An e-commerce company that provides payment gateways is concerned about the growing expense and time associated with PCI audits of its payment gateways and external audits by customers for their own compliance reasons The Chief Information Officer (CIO) asks the security team to provide a list of options that will:
1. Reduce the overall cost of these audits
2. Leverage existing infrastructure where possible
3. Keep infrastructure costs to a minimum
4. Provide some level of attestation of compliance
Which of the following will BEST address the CIO"s concerns? (Select TWO)
A. Invest in new UBA to detect report, and remediate attacks faster
B. Implement a GRC system to track and monitor controls
C. Undertake ISO certification for all core infrastructure including datacenters.
D. Segment the network to reduce and limit the audit scope
E. Implement DLP controls on HTTP'HTTPS and email
F. Install EDR agents on all corporate endpoints
正解:C,E
質問 2:
A company wants to confirm sufficient executable space protection is in place for scenarios in which malware may be attempting buffer overflow attacks. Which of the following should the security engineer check?
A. ASLR
B. strcpy
C. ECC
D. NX/XN
正解:D
質問 3:
The latest security scan of a web application reported multiple high vulnerabilities in session management Which of the following is the BEST way to mitigate the issue?
A. Prohibiting session hijacking of cookies
B. Performing state management on the server
C. Using secure cookie storage and transmission
D. Using secure and HttpOnly settings on cookies
正解:D
質問 4:
The finance department has started to use a new payment system that requires strict PII security restrictions on various network devices. The company decides to enforce the restrictions and configure all devices appropriately. Which of the following risk response strategies is being used?
A. Avoid
B. Mitigate
C. Accept
D. Transfer
正解:C
質問 5:
A networking administrator was recently promoted to security administrator in an organization that handles highly sensitive dat a. The Chief Information Security Officer (CISO) has just asked for all IT security personnel to review a zero-day vulnerability and exploit for specific application servers to help mitigate the organization's exposure to that risk. Which of the following should the new security administrator review to gain more information? (Choose three.)
A. CVE database
B. Server's vendor documentation
C. Verified security forums
D. Recent security industry conferences
E. Security vendor pages
F. Secure routing metrics
G. Known vendor threat models
H. NetFlow analytics
正解:C,D,G
質問 6:
A security analyst is reviewing an endpoint that was found to have a rookit installed. The rootkit survived multiple attempts to clean the endpoints, as well as an attempt to reinstall the QS. The security analyst needs to implement a method to prevent other endpoint from having similar issues. Which of the following would BEST accomplish this objective?
A. Reset the motherboard's TPM chip.
B. Utilize measured boot attestation.
C. Enforce the secure boot process.
D. Reinstall the OS with known-good media.
E. Configure custom anti-malware rules.
正解:B
池田** -
この1冊に詰まっています。CAS-003合格に必要な力を手に入れました。