compartmentalization of the system
E.Stronger authentication of the system
F.Reduced complexity of the system

Improved scalability of the system AND Increased compartmentalization of the system

How well did you know this?

Not at all

Perfectly

A company is in the process of migrating to cloud-based services. The company’s IT department has limited resources for migration and ongoing support. Which of the following best meets the company’s needs?
A.IPS
B.WAF
C.SASE
D.IAM

SASE

How well did you know this?

Not at all

Perfectly

Which of the following types of vulnerabilities is primarily caused by improper use and management of cryptographic certificates?
A.Misconfiguration
B.Resource reuse
C.Insecure key storage
D.Weak cipher suites

Insecure key storage

How well did you know this?

Not at all

Perfectly

Which of the following should be used to ensure an attacker is unable to read the contents of a mobile device’s drive if the device is lost?
A.TPM
B.ECC
C.FDE
D.HSM

FDE

How well did you know this?

Not at all

Perfectly

A user’s workstation becomes unresponsive and displays a ransom note demanding payment to decrypt files. Before the attack, the user opened a resume they received in a message, browsed the company’s website, and installed OS updates. Which of the following is the most likely vector of this attack?
A.Spear-phishing attachment
B.Watering hole
C.Infected website
D.Typosquatting

Watering Hole

How well did you know this?

Not at all

Perfectly

Which of the following is the primary reason why false negatives on a vulnerability scan should be a concern?
A.The system has vulnerabilities that are not being detected.
B.The time to remediate vulnerabilities that do not exist is excessive.
C.Vulnerabilities with a lower severity will be prioritized over critical vulnerabilities.
D.The system has vulnerabilities, and a patch has not yet been released.

The system has vulnerabilities that are not being detected.

How well did you know this?

Not at all

Perfectly

A company is concerned about theft of client data from decommissioned laptops. Which of the following is the most cost-effective method to decrease this risk?
A.Wiping
B.Recycling
C.Shredding
D.Deletion

Shredding

How well did you know this?

Not at all

Perfectly

A company that has a large IT operation is looking to better control, standardize, and lower the time required to build new servers. Which of the following architectures will best achieve the company’s objectives?
A.IoT
B.IaC
C.IaaS
D.ICS

IaC

How well did you know this?

Not at all

Perfectly

Which of the following would a security administrator use to comply with a secure baseline during a patch update?
A.Information security policy
B.Service-level expectations
C.Standard operating procedure
D.Test result report

Standard operating procedure

How well did you know this?

Not at all

Perfectly

Which of the following options will provide the lowest RTO and RPO for a database?
A.Snapshots
B.On-site backups
C.Journaling
D.Hot site

Journaling

How well did you know this?

Not at all

Perfectly

A malicious actor conducted a brute-force attack on a company's web servers and eventually gained access to the company's customer information database. Which of the following is the most effective way to prevent similar attacks? A.Regular patching of servers B.Web application firewalls C.Multifactor authentication D.Enabling encryption of customer data

Web application firewalls

Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client's web browser? A.SQL injection B.Cross-site scripting C.Zero-day exploit D.On-path attack

Cross-site scripting

A security team at a large, global company needs to reduce the cost of storing data used for performing investigations. Which of the following types of data should have its retention length reduced? A.Packet capture B.Endpoint logs C.OS security logs D.Vulnerability scan

Packet capture

An organization purchased a critical business application containing sensitive data. The organization would like to ensure that the application is not exploited by common data exfiltration attacks. Which of the following approaches would best help to fulfill this requirement? A.URL scanning B.WAF C.Reverse proxy D.NAC

WAF

A malicious actor is trying to access sensitive financial information from a company's database by intercepting and reusing log-in credentials. Which of the following attacks is the malicious actor attempting? A.SQL injection B.On-path C.Brute-force D.Password spraying

SQL injection

A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for malicious activity. Which of the following is the user account an example of? A.Honeytoken B.Honeynet C.Honeypot D.Honeyfile

Honeytoken

A network engineer is increasing the overall security of network devices and needs to harden the devices. Which of the following will best accomplish this task? A.Configuring centralized logging B.Generating local administrator accounts C.Replacing Telnet with SSH D.Enabling HTTP administration

Replacing Telnet with SSH

A company filed a complaint with its IT service provider after the company discovered the service provider's external audit team had access to some of the company's confidential information. Which of the following is the most likely reason the company filed the complaint? A.The MOU had basic clauses from a template. B.A SOW had not been agreed to by the client. C.A WO had not been mutually approved. D.A required NDA had not been signed.

A required NDA had not been signed.

Which of the following is most likely a security concern when installing and using low-cost IoT devices in infrastructure environments? A.Country of origin B.Device responsiveness C.Ease of deployment D.Storage of data

Storage of data

Which of the following should a systems administrator use to decrease the company's hardware attack surface? A.Replication B.Isolation C.Centralization D.Virtualization

Virtualization

A company wants to add an MFA solution for all employees who access the corporate network remotely. Log-in requirements include something you know, are, and have. The company wants a solution that does not require purchasing third-party applications or specialized hardware. Which of the following MFA solutions would best meet the company's requirements? A.Smart card with PIN and password B.Security questions and a one-time passcode sent via email C.Voice and fingerprint verification with an SMS one-time passcode D.Mobile application-generated, one-time passcode with facial recognition

Voice and fingerprint verification with an SMS one-time passcode

A company is using a legacy FTP server to transfer financial data to a third party. The legacy system does not support SFTP, so a compensating control is needed to protect the sensitive, financial data in transit. Which of the following would be the most appropriate for the company to use? A.Telnet connection B.SSH tunneling C.Patch installation D.Full disk encryption

SSH tunneling

A security manager wants to reduce the number of steps required to identify and contain basic threats. Which of the following will help achieve this goal? A.SOAR B.SIEM C.DMARC D.NIDS

SOAR(Security Orchestration, Automation, and Response)

A company is implementing a policy to allow employees to use their personal equipment for work. However, the company wants to ensure that only company-approved applications can be installed. Which of the following addresses this concern? A.MDM B.Containerization C.DLP D.FIM

Containerization

A penetration test has demonstrated that domain administrator accounts were vulnerable to pass-the-hash attacks. Which of the following would have been the best strategy to prevent the threat actor from using domain administrator accounts? A.Audit each domain administrator account weekly for password compliance. B.Implement a privileged access management solution. C.Create IDS policies to monitor domain controller access. D.Use Group Policy to enforce password expiration.

Implement a privileged access management solution.

An administrator wants to automate an account permissions update for a large number of accounts. Which of the following would best accomplish this task? A.Security groups B.Federation C.User provisioning D.Vertical scaling

User provisioning

Which of the following is an example of memory injection? A.Two processes access the same variable, allowing one to cause a privilege escalation. B.A process receives an unexpected amount of data, which causes malicious code to be executed. C.Malicious code is copied to the allocated space of an already running process. D.An executable is overwritten on the disk, and malicious code runs the next time it is executed.

Malicious code is copied to the allocated space of an already running process.

An administrator has configured a quarantine subnet for all guest devices that connect to the network. Which of the following would be best for the security team to perform before allowing access to corporate resources? A.Device fingerprinting B.Compliance attestation C.Penetration test D.Application vulnerability test

Compliance attestation

A security administrator is implementing encryption on all hard drives in an organization. Which of the following security concepts is the administrator applying? A.Integrity B.Authentication C.Zero Trust D.Confidentiality

Confidentiality

Which of the following is an example of a data protection strategy that uses tokenization? A.Encrypting databases containing sensitive data B.Replacing sensitive data with surrogate values C.Removing sensitive data from production systems D.Hashing sensitive data in critical systems

Replacing sensitive data with surrogate values

A customer has a contract with a CSP and wants to identify which controls should be implemented in the IaaS enclave. Which of the following is most likely to contain this information? A.Statement of work B.Responsibility matrix C.Service-level agreement D.Master service agreement

Service-level agreement

A Chief Information Security Officer is developing procedures to guide detective and corrective activities associated with common threats, including phishing, social engineering, and business email compromise. Which of the following documents would be most relevant to revise as part of this process? A.SDLC B.IRP C.BCP D.AUP

IRP

Which of the following types of identification methods can be performed on a deployed application during runtime? A.Dynamic analysis B.Code review C.Package monitoring D.Bug bounty

Dynamic analysis

Which of the following cryptographic solutions is used to hide the fact that communication is occurring? A.Steganography B.Data masking C.Tokenization D.Private key

Steganography

A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most likely use? A.Static B.Sandbox C.Network traffic D.Package monitoring

Static

A security administrator is addressing an issue with a legacy system that communicates data using an unencrypted protocol to transfer sensitive data to a third party. No software updates that use an encrypted protocol are available, so a compensating control is needed. Which of the following are the most appropriate for the administrator to suggest? (Choose two.) A.Tokenization B.Cryptographic downgrade C.SSH tunneling D.Segmentation E.Patch installation F.Data masking

SSH tunneling AND Segmentation

Which of the following steps should be taken before mitigating a vulnerability in a production server? A.Escalate the issue to the SDLC team. B.Use the IR plan to evaluate the changes. C.Perform a risk assessment to classify the vulnerability. D.Refer to the change management policy.

Perform a risk assessment to classify the vulnerability.

Which of the following steps in the risk management process involves establishing the scope and potential risks involved with a project? A.Risk assessment B.Risk identification C.Risk treatment D.Risk monitoring and review

Risk identification

Which of the following would be the greatest concern for a company that is aware of the consequences of non-compliance with government regulations? A.Right to be forgotten B.Sanctions C.External compliance reporting D.Attestation

Sanctions

A growing organization, which hosts an externally accessible application, adds multiple virtual servers to improve application performance and decrease the resource usage on individual servers. Which of the following solutions is the organization most likely to employ to further increase performance and availability? A.Load balancer B.Jump server C.Proxy server D.SD-WAN

Load balancer

A systems administrator is concerned users are accessing emails through a duplicate site that is not run by the company. Which of the following is used in this scenario? A.Impersonation B.Replication C.Phishing D.Smishing

Impersonation

Which of the following describes the difference between encryption and hashing? A.Encryption protects data in transit, while hashing protects data at rest. B.Encryption replaces cleartext with ciphertext, while hashing calculates a checksum. C.Encryption ensures data integrity, while hashing ensures data confidentiality. D.Encryption uses a public-key exchange, while hashing uses a private key.

Encryption replaces cleartext with ciphertext, while hashing calculates a checksum.

A security analyst notices unusual behavior on the network. The IDS on the network was not able to detect the activities. Which of the following should the security analyst use to help the IDS detect such attacks in the future? A.Signatures B.Trends C.Honeypot D.Reputation

Signatures

A CVE in a key back-end component of an application has been disclosed. The systems administrator is identifying all of the systems in the environment that are susceptible to this risk. Which of the following should the systems administrator perform? A.Packet capture B.Vulnerability scan C.Metadata analysis D.Automated reporting

Vulnerability scan

To which of the following security categories does an EDR solution belong? A.Physical B.Operational C.Managerial D.Technical

Technical

A Chief Information Security Officer (CISO) has developed information security policies that relate to the software development methodology. Which of the following would the CISO most likely include in the organization’s documentation? A.Peer review requirements B.Multifactor authentication C.Branch protection tests D.Secrets management configurations

Peer review requirements

A security report shows that during a two-week test period, 80% of employees unwittingly disclosed their SSO credentials when accessing an external website. The organization purposely created the website to simulate a cost-free password complexity test. Which of the following would best help reduce the number of visits to similar websites in the future? A.Block all outbound traffic from the intranet. B.Introduce a campaign to recognize phishing attempts. C.Restrict internet access for the employees who disclosed credentials. D.Implement a deny list of websites.

Introduce a campaign to recognize phishing attempts

Which of the following is the best way to provide secure, remote access for employees while minimizing the exposure of a company’s internal network? A.VPN B.LDAP C.FTP D.RADIUS

VPN

A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also configured to notify the security team if the spreadsheet is opened. Which of the following best describes the deception method being deployed? A.Honeypot B.Honeyfile C.Honeytoken D.Honeynet

Honeytoken

A company wants to track modifications to the code that is used to build new virtual servers. Which of the following will the company most likely deploy? A.Change management ticketing system B.Behavioral analyzer C.Collaboration platform D.Version control tool

Version control tool

While conducting a business continuity tabletop exercise, the security team becomes concerned by potential impact if a generator was to develop a fault during failover. Which of the following is the team most likely to consider in regard to risk management activities? A.RPO B.ARO C.BIA D.MTTR

BIA(Business Impact Analysis)

A certificate authority needs to post information about expired certificates. Which of the following would accomplish this task? A.TPM B.CRL C.PKI D.CSR

CRL(Certificate Revocation List)

Which of the following can best contribute to prioritizing patch applications? A.CVSS B.SCAP C.OSINT D.CVE

CVSS(Common Vulnerability Scoring System)

A systems administrator creates a script that validates OS version, patch levels, and installed applications when users log in. Which of the following examples best describes the purpose of this script? A.Resource scaling B.Policy enumeration C.Baseline enforcement D.Guard rails implementation

Baseline enforcement

A SOC analyst establishes a remote control session on an end user’s machine and discovers the following in a file: gmail.com[ENT][email protected][ENT]NoOneCanGuessThis123! [ENT]Hello Susan, it was great to see you the other day! Let’s plan a followup[BACKSPACE]follow-up meeting soon. Here is the link to register. [RTN][CTRL]c [CTRL]v [RTN]after[BACKSPACE]After you register give me a call on my cellphone. Which of the following actions should the SOC analyst perform first? A.Advise the user to change passwords. B.Reimage the end user’s machine. C.Check the policy on personal email at work. D.Check host firewall logs.

Advise the user to change passwords.

A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA to comply with internal security policies. Which of the following should the security team recommend? A.IPSec with RADIUS B.RDP connection with LDAPS C.Web proxy for all remote traffic D.Jump server with 802.1X

IPSec with RADIUS

A company’s gate access logs show multiple entries from an employee’s ID badge within a two-minute period. Which of the following is this an example of? A.RFID cloning B.Side-channel attack C.Shoulder surfing D.Tailgating

Tailgating

Which of the following is a reason environmental variables are a concern when reviewing potential system vulnerabilities? A.The contents of environmental variables could affect the scope and impact of an exploited vulnerability. B.In-memory environmental variable values can be overwritten and used by attackers to insert malicious code. C.Environmental variables define cryptographic standards for the system and could create vulnerabilities if deprecated algorithms are used. D.Environmental variables will determine when updates are run and could mitigate the likelihood of vulnerability exploitation.

The contents of environmental variables could affect the scope and impact of an exploited vulnerability.

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate? A.CSR B.OCSP C.Key D.CRL

CSR(Certificate Signing Request)

Which of the following is an example of a treatment strategy for a continuous risk? A.Email gateway to block phishing attempts B.Background checks for new employees C.Dual control requirements for wire transfers D.Branch protection as part of the CI/CD pipeline

Branch protection as part of the CI/CD pipeline

A security analyst needs to improve the company’s authentication policy following a password audit. Which of the following should be included in the policy? (Choose two.) A.Length B.Complexity C.Least privilege D.Something you have E.Security keys F.Biometrics

Length AND Complexity

A Chief Information Security Officer (CISO) wants to: *Prevent employees from downloading malicious content. *Establish controls based on departments and users. *Map internet access for business applications to specific service accounts. *Restrict content based on categorization. Which of the following should the CSO implement? A.Web application firewall B.Secure DNS server C.Jump server D.Next-generation firewall

Next-generation firewall

An organization is preparing to export proprietary software to a customer. Which of the following would be the best way to prevent the loss of intellectual property? A.Code signing B.Obfuscation C.Tokenization D.Blockchain

Obfuscation

Prior to implementing a design change, the change must go through multiple steps to ensure that it does not cause any security issues. Which of the following is most likely to be one of those steps? A.Board review B.Service restart C.Backout planning D.Maintenance

Backout planning

An organization wants to deploy software in a container environment to increase security. Which of the following would limit the organization's ability to achieve this goal? A.Regulatory compliance B.Patch availability C.Kernel version D.Monolithic code

Monolithic code

Which of the following are the first steps an analyst should perform when developing a heat map? (Choose two.) A.Methodically walk around the office noting Wi-Fi signal strength. B.Log in to each access point and check the settings. C.Create or obtain a layout of the office. D.Measure cable lengths between access points. E.Review access logs to determine the most active devices. F.Remove possible impediments to radio transmissions.

Methodically walk around the office noting Wi-Fi signal strength. AND Create or obtain a layout of the office

Which of the following is used to improve security and overall functionality without losing critical application data? A.Reformatting B.Decommissioning C.Patching D.Encryption

Patching

Which of the following is a use of CVSS? A.To determine the cost associated with patching systems B.To identify unused ports and services that should be closed C.To analyze code for defects that could be exploited D.To prioritize the remediation of vulnerabilities

To prioritize the remediation of vulnerabilities

An organization designs an inbound firewall with a fail-open configuration while implementing a website. Which of the following would the organization consider to be the highest priority? A.Confidentiality B.Non-repudiation C.Availability D.Integrity

Availability

A contractor is required to visually inspect the motherboards of all new servers that are purchased to determine whether the servers were tampered with. Which of the following risks is the contractor attempting to mitigate? A.Embedded rootkit B.Supply chain C.Firmware failure D.RFID keylogger

Supply chain

Which of the following is the most important element when defining effective security governance? A.Discovering and documenting external considerations B.Developing procedures for employee onboarding and offboarding C.Assigning roles and responsibilities for owners, controllers, and custodians D.Defining and monitoring change management procedures

Assigning roles and responsibilities for owners, controllers, and custodians

A user needs to complete training at https://comptiatraining.com. After manually entering the URL, the user sees that the accessed website is noticeably different from the standard company website. Which of the following is the most likely explanation for the difference? A.Cross-site scripting B.Pretexting C.Typosquatting D.Vishing

Typosquatting

A company has yearly engagements with a service provider. The general terms and conditions are the same for all engagements. The company wants to simplify the process and revisit the general terms every three years. Which of the following documents would provide the best way to set the general terms? A.MSA B.NDA C.MOU D.SLA

MSA(Master Service Agreement)

A new corporate policy requires all staff to use multifactor authentication to access company resources. Which of the following can be utilized to set up this form of identity and access management? (Choose two.) A.Authentication tokens B.Least privilege C.Biometrics D.LDAP E.Password vaulting F.SAML

Authentication tokens AND Biometrics

The number of tickets the help desk has been receiving has increased recently due to numerous false-positive phishing reports. Which of the following would be best to help to reduce the false positives? A.Performing more phishing simulation campaigns B.Improving security awareness training C.Hiring more help desk staff D.Implementing an incident reporting web page

Improving security awareness training

As part of new compliance audit requirements, multiple servers need to be segmented on different networks and should be reachable only from authorized internal systems. Which of the following would meet the requirements? A.Configure firewall rules to block external access to Internal resources. B.Set up a WAP to allow internal access from public networks. C.Implement a new IPSec tunnel from internal resources. D.Deploy an internal jump server to access resources.

Deploy an internal jump server to access resources.

A company is concerned about employees unintentionally introducing malware into the network. The company identified fifty employees who clicked on a link embedded in an email sent by the internal IT department. Which of the following should the company implement to best improve its security posture? A.Social engineering training B.SPF configuration C.Simulated phishing campaign D.Insider threat awareness

Simulated phishing campaign

A penetration test identifies that an SMBv1 is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the most efficient way possible. Which of the following should the organization use for this purpose? A.GPO B.ACL C.SFTP D.DLP

GPO

Which of the following activities should be performed first to compile a list of vulnerabilities in an environment? A.Automated scanning B.Penetration testing C.Threat hunting D.Log aggregation E.Adversarial emulation

Automated scanning

An organization that handles sensitive information wants to protect the information by using a reversible technology. Which of the following best satisfies this requirement? A.Hardware security module B.Hashing algorithm C.Tokenization D.Steganography

Tokenization

After a series of account compromises and credential misuse, a company hires a security manager to develop a security program. Which of the following steps should the security manager take first to increase security awareness? A.Evaluate tools that identify risky behavior and distribute reports on the findings. B.Send quarterly newsletters that explain the importance of password management. C.Develop phishing campaigns and notify the management team of any successes. D.Update policies and handbooks to ensure all employees are informed of the new procedures.

Evaluate tools that identify risky behavior and distribute reports on the findings.

Which of the following would an organization most likely use to minimize the loss of data on a file server in the event data needs to be restored? A.Snapshots B.Journaling C.Obfuscation D.Tokenization

Snapshots

A security administrator needs to reduce the attack surface in the company's data centers. Which of the following should the security administrator do to complete this task? A.Implement a honeynet. B.Define Group Policy on the servers. C.Configure the servers for high availability. D.Upgrade end-of-support operating systems.

Upgrade end-of-support operating systems.

Which of the following solutions would most likely be used in the financial industry to mask sensitive data? A.Tokenization B.Hashing C.Salting D.Steganography

Tokenization

A business provides long-term cold storage services to banks that are required to follow regulator-imposed data retention guidelines. Banks that use these services require that data is disposed of in a specific manner at the conclusion of the regulatory threshold for data retention. Which of the following aspects of data management is the most important to the bank in the destruction of this data? A.Encryption B.Classification C.Certification D.Procurement

Procurement

Which of the following is a prerequisite for a DLP solution? A.Data destruction B.Data sanitization C.Data classification D.Data masking

Data classification

The physical security team at a company receives reports that employees are not displaying their badges. The team also observes employees tailgating at controlled entrances. Which of the following topics will the security team most likely emphasize in upcoming security training? A.Social engineering B.Situational awareness C.Phishing D.Acceptable use policy

Situational awareness

Which of the following should an organization use to ensure that it can review the controls and performance of a service provider or vendor? A.Service-level agreement B.Memorandum of agreement C.Right-to-audit clause D.Supply chain analysis

Right-to-audit clause

A retail company receives a request to remove a customer's data. Which of the following is the retail company considered under GDPR legislation? A.Data processor B.Data controller C.Data subject D.Data custodian

Data controller

Q 401-601 Flashcards

(103 cards)