A technician is opening ports on a firewall for a new system being deployed and supported by a SaaS provider. Which of the following is a risk in the new system?
A. Default credentials
B. Non-segmented network
C. Supply chain vendor
D. Vulnerable software
Explanation:
A supply chain vendor is a third-party entity that provides goods or services to an organization, such as a SaaS provider. A supply chain vendor can pose a risk to the new system if the vendor has poor security practices, breaches, or compromises that could affect the confidentiality, integrity, or availability of the system or its data. The organization should perform due diligence and establish a service level agreement with the vendor to mitigate this risk. The other options are not specific to the scenario of using a SaaS provider, but rather general risks that could apply to any system.
An attacker posing as the Chief Executive Officer calls an employee and instructs the employee to buy gift cards. Which of the following techniques is the attacker using?
A. Smishing
B. Disinformation
C. Impersonating
D. Whaling
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
A. Compensating control
B. Network segmentation
C. Transfer of risk
D. SNMP traps
Which of the following is the most likely outcome if a large bank fails an internal PCI DSS compliance assessment?
A. Fines
B. Audit findings
C. Sanctions
D. Reputation damage
A system administrator is assessing the broader context of the company's IT security posture in light of recent expansions in both workstations and servers. This assessment includes understanding the impact of various external and internal factors on the organization's IT infrastructure. Aside from the organization's IT infrastructure itself, what are two other significant factors that should be considered in this assessment? (Select the two best options.)
A. External threat landscape
B. Regulatory/compliance environment
C. Employee cybersecurity awareness
D. Business continuity planning
An organization's IT department is transitioning from an on-premise server system to a cloud platform. Evaluating the security concepts tied to this transformation, what security design paradigm requires any request to be authenticated before being allowed onto the system?
A. Deperimeterization
B. Zero trust
C. SD-WAN
D. SASE
Explanation:
Zero trust is a security paradigm that requires all requests, both inside and outside the organization's network, to be authenticated, authorized, and continuously validated before being allowed access to systems or data. This approach assumes no implicit trust and requires verification for every action or request, regardless of where it originates.
An organization disabled unneeded services and placed a firewall in front of a business-critical legacy system. Which of the following best describes the actions taken by the organization?
A. Exception
B. Segmentation
C. Risk transfer
D. Compensating controls
A systems administrator works for a local hospital and needs to ensure patient data is protected and secure. Which of the following data classifications should be used to secure patient data?
A. Private
B. Critical
C. Sensitive
D. Public
A digital forensic analyst at a healthcare company investigates a case involving a recent data breach. In evaluating the available data sources to assist in the investigation, what application protocol and event-logging format enables different appliances and software applications to transmit logs or event records to a central server?
A. Dashboard
B. Endpoint log
C. Application Log
D. Syslog
A leading healthcare provider must improve its network infrastructure to secure sensitive patient data. You are evaluating a Next-Generation Firewall (NGFW), which will play a key role in protecting the network from attack. What feature of a Next-Generation Firewall (NGFW) will help protect sensitive patient data in the healthcare organization's network?
A. High Availability (HA) modes
B. Bandwidth management
C. Application - level inspection
D. Virtual Private Network (VPN) support
| Page 2 out of 36 Pages |
| Previous |
Copyright © - All Rights Reserved