A consultant is configuring a vulnerability scanner for a large, global organization in multiple countries. The consultant will be using a service account to scan systems with administrative privileges on a weekly basis, but there is a concern that hackers could gain access to account to the account and pivot through the global network. Which of the following would be BEST to help mitigate this concern?

A.

Create consultant accounts for each region, each configured with push MFA
notifications.

B.

Create one global administrator account and enforce Kerberos authentication

C.

Create different accounts for each region. limit their logon times, and alert on risky logins

D.

Create a guest account for each region. remember the last ten passwords, and block
password reuse

A user recently attended an exposition and received some digital promotional materials
The user later noticed blue boxes popping up and disappearing on the computer, and
reported receiving several spam emails, which the user did not open Which of the following
is MOST likely the cause of the reported issue?

A.

There was a drive-by download of malware

B.

The user installed a cryptominer

C.

The OS was corrupted

D.

There was malicious code on the USB drive

A network engineer has been asked to investigate why several wireless barcode scanners and wireless computers in a warehouse have intermittent connectivity to the shipping server. The barcode scanners and computers are all on forklift trucks and move around the warehouse during their regular use. Which of the following should the engineer do to determine the issue? (Choose two.)

A.

Perform a site survey

B.

Deploy an FTK Imager

C.

Create a heat map

D.

Scan for rogue access points

E.

Upgrade the security protocols

F.

Install a captive portal

A security analyst needs to be proactive in understand the types of attacks that could potentially target the company's execute. Which of the following intelligence sources should to security analyst review?

A.

Vulnerability feeds

B.

Trusted automated exchange of indicator information

C.

Structured threat information expression

D.

Industry information-sharing and collaboration groups

The SOC is reviewing process and procedures after a recent incident. The review indicates it took more than 30 minutes to determine that quarantining an infected host was the best course of action. The allowed the malware to spread to additional hosts before it was contained. Which of the following would be BEST to improve the incident response process?

A.

Updating the playbooks with better decision points

B.

Dividing the network into trusted and untrusted zones

C.

Providing additional end-user training on acceptable use

D.

Implementing manual quarantining of infected hosts

In which of the following risk management strategies would cybersecurity insurance be used?

A.

Transference

B.

Avoidance

C.

Acceptance

D.

Mitigation

A company recently experienced a data breach and the source was determined to be an executive who was charging a phone in a public area. Which of the following would MOST likely have prevented this breach?

A.

A firewall

B.

A device pin

C.

A USB data blocker

D.

Biometrics

A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers'?

A.

A capture-the-flag competition

B.

A phishing simulation

C.

Physical security training

D.

Baste awareness training

An attacker is trying to gain access by installing malware on a website that is known to be
visited by the target victims. Which of the following is the attacker MOST likely attempting?

A.

spear-phishing attack

B.

A watering-hole attack

C.

Typo squatting

D.

A phishing attack

In which of the following common use cases would steganography be employed?

A.

Obfuscation

B.

Integrity

C.

Non-repudiation

D.

Blockchain

Following a prolonged datacenter outage that affected web-based sales, a company has
decided to move its operations to a private cloud solution. The security team has received
the following requirements:
• There must be visibility into how teams are using cloud-based services.
• The company must be able to identify when data related to payment cards is being sent
to the cloud.
• Data must be available regardless of the end user's geographic location
• Administrators need a single pane-of-glass view into traffic and trends.
Which of the following should the security analyst recommend?

A.

Create firewall rules to restrict traffic to other cloud service providers.

B.

Install a DLP solution to monitor data in transit.

C.

Implement a CASB solution.

D.

Configure a web-based content filter.

An organization needs to implement more stringent controls over administrator/root credentials and service accounts. Requirements for the project include: Check-in/checkout of credentials The ability to use but not know the password Automated password changes Logging of access to credentials
Which of the following solutions would meet the requirements?

A.

OAuth 2.0

B.

Secure Enclave

C.

A privileged access management system

D.

An OpenID Connect authentication system