An organization is referencing NIST best practices for BCP creation while reviewing current internal organizat
An organization is referencing NIST best practices for BCP creation while reviewing current internal organizational processes for mission-essential items. Which of the following phases establishes the identification and prioritization of critical systems and functions? A. Review a recent gap analysis. B. Perform a cost-benefit analysis. C. Conduct a business impact analysis. D. Develop an exposure […]
Which of the following policies would help an organization identify and mitigate potential single points of fa
Which of the following policies would help an organization identify and mitigate potential single points of failure in the company’s IT/security operations? A. Least privilege B. Awareness training C. Separation of duties D. Mandatory vacation
Which of the following authentication methods did the organization implement?
An organization has implemented a two-step verification process to protect user access to data that is stored in the cloud. Each employee now uses an email address or mobile number to receive a code to access the data. Which of the following authentication methods did the organization implement? A. Token key B. Static code C. […]
Which of the following explains why a vulnerability scan might return a false positive?
Which of the following explains why a vulnerability scan might return a false positive? A. The scan is performed at a time of day when the vulnerability does not exist. B. The test is performed against the wrong host. C. The signature matches the product but not the version information. D. The hosts are evaluated […]
In which of the following steps should technicians connect domain controllers to the network and begin authent
A company recently experienced a security incident in which its domain controllers were the target of a DoS attack. In which of the following steps should technicians connect domain controllers to the network and begin authenticating users again? A. Preparation B. Identification C. Containment D. Eradication E. Recovery F. Lessons learned
Which of the following technical solutions was MOST likely deployed by the company to ensure only known-good s
A company uses an enterprise desktop imaging solution to manage deployment of its desktop computers. Desktop computer users are only permitted to use software that is part of the baseline image. Which of the following technical solutions was MOST likely deployed by the company to ensure only known-good software can be installed on corporate desktops? […]
Which of the following best describes what she will do?
Ann, a security administrator, has been instructed to perform fuzz-based testing on the company’s applications. Which of the following best describes what she will do? A. Enter random or invalid data into the application in an attempt to cause it to fault B. Work with the developers to eliminate horizontal privilege escalation opportunities C. Test […]
When performing data acquisition on a workstation, which of the following should be captured based on memory v
When performing data acquisition on a workstation, which of the following should be captured based on memory volatility? (Choose two.) A. USB-attached hard disk B. Swap/pagefile C. Mounted network storage D. ROM E. RAM
Which of the following should be the NEXT step to determine if there is an unauthorized user on the network?
A user suspects someone has been accessing a home network without permission by spoofing the MAC address of an authorized system. While attempting to determine if an authorized user is logged into the home network, the user reviews the wireless router, which shows the following table for systems that are currently on the home network. […]
Which of the following is the BEST solution for this organization?
An organization finds that most help desk calls are regarding account lockout due to a variety of applications running on different systems. Management is looking for a solution to reduce the number of account lockouts while improving security. Which of the following is the BEST solution for this organization? A. Create multiple application accounts for […]