A company wants to improve its active protection capabilities against unknown and zero-day malware. Which of the following is the MOST secure solution?
- A. NIDS
- B. Application allow list
- C. Sandbox detonation
- D. Endpoint log collection
- E. HIDS
Which of the following BEST describe the importance of maintaining chain of custody in forensic evidence collection? (Choose two.)
- A. It increases the likelihood that evidence will be deemed admissible in court.
- B. It authenticates personnel who come in contact with evidence after collection.
- C. It ensures confidentiality and the need-to-know basis of forensically acquired evidence.
- D. It attests to how recently evidence was collected by recording date/time attributes.
- E. It provides automated attestation for the integrity of the collected evidence.
- F. It ensures the integrity of the collected evidence.
A company just released a new video card. Due to limited supply and high demand, attackers are employing automated systems to purchase the device through the company’s web store so they can resell it on the secondary market. The company’s intended customers are frustrated. A security engineer suggests implementing a CAPTCHA system on the web store to help reduce the number of video cards purchased through automated systems.
Which of the following now describes the level of risk?
- A. Inherent
- B. Low
- C. Mitigated
- D. Residual
- E. Transferred
A vulnerability assessment endpoint generated a report of the latest findings. A security analyst needs to review the report and create a priority list of items that must be addressed. Which of the following should the analyst use to create the list quickly?
- A. Business Impact rating
- B. CVE dates
- C. CVSS scores
- D. OVAL
An organization collects personal data from its global customers. The organization determines how that data is going to be used, why it is going to be used, and how it is manipulated for business processes. Which of the following will the organization need in order to comply with GDPR? (Choose two.)
- A. Data processor
- B. Data custodian
- C. Data owner
- D. Data steward
- E. Data controller
- F. Data manager
The Chief Executive Officer (CEO) of a small wholesaler with low margins is concerned about the use of a newly developed artificial intelligence algorithm being used in the organization’s marketing tool. The tool can make automated purchasing approval decisions based on data provided by customers and collected from the Internet. Which of the following is MOST likely the concern? (Choose two.)
- A. Required computing power
- B. Cost to maintain
- C. Customer privacy
- D. Adversarial attacks
- E. Information bias
- F. Customer approval speed
A company’s finance department acquired a new payment system that exports data to an unencrypted file on the system. The company implemented controls on the file so only appropriate personnel are allowed access. Which of the following risk techniques did the department use in this situation?
- A. Accept
- B. Avoid
- C. Transfer
- D. Mitigate
A security architect is given the following requirements to secure a rapidly changing enterprise with an increasingly distributed and remote workforce:
– Cloud-delivered services
– Full network security stack
– SaaS application security management
– Minimal latency for an optimal user experience
– Integration with the cloud IAM platform
Which of the following is the BEST solution?
- A. Routing and Remote Access Service (RRAS)
- B. NGFW
- C. Managed Security Service Provider (MSSP)
- D. SASE
A user experiences an HTTPS connection error when trying to access an Internet banking website from a corporate laptop. The user then opens a browser on a mobile phone and is able to access the same Internet banking website without issue. Which of the following security configurations is MOST likely the cause of the error?
- A. HSTS
- B. TLS 1.2
- C. Certificate pinning
- D. Client authentication
An organization recently recovered from an attack that featured an adversary injecting malicious logic into OS bootloaders on endpoint devices. Therefore, the organization decided to require the use of TPM for measured boot and attestation, monitoring each component from the UEFI through the full loading of OS components. Which of the following TPM structures enables this storage functionality?
- A. Endorsement tickets
- B. Clock/counter structures
- C. Command tag structures with MAC schemes
- D. Platform configuration registers