Protect from unauthorized hacker= NIPS

Analyst is reviewing logs and discovers=input sanitization

Included in a post incident review=steps to mitigate the risks of the incident

Security administrator identifies the following=XSS

Architectures most suitable for redundancy = multitenant

Various types of security incidents=conduct tabletop exercise

Data center to remail operational in power failure=generator

Administrator validated that the new address=DNS poisoning

Company’s billing system to issue fraudulent checks= application logs

Best way to securely store encryption keys= key escrow

Activities associated with vulnerability management= reporting and prioritization

Issued new laptops to all employees= agent-based

Product that offers protection against DDoS= Availability

Vulnerabilities within cloud computing instances = VMescape

New regulation and company must comply = policy review

After failing an audit twice = non-compliance

Leverage access tokens and focus on application authorization = OAuth

Implement a secure solution for remote users = MFA and VPN

Accountant transferring info to a bank over FTP = Encryption

Reduce the attack surface of enterprise network = disable unused network services

Connect to the network by using an agent installed on endpoint = IPSec

Secure communication of data to the cloud= IPSec

Protects data at rest = Full disk encryption

Administrator use to gather information = open-source intelligence

Making decisions about vulnerability prioritization = CVSS

Consequences from customers if retailer is non-compliance = reputational damage

Describes the concept of log correlation = searching and processing data to identify patterns

Security measures should the university have implemented = user activity logs

The use of automation and orchestration within SIEM = removes technical debt
Developing critical system for govt and storing info on fileshare = Confidential and restricted

Data being actively processed by DB server = in use

Maintains intellectual property to protect = insider threat detection

Mobile device containing company data = FDE

Installed cameras and added signs = deterrent and detective

Used by attackers to perform credential harvesting = social engineering

Benefits of microservice compared to monolithic architecture = easier debugging and scalability

Common passive reconnaissance technique = open source intelligence

Encryption on all hard drives in organization = confidentiality

Installing an SSL certificate on a new system = if the root certificate is installed

Optimize its environment and reduce the number of patches = virtualization

Company to buy a NAC platform = wired

Cryptographic solutions to hide communication occurring = private key

Sys admin reviews the server management software and finds = resource consumption

Provide the lowest RTO and RPO = Hot site

3DES hash = to test the integrity

Task in the BIA process = the recovery time of the systems

Reduce number of physical servers = virtualization

Verify security controls are operating = hire a vendor to do penetration test

Accessing information from systems that they should not have = DLP

Consolidated reports from different devices= SIEM

Stores credit card information = tokenization

Vendor diversity = zero day

Ensures data retention = privacy officer

Conducting an audit of organization = vulnerability assessment

Exploit to go undetected = encrypted payload

Protect from viruses, malware and Trojans=EDR

Provide a secure zone, enforce company wide policy and reduce scope = Zero trust

Reduce the hardware attack surface = virtualization

Physically isolate the its secure system = air gapped

Performing a risk assessment on software that the company wishes to use = software vulnerablilities

Sanitize hard drive and allowing it to be repuruposed = wipe tool

Procedures to track compliance = internal audit

Logging and monitoring in a cloud = SIEM

SOC2 report = due diligence

Deployed on an application during time = Dynamic analysis

Website private key was stolen = OCSP

Implementing a security awareness program = phishing campaign

Tracks log-ins and time spent using service = accounting

Ignored over time = false positive

When upgrading the firmware of an organizations router = maintenance window

Time frame in which the vendor needs to respong = SLA

Running RTOS can be compromised = memory injection

Data most impacted when it is lost = critical

First stage in incident response process = detection

Multiple passwords reduced to one first to implement = OAuth tokens

Temporary field added that bypass legitimite field = memory injection

Guard against insider threat of a data center = access badges

Get ../../../../../etc/passwd = directory traversal

Best way to take test resiliency in the event of failure = simulation

Deface the website of a high profile music group = organized crime

Integrity and ethical behavior within an organization = AUP

Using for IoT management = encrypted connection

Cluster most likely to achieve = increasing performance

New security architecture to better protect the company’s network and applications =SASE

Basic information about the device = partially known