Question 121
A database administrator wants to grant access to an application that will be reading and writing data to a database. The database is shared by other applications also used by the finance department. Which of the following account types is MOST appropriate for this purpose?
A. Service
B. Shared
C. Generic
D. Admin
Question 122
A security analyst generated a file named host1.pcap and shared it with a team member who is going to use it for further incident analysis. Which of the following tools will the other team member MOST likely use to open this file?
A. Autopsy
B. Memdump
C. FTK imager
D. Wireshark
Question 123
An application developer accidentally uploaded a company's code-signing certificate private key to a public web server. The company is concerned about malicious use of its certificate. Which of the following should the company do FIRST?
A. Delete the private key from the repository.
B. Verify the public key is not exposed as well.
C. Update the DLP solution to check for private keys.
D. Revoke the code-signing certificate.
Question 124
An organization implemented a process that compares the settings currently configured on systems against secure configuration guidelines in order to identify any gaps. Which of the following control types has the organization implemented?
A. Compensating
B. Corrective
C. Preventive
D. Detective
Question 125
The Chief Information Security Officer directed a risk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access. Which of the following is the BEST security solution to reduce this risk?
A. CASB
B. VPN concentrator
C. MFA
D. VPC endpoint
Question 126
A technician enables full disk encryption on a laptop that will be taken on a business trip. Which of the following does this process BEST protect?
A. Data in transit
B. Data in processing
C. Data at rest
D. Data tokenization
Question 127
A security analyst was called to investigate a file received directly from a hardware manufacturer. The analyst is trying to determine whether the file was modified in transit before installation on the user's computer. Which of the following can be used to safely assess the file?
A. Check the hash of the installation file.
B. Match the file names.
C. Verify the URL download location.
D. Verify the code signing certificate.
Question 128
A help desk technician receives a phone call from someone claiming to be a part of the organization's cybersecurity incident response team. The caller asks the technician to verify the network's internal firewall IP Address. Which of the following is the technician's BEST course of action?
A. Direct the caller to stop by the help desk in person and hang up declining any further requests from the caller.
B. Ask for the caller's name, verify the person's identity in the email directory, and provide the requested information over the phone.
C. Write down the phone number of the caller if possible, the name of the person requesting the information, hang up, and notify the organization's cybersecurity officer.
D. Request the caller send an email for identity verification and provide the requested information via email to the caller.
Question 129
Which of the following would BEST provide detective and corrective controls for thermal regulation?
A. A smoke detector
B. A fire alarm
C. An HVAC system
D. A fire suppression system
E. Guards
Question 130
Which of the following is a benefit of including a risk management framework into an organization's security approach?
A. It defines expected service levels from participating supply chain partners to ensure system outages are remediated in a timely manner.
B. It identifies specific vendor products that have been tested and approved for use in a secure environment.
C. It provides legal assurances and remedies in the event a data breach occurs.
D. It incorporates control, development, policy, and management activities into IT operations.
