Activedumpsnet Logo
Which technique allows someone to obtain a password while it is in transit?
Which risk management strategy will help prevent cheating using a learning management system as a platform?
A cloud hosting provider is concerned about the potential risks associated with attacks that target the confidentiality and integrity of sensitive data stored on its servers' volatile storage. The provider has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this provider?
A security team is investigating multiple man-in-the-middle attacks that have taken place on the corporate network over the past few months. The team needs a solution that will ensure that data is not exposed if a man-in-the-middle attack occurs in the future.
What is the best solution?
What are two differences between a handheld computer and a desktop?
Choose 2 answers.
A retail company wants to establish the frequency at which it needs to back up its critical data to ensure it can be restored in case of a disruption with the least amount of acceptable data loss.
What is the term used to describe this metric?
Which risk management strategy will help defeat piracy efforts on a new patient management system?
Which item is an input device?
Which part of the Uniform Resource Locator (URL) identifies the server on which the web page can be found?
An IT organization has recently suffered multiple data breaches. The security operations center (SOC) team has been tasked with preventing future breaches by implementing user monitoring. The proposed solution must provide insights about unusual user behaviors from a variety of internal corporate resources.
Which algorithm is suitable for ensuring the integrity of digital documents and detecting any unauthorized modifications?
Which life cycle is part of the process for planning, creating, testing, and deploying information systems?
A medium-sized grocery chain with locations all across the United States has a new business requirement that all devices must authenticate to access its resources.
What should the grocery chain use for the devices to authenticate?
Which encryption technique can be used to enable a third-party provider to perform calculations on encrypted data without decrypting the data?
A company is moving its applications to the cloud and is concerned about cyber security threats. The security team has been tasked with providing a comprehensive view of how attackers gainaccess, move through networks, and carry out attacks.
Which framework identifies the seven phases of an attack, from initial infiltration to post-exploitation?
A healthcare provider is developing a disaster recovery plan and wants to determine the longest duration that its systems or applications can be down before causing significant damage to the business.
What is the term used to describe this metric?
A company's website is suddenly redirecting users to a suspicious landing page asking for personal information.
What is the most likely cause of the issue?
The DevSecOps team for an organization manages a continuous integration and continuous deployment (CI/CD) pipeline for a three-tier web application. Management has asked the team to perform a series of comprehensive post-deployment tests to make sure that all of the components of the application can interact and function properly.
A project manager is working on a project that involves securing the network of a tall building. The manager is tasked with managing these risks effectively to ensure the successful completion of the project within a given time frame and budget. The manager identified multiple potential risks associated with the project.
What is the next step in the risk management life cycle?
Which algorithm is suitable for ensuring the integrity of digital documents and detecting any unauthorized modifications?
A financial institution conducted a cybersecurity assessment, which identified several vulnerabilities including outdated software and weak password policies. The company also needs to implement a new core banking system that can handle a large number of transactions while ensuring the security of customer data.
Which risk mitigation process is the most effective approach to address these vulnerabilities, and what is the best topology for the new core banking system?
Management has asked its networking team to recommend a solution for direct communication between multiple virtual networks in the cloud. The solution must utilize the least amount of administrative effort.
An IT organization has recently implemented a hybrid cloud deployment. The server team is deploying a new set of domain-joined Windows servers on cloud-based virtual machines. Users must be able to use their Active Directory credentials to sign in to applications regardless of whether they are running on Windows servers in the cloud or on-premises.
A system analyst is reviewing risk documents and noticed that the date of many risks are more than three years old.
What should be proposed to leadership regarding these risks?
A cybersecurity analyst at a manufacturing company is tasked with analyzing the indicators of compromise (IOCs) to identify potential threats and vulnerabilities within the organization. While viewing the security information and event management (SIEM), the analyst notices an unknown IP address logging on to the company's Secure Shell (SSH) server.
Which potential vulnerability is the manufacturing company facing?
Which characteristic identifies intranet application software?
A company recently updated its disaster recovery plan (DRP) to ensure business continuity in the event of a disruptive incident.
Which step will ensure the effectiveness of the DRP?
A professional services organization deployed security edge devices in key locations on its corporate network.
How will these devices improve the organization’s security posture?
The security team has been notified about multiple man-in-the-middle (MITM) attacks happening on the wireless network over the past thirty days. Management has agreed to upgrade the network infrastructure to help eliminate these attacks.
Which solution fulfills these requirements?
An IT team must allow on-premises users to log in to the Azure portal using their corporate credentials.
Which strategy should be used to enable identity federation in this scenario?
A software development company has experienced a noticeable slowdown in its network performance, which suggests that some machines on the network may have been infected by a botnet. The company has decided to analyze the threats and vulnerabilities within the enterprise based on the indicators of compromise to mitigate the risk.
What should the company do to detect a botnet and other malware-based threats within the enterprise based on the indicators of compromise?
The development team has requested permission to use several open-source libraries to build a corporate web application.
Which resource can the security team recommend to ensure these libraries can be trusted?
What is the role of the CPU in a computing environment?
Choose 2 answers
A company has discovered a vulnerability in its lightweight directory access protocol (LDAP) implementation, which could potentially allow unauthorized access to sensitive information. The company has decided to implement risk mitigation strategies to reduce the risk associated with this vulnerability.
Which risk mitigation strategy will meet the needs of the company?
A security analyst for a financial institution is in the process of planning to upgrade the institution’s IT infrastructure to meet current industry standards. There are various potential risks associated with the upgrade, including data breaches, system outages, and cost overruns. The analyst is tasked with managing these risks to ensure a successful upgrade.
What is the first step in the risk management life cycle in this scenario?
A small start-up is setting up its first network, and it needs to ensure that its network security is adequate. The start-up is aware of the latest cybersecurity threats and the need for strong security measures. In addition to network security, the start-up wants to ensure that it has a disaster recovery plan in place in case of any unexpected events.
Which approach will meet the needs of the start-up?
An organization wants to implement a new encryption solution for a real-time video conferencing application. The organization wants to ensure that the encryption solution provides protection for the video stream without causing significant delays or latency in the conference.
Which type of encryption will meet the needs of the organization?
During a vulnerability assessment, several end-of-life operating systems were discovered within the environment.
Which action should be taken to resolve the issue?
An e-learning company uses Amazon Simple Storage Service (Amazon S3) to store e-books and video files that are served to customers through a custom application. The company has realized that someone has been stealing its intellectual property.
Which threat actor is most likely in this scenario?
Which risk management strategy will ensure the secure configuration and deployment of a new supply chain management system and prevent identity theft?
A cloud service provider is concerned about the potential risks associated with hardware-based attacks on its virtual machines. The provider has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this provider?
A company wants to secure its computer systems and prevent any unauthorized access to its network. The company wants to implement a security solution that can restrict network traffic to only approved services and applications.
Which security technology will meet the needs of this company?
While undergoing a security audit, it is determined that an organization has several backup repositories nested in the cloud without any level of protection. Which action should be taken to protect the backup repositories first?
Which type of systems testing includes having end users test the system with simulated data and the help of the developer?
A software development company is concerned about the potential risks associated with exploits that target vulnerabilities in the Linux operating system used by the company’s servers. Thecompany has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this company?
Which risk management strategy will ensure the secure storage of data on a new document management system?
An on-call security engineer has been notified after business hours that a possible threat could be impacting production applications.
Which type of threat intelligence should be used by first responders?
Which security technique should be used to prevent data exfiltration?
What allows a user to query information from an online database with a web application without revealing what they are viewing?
An e-commerce company has recently experienced a data breach in which the personal and financial information of its customers was stolen. The company is concerned about the potential for future data breaches.
What is the most important factor to consider when evaluating the potential for future data breaches in this scenario?
Which risk management strategy will ensure that data stored on an Enterprise Resource Planning (ERP) system is secure from exploitation in the event of a data breach?
Which stream cipher is a variant of the Salsa20 cipher, designed to be fast, secure, and resistant to cryptanalysis, and is commonly used in combination with the Poly1305 authentication mode?
What allows a user to query information from an online database with a web application without revealing what they are viewing?
An organization sends customers e-mail messages based on their purchase patterns.
Which characteristic of quality data does this represent?
Which software allows the user to easily access the hardware of a computer?
Which block cipher mode of operation for encrypting data is simple and efficient and provides no confidentiality beyond that of the underlying block cipher?
Which item information should be stored in a database to determine an order total?
Which risk management strategy will ensure the secure configuration and deployment of a new online banking system and help prevent credit card fraud?
What is true about an operating system?
A company has recently implemented a hybrid cloud deployment. The security team has been notified about thousands of failed attempts to connect to routers and switches in the on-premises network. A solution must be implemented to block connections after three unsuccessful SSH attempts on any network device.
Which solution meets the requirements in this scenario?
A security team is investigating multiple man-in-the-middle (MITM) attacks that have taken place on the corporate network over the past few months. The team needs a solution that will ensure that data is not exposed if a man-in-the-middle attack occurs in the future.
Which two languages are scripted?
Choose 2 answers
An IT organization has seen a surge of ransomware and Trojan horse attacks recently.
Which action should the security team recommend to protect the IT infrastructure from commodity malware threats?
What is a common characteristic of a proprietary software license?
In which state is data considered information?
A financial institution conducted a cybersecurity assessment, which identified several vulnerabilities, including outdated software and weak password policies. The company also needs to implement a new core banking system that can handle a large number of transactions while ensuring the security of customer data.
Which risk mitigation process is the most effective approach to address these vulnerabilities, and what is the best topology for the new core banking system?
A cloud hosting provider is concerned about the potential risks associated with attacks that target the confidentiality and integrity of sensitive data stored on its servers’ volatile memory. The provider has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this provider?
Which security technique should be used to prevent data exfiltration?
Which task is the responsibility of a database administrator?