A company publishes several APIs for customers and is required to use keys to segregate customer data sets. Which of the following would be BEST to use to store customer keys?
Question 42
An organization wants to perform a scan of all its systems against best practice security configurations. Which of the following SCAP standards, when combined, will enable the organization to view each of the configuration checks in a machine-readable checklist format for full automation? (Choose two.)
Question 43
A company is migrating from company-owned phones to a BYOD strategy for mobile devices. The pilot program will start with the executive management team and be rolled out to the rest of the staff in phases. The company's Chief Financial Officer loses a phone multiple times a year. Which of the following will MOST likely secure the data on the lost device?
Question 44
A security architect works for a manufacturing organization that has many different branch offices. The architect is looking for a way to reduce traffic and ensure the branch offices receive the latest copy of revoked certificates issued by the CA at the organization's headquarters __cpLocation. The solution must also have the lowest power requirement on the CA. Which of the following is the BEST solution?
Question 45
After a security incident, a network security engineer discovers that a portion of the company's sensitive external traffic has been redirected through a secondaryISP that is not normally used. Which of the following would BEST secure the routes while allowing the network to function in the event of a single provider failure?
Question 46
A company's SOC has received threat intelligence about an active campaign utilizing a specific vulnerability. The company would like to determine whether it is vulnerable to this active campaign. Which of the following should the company use to make this determination?
Question 47
A security engineer needs to recommend a solution that will meet the following requirements: - Identify sensitive data in the provider's network - Maintain compliance with company and regulatory guidelines - Detect and respond to insider threats, privileged user threats, and compromised accounts - Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements?
Question 48
A security engineer estimates the company's popular web application experiences 100 attempted breaches per day. In the past four years, the company's data has been breached two times. Which of the following should the engineer report as the ARO for successful breaches?
Question 49
A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications. The SD-WAN routers are managed through a SaaS, and the same security policy is applied to staff whether working in the office or at a remote __cpLocation. The main requirements are the following: 1. The network supports core applications that have 99.99% uptime. 2. Configuration updates to the SD-WAN routers can only be initiated from the management service. 3. Documents downloaded from websites must be scanned for malware. Which of the following solutions should the network architect implement to meet the requirements?
Question 50
A security engineer needs to implement a solution to increase the security posture of user endpoints by providing more visibility and control over local administrator accounts. The endpoint security team is overwhelmed with alerts and wants a solution that has minimal operational burdens. Additionally, the solution must maintain a positive user experience after implementation. Which of the following is the BEST solution to meet these objectives?