An organization established an agreement with a partner company for specialized help desk services. A senior security officer within the organization is tasked with providing documentation required to set up a dedicated VPN between the two entities. Which of the following should be required?
- A. SLA
- B. ISA
- C. NDA
- D. MOU
Which of the following is record-level encryption commonly used to do?
- A. Protect database fields.
- B. Protect individual files.
- C. Encrypt individual packets.
- D. Encrypt the master boot record.
Question 393
An ISP is receiving reports from a portion of its customers who state that typosquatting is occurring when they type in a portion of the URL for the ISP’s website. The reports state that customers are being directed to an advertisement website that is asking for personal information. The security team has verified the DNS system is returning proper results and has no known IOCs. Which of the following should the security team implement to best mitigate this situation?
- A. DNSSEC
- B. DNS filtering
- C. Multifactor authentication
- D. Self-signed certificates
- E. Revocation of compromised certificates
A cloud security engineer is setting up a cloud-hosted WAF. The engineer needs to implement a solution to protect the multiple websites the organization hosts. The organization websites are:
• www.mycompany.org
• www.mycompany.com
• campus.mycompany.com
• wiki.mycompany.org
The solution must save costs and be able to protect all websites. Users should be able to notify the cloud security engineer of any on-path attacks. Which of the following is the best solution?
- A. Purchase one SAN certificate.
- B. Implement self-signed certificates.
- C. Purchase one certificate for each website.
- D. Purchase one wildcard certificate.
A partner organization is requesting that a security administrator exchange S/MIME certificates for email between the two organizations. The partner organization is most likely trying to:
- A. utilize digital signatures to ensure data integrity.
- B. reduce the amount of impersonation spam the organization receives.
- C. enable a more decentralized IT infrastructure.
- D. eliminate the organization’s business email compromise risks.
The general counsel at an organization has received written notice of upcoming litigation. The general counsel has issued a legal records hold. Which of the following actions should the organization take to comply with the request?
- A. Preserve all communication matching the requested search terms.
- B. Block communication with the customer while litigation is ongoing.
- C. Require employees to be trained on legal record holds.
- D. Request that all users do not delete any files.
An organization recently completed a security controls assessment. The results highlighted the following vulnerabilities:
• Out-of-date definitions
• Misconfigured operating systems
• An inability to detect active attacks
• Unimpeded access to critical servers’ USB ports
Which of the following will most likely reduce the risks that were identified by the assessment team?
- A. Install EDR on endpoints, configure group policy, lock server room doors, and install a camera system with guards watching 24/7.
- B. Create an information security program that addresses user training, perform weekly audits of user workstations, and utilize a centralized configuration management program.
- C. Update antivirus definitions, install NGFW with logging enabled, use USB port lockers, and run SCAP scans weekly.
- D. Implement a vulnerability management program and a SIEM tool with alerting, install a badge system with zones, and restrict privileged access.
A company with multiple locations has taken a cloud-only approach to its infrastructure. The company does not have standard vendors or systems, resulting in a mix of various solutions put in place by each location. The Chief Information Security Officer wants to ensure that the internal security team has visibility into all platforms. Which of the following best meets this objective?
- A. Security information and event management
- B. Cloud security posture management
- C. SNMPv2 monitoring and log aggregation
- D. Managed detection and response services from a third party
A cyber analyst for a government agency is concerned about how PII is protected. A supervisor indicates that a Privacy Impact Assessment must be done. Which of the following describes a function of a Privacy Impact Assessment?
- A. To validate the project participants
- B. To identify the network ports
- C. To document residual risks
- D. To evaluate threat acceptance
A pharmaceutical company uses a cloud provider to host thousands of independent resources in object storage. The company needs a practical and effective means of discovering data, monitoring changes, and identifying suspicious activity. Which of the following would best meet these requirements?
- A. A machine-learning-based data security service
- B. A file integrity monitoring service
- C. A cloud configuration assessment and compliance service
- D. A cloud access security broker
A security engineer needs to select the architecture for a cloud database that will protect an organization’s sensitive data. The engineer has a choice between a single-tenant or a multitenant database architecture offered by a cloud vendor. Which of the following best describes the security benefits of the single-tenant option? (Choose two.)
- A. Most cost-effective
- B. Ease of backup and restoration
- C. High degree of privacy
- D. Low resilience to side-channel attacks
- E. Full control and ability to customize
- F. Increased geographic diversity