| Question.61 During a phishing exercise, a few privileged users ranked high on the failure list. The enterprise would like to ensure that privileged users have an extra security- monitoring control in place. Which of the following is the MOST likely solution? (A) A WAF to protect web traffic (B) User and entity behavior analytics (C) Requirements to change the local password (D) A gap analysis |
61. Click here to View Answer
Answer: A
| Question.62 A company is looking for a solution to hide data stored in databases. The solution must meet the following requirements: Be efficient at protecting the production environment Not require any change to the application Act at the presentation layer Which of the following techniques should be used? (A) Masking (B) Tokenization (C) Algorithmic (D) Random substitution |
62. Click here to View Answer
Answer: A
| Question.63 A company recently acquired a SaaS provider and needs to integrate its platform into the company’s existing infrastructure without impact to the customer’s experience. The SaaS provider does not have a mature security program. A recent vulnerability scan of the SaaS provider’s systems shows multiple critical vulnerabilities attributed to very old and outdated OSs. Which of the following solutions would prevent these vulnerabilities from being introduced into the company’s existing infrastructure? (A) Segment the systems to reduce the attack surface if an attack occurs. (B) Migrate the services to new systems with a supported and patched OS. (C) Patch the systems to the latest versions of the existing OSs. (D) Install anti-malware, HIPS, and host-based firewalls on each of the systems. |
63. Click here to View Answer
Answer: B
| Question.64 An organization had been leveraging RC4 to protect the confidentiality of a continuous, high-throughput 4K video stream but must upgrade to a more modern cipher. The new cipher must maximize speed, particularly on endpoints without crypto instruction sets or coprocessors. Which of the following is MOST likely to meet the organization’s requirements? (A) ChaCha20 (B) ECDSA (C) Blowfish (D) AES-GCM (E) AES-CBC |
64. Click here to View Answer
Answer: A
| Question.65 Which of the following is the MOST important cloud-specific risk from the CSPs viewpoint? (A) CI/CD deployment failure (B) Management plane breach (C) Insecure data deletion (D) Resource exhaustion |
65. Click here to View Answer
Answer: D