Independence Day - 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: av54zq84

Exact2Pass Menu

Question # 4

A new company wants to avoid channel interference when building a WLAN. The company needs to know the radio frequency behavior, identify dead zones, and determine the best place for access points. Which of the following should be done FIRST?

A.

Configure heat maps.

B.

Utilize captive portals.

C.

Conduct a site survey.

D.

Install Wi-Fi analyzers.

Full Access
Question # 5

A company wants the ability to restrict web access and monitor the websites that employees visit. Which of the following would BEST meet these requirements?

A.

internet proxy

B.

VPN

C.

WAF

D.

Firewall

Full Access
Question # 6

Which of the following would BEST provide detective and corrective controls for thermal regulation?

A.

A smoke detector

B.

A fire alarm

C.

An HVAC system

D.

A fire suppression system

E.

Guards

Full Access
Question # 7

An organization implemented a process that compares the settings currently configured on systems against secure configuration guidelines in order to identify any gaps Which of the following control types has the organization implemented?

A.

Compensating

B.

Corrective

C.

Preventive

D.

Detective

Full Access
Question # 8

Which of the following documents provides expectations at a technical level for quality, availability, and responsibilities?

A.

EOL

B.

SLA

C.

MOU

D.

EOSL

Full Access
Question # 9

A systems administrator is troubleshooting a server's connection to an internal web server. The administrator needs to determine the correct ports to use. Which of the following tools BEST shows which ports on the web server are in a listening state?

A.

Ipconfig

B.

ssh

C.

Ping

D.

Netstat

Full Access
Question # 10

A company suspects that some corporate accounts were compromised. The number of suspicious logins from locations not recognized by the users is increasing Employees who travel need their accounts protected without the nsk of blocking legitimate login requests that may be made over new sign-in properties. Which of the following security controls can be implemented?

A.

Enforce MFA when an account request reaches a nsk threshold

B.

Implement geofencing to only allow access from headquarters

C.

Enforce time-based login requests that align with business hours

D.

Shift the access control scheme to a discretionary access control

Full Access
Question # 11

An organization is migrating several SaaS applications that support SSO. The security manager wants to ensure the migration is completed securely. Which of the following should the organization consider before implementation? (Select TWO).

A.

The back-end directory source

B.

The identity federation protocol

C.

The hashing method

D.

The encryption method

E.

The registration authority

F.

The certificate authority

Full Access
Question # 12

Field workers in an organization are issued mobile phones on a daily basis All the work is performed within one city and the mobile phones are not used for any purpose other than work The organization does not want these pnones used for personal purposes. The organization would like to issue the phones to workers as permanent devices so the pnones do not need to be reissued every day Qven the conditions described, which of the following technologies would BEST meet these requirements'

A.

Geofencing

B.

Mobile device management

C.

Containenzation

D.

Remote wiping

Full Access
Question # 13

Which of the following is the MOST effective control against zero-day vulnerabilities?

A.

Network segmentation

B.

Patch management

C.

Intrusion prevention system

D.

Multiple vulnerability scanners

Full Access
Question # 14

A security analyst is receiving numerous alerts reporting that the response time of an internet-facing application has been degraded However, the internal network performance was not degraded. Which of the following MOST likely explains this behavior?

A.

DNS poisoning

B.

MAC flooding

C.

DDoS attack

D.

ARP poisoning

Full Access
Question # 15

An organization wants to participate in threat intelligence information sharing with peer groups. Which of the following would MOST likely meet the organizations requirement?

A.

Perform OSINT investigations

B.

Subscribe to threat intelligence feeds

C.

Submit RFCs

D.

Implement a TAXII server

Full Access
Question # 16

Which of the following will increase cryptographic security?

A.

High data entropy

B.

Algorithms that require less computing power

C.

Longer key longevity

D.

Hashing

Full Access
Question # 17

An administrator needs to protect user passwords and has been advised to hash the passwords. Which of the following BEST describes what the administrator is being advised to do?

A.

Perform a mathematical operation on the passwords that will convert them into umgue stnngs

B.

Add extra data to the passwords so their length is increased, making them harder to brute force

C.

Store all passwords in the system in a rainbow table that has a centralized location

D.

Enforce the use of one-time passwords that are changed for every login session.

Full Access
Question # 18

Which of the following is assured when a user signs an email using a private key?

A.

Non-repudiation

B.

Confidentiality

C.

Availably

D.

Authentication

Full Access
Question # 19

Which of the following is a known security nsk associated with data archives that contain financial information?

A.

Data can become a liability if archived longer than required by regulatory guidance

B.

Data must be archived off-site to avoid breaches and meet business requirements

C.

Companies are prohibited from providing archived data to e-discovery requests

D.

Unencrypted archives should be preserved as long as possible and encrypted

Full Access
Question # 20

An ofgantzation has decided to purchase an insurance policy because a risk assessment determined that the cost to remediate the risk is greater than the five-year cost of the insurance policy. The organization is enabling risk

A.

avoidance

B.

acceptance

C.

mitigation

D.

transference

Full Access
Question # 21

Which of the following would BEST provide a systems administrator with the ability to more efficiently identify systems and manage permissions and policies based on location, role, and service level?

A.

Standard naming conventions

B.

Domain services

C.

Baseline configurations

D.

Diagrams

Full Access
Question # 22

An organization wants to implement a biometric system with the highest likelihood that an unauthorized user will be denied access. Which of the following should the organization use to compare biometric solutions?

A.

FRR

B.

Difficulty of use

C.

Cost

D.

FAR

E.

CER

Full Access
Question # 23

A company wants to restrict emailing of PHI documents. The company is implementing a DLP solution In order to reslnct PHI documents which of the following should be performed FIRST?

A.

Retention

B.

Governance

C.

Classification

D.

Change management

Full Access
Question # 24

A cloud service provider has created an environment where customers can connect existing local networks to the cloud for additional computing resources and block internal HR applications from reaching the cloud. Which of the following cloud models is being used?

A.

Public

B.

Community

C.

Hybrid

D.

Private

Full Access