<< Prev Question Next Question >>

Question 145/219

A recent penetration test identified that a web server has a major vulnerability. The web server hosts a critical shipping application for the company and requires 99.99% availability. Attempts to fix the vulnerability would likely break the application. The shipping application is due to be replaced in the next three months. Which of the following would BEST secure the web server until the replacement web server is ready?

LEAVE A REPLY

Your email address will not be published. Required fields are marked *

Question List (219q)
Question 1: A company has created a policy to allow employees to use the...
Question 2: A corporation with a BYOD policy is very concerned about iss...
Question 3: A company has decided to move an ERP application to a public...
Question 4: A company deploys a system to use device and user certificat...
Question 5: A company has made it a spending priority to implement secur...
Question 6: An organization is struggling to differentiate threats from ...
Question 7: A company has launched a phishing awareness campaign that in...
Question 8: A security manager wants to implement a policy that will man...
Question 9: A new employee is plugged into the network on a BYOD machine...
Question 10: A company has decided to replace all the T-1 uplinks at each...
Question 11: A pharmacy gives its clients online access to their records ...
Question 12: A user asks a security practitioner for recommendations on s...
Question 13: A penetration tester is given an assignment lo gain physical...
Question 14: The finance department has started to use a new payment syst...
Question 15: A user workstation was infected with a new malware variant a...
Question 16: A security incident responder discovers an attacker has gain...
Question 17: A security manager needed to protect a high-security data ce...
Question 18: A security administrator is hardening a TrustedSolaris serve...
Question 19: Following a recent and very large corporate merger, the numb...
Question 20: A security administrator must configure the database server ...
Question 21: A company is implementing a new secure identity application,...
Question 22: A security analyst is examining threats with the following c...
Question 23: A cybersecurity analyst is hired to review the security the ...
Question 24: Following the successful response to a data-leakage incident...
Question 25: The Chief Executive Officer (CEO) of a small startup company...
Question 26: An organization's network security administrator has been us...
Question 27: A security analyst must carry out the incident response plan...
Question 28: A software development manager is running a project using ag...
Question 29: While attending a meeting with the human resources departmen...
Question 30: A security administrator was informed that a server unexpect...
Question 31: An organization is a subsidiary of a larger firm that provid...
Question 32: A company is concerned about insider threats and wants to pe...
Question 33: The Chief information Security Officer (CISO) of a small loc...
Question 34: After significant vulnerabilities and misconfigurations were...
Question 35: A company is in the process of re-architecting its sensitive...
Question 36: The Chief Information Security Officer (CISO) of a power gen...
Question 37: Compliance with company policy requires a quarterly review o...
Question 38: A security engineer is troubleshooting an issue in which an ...
Question 39: A technician uses an old SSL server due to budget constraint...
Question 40: Ann, a user' brings her laptop to an analyst after noticing ...
Question 41: A new corporate policy requires that all employees have acce...
Question 42: A company recently implemented a new cloud storage solution ...
Question 43: The Chief information Officer (CIO) wants to establish a non...
Question 44: A security engineer needs (o implement controls that will pr...
Question 45: A large company with a very complex IT environment is consid...
Question 46: A security analyst sees some suspicious entries in a log fil...
Question 47: A core router was manipulated by a credentialed bypass to se...
Question 48: A financial institution would like to store its customer dat...
Question 49: A security analyst for a bank received an anonymous tip on t...
Question 50: Which of the following is the MOST likely reason an organiza...
Question 51: While an employee is on vacation, suspicion arises that the ...
Question 52: During a routine network scan, a security administrator disc...
Question 53: A software development company recently implemented a new po...
Question 54: A government contracting company issues smartphones to emplo...
Question 55: An analyst discovers the following while reviewing some rece...
Question 56: A company has adopted and established a continuous-monitorin...
Question 57: Ann, a CIRT member, is conducting incident response activiti...
Question 58: An organization is integrating an ICS and wants to ensure th...
Question 59: A security engineer is looking at a DNS server following a k...
Question 60: A security analyst is reviewing logs and discovers that a co...
Question 61: A development team is testing an in-house-developed applicat...
Question 62: A security engineer wants to introduce key stretching techni...
Question 63: The Chief Information Security Officer (CISO) of a new compa...
Question 64: A security engineer at a company is designing a system to mi...
Question 65: A security administrator wants to implement controls to hard...
Question 66: A security analyst discovered the following request to a pub...
Question 67: The Chief Executive Officer (CEO) instructed the new Chief I...
Question 68: A security analyst is reviewing the following packet capture...
Question 69: A systems administrator receives an advisory email that a re...
Question 70: An analyst execute a vulnerability scan against an internet-...
Question 71: An organization is creating requirements for new laptops tha...
Question 72: A security technician is incorporating the following require...
Question 73: A hospital is deploying new imaging softwares that requires ...
Question 74: A security engineer discovers a PC may have been breached an...
Question 75: An organization has employed the services of an auditing fir...
Question 76: A database administrator is required to adhere to and implem...
Question 77: The Chief Information Security Officer (CISO) for an organiz...
Question 78: A security controls assessor intends to perform a holistic c...
Question 79: A company hosts a web-based application that is accessed by ...
Question 80: A systems administrator recently joined an organization and ...
Question 81: A security consultant is improving the physical security of ...
Question 82: A penetration tester is conducting an assessment on Comptia....
Question 83: Which of the following is MOST likely to be included in a se...
Question 84: A systems administrator has installed a disk wiping utility ...
Question 85: An application developer is including third-party background...
Question 86: A security manager recently categorized an information syste...
Question 87: A security analyst is attempting to break into a client's se...
Question 88: Legal counsel has notified the information security manager ...
Question 89: An engineer is assisting with the design of a new virtualize...
Question 90: To meet a SLA, which of the following documents should be dr...
Question 91: After a large organization has completed the acquisition of ...
Question 92: A company makes consumer health devices and needs to maintai...
Question 93: A company provides guest WiFi access to the internet and phy...
Question 94: An analyst is investigating behavior on a corporate-owned, c...
Question 95: A system administrator at a medical imaging company discover...
Question 96: An enterprise solution requires a central monitoring platfor...
Question 97: Staff members are reporting an unusual number of device thef...
Question 98: A security engineer is designing a system in which offshore,...
Question 99: Two competing companies experienced similar attacks on their...
Question 100: An organization based in the United States is planning to ex...
Question 101: An enterprise is configuring an SSL client-based VPN for cer...
Question 102: A security analyst works for a defense contractor that produ...
Question 103: As a security administrator, you are asked to harden a serve...
Question 104: An organization is considering the use of a thin client arch...
Question 105: A security administrator is performing an audit of a local n...
Question 106: A security engineer is attempting to convey the importance o...
Question 107: Given the following code snippet: (Exhibit) Of which of the ...
Question 108: A company is repeatedly being breached by hackers who valid ...
Question 109: A product development team has submitted code snippets for r...
Question 110: A company's claims processed department has a mobile workfor...
Question 111: Security policies that are in place at an organization prohi...
Question 112: A large, public university has recently been experiencing an...
Question 113: An advanced threat emulation engineer is conducting testing ...
Question 114: An administrator wants to ensure hard drives cannot be remov...
Question 115: Given the code snippet below: (Exhibit) Which of the followi...
Question 116: A developer needs to provide feedback on a peer's work durin...
Question 117: An analyst needs to obtain information about an organization...
Question 118: Following a recent outage a systems administrator is conduct...
Question 119: As part of the asset management life cycle, a company engage...
Question 120: A security engineer is investigating a compromise that occur...
Question 121: A technician is reviewing the following log: (Exhibit) Which...
Question 122: While conducting a BIA for a proposed acquisition, the IT in...
Question 123: A penetration testing manager is contributing to an RFP for ...
Question 124: Following the merger of two large companies the newly combin...
Question 125: A healthcare company wants to increase the value of the data...
Question 126: Company policy mandates the secure disposal of sensitive dat...
Question 127: A developer is writing a new mobile application that employe...
Question 128: A company is trying to resolve the following issues related ...
Question 129: A company contracts a security engineer to perform a penetra...
Question 130: An information security officer is responsible for one secur...
Question 131: A company wants to extend its help desk availability beyond ...
Question 132: Ann, a terminated employee, left personal photos on a compan...
Question 133: A security tester is performing a Mack-box assessment of an ...
Question 134: A security engineer is attempting to inventory all network d...
Question 135: A financial services company wants to migrate its email serv...
Question 136: An internal staff member logs into an ERP platform and click...
Question 137: A security administrator is reviewing the following output f...
Question 138: A technician receives the following security alert from the ...
Question 139: A security administrator wants to allow external organizatio...
Question 140: An incident response analyst is investigating a compromise o...
Question 141: Which of the following is the primary cybersecurity-related ...
Question 142: A medical facility wants to purchase mobile devices for doct...
Question 143: A security engineer is deploying an IdP to broker authentica...
Question 144: A security analyst receives an email from a peer that includ...
Question 145: A recent penetration test identified that a web server has a...
Question 146: Which of the following describes a contract that is used to ...
Question 147: A security engineer is working with a software development t...
Question 148: Given the following code snippet: (Exhibit) Which of the fol...
Question 149: A security analyst is reading the results of a successful ex...
Question 150: A security analyst is inspecting pseudocode of the following...
Question 151: A company's existing forward proxies support software-based ...
Question 152: A university's help desk is receiving reports that Internet ...
Question 153: An enterprise is trying to secure a specific web-based appli...
Question 154: Several days after deploying an MDM for smartphone control, ...
Question 155: After the departure of a developer under unpleasant circumst...
Question 156: A security engineer successfully exploits an application dur...
Question 157: A company wants to analyze internal network traffic for IOCs...
Question 158: An administrator is working with management to develop polic...
Question 159: A company is transitioning to a new VDI environment, and a s...
Question 160: In the past, the risk committee at Company A has shown an av...
Question 161: A security administrator is investigating an incident involv...
Question 162: The Chief Information Security Officer (CISO) is preparing a...
Question 163: A security appliance vendor is reviewing an RFP that is requ...
Question 164: A cybersecurity analyst has received an alert that well-know...
Question 165: A business is growing and starting to branch out into other ...
Question 166: The Chief Information Security Officer (CISO) suspects that ...
Question 167: A project manager is working with a software development gro...
Question 168: Drag and drop the cloud deployment model to the associated u...
Question 169: Immediately following the report of a potential breach, a se...
Question 170: A security engineer is performing a routine audit of a compa...
Question 171: The Chief information Officer (CIO) asks the system administ...
Question 172: A smart switch has the ability to monitor electrical levels ...
Question 173: A security consultant is considering authentication options ...
Question 174: A security engineer has been hired to design a device that w...
Question 175: A company contracts a security consultant to perform a remot...
Question 176: A newly hired security analyst has joined an established SOC...
Question 177: A company uses AD and RADIUS to authenticate VPN and WiFi co...
Question 178: A new cluster of virtual servers has been set up in a lab en...
Question 179: The results of an external penetration test for a software d...
Question 180: A company decides to procure only laptops that use permanent...
Question 181: An organization is facing budget constraints The Chief Techn...
Question 182: A network printer needs Internet access to function. Corpora...
Question 183: A security analyst discovers what is believed to be evidence...
Question 184: A security analyst is investigating an alert arising from an...
Question 185: Engineers at a company believe a certain type of data should...
Question 186: A manufacturing company recently recovered from an attack on...
Question 187: A company suspects a web server may have been infiltrated by...
Question 188: A security analyst is reviewing the logs from a NIDS. the an...
Question 189: A security engineer must establish a method to assess compli...
Question 190: An engineer needs to provide access to company resources for...
Question 191: A researcher is working to identify what appears to be a new...
Question 192: Following a recent disaster a business activates its DRP. Th...
Question 193: A company's Chief Operating Officer (COO) is concerned about...
Question 194: A company enlists a trusted agent to implement a way to auth...
Question 195: The risk subcommittee of a corporate board typically maintai...
Question 196: An infrastructure team is at the end of a procurement proces...
Question 197: While the code is still in the development environment, a se...
Question 198: A security is assisting the marketing department with ensuri...
Question 199: A Chief Information Security Officer (CISO) requests the fol...
Question 200: During a recent incident, sensitive data was disclosed and s...
Question 201: Which of the following is the BEST way for a company to begi...
Question 202: The legal department has required that all traffic to and fr...
Question 203: An organization is currently working with a client to migrat...
Question 204: A cybersecurity analyst is conducting packet analysis on the...
Question 205: A managed service provider is designing a log aggregation se...
Question 206: A penetration test is being scoped for a set of web services...
Question 207: A new identity management program was recently initialed to ...
Question 208: An internal application has been developed to increase the e...
Question 209: Several recent ransomware outbreaks at a company have cost a...
Question 210: A large organization suffers a data breach after one staff m...
Question 211: Which of the following controls primarily detects abuse of p...
Question 212: A company runs a well -attended, on-premises fitness club fo...
Question 213: A company has entered into a business agreement with a busin...
Question 214: Given the following information about a company's internal n...
Question 215: An organization's network engineering team recently deployed...
Question 216: A networking administrator was recently promoted to security...
Question 217: A government contractor was the victim of a malicious attack...
Question 218: A security analyst is reviewing weekly email reports and fin...
Question 219: A company has gone through a round of phishing attacks. More...