A security administrator would like to ensure all cloud servers will have software preinstalled for facilitating
vulnerability scanning and continuous monitoring. Which of the following concepts should the administrator
utilize?


A. Provisioning
B. Staging
C. Staging
D. Quality assurance

A security operations center wants to implement a solution that can execute files to test for malicious activity.
The solution should provide a report of the files' activity against known threats. Which of the following should
the security operations center implement?


A. the Harvester
B. Nessus
C. Cuckoo
D. Sn1per

Which of the follow ng disaster recovery sites is the most cost effective to operate?


A. Warm site
B. Cold site
C. Hot site
D. Hybrid site

Which of the following types of disaster recovery plan exercises requires the least interruption to IT operations?


A. Parallel
B. Full-scale
C. Tabletop
D. Simulation

Which of the following would a security analyst use to determine if other companies in the same sector have
seen similar malicious activity against their systems?


A. Vulnerability scanner
B. Open-source intelligence
C. Packet capture
D. Threat feeds

A security administrator is integrating several segments onto a single network. One of the segments, which
includes legacy devices, presents a significant amount of risk to the network. Which of the follow ng would
allow users to access to the legacy devices without compromising the security of the entire network?


A. NIDS
B. MAC filtering
C. Jump server
D. IPSec
E. NAT gateway

Which of the following procedures would be performed after the root cause of a security incident has been
identified to help avoid future incidents from occurring?


A. Walk-throughs
B. Lessons learned
C. Attack framework alignment
D. Containment

A user s laptop constantly disconnects from the Wi-Fi network. Once the laptop reconnects, the user can reach
the internet but cannot access shared folders or other network resources. Which of the following types of
attacks is the user most likely experiencing?


A. Bluejacking
B. Jamming
C. Rogue access point
D. Evil twin

A security analyst is assessing a new y developed web application by testing SQL injection, CSRF, and XML
injection. Which of the follow ng frameworks should the analyst consider?


A. ISO
B. MITRE ATT&CK
C. OWASP
D. NIST

While troubleshooting service disruption on a mission-critical server, a technician discovered the user account
that was configured to run automated processes was disabled because the user s password failed to meet
password complexity requirements. Which of the following would be the best solution to securely prevent future
issues?


A. Using an administrator account to run the processes and disabling the account when it is not in use
B. Implementing a shared account the team can use to run automated processes
C. Configuring a service account to run the processes
D. Removing the password complexity requirements for the user account