Question 71
A security analyst has been asked by the Chief Information Security Officer to:
- develop a secure method of providing centralized management of infrastructure
- reduce the need to constantly replace aging end user machines
- provide a consistent user desktop experience
Which of the following BEST meets these requirements?
A. BYOD
B. Mobile device management
C. VDI
D. Containerization
Question 72
Which of the following terms describes a broad range of information that is sensitive to a specific organization?
A. Public
B. Top secret
C. Proprietary
D. Open-source
Question 73
A Chief Security Officer (CSO) is concerned that cloud-based services are not adequately protected from advanced threats and malware. The CSO believes there is a high risk that a data breach could occur in the near future due to the lack of detective and preventive controls. Which of the following should be implemented to BEST address the CSO's concerns? (Choose two.)
A. A WAF
B. A CASB
C. An NG-SWG
D. Segmentation
E. Encryption
F. Containerization
Question 74
An organization is planning to roll out a new mobile device policy and issue each employee a new laptop. These laptops would access the users' corporate operating system remotely and allow them to use the laptops for purposes outside of their job roles. Which of the following deployment models is being utilized?
A. MDM and application management
B. BYOD and containers
C. COPE and VDI
D. CYOD and VMs
Question 75
Certain users are reporting their accounts are being used to send unauthorized emails and conduct suspicious activities. After further investigation, a security analyst notices the following:
- All users share workstations throughout the day.
- Endpoint protection was disabled on several workstations throughout the network.
- Travel times on logins from the affected users are impossible.
- Sensitive data is being uploaded to external sites.
All user account passwords were forced to be reset and the issue continued.
Which of the following attacks is being used to compromise the user accounts?
A. Brute-force
B. Keylogger
C. Dictionary
D. Rainbow
Question 76
A security forensics analyst is examining a virtual server. The analyst wants to preserve the present state of the virtual server, including memory contents. Which of the following backup types should be used?
A. Snapshot
B. Differential
C. Cloud
D. Full
E. Incremental
Question 77
After returning from a conference, a user's laptop has been operating slower than normal and overheating, and the fans have been running constantly. During the diagnosis process, an unknown piece of hardware is found connected to the laptop's motherboard. Which of the following attack vectors was exploited to install the hardware?
A. Removable media
B. Spear phishing
C. Supply chain
D. Direct access
Question 78
After a recent security breach, a security analyst reports that several administrative usernames and passwords are being sent via cleartext across the network to access network devices over port 23. Which of the following should be implemented so all credentials sent over the network are encrypted when remotely accessing and configuring network devices?
A. SSH
B. SNMPv3
C. SFTP
D. Telnet
E. FTP
Question 79
Which of the following provides a calculated value for known vulnerabilities so organizations can prioritize mitigation steps?
A. CVSS
B. SIEM
C. SOAR
D. CVE
Question 80
Several universities are participating in a collaborative research project and need to share compute and storage resources. Which of the following cloud deployment strategies would BEST meet this need?
A. Community
B. Private
C. Public
D. Hybrid
