Free certification test prep

NEW QUESTION 59
A company is in the process of implementing a vulnerability management program, and there are concerns about granting the security team access to sensitive dat a. Which of the following scanning methods can be implemented to reduce the access to systems while providing the most accurate vulnerability scan results?

NEW QUESTION 60
An end-of-life date was announced for a widely used OS. A business-critical function is performed by some machinery that is controlled by a PC, which is utilizing the OS that is approaching the end-of- life date. Which of the following best describes a security analyst’s concern?

NEW QUESTION 61
A virtual web server in a server pool was infected with malware after an analyst used the internet to research a system issue. After the server was rebuilt and added back into the server pool, users reported issues with the website, indicating the site could not be trusted. Which of the following is the most likely cause of the server issue?

NEW QUESTION 62
Members of the sales team are using email to send sensitive client lists with contact information to their personal accounts The company’s AUP and code of conduct prohibits this practice. Which of the following configuration changes would improve security and help prevent this from occurring?

NEW QUESTION 63
An organization has experienced a breach of customer transactions. Under the terms of PCI DSS, which of the following groups should the organization report the breach to?

NEW QUESTION 64
Which of the following is the first step that should be performed when establishing a disaster recovery plan?

NEW QUESTION 65
Patches for two highly exploited vulnerabilities were released on the same Friday afternoon. Information about the systems and vulnerabilities is shown in the tables below:

Which of the following should the security analyst prioritize for remediation?

NEW QUESTION 66
An organization has activated the CSIRT. A security analyst believes a single virtual server was compromised and immediately isolated from the network. Which of the following should the CSIRT conduct next?

NEW QUESTION 67
During the log analysis phase, the following suspicious command is detected-

Which of the following is being attempted?

NEW QUESTION 68
A risk assessment concludes that the perimeter network has the highest potential for compromise by an attacker, and it is labeled as a critical risk environment. Which of the following is a valid compensating control to reduce the volume of valuable information in the perimeter network that an attacker could gain using active reconnaissance techniques?

NEW QUESTION 69
A technician is analyzing output from a popular network mapping tool for a PCI audit:

Which of the following best describes the output?

NEW QUESTION 70
An analyst is reviewing a vulnerability report for a server environment with the following entries:

Which of the following systems should be prioritized for patching first?

NEW QUESTION 71
Which of the following software assessment methods world peak times?

NEW QUESTION 72
A security analyst obtained the following table of results from a recent vulnerability assessment that was conducted against a single web server in the environment:

Which of the following should be completed first to remediate the findings?

NEW QUESTION 73
The Chief Information Security Officer wants to eliminate and reduce shadow IT in the enterprise. Several high-risk cloud applications are used that increase the risk to the organization. Which of the following solutions will assist in reducing the risk?