Black Friday Goodies - 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: av54zq84

Exact2Pass Menu

Question # 4

An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items.

Which of the following phases establishes the identification and prioritization of critical systems and functions?

A.

Review a recent gap analysis.

B.

Perform a cost-benefit analysis.

C.

Conduct a business impact analysis.

D.

Develop an exposure factor matrix.

Full Access
Question # 5

Company A is establishing a contractual with Company B. The terms of the agreement are formalized in a document covering the payment terms, limitation of liability, and intellectual property rights. Which of the following documents will MOST likely contain these elements

A.

Company A-B SLA v2.docx

B.

Company A OLA v1b.docx

C.

Company A MSA v3.docx

D.

Company A MOU v1.docx

E.

Company A-B NDA v03.docx

Full Access
Question # 6

A security analyst is researching containerization concepts for an organization. The analyst is concerned about potential resource exhaustion scenarios on the Docker host due to a single application that is overconsuming available resources.

Which of the following core Linux concepts BEST reflects the ability to limit resource allocation to containers?

A.

Union filesystem overlay

B.

Cgroups

C.

Linux namespaces

D.

Device mapper

Full Access
Question # 7

Device event logs sources from MDM software as follows:

Which of the following security concerns and response actions would BEST address the risks posed by the device in the logs?

A.

Malicious installation of an application; change the MDM configuration to remove application ID 1220.

B.

Resource leak; recover the device for analysis and clean up the local storage.

C.

Impossible travel; disable the device’s account and access while investigating.

D.

Falsified status reporting; remotely wipe the device.

Full Access
Question # 8

An application developer is including third-party background security fixes in an application. The fixes seem to resolve a currently identified security issue. However, when the application is released to the public, report come In that a previously vulnerability has returned. Which of the following should the developer integrate into the process to BEST prevent this type of behavior?

A.

Peer review

B.

Regression testing

C.

User acceptance

D.

Dynamic analysis

Full Access
Question # 9

During a remodel, a company’s computer equipment was moved to a secure storage room with cameras positioned on both sides of the door. The door is locked using a card reader issued by the security team, and only the security team and department managers have access to the room. The company wants to be able to identify any unauthorized individuals who enter the storage room by following an authorized employee.

Which of the following processes would BEST satisfy this requirement?

A.

Monitor camera footage corresponding to a valid access request.

B.

Require both security and management to open the door.

C.

Require department managers to review denied-access requests.

D.

Issue new entry badges on a weekly basis.

Full Access
Question # 10

The OS on several servers crashed around the same time for an unknown reason. The servers were restored to working condition, and all file integrity was verified. Which of the following should the incident response team perform to understand the crash and prevent it in the future?

A.

Root cause analysis

B.

Continuity of operations plan

C.

After-action report

D.

Lessons learned

Full Access
Question # 11

A company created an external application for its customers. A security researcher now reports that the application has a serious LDAP injection vulnerability that could be leveraged to bypass authentication and authorization.

Which of the following actions would BEST resolve the issue? (Choose two.)

A.

Conduct input sanitization.

B.

Deploy a SIEM.

C.

Use containers.

D.

Patch the OS

E.

Deploy a WAF.

F.

Deploy a reverse proxy

G.

Deploy an IDS.

Full Access
Question # 12

Ann, a CIRT member, is conducting incident response activities on a network that consists of several hundred virtual servers and thousands of endpoints and users. The network generates more than 10,000 log messages per second. The enterprise belong to a large, web-based cryptocurrency startup, Ann has distilled the relevant information into an easily digestible report for executive management . However, she still needs to collect evidence of the intrusion that caused the incident. Which of the following should Ann use to gather the required information?

A.

Traffic interceptor log analysis

B.

Log reduction and visualization tools

C.

Proof of work analysis

D.

Ledger analysis software

Full Access
Question # 13

The Chief information Officer (CIO) wants to establish a non-banding agreement with a third party that outlines the objectives of the mutual arrangement dealing with data transfers between both organizations before establishing a format partnership. Which of the follow would MOST likely be used?

A.

MOU

B.

OLA

C.

NDA

D.

SLA

Full Access
Question # 14

A security engineer estimates the company’s popular web application experiences 100 attempted breaches per day. In the past four years, the company’s data has been breached two times.

Which of the following should the engineer report as the ARO for successful breaches?

A.

0.5

B.

8

C.

50

D.

36,500

Full Access
Question # 15

A company wants to protect its intellectual property from theft. The company has already applied ACLs and DACs.

Which of the following should the company use to prevent data theft?

A.

Watermarking

B.

DRM

C.

NDA

D.

Access logging

Full Access
Question # 16

The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements:

* Transaction being requested by unauthorized individuals.

* Complete discretion regarding client names, account numbers, and investment information.

* Malicious attackers using email to malware and ransomeware.

* Exfiltration of sensitive company information.

The cloud-based email solution will provide anti-malware reputation-based scanning, signature-based scanning, and sandboxing. Which of the following is the BEST option to resolve the boar’s concerns for this email migration?

A.

Data loss prevention

B.

Endpoint detection response

C.

SSL VPN

D.

Application whitelisting

Full Access
Question # 17

A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?

A.

The product owner should perform a business impact assessment regarding the ability to implement a WAF.

B.

The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.

C.

The system administrator should evaluate dependencies and perform upgrade as necessary.

D.

The security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server.

Full Access
Question # 18

A company provides guest WiFi access to the internet and physically separates the guest network from the company’s internal WIFI. Due to a recent incident in which an attacker gained access to the compay’s intend WIFI, the company plans to configure WPA2 Enterprise in an EAP- TLS configuration. Which of the following must be installed on authorized hosts for this new configuration to work properly?

A.

Active Directory OPOs

B.

PKI certificates

C.

Host-based firewall

D.

NAC persistent agent

Full Access
Question # 19

An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.

Which of the following describes the administrator’s discovery?

A.

A vulnerability

B.

A threat

C.

A breach

D.

A risk

Full Access