The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO’s concerns?

A.

SSO would simplify username and password management, making it easier for hackers to pass guess accounts.

B.

SSO would reduce password fatigue, but staff would still need to remember more complex passwords.

C.

SSO would reduce the password complexity for frontline staff.

D.

SSO would reduce the resilience and availability of system if the provider goes

When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?

A.

Acceptance

B.

Mitigation

C.

Avoidance

D.

Transference

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

A.

MOU

B.

MTTR

C.

SLA

D.

NDA

Which of the following will MOST likely cause machine learning and Al-enabled systems to operate with unintended consequences?

A.

Stored procedures

B.

Buffer overflows

C.

Data bias

D.

Code reuse

A network engineer needs to build a solution that will allow guests at the company’s headquarters to access the Internet via WiFi. This solution should not allow access to the internal corporate network, but it should require guests to sign off on the acceptable use policy before accessing the Internet. Which of the following should the engineer employ to meet these requirements?

A.

Implement open PSK on the APs

B.

Deploy a WAF

C.

Configure WIPS on the APs

D.

Install a captive portal

Which of the following provides the BEST protection for sensitive information and data
stored in cloud-based services but still allows for full functionality and searchability of data
within the cloud-based services?

A.

Data encryption

B.

Data masking

C.

Anonymization

D.

Tokenization

An analyst needs to identify the applications a user was running and the files that were open before the user’s computer was shut off by holding down the power button. Which of the following would MOST likely contain that information?

A.

NGFW

B.

Pagefile

C.

NetFlow

D.

RAM

An organization's RPO for a critical system is two hours. The system is used Monday
through Friday, from 9:00 am to 5:00 pm. Currently, the organization performs a full backup
every Saturday that takes four hours to complete. Which of the following additional backup
implementations would be the BEST way for the analyst to meet the business
requirements?

A.

Incremental backups Monday through Friday at 6:00 p.m and differential backups hourly

B.

Full backups Monday through Friday at 6:00 p.m and incremental backups hourly.

C.

incremental backups Monday through Friday at 6:00 p.m and full backups hourly.

D.

Full backups Monday through Friday at 6:00 p.m and differential backups hourly

An organization has hired a security analyst to perform a penetration test. The analyst
captures 1Gb worth of inbound network traffic to the server and transfer the pcap back to
the machine for analysis. Which of the following tools should the analyst use to further
review the pcap?

A.

Nmap

B.

BcURL

C.

Netcat

D.

Wireshark

An attacker was easily able to log in to a company's security camera by performing a basic
online search for a setup guide for that particular camera brand and model Which of the
following BEST describes the configurations the attacker exploited?

A.

Weak encryption

B.

Unsecure protocols

C.

Default settings

D.

Open permissions

A Chief Security Officer (CSO) is concerned about the amount of PII that is stored locally on each salesperson’s laptop. The sales department has a higher-than-average rate of lost equipment. Which of the following recommendations would BEST address the CSO’s concern?

A.

Deploy an MDM solution.

B.

Implement managed FDE.

C.

Replace all hard drives with SEDs.

D.

Install DLP agents on each laptop

A user contacts the help desk to report the following:
Two days ago, a pop-up browser window prompted the user for a name and
password after connecting to the corporate wireless SSID. This had never
happened before, but the user entered the information as requested.
The user was able to access the Internet but had trouble accessing the
department share until the next day. The user is now getting notifications from the bank about unauthorized transactions. Which of the following attack vectors was MOST likely used in this scenario?

A.

Rogue access point

B.

Evil twin

C.

DNS poisoning

D.

ARP poisoning