SY0-601 Exam Dumps | An engineer wants to inspect traffic to a cluster of web servers in a cloud environment Which of the

<< Prev Question Next Question >>

Question 15/483

An engineer wants to inspect traffic to a cluster of web servers in a cloud environment Which of the following solutions should the engineer implement? (Select two).

A. CASB

B. WAF

C. Load balancer

D. VPN

E. TLS

F. DAST

Correct Answer: B,C

A web application firewall (WAF) is a solution that inspects traffic to a cluster of web servers in a cloud environment and protects them from common web-based attacks, such as SQL injection, cross-site scripting, and denial-of-service1. A WAF can be deployed as a cloud service or as a virtual appliance in front of the web servers. A load balancer is a solution that distributes traffic among multiple web servers in a cloud environment and improves their performance, availability, and scalability2. A load balancer can also perform health checks on the web servers and route traffic only to the healthy ones. The other options are not relevant to this scenario. A CASB is a cloud access security broker, which is a solution that monitors and controls the use of cloud services by an organization's users3. A VPN is a virtual private network, which is a solution that creates a secure and encrypted connection between two networks or devices over the internet. TLS is Transport Layer Security, which is a protocol that provides encryption and authentication for data transmitted over a network. DAST is dynamic application security testing, which is a method of testing web applications for vulnerabilities by simulating attacks on them.
References: 1: https://www.imperva.com/learn/application-security/what-is-a-web-application-firewall-waf/
2: https://www.imperva.com/learn/application-security/load-balancing/
3: https://www.imperva.com/learn/application-security/cloud-access-security-broker-casb/
3: https://www.imperva.com/learn/application-security/vpn-virtual-private-network/
4: https://www.imperva.com/learn/application-security/transport-layer-security-tls/
5: https://www.imperva.com/learn/application-security/dynamic-application-security-testing-dast/
6: https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-traffic-ins
7: https://docs.microsoft.com/en-us/azure/private-link/inspect-traffic-with-azure-firewall
8: https://docs.microsoft.com/en-us/azure/architecture/example-scenario/gateway/application-gateway-before-azure

Question List (483q): Question 1: During a recent security assessment, a vulnerability was fou...; Question 2: Given the following snippet of Python code: Which of the fol...; Question 3: Which of the following best describes the situation where a ...; Question 4: A security administrator recently reset local passwords and ...; Question 5: An organization wants seamless authentication to its applica...; Question 6: The Chief Information Security Officer (CISO) at a large com...; Question 7: A security team is providing input on the design of a second...; Question 8: An organization is building backup server rooms in geographi...; Question 9: A security administrator needs to block a TCP connection usi...; Question 10: Which of the following describes the ability of code to targ...; Question 11: Which of the following best ensures minimal downtime and dat...; Question 12: A company policy requires third-party suppliers to self-repo...; Question 13: A security analyst reviews web server logs and finds the fol...; Question 14: A company's end users are reporting that they are unable to ...; Question 15: An engineer wants to inspect traffic to a cluster of web ser...; Question 16: A company recently experienced a data breach and the source ...; Question 17: A third party asked a user to share a public key for secure ...; Question 18: A security analyst is investigating a phishing email that co...; Question 19: A penetration tester was able to compromise a host using pre...; Question 20: A security administrator would like to ensure all cloud serv...; Question 21: Sales team members have been receiving threatening voicemail...; Question 22: A security administrator needs to inspect in-transit files o...; Question 23: Which of the following is constantly scanned by internet bot...; Question 24: Which of the following threat actors is most likely to use a...; Question 25: Which of the following would produce the closet experience o...; Question 26: A newly appointed board member with cybersecurity knowledge ...; Question 27: A software development manager wants to ensure the authentic...; Question 28: A security analyst was deploying a new website and found a c...; Question 29: An enterprise has hired an outside security firm to conduct ...; Question 30: A web server log contains two million lines. A security anal...; Question 31: A security engineer is implementing FDE for all laptops in a...; Question 32: An analyst Is generating a security report for the managemen...; Question 33: A new security engineer has started hardening systems. One o...; Question 34: Which of the following practices would be best to prevent an...; Question 35: A company reduced the area utilized in its datacenter by cre...; Question 36: An incident response technician collected a mobile device du...; Question 37: A company needs to keep the fewest records possible, meet co...; Question 38: A company would like to implement a daily backup solution. T...; Question 39: In a rush to meet an end-of-year business goal, the IT depar...; Question 40: A security team discovered a large number of company-issued ...; Question 41: A security analyst is taking part in an evaluation process t...; Question 42: An organization recently updated its security policy to incl...; Question 43: An organization recently released a software assurance polic...; Question 44: Which of the following can reduce vulnerabilities by avoidin...; Question 45: Security analysts notice a server login from a user who has ...; Question 46: A security analyst needs to implement an MDM solution for BY...; Question 47: An employee used a corporate mobile device during a vacation...; Question 48: Which of the following supplies non-repudiation during a for...; Question 49: Which of the following would be best suited for constantly c...; Question 50: A user is trying to upload a tax document, which the corpora...; Question 51: If a current private key is compromised, which of the follow...; Question 52: Stakeholders at an organisation must be kept aware of any in...; Question 53: At the start of a penetration test, the tester checks OSINT ...; Question 54: Which of the following is a hardware-specific vulnerability?...; Question 55: A grocery store is expressing security and reliability conce...; Question 56: A security analyst is looking for a way to categorize and sh...; Question 57: An organization is outlining data stewardship roles and resp...; Question 58: An annual information security has revealed that several OS-...; Question 59: A retail store has a business requirement to deploy a kiosk ...; Question 60: A company has discovered unauthorized devices are using its ...; Question 61: While investigating a recent security breach an analyst find...; Question 62: Which of the following describes software on network hardwar...; Question 63: A Chief Information Officer is concerned about employees usi...; Question 64: A company acquired several other small companies The company...; Question 65: Which of the following does an air-gapped system provide?...; Question 66: Which of the following types of controls is a turnstile?...; Question 67: A technician is setting up a new firewall on a network segme...; Question 68: Which of the following describes where an attacker can purch...; Question 69: A company would like to move to the cloud. The company wants...; Question 70: A retail executive recently accepted a job with a major comp...; Question 71: Recent changes to a company's BYOD policy require all person...; Question 72: Which of the following is considered a preventive control?...; Question 73: A user attempts to load a web-based application, but the exp...; Question 74: Which of the following isa risk that is specifically associa...; Question 75: A systems administrator is looking for a low-cost applicatio...; Question 76: The marketing department set up its own project management s...; Question 77: After a hardware incident, an unplanned emergency maintenanc...; Question 78: * Sensitive customer data must be safeguarded. * Documents f...; Question 79: A company requires that all user authentication against a co...; Question 80: Which of the following is used to validate a certificate whe...; Question 81: A security administrator is seeking a solution to prevent un...; Question 82: While considering the organization's cloud-adoption strategy...; Question 83: A security analyst is concerned about traffic initiated to t...; Question 84: A company has numerous employees who store PHI data locally ...; Question 85: Which of the following describes how applications are built,...; Question 86: A company is currently utilizing usernames and passwords, an...; Question 87: A Chief Executive Officer's (CEO) personal information was s...; Question 88: A threat actor used a sophisticated attack to breach a well-...; Question 89: A company's help desk has received calls about the wireless ...; Question 90: Which of the following is MOST likely to outline the roles a...; Question 91: Which of the following cloud models provides clients with se...; Question 92: A company is required to continue using legacy software to s...; Question 93: The primary goal of the threat-hunting team at a large compa...; Question 94: A Chief Information Security Officer (CISO) wants to explici...; Question 95: An engineer is setting up a VDI environment for a factory lo...; Question 96: Several users have been violating corporate security policy ...; Question 97: Which of the following is a physical security control that e...; Question 98: An organization is concerned that its hosted web servers are...; Question 99: A website user is locked out of an account after clicking an...; Question 100: A company is developing a new initiative to reduce insider t...; Question 101: A company was compromised, and a security analyst discovered...; Question 102: A help desk technician receives an email from the Chief Info...; Question 103: Which of the technologies is used to actively monitor for sp...; Question 104: Which of the following would be most effective to contain a ...; Question 105: The security team received a report of copyright infringemen...; Question 106: An endpoint protection application contains critical element...; Question 107: A system^ administrator performs a quick scan of an organiza...; Question 108: An organization is concerned about intellectual property the...; Question 109: A bank was recently provided a new version of an executable ...; Question 110: An organization with a low tolerance for user inconvenience ...; Question 111: A digital forensics team at a large company is investigating...; Question 112: An organization's Chief Security Officer (CSO) wants to vali...; Question 113: After installing a patch On a security appliance. an organiz...; Question 114: An analyst is providing feedback on an incident that involve...; Question 115: A company that provides an online streaming service made its...; Question 116: A company is implementing a new SIEM to log and send alerts ...; Question 117: An organization has hired a red team to simulate attacks on ...; Question 118: A store receives reports that shoppers' credit card informat...; Question 119: The IT department's on-site developer has been with the team...; Question 120: A security administrator recently used an internal CA to iss...; Question 121: A security analyst must enforce policies to harden an MDM in...; Question 122: A security engineer needs to create a network segment that c...; Question 123: A company is looking to migrate some servers to the cloud to...; Question 124: An organization is concerned about hackers bypassing MFA thr...; Question 125: Which of the following is performed to gain a better underst...; Question 126: Which of the following should customers who are involved wit...; Question 127: A company is decommissioning its physical servers and replac...; Question 128: A security analyst needs to implement security features acro...; Question 129: An attacker replaces a digitally signed document with anothe...; Question 130: Hackers recently attacked a company's network and obtained s...; Question 131: A police department is using the cloud to share information ...; Question 132: A company owns a public-facing e-commerce website. The compa...; Question 133: A client asked a security company to provide a document outl...; Question 134: Which of the following strategies shifts risks that are not ...; Question 135: A security analyst receives alerts about an internal system ...; Question 136: Law enforcement officials sent a company a notification that...; Question 137: Which of the following is most likely to contain ranked and ...; Question 138: As part of annual audit requirements, the security team perf...; Question 139: Which of the following can be used by an authentication appl...; Question 140: A company recently upgraded its authentication infrastructur...; Question 141: A recent vulnerability scan revealed multiple servers have n...; Question 142: An administrator reviewed the log files after a recent ranso...; Question 143: Which of the following holds staff accountable while escorti...; Question 144: A security analyst needs to harden access to a network. One ...; Question 145: A security department wants to conduct an exercise that will...; Question 146: An organization would like to remediate the risk associated ...; Question 147: Which of the following vulnerabilities is associated with in...; Question 148: Which of the following is the most effective way to protect ...; Question 149: A user's laptop constantly disconnects from the Wi-Fi networ...; Question 150: Which of the following ensures an organization can continue ...; Question 151: A security manager is attempting to meet multiple security o...; Question 152: During a recent company safety stand-down, the cyber-awarene...; Question 153: recovery sites is the best option?...; Question 154: A security architect is implementing a new email architectur...; Question 155: Which of the following should a systems administrator use to...; Question 156: A systems administrator receives the following alert from a ...; Question 157: A security analyst is investigating what appears to be unaut...; Question 158: A security analyst receives an alert that indicates a user's...; Question 159: While preparing a software inventory report, a security anal...; Question 160: Which Of the following is a primary security concern for a s...; Question 161: A security engineer needs to build @ solution to satisfy reg...; Question 162: A cybersecurity incident response team at a large company re...; Question 163: Which of the following controls would be the MOST cost-effec...; Question 164: A company Is planning to install a guest wireless network so...; Question 165: A security analyst is investigating a workstation that is su...; Question 166: Which of the following utilizes public and private keys to s...; Question 167: A company is concerned about weather events causing damage t...; Question 168: A wet-known organization has been experiencing attacks from ...; Question 169: A company is developing a business continuity strategy and n...; Question 170: A security analyst is investigating a malware incident at a ...; Question 171: Which of the following is most likely associated with introd...; Question 172: A company is enhancing the security of the wireless network ...; Question 173: A security analyst is reviewing an IDS alert and sees the fo...; Question 174: Which of the following would most likely include language pr...; Question 175: Which of the following are common VoIP-associated vulnerabil...; Question 176: An organization wants a third-party vendor to do a penetrati...; Question 177: Which of the following describes an executive team that is m...; Question 178: During a recent breach, employee credentials were compromise...; Question 179: Which of the following best describes the risk present after...; Question 180: Which of the following would be the best ways to ensure only...; Question 181: An organization suffered numerous multiday power outages at ...; Question 182: You are security administrator investigating a potential inf...; Question 183: A company is planning to set up a SIEM system and assign an ...; Question 184: An organization is required to maintain financial data recor...; Question 185: A security engineer needs to configure an NGFW to minimize t...; Question 186: Which of the following threat actors is the most likely to u...; Question 187: A systems administrator is required to enforce MFA for corpo...; Question 188: An organization wants to secure a LAN/WLAN so users can auth...; Question 189: A security operations center determines that the malicious a...; Question 190: The following are the logs of a successful attack. (Exhibit)...; Question 191: A retail company that is launching @ new website to showcase...; Question 192: After a phishing scam fora user's credentials, the red team ...; Question 193: A network analyst is investigating compromised corporate inf...; Question 194: While assessing the security of a web application, a securit...; Question 195: After a recent vulnerability scan, a security engineer needs...; Question 196: As accounting clerk sent money to an attacker's bank account...; Question 197: An application server is published directly on the internet ...; Question 198: A user, who is waiting for a flight at an airport, logs in t...; Question 199: A security analyst needs an overview of vulnerabilities for ...; Question 200: A company has implemented a policy that requires two people ...; Question 201: An employee's company email is configured with conditional a...; Question 202: A security engineer is hardening existing solutions to reduc...; Question 203: A security administrator is working to secure company data o...; Question 204: An organization is having difficulty correlating events from...; Question 205: A software developer would like to ensure the source code ca...; Question 206: Historically, a company has had issues with users plugging i...; Question 207: Which of the following considerations is the most important ...; Question 208: The concept of connecting a user account across the systems ...; Question 209: A company's legal department drafted sensitive documents in ...; Question 210: A network architect wants a server to have the ability to re...; Question 211: An employee receives a text message that appears to have bee...; Question 212: Which of the following will increase cryptographic security?...; Question 213: An employee clicked a link in an email from a payment websit...; Question 214: A security team is conducting a security review of a hosted ...; Question 215: An employee received multiple messages on a mobile device. T...; Question 216: A company recently added a DR site and is redesigning the ne...; Question 217: A company a "right to forgotten" request To legally comply, ...; Question 218: A local server recently crashed, and the team is attempting ...; Question 219: Which of the following agreements defines response time, esc...; Question 220: A security administrator is using UDP port 514 to send a sys...; Question 221: Which of the following is an administrative control that wou...; Question 222: A security manager needs to assess the security posture of o...; Question 223: Leveraging the information supplied below, complete the CSR ...; Question 224: An organization recently released a zero-trust policy that w...; Question 225: A company is concerned about individuals driving a car into ...; Question 226: Which of the following involves an attempt to take advantage...; Question 227: A security analyst is currently addressing an active cyber i...; Question 228: Which of the following security concepts is the best reason ...; Question 229: A security analyst is creating baselines for the server team...; Question 230: An administrator assists the legal and compliance team with ...; Question 231: An information security officer at a credit card transaction...; Question 232: Which of the following strengthens files stored in the /etc/...; Question 233: Which of the following is the BEST action to foster a consis...; Question 234: An organization implemented cloud-managed IP cameras to moni...; Question 235: Which Of the following best ensures minimal downtime for org...; Question 236: An organization has too many variations of a single operatin...; Question 237: A security analyst is working with the IT group to define ap...; Question 238: When decommissioning physical hardware that contains Pll. a ...; Question 239: Which of the following methods to secure credit card data is...; Question 240: Which Of the following control types is patch management cla...; Question 241: A company recently decided to allow employees to work remote...; Question 242: Which of the following BEST describes a social-engineering a...; Question 243: A server administrator is reporting performance issues when ...; Question 244: Which of the following identifies the point in time when an ...; Question 245: A vulnerability has been discovered and a known patch to add...; Question 246: A Chief Information Officer is concerned about employees usi...; Question 247: A security analyst it investigating an incident to determine...; Question 248: While reviewing the /etc/shadow file, a security administrat...; Question 249: A security administrator Installed a new web server. The adm...; Question 250: Which of the following best describes the action captured in...; Question 251: An employee receives a text message from an unknown number c...; Question 252: A security analyst discovers that one of the web APIs is bei...; Question 253: The Chief Information Security Officer of an organization ne...; Question 254: Which of the following should a security operations center u...; Question 255: To reduce and limit software and infrastructure costs the Ch...; Question 256: Which of the following is a primary security concern for a c...; Question 257: A security team discovers a vulnerability that does not have...; Question 258: An organization would like to gain actionable intelligence a...; Question 259: A privileged user at a company stole several proprietary doc...; Question 260: A technician wants to improve the situational and environmen...; Question 261: A company wants to implement MFA. Which of the following ena...; Question 262: Which of the following is best used to detect fraud by assig...; Question 263: An analyst is working on an investigation with multiple aler...; Question 264: During the past year, an organization has experienced severa...; Question 265: A systems engineer thinks a business system has been comprom...; Question 266: Which of the following components can be used to consolidate...; Question 267: A desktop computer was recently stolen from a desk located i...; Question 268: A company wants to reconfigure an existing wireless infrastr...; Question 269: Which of the following can a security director use to priori...; Question 270: A company would like to provide flexibility for employees on...; Question 271: Two companies are in the process of merging. The companies n...; Question 272: A penetration tester begins an engagement by performing port...; Question 273: The compliance team requires an annual recertification of pr...; Question 274: A company is looking to move completely to a remote work env...; Question 275: A cybersecurity analyst reviews the log files from a web ser...; Question 276: A security administrator checks the security logs of a Linux...; Question 277: An employee recently resigned from a company. The employee w...; Question 278: During an investigation, the incident response team discover...; Question 279: A company located in an area prone to hurricanes is developi...; Question 280: A network engineer and a security engineer are discussing wa...; Question 281: A security engineer learns that a non-critical application w...; Question 282: A corporate security team needs to secure the wireless perim...; Question 283: A systems administrator at a healthcare organization is sett...; Question 284: Which of the following can best protect against an employee ...; Question 285: Which of the following would be the best way to block unknow...; Question 286: Which of the following would provide guidelines on how to la...; Question 287: A security administrator has discovered that workstations on...; Question 288: A security researcher has alerted an organization that its s...; Question 289: A desktop support technician recently installed a new docume...; Question 290: During an assessment, a systems administrator found several ...; Question 291: A security team is conducting a review of the company's SaaS...; Question 292: A Chief Information Security Officer (CISO) is evaluating (h...; Question 293: An employee's laptop was stolen last month. This morning, th...; Question 294: An audit report showed that a former employee saved the foll...; Question 295: Which of the following BEST describes the team that acts as ...; Question 296: A security analyst reviews web server logs and notices the f...; Question 297: A security analyst notices an unusual amount of traffic hitt...; Question 298: Which of the following best describes the process of adding ...; Question 299: Which of the following is a solution that can be used to sto...; Question 300: A security analyst notices several attacks are being blocked...; Question 301: Which of the following models offers third-party-hosted, on-...; Question 302: After gaining access to a dual-homed (i.e.. wired and wirele...; Question 303: The alert indicates an attacker entered thousands of charact...; Question 304: Which of the following would be used to detect an employee e...; Question 305: A security analyst and the management team are reviewing the...; Question 306: A security investigation revealed mat malicious software was...; Question 307: A security analyst has been tasked with creating a new WiFi ...; Question 308: An organization is concerned about hackers potentially enter...; Question 309: A spoofed identity was detected for a digital certificate. W...; Question 310: Which of the following is the phase in the incident response...; Question 311: A user would like to install software and features that are ...; Question 312: A company installed several crosscut shredders as part of in...; Question 313: A company's marketing department collects, modifies, and sto...; Question 314: Which of the following BEST describes the method a security ...; Question 315: A company is developing a critical system for the government...; Question 316: Which of the following, if compromised, can indirectly impac...; Question 317: An organization has expanded its operations by opening a rem...; Question 318: A company purchased cyber insurance to address items listed ...; Question 319: A security administrator performs weekly vulnerability scans...; Question 320: Which of the following threat vectors would appear to be the...; Question 321: A technician is opening ports on a firewall for a new system...; Question 322: The management team has requested that the security team imp...; Question 323: A company is required to use certified hardware when buildin...; Question 324: Which Of the following vulnerabilities is exploited an attac...; Question 325: An organization disabled unneeded services and placed a fire...; Question 326: The Chief Information Security Officer wants to pilot a new ...; Question 327: Which of the following environments utilizes a subset of cus...; Question 328: Which of the following is required in order for an IDS and a...; Question 329: A new vulnerability enables a type of malware that allows th...; Question 330: An analyst is trying to identify insecure services that are ...; Question 331: A backdoor was detected on the containerized application env...; Question 332: A security analyst is reviewing the following system command...; Question 333: A manager for the development team is concerned about report...; Question 334: Developers are writing code and merging it into shared repos...; Question 335: A small business uses kiosks on the sales floor to display p...; Question 336: A company executive experienced a security issue at an airpo...; Question 337: Which of the following has been implemented when a host-base...; Question 338: A security analyst receives a SIEM alert that someone logged...; Question 339: A small, local company experienced a ransomware attack. The ...; Question 340: An employee received an email with an unusual file attachmen...; Question 341: Which of the following involves embedding malware in routers...; Question 342: A company was recently breached Pan of the company's new cyb...; Question 343: Ann, a customer, received a notification from her mortgage c...; Question 344: A security analyst is assessing several company firewalls. W...; Question 345: A systems administrator is auditing all company servers to e...; Question 346: A company needs to provide administrative access to internal...; Question 347: A network engineer is troubleshooting wireless network conne...; Question 348: An organization needs to implement more stringent controls o...; Question 349: Users report access to an application from an internal works...; Question 350: An organization received threat intelligence describing an i...; Question 351: Which of the following social engineering attacks best descr...; Question 352: Which of the following supplies non-repudiation during a for...; 1 commentQuestion 353: An IT security team is concerned about the confidentiality o...; Question 354: An attacker is targeting a company. The attacker notices tha...; Question 355: A security team is engaging a third-party vendor to do a pen...; Question 356: A systems administrator wants to add a second factor to the ...; Question 357: Which of the following requirements apply to a CYOD policy? ...; Question 358: An organization wants to limit potential impact to its log-i...; Question 359: A company has begun labeling all laptops with asset inventor...; Question 360: The Chief information Security Officer has directed the secu...; Question 361: A systems integrator is installing a new access control syst...; Question 362: A security practitioner is performing due diligence on a ven...; Question 363: A security analyst is reviewing the vulnerability scan repor...; Question 364: A company is implementing a vendor's security tool in the cl...; Question 365: Users are reporting performance issues from a specific appli...; Question 366: A systems administrator is considering switching from tape b...; Question 367: A client demands at least 99.99% uptime from a service provi...; Question 368: A network-connected magnetic resonance imaging (MRI) scanner...; Question 369: The findings in a consultant's report indicate the most crit...; Question 370: Which of the following is most likely to include a SCADA sys...; Question 371: A security engineer is concerned the strategy for detection ...; Question 372: A security analyst is running a vulnerability scan to check ...; Question 373: In a tabletop exercise a simulated group of disgruntled empl...; Question 374: A user downloaded an extension for a browser, and the user's...; Question 375: A security administrator is analyzing the corporate wireless...; Question 376: Which of the following is a cryptographic concept that opera...; Question 377: A company is providing security awareness training regarding...; Question 378: A security administrator examines the ARP table of an access...; Question 379: A major manufacturing company updated its internal infrastru...; Question 380: A security analyst discovers that a large number of employee...; Question 381: A security team received the following requirements for a ne...; Question 382: The most recent vulnerability scan flagged the domain contro...; Question 383: An administrator notices that several users are logging in f...; Question 384: A security assessment found that several embedded systems ar...; Question 385: Which of the following cryptographic concepts would a securi...; Question 386: Which of the following roles would MOST likely have direct a...; Question 387: An employee finds a USB flash drive labeled "Salary Info" in...; Question 388: A company's help desk has received calls about the wireless ...; Question 389: During a Chief Information Security Officer (CISO) conventio...; Question 390: Which of the following should a systems administrator set up...; Question 391: Which of the following is the most common data loss path for...; Question 392: The Chief Information Security Officer (CISO) of a bank rece...; Question 393: A third-party vendor is moving a particular application to t...; Question 394: Which of the following describes the understanding between a...; Question 395: Which of the following threat actors is the most likely to b...; Question 396: A systems administrator needs to set up a secure, cloud-base...; Question 397: A sensitive piece of information in a production database is...; Question 398: Which of the following authentication methods sends out a un...; Question 399: A network administrator needs to determine the sequence of a...; Question 400: The management team notices that new accounts that are set u...; Question 401: As part of a company's ongoing SOC maturation process, the c...; Question 402: A security analyst is responding to a malware incident at a ...; Question 403: A large retail store's network was breached recently. and th...; Question 404: An organization recently acquired an ISO 27001 certification...; Question 405: A security administrator needs to provide secure access to i...; Question 406: An employee, receives an email stating he won the lottery. T...; Question 407: A systems administrator wants to prevent users from being ab...; Question 408: A external forensics investigator has been hired to investig...; Question 409: Which of the following is the best resource to consult for i...; Question 410: A company recently decided to allow its employees to use the...; Question 411: A security administrator is performing an audit on a stand-a...; Question 412: An internet company has created a new collaboration applicat...; Question 413: An administrator has identified and fingerprinted specific f...; Question 414: An organization experiences a cybersecurity incident involvi...; Question 415: As part of the building process for a web application, the c...; Question 416: Which of the following describes a maintenance metric that m...; Question 417: An external vendor recently visited a company's headquarters...; Question 418: A network administrator has been alerted that web pages are ...; Question 419: A security analyst is reviewing a secure website that is gen...; Question 420: An attacker is using a method to hide data inside of benign ...; Question 421: A company deployed a Wi-Fi access point in a public area and...; Question 422: One of a company's vendors sent an analyst a security bullet...; Question 423: Which of the following can be used to detect a hacker who is...; Question 424: Which of the following best explains why physical security c...; Question 425: A company recently implemented a patch management policy; ho...; Question 426: A security analyst wants to verify that a client-server (non...; Question 427: Malware spread across a company's network after an employee ...; Question 428: Which of the following best practices gives administrators a...; Question 429: A company needs to centralize its logs to create a baseline ...; Question 430: A prospective customer is interested in seeing the type of d...; Question 431: A data cento has experienced an increase in under-voltage ev...; Question 432: A network analyst is setting up a wireless access point for ...; Question 433: A security administrator is reissuing a former employee's la...; Question 434: Which of the following controls would provide the BEST prote...; Question 435: Which of the following is classified as high availability in...; Question 436: A help desk technician receives a phone call from someone cl...; Question 437: A new security engineer has started hardening systems. One o...; Question 438: An enterprise has been experiencing attacks focused on explo...; Question 439: A hosting provider needs to prove that its security controls...; Question 440: A security analyst has been reading about a newly discovered...; Question 441: An organization is moving away from the use of client-side a...; Question 442: A security administrator is compiling information from all d...; Question 443: Users at a company reported that one of the company's VPN tu...; Question 444: A user's login credentials were recently compromised During ...; Question 445: A bad actor tries to persuade someone to provide financial i...; Question 446: A security administrator needs a method to secure data in an...; Question 447: A business is looking for a cloud service provider that offe...; Question 448: A security team will be outsourcing several key functions to...; Question 449: Which of the following methods can be used to detect attacke...; Question 450: Which of the following would satisfy three-factor authentica...; Question 451: An administrator identifies some locations on the third floo...; Question 452: A dynamic application vulnerability scan identified that cod...; Question 453: When planning to build a virtual environment, an administrat...; Question 454: A security analyst is reviewing the following logs: [10:00:0...; Question 455: A company would like to implement a secure process for manag...; Question 456: Which of the following is a security implication of newer 1C...; Question 457: The Chief Information Security Officer (CISO) has decided to...; Question 458: Which of the following risks can be mitigated by HTTP header...; Question 459: A systems administrator is considering different backup solu...; Question 460: A company uses a SaaS vendor to host its customer database. ...; Question 461: A security engineer updated an application on company workst...; Question 462: A security operations technician is searching the log named ...; Question 463: An account was disabled atter several failed and successful ...; Question 464: Which of the following would be the best resource for a soft...; Question 465: A company is utilizing an offshore team to help support the ...; Question 466: An employee's company account was used in a data breach Inte...; Question 467: During an incident a company CIRT determine it is necessary ...; 1 commentQuestion 468: Which of the following would most likely mitigate the impact...; Question 469: A building manager is concerned about people going in and ou...; Question 470: Which of the following is required for an organization to pr...; Question 471: A junior security analyst is reviewing web server logs and i...; Question 472: Since a recent upgrade to a WLAN infrastructure, several mob...; Question 473: A client sent several inquiries to a project manager about t...; Question 474: Which of the following is the final step of the incident res...; Question 475: Which of the following agreement types defines the time fram...; Question 476: An organization is repairing damage after an incident. Which...; Question 477: A governance, risk, and compliance team created a report tha...; Question 478: An organization wants to quickly assess how effectively the ...; Question 479: A malicious actor recently penetrated a company's network an...; Question 480: All security analysts' workstations at a company have networ...; Question 481: A security analyst reviews web server logs and notices the f...; Question 482: Multiple beaconing activities to a malicious domain have bee...; Question 483: While performing digital forensics, which of the following i...

Question 15/483

LEAVE A REPLY

Download PDF File