Question 381
A small bank is evaluating different methods to address and resolve the following requirements:
• Must be able to store credit card data using the smallest amount of data possible.
• Must be compliant with PCI DSS.
• Must maintain confidentiality if one piece of the layer is compromised.
Which of the following is the BEST solution for the bank?
- A. Scrubbing
- B. Tokenization
- C. Masking
- D. Homomorphic encryption
When implementing serverless computing, an organization must still account for:
- A. the underlying computing network infrastructure.
- B. hardware compatibility.
- C. the security of its data.
- D. patching the service.
A systems administrator at a web-hosting provider has been tasked with renewing the public certificates of all customer sites. Which of the following would BEST support multiple domain names while minimizing the amount of certificates needed?
- A. OCSP
- B. CRL
- C. SAN
- D. CA
An IT department is currently working to implement an enterprise DLP solution. Due diligence and best practices must be followed in regard to mitigating risk. Which of the following ensures that authorized modifications are well planned and executed?
- A. Risk management
- B. Network management
- C. Configuration management
- D. Change management
A company’s Chief Information Security Officer wants to prevent the company from being the target of ransomware. The company’s IT assets need to be protected. Which of the following are the MOST secure options to address these concerns? (Choose three.)
- A. Antivirus
- B. EDR
- C. Sandboxing
- D. Application control
- E. Host-based firewall
- F. IDS
- G. NGFW
- H. Strong authentication
An online video shows a company’s Chief Executive Officer (CEO) making a company announcement. The CEO, however, did not make the announcement. Which of the following BEST describes this attack?
- A. Identity theft
- B. Deepfake
- C. Website defacement
- D. Social engineering
Which of the following technologies would benefit the most from the use of biometric readers, proximity badge entry systems, and the use of hardware security tokens to access various environments and data entry systems?
- A. Deep learning
- B. Machine learning
- C. Nanotechnology
- D. Passwordless authentication
- E. Biometric impersonation
A hospital has fallen behind with patching known vulnerabilities due to concerns that patches may cause disruptions in the availability of data and impact patient care. The hospital does not have a tracking solution in place to audit whether systems have been updated or to track the length of time between notification of the weakness and patch completion. Since tracking is not in place, the hospital lacks accountability with regard to who is responsible for these activities and the timeline of patching efforts. Which of the following should the hospital do first to mitigate this risk?
- A. Complete a vulnerability analysis.
- B. Obtain guidance from the health ISAC.
- C. Purchase a ticketing system for auditing efforts.
- D. Ensure CVEs are current.
- E. Train administrators on why patching is important.
The Chief Executive Officer of an online retailer notices a sudden drop in sales. A security analyst at the retailer detects a redirection of unsecure web traffic to a competitor’s site. Which of the following would best prevent this type of attack?
- A. Enabling HSTS
- B. Configuring certificate pinning
- C. Enforcing DNSSEC
- D. Deploying certificate stapling
A security administrator is trying to securely provide public access to specific data from a web application. Clients who want to access the application will be required to:
• Only allow the POST and GET options.
• Transmit all data secured with TLS 1.2 or greater.
• Use specific URLs to access each type of data that is requested.
• Authenticate with a bearer token.
Which of the following should the security administrator recommend to meet these requirements?
- A. API gateway
- B. Application load balancer
- C. Web application firewall
- D. Reverse proxy