QUESTION 691 Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?   A. Email scanning B. Content discovery C. Database fingerprinting D. Endpoint protection   Correct Answer: D       QUESTION 692 Which of the following is a concern when encrypting wireless data with WEP?   A. WEP displays the plain text entire key when wireless packet captures are reassembled B. WEP implements weak initialization Read more [...]
    QUESTION 681 Which of the following practices reduces the management burden of access management?   A. Password complexity policies B. User account audit C. Log analysis and review D. Group based privileges   Correct Answer: D     QUESTION 682 Which of the following helps to apply the proper security controls to information?   A. Data classification B. Deduplication C. Clean desk policy D. Encryption   Correct Answer: A   Read more [...]
  QUESTION 671 The finance department works with a bank which has recently had a number of cyber attacks. The finance department is concerned that the banking website certificates have been compromised. Which of the following can the finance department check to see if any of the bank's certificates are still valid?   A. Bank's CRL B. Bank's private key C. Bank's key escrow D. Bank's recovery agent   Correct Answer: A     QUESTION 672 Which of the following are Read more [...]
  QUESTION 661 What is a system that is intended or designed to be broken into by an attacker?   A. Honeypot B. Honeybucket C. Decoy D. Spoofing system   Correct Answer: A     QUESTION 662 How must user accounts for exiting employees be handled?   A. Disabled, regardless of the circumstances B. Disabled if the employee has been terminated C. Deleted, regardless of the circumstances D. Deleted if the employee has been terminated   Correct Read more [...]
    QUESTION 651 A security administrator must implement all requirements in the following corporate policy: Passwords shall be protected against offline password brute force attacks. Passwords shall be protected against online password brute force attacks. Which of the following technical controls must be implemented to enforce the corporate policy? (Select THREE).   A. Account lockout B. Account expiration C. Screen locks D. Password complexity E. Minimum password Read more [...]
    QUESTION 641 After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future?   A. Fencing B. Proximity readers C. Video surveillance D. Bollards   Correct Answer: D     QUESTION 642 A CA is compromised and attacks start distributing maliciously Read more [...]
    QUESTION 631 Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers?   A. SSL B. TLS C. HTTP D. FTP   Correct Answer: B     QUESTION 632 Which of the following provides a static record of all certificates that are no longer valid? Read more [...]
  QUESTION 621 A security analyst performs the following activities: monitors security logs, installs surveillance cameras and analyzes trend reports. Which of the following job responsibilities is the analyst performing? (Select TWO).   A. Detect security incidents B. Reduce attack surface of systems C. Implement monitoring controls D. Hardening network devices E. Prevent unauthorized access   Correct Answer: AC     QUESTION 622 A certificate used on an Read more [...]
    QUESTION 611 A security administrator is reviewing the below output from a password auditing tool:   P@ss. @pW1. S3cU4   Which of the following additional policies should be implemented based on the tool's output?   A. Password age B. Password history C. Password length D. Password complexity   Correct Answer: C     QUESTION 612 Joe, a user, in a coffee shop is checking his email over a wireless network. An attacker records the temporary credentials Read more [...]