A security analyst informs the Chief Executive Officer (CEO) that a security breach has just occurred. This results in the Risk Manager and Chief Information Officer (CIO) being caught unaware when the CEO asks for further information. Which of the following strategies should be implemented to ensure the Risk Manager and CIO are not caught unaware in the future?
A. Procedure and policy management
B. Change management
C. Incident management
D. Chain of custody management
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?
A. Maintain the baseline posture at the highest OS patch level.
B. Deploy a HIDS suite on the users' computers to prevent application installation.
C. Enable the pop-up blockers on the users' browsers to prevent malware.
D. Create an approved application list and block anything not on it.
正解:D
質問 3:
A security technician is attempting to improve the overall security posture of an internal mail server. Which of the following actions would BEST accomplish this goal?
A. Monitoring event logs daily
B. Deploy an IDS on the network
C. Deploying a content filter on the network
D. Disabling unnecessary services
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
Which of the following solutions provides the most flexibility when testing new security controls prior to implementation?
A. OS hardening
B. Trusted OS
C. Host software baselining
D. Virtualization
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
Which of the following is the BEST method for ensuring all files and folders are encrypted on all corporate laptops where the file structures are unknown?
A. File encryption
B. Steganography
C. Whole disk encryption
D. Folder encryption
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?
A. MOUs between two companies working together cannot be held to the same legal standards as SLAs.
B. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high.
C. Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing.
D. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
A network administrator, Joe, arrives at his new job to find that none of the users have changed their network passwords since they were initially hired. Joe wants to have everyone change their passwords immediately. Which of the following policies should be enforced to initiate a password change?
A. Password reuse
B. Password recovery
C. Password disablement
D. Password expiration
正解:D
質問 8:
Joe, a network security engineer, has visibility to network traffic through network monitoring tools.
However, he's concerned that a disgruntled employee may be targeting a server containing the company's financial records. Which of the following security mechanism would be MOST appropriate to confirm Joe's suspicion?
A. HIDS
B. NIPS
C. HIPS
D. NIDS
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
金田** -
JK0-022試験の全範囲を網羅するオリジナル問題集です。
問題も解説も良質なので、たくさん問題を解いておきたい方にはおすすめできますね。