Which of the following should be utilized to reduce the risk associated with these applications and their current architecture?

01/29/2021 – by Mod_GuideK 3

Due to a recent acquisition, the security team must find a way to secure several legacy applications. During a review of the applications, the following issues are documented: The applications are considered mission-critical. The applications are written in code languages…

Which of the following tools should the organization implement to reduce the highest risk identified in this log?

01/29/2021 – by Mod_GuideK 1

A technician is reviewing the following log: Which of the following tools should the organization implement to reduce the highest risk identified in this log? A. NIPS B. DLP C. NGFW D. SIEM

Which of the following is the BEST justification to ensure collaboration across business units?

01/29/2021 – by Mod_GuideK 0

A Chief Information Security Officer (CISO) is creating a security committee involving multiple business units of the corporation. Which of the following is the BEST justification to ensure collaboration across business units? A. A risk to one business unit is…

Which of the following would reduce the risk of this occurring in the future?

01/29/2021 – by Mod_GuideK 0

Ann, a retiring employee, cleaned out her desk. The next day, Ann’s manager notices company equipment that was supposed to remain at her desk is now missing. Which of the following would reduce the risk of this occurring in the…

Which of the following should the analyst use to reproduce these findings comprehensively?

01/29/2021 – by Mod_GuideK 3

A security analyst for a bank received an anonymous tip on the external banking website showing the following: Protocols supported – TLS 1.0 – SSL 3 – SSL 2 Cipher suites supported – TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA-ECDH p256r1 – TLS_DHE_RSA_WITH_AES_256_CBC_SHA-DH 1024bit – TLS_RSA_WITH_RC4_128_SHA…

Which of the following is MOST likely the issue?

01/29/2021 – by Mod_GuideK 0

A company is moving all of its web applications to an SSO configuration using SAML. Some employees report that when signing in to an application, they get an error message on the login screen after entering their username and password,…

Which of the following would be the EASIEST method of obtaining a password for the known account?

01/29/2021 – by Mod_GuideK 1

A penetration tester is trying to gain access to a remote system. The tester is able to see the secure login page and knows one user account and email address, but has not yet discovered a password. Which of the…

When implementing a penetration testing program, the Chief Information Security Officer (CISO) designates different organizational groups within the organization as having different responsibilities, attack vectors, and rules of engagement.

01/29/2021 – by Mod_GuideK 5

When implementing a penetration testing program, the Chief Information Security Officer (CISO) designates different organizational groups within the organization as having different responsibilities, attack vectors, and rules of engagement. First, the CISO designates a team to operate from within the…

Which of the following should the CISO be MOST concerned about?

01/29/2021 – by Mod_GuideK 0

An enterprise’s Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) are meeting to discuss ongoing capacity and resource planning issues. The enterprise has experienced rapid, massive growth over the last 12 months, and the technology department is stretched…

Which of the following BEST addresses these concerns?

01/29/2021 – by Mod_GuideK 0

A regional transportation and logistics company recently hired its first Chief Information Security Officer (CISO). The CISO’s first project after onboarding involved performing a vulnerability assessment against the company’s public facing network. The completed scan found a legacy collaboration platform…