| Question.96 Prior to a risk assessment inspection, the Chief Information Officer tasked the systems administrator with analyzing and reporting any configuration issues on the information systems, and then verifying existing security settings. Which of the following would be BEST to use? (A) SCAP (B) CVSS (C) XCCDF (D) CMDB |
96. Click here to View Answer
Answer: C
| Question.97 A consultant needs access to a customer’s cloud environment. The customer wants to enforce the following engagement requirements: All customer data must remain under the control of the customer at all times. Third-party access to the customer environment must be controlled by the customer. Authentication credentials and access control must be under the customer’s control. Which of the following should the consultant do to ensure all customer requirements are satisfied when accessing the cloud environment? (A) Use the customer’s SSO with read-only credentials and share data using the customer’s provisioned secure network storage. (B) Use the customer-provided VDI solution to perform work on the customer’s environment. (C) Provide code snippets to the customer and have the customer run code and securely deliver its output. (D) Request API credentials from the customer and only use API calls to access the customer’s environment. |
97. Click here to View Answer
Answer: B
| Question.98 An enterprise is undergoing an audit to review change management activities when promoting code to production. The audit reveals the following: Some developers can directly publish code to the production environment. Static code reviews are performed adequately. Vulnerability scanning occurs on a regularly scheduled basis per policy. Which of the following should be noted as a recommendation within the audit report? (A) Implement short maintenance windows. (B) Perform periodic account reviews. (C) Implement job rotation. (D) Improve separation of duties. |
98. Click here to View Answer
Answer: D
| Question.99 A network administrator receives a ticket regarding an error from a remote worker who is trying to reboot a laptop. The laptop has not yet loaded the operating system, and the user is unable to continue the boot process. The administrator is able to provide the user with a recovery PIN, and the user is able to reboot the system and access the device as needed. Which of the following is the MOST likely cause of the error? (A) Lockout of privileged access account (B) Duration of the BitLocker lockout period (C) Failure of the Kerberos time drift sync (D) Failure of TPM authentication |
99. Click here to View Answer
Answer: D
| Question.100 A threat hunting team receives a report about possible APT activity in the network. Which of the following threat management frameworks should the team implement? (A) NIST SP 800-53 (B) MITRE ATT&CK (C) The Cyber Kill Chain (D) The Diamond Model of Intrusion Analysis |
100. Click here to View Answer
Answer: A