クリック」
質問 1:
A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunication company has decided to discontinue its dark fiber product and is offering an MPLS connection. Which the law office feels is too expensive. Which of the following is the BEST solution for the law office?
A. VPN concentrator
B. VLAN
C. Site-to-site VPN
D. Remote access VPN
正解:C
質問 2:
As a security measure, an organization has disabled all external media from accessing the network Since some users may have data that needs to be transferred to the network, which of the would BEST assist a security administrator with transferring the data while keeping the internal network secure?
A. Upload the data in a separate VLAN
B. Use a standalone scanning system
C. Upload the media in the DMZ
D. Contact the data custodian
正解:C
質問 3:
An administrator performs a workstation audit and finds one that has non-standard software installed. The administrator then requests a report to see if a change request was completed for the installed software. The report shows a request was completed. Which of the following has the administrator found?
A. A baseline deviation
B. Unauthorized software
C. A license compliance violation
D. An insider threat
正解:A
質問 4:
A network administrator is implementing multifactor authentication for employees who travel and use company devices remotely by using the company VPN. Which of the following would provide the required level of authentication?
A. fingerprint scanner and voice recognition
B. Username/Password and TOTP
C. RBAC and PIN
D. 802.1X and OTP
正解:D
質問 5:
Which of the following is the MOST significant difference between intrusive and non-intrusive vulnerability scanning?
A. One uses credentials, but the other does not.
B. One allows systems to activate firewall countermeasures.
C. One has a higher potential for disrupting system operations.
D. One returns service banners, including running versions.
正解:C
質問 6:
Which of the following BEST explains why a development environment should have the same database server secure baseline that exists in production even if there is no PII in the database?
A. Without the same configuration in both development and production, there are no assurances that changes made in development will have the same effect in production.
B. Databases are unique in their need to have secure configurations applied in all environments because they are attacked more often
C. Attackers can extract sensitive, personal information from lower development environment databases just as easily as they can from production databases.
D. Laws stipulate that databases with the ability to store personal information must be secured regardless of the environment or if they actually have PII
正解:C
A law office has been leasing dark fiber from a local telecommunications company to connect a remote office to company headquarters. The telecommunication company has decided to discontinue its dark fiber product and is offering an MPLS connection. Which the law office feels is too expensive. Which of the following is the BEST solution for the law office?
A. VPN concentrator
B. VLAN
C. Site-to-site VPN
D. Remote access VPN
正解:C
質問 2:
As a security measure, an organization has disabled all external media from accessing the network Since some users may have data that needs to be transferred to the network, which of the would BEST assist a security administrator with transferring the data while keeping the internal network secure?
A. Upload the data in a separate VLAN
B. Use a standalone scanning system
C. Upload the media in the DMZ
D. Contact the data custodian
正解:C
質問 3:
An administrator performs a workstation audit and finds one that has non-standard software installed. The administrator then requests a report to see if a change request was completed for the installed software. The report shows a request was completed. Which of the following has the administrator found?
A. A baseline deviation
B. Unauthorized software
C. A license compliance violation
D. An insider threat
正解:A
質問 4:
A network administrator is implementing multifactor authentication for employees who travel and use company devices remotely by using the company VPN. Which of the following would provide the required level of authentication?
A. fingerprint scanner and voice recognition
B. Username/Password and TOTP
C. RBAC and PIN
D. 802.1X and OTP
正解:D
質問 5:
Which of the following is the MOST significant difference between intrusive and non-intrusive vulnerability scanning?
A. One uses credentials, but the other does not.
B. One allows systems to activate firewall countermeasures.
C. One has a higher potential for disrupting system operations.
D. One returns service banners, including running versions.
正解:C
質問 6:
Which of the following BEST explains why a development environment should have the same database server secure baseline that exists in production even if there is no PII in the database?
A. Without the same configuration in both development and production, there are no assurances that changes made in development will have the same effect in production.
B. Databases are unique in their need to have secure configurations applied in all environments because they are attacked more often
C. Attackers can extract sensitive, personal information from lower development environment databases just as easily as they can from production databases.
D. Laws stipulate that databases with the ability to store personal information must be secured regardless of the environment or if they actually have PII
正解:C
0 お客様のコメント