Question 21
Which biometric error would allow an unauthorized user to access a system?
A. False acceptance
B. False entrance
C. False rejection
D. False denial
Question 22
A company is auditing the manner in which its European customers' personal information is handled. Which of the following should the company consult?
A. GDPR
B. ISO
C. NIST
D. PCI DSS
Question 23
Which of the following are common VoIP-associated vulnerabilities? (Choose two.)
A. SPIM
B. Vishing
C. Hopping
D. Phishing
E. Credential harvesting
F. Tailgating
Question 24
Which of the following describes the exploitation of an interactive process to gain access to restricted areas?
A. Persistence
B. Buffer overflow
C. Privilege escalation
D. Pharming
Question 25
An organization is planning to open other data centers to sustain operations in the event of a natural disaster. Which of the following considerations would BEST support the organization's resiliency?
A. Geographic dispersal
B. Generator power
C. Fire suppression
D. Facility automation
Question 26
A security engineer is deploying a new wireless network for a company. The company shares office space with multiple tenants. Which of the following should the engineer configure on the wireless network to ensure that confidential data is not exposed to unauthorized users?
A. EAP
B. TLS
C. HTTPS
D. AES
Question 27
The Chief Compliance Officer from a bank has approved a background check policy for all new hires. Which of the following is the policy MOST likely protecting against?
A. Preventing any current employees' siblings from working at the bank to prevent nepotism
B. Hiring an employee who has been convicted of theft to adhere to industry compliance
C. Filtering applicants who have added false information to resumes so they appear better qualified
D. Ensuring no new hires have worked at other banks that may be trying to steal customer information
Question 28
An engineer recently deployed a group of 100 web servers in a cloud environment. Per the security policy, all web-server ports except 443 should be disabled.
Which of the following can be used to accomplish this task?
A. Application allow list
B. SWG
C. Host-based firewall
D. VPN
Question 29
A technician was dispatched to complete repairs on a server in a data center. While locating the server, the technician entered a restricted area without authorization. Which of the following security controls would BEST prevent this in the future?
A. Use appropriate signage to mark all areas.
B. Utilize cameras monitored by guards.
C. Implement access control vestibules.
D. Enforce escorts to monitor all visitors.
Question 30
Which of the following would BEST provide a systems administrator with the ability to more efficiently identify systems and manage permissions and policies based on location, role, and service level?
A. Standard naming conventions
B. Domain services
C. Baseline configurations
D. Diagrams
