NEW QUESTION 1
An organization is implementing a new identity and access management architecture with the following objectives: Supporting MFA against on-premises infrastructure
Improving the user experience by integrating with SaaS applications
Applying risk-based policies based on location Performing just-in-time provisioning Which of the following authentication protocols should the organization implement to support these requirements?

• A. Kerberos and TACACS
• B. SAML and RADIUS
• C. OAuth and OpenID
• D. OTP and 802.1X

Answer: A

Explanation:
Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/migrate-application-authentication-toazure-active-directory

NEW QUESTION 2
Due to locality and budget constraints, an organization’s satellite office has a lower bandwidth allocation than other offices in the organization. As a result, the local security infrastructure staff is assessing architectural options that will help preserve network bandwidth and increase speed to both internal and external resources while not sacrificing threat visibility.
Which of the following would be the BEST option to implement?

• A. Distributed connection allocation
• B. Local caching
• C. Content delivery network
• D. SD-WAN vertical heterogeneity

Answer: C

NEW QUESTION 3
A Chief Information Officer is considering migrating all company data to the cloud to save money on expensive SAN storage. Which of the following is a security concern that will MOST likely need to be addressed during migration?

• A. Latency
• B. Data exposure
• C. Data loss
• D. Data dispersion

Answer: A

NEW QUESTION 4
A high-severity vulnerability was found on a web application and introduced to the enterprise. The vulnerability could allow an unauthorized user to utilize an open-source library to view privileged user information. The enterprise is unwilling to accept the risk, but the developers cannot fix the issue right away. Which of the following should be implemented to reduce the risk to an acceptable level until the issue can be fixed?

• A. Scan the code with a static code analyzer, change privileged user passwords, and provide security training.
• B. Change privileged usernames, review the OS logs, and deploy hardware tokens.
• C. Implement MFA, review the application logs, and deploy a WAF.
• D. Deploy a VPN, configure an official open-source library repository, and perform a full application review for vulnerabilities.

Answer: D

Explanation:
Reference: https://www.microfocus.com/en-us/what-is/sast

NEW QUESTION 5
An application developer is including third-party background security fixes in an application. The fixes seem to resolve a currently identified security issue. However, when the application is released to the public, report come In that a previously vulnerability has returned .
Which of the following should the developer integrate into the process to BEST prevent this type of behavior?

• A. Peer review
• B. Regression testing
• C. User acceptance
• D. Dynamic analysis

Answer: A

NEW QUESTION 6
A security analyst is reviewing network connectivity on a Linux workstation and examining the active TCP connections using the command line. Which of the following commands would be the BEST to run to view only active Internet connections?

• A. sudo netstat -antu | grep “LISTEN” | awk ‘{print$5}’
• B. sudo netstat -nlt -p | grep “ESTABLISHED”
• C. sudo netstat -plntu | grep -v “Foreign Address”
• D. sudo netstat -pnut -w | column -t -s $’\w’
• E. sudo netstat -pnut | grep -P ^tcp

Answer: B

Explanation:
Reference: https://www.codegrepper.com/code-examples/shell/netstat+find+port

NEW QUESTION 7
An IT administrator is reviewing all the servers in an organization and notices that a server is missing crucial practice against a recent exploit that could gain root access.
Which of the following describes the administrator’s discovery?

• A. A vulnerability
• B. A threat
• C. A breach
• D. A risk

Answer: A

Explanation:
Reference: https://www.beyondtrust.com/blog/entry/privilege-escalation-attack-defense-explained

NEW QUESTION 8
A disaster recovery team learned of several mistakes that were made during the last disaster recovery parallel test. Computational resources ran out at 70% of restoration of critical services.
Which of the following should be modified to prevent the issue from reoccurring?

• A. Recovery point objective
• B. Recovery time objective
• C. Mission-essential functions
• D. Recovery service level

Answer: B

Explanation:
Reference: https://www.nakivo.com/blog/disaster-recovery-in-cloud-computing/

NEW QUESTION 9
An organization is designing a network architecture that must meet the following requirements: Users will only be able to access predefined services.
Each user will have a unique allow list defined for access.
The system will construct one-to-one subject/object access paths dynamically.
Which of the following architectural designs should the organization use to meet these requirements?

• A. Peer-to-peer secure communications enabled by mobile applications
• B. Proxied application data connections enabled by API gateways
• C. Microsegmentation enabled by software-defined networking
• D. VLANs enabled by network infrastructure devices

Answer: C

NEW QUESTION 10
While investigating a security event, an analyst finds evidence that a user opened an email attachment from an unknown source. Shortly after the user opened the attachment, a group of servers experienced a large amount of network and resource activity. Upon investigating the servers, the analyst discovers the servers were encrypted by ransomware that is demanding payment within 48 hours or all data will be destroyed. The company has no response plans for ransomware.
Which of the following is the NEXT step the analyst should take after reporting the incident to the management team?

• A. Pay the ransom within 48 hours.
• B. Isolate the servers to prevent the spread.
• C. Notify law enforcement.
• D. Request that the affected servers be restored immediately.

Answer: C

NEW QUESTION 11
An organization’s hunt team thinks a persistent threats exists and already has a foothold in the enterprise network.
Which of the following techniques would be BEST for the hunt team to use to entice the adversary to uncover malicious activity?

• A. Deploy a SOAR tool.
• B. Modify user password history and length requirements.
• C. Apply new isolation and segmentation schemes.
• D. Implement decoy files on adjacent hosts.

Answer: C

Explanation:
Reference: https://www.cynet.com/network-attacks/network-attacks-and-network-security-threats/

NEW QUESTION 12
The Chief information Officer (CIO) asks the system administrator to improve email security at the company based on the following requirements:
* Transaction being requested by unauthorized individuals.
* Complete discretion regarding client names, account numbers, and investment information.
* Malicious attackers using email to malware and ransomeware.
* Exfiltration of sensitive company information.
The cloud-based email solution will provide anti-malware reputation-based scanning, signature-based scanning, and sandboxing .
Which of the following is the BEST option to resolve the boar’s concerns for this email migration?

• A. Data loss prevention
• B. Endpoint detection response
• C. SSL VPN
• D. Application whitelisting

Answer: A

NEW QUESTION 13
A company has hired a security architect to address several service outages on the endpoints due to new malware. The Chief Executive Officer’s laptop was impacted while working from home. The goal is to prevent further endpoint disruption.
The edge network is protected by a web proxy.
Which of the following solutions should the security architect recommend?

• A. Replace the current antivirus with an EDR solution.
• B. Remove the web proxy and install a UTM appliance.
• C. Implement a deny list feature on the endpoints.
• D. Add a firewall module on the current antivirus solution.

Answer: C

NEW QUESTION 14
A company’s claims processed department has a mobile workforce that receives a large number of email submissions from personal email addresses. An employees recently received an email that approved to be claim form, but it installed malicious software on the employee’s laptop when was opened.

• A. Impalement application whitelisting and add only the email client to the whitelist for laptop in the claims processing department.
• B. Required all laptops to connect to the VPN before accessing email.
• C. Implement cloud-based content filtering with sandboxing capabilities.
• D. Install a mail gateway to scan incoming messages and strip attachments before they reach the mailbox.

Answer: C

NEW QUESTION 15
A security analyst is investigating a possible buffer overflow attack. The following output was found on a user’s workstation: graphic.linux_randomization.prg Which of the following technologies would mitigate the manipulation of memory segments?

• A. NX bit
• B. ASLR
• C. DEP
• D. HSM

Answer: B

Explanation:
Reference: http://webpages.eng.wayne.edu/~fy8421/19sp-csc5290/labs/lab2-instruction.pdf (3)

NEW QUESTION 16
A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking.
After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run?

• A. Protecting
• B. Permissive
• C. Enforcing
• D. Mandatory

Answer: B

Explanation:
Reference: https://source.android.com/security/selinux/customize

NEW QUESTION 17
A health company has reached the physical and computing capabilities in its datacenter, but the computing demand continues to increase. The infrastructure is fully virtualized and runs custom and commercial healthcare application that process sensitive health and payment information .
Which of the following should the company implement to ensure it can meet the computing demand while complying with healthcare standard for virtualization and cloud computing?

• A. Hybrid IaaS solution in a single-tenancy cloud
• B. Pass solution in a multinency cloud
• C. SaaS solution in a community cloud
• D. Private SaaS solution in a single tenancy cloud.

Answer: D

NEW QUESTION 18
DRAG DROP
An organization is planning for disaster recovery and continuity of operations. INSTRUCTIONS
Review the following scenarios and instructions. Match each relevant finding to the affected host.
After associating scenario 3 with the appropriate host(s), click the host to select the appropriate corrective action for that finding. Each finding may be used more than once.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. Select and Place:

A.

• A.

Answer: A

NEW QUESTION 19
A satellite communications ISP frequently experiences outages and degraded modes of operation over one of its legacy satellite links due to the use of deprecated hardware and software. Three days per week, on average, a contracted company must follow a checklist of 16 different high-latency commands that must be run in serial to restore nominal performance. The ISP wants this process to be automated.
Which of the following techniques would be BEST suited for this requirement?

• A. Deploy SOAR utilities and runbooks.
• B. Replace the associated hardware.
• C. Provide the contractors with direct access to satellite telemetry data.
• D. Reduce link latency on the affected ground and satellite segments.

Answer: A

NEW QUESTION 20
......