A company recently enhanced mobile device configuration by implementing a set of security controls biometrics
context-aware authentication and full device encryption. Even with these settings in place, an unattended phone
was used by a malicious actor to access corporate data. Which of the following additional controls should be
put in place first?


A. GPS tagging
B. Remote wipe
C. Screen lock timer
D. SEAndroid

Which of the following can be used to detect a hacker who is stealing company data over port 80?


A. Web application scan
B. Threat intelligence
C. Log aggregation
D. Packet capture

An organization has been experiencing outages during holiday sales and needs to ensure availability of its
point-of-sale systems. The IT administrator has been asked to improve both server-data fault tolerance and site
availability under high consumer load. Which of the following are the best options to accomplish this objective?
(Choose two.)


A. Load balancing
B. Incremental backups
C. UPS
D. RAID
E. Dual power supply
F. VLAN

A company that provides an online streaming service made its customers' personal data, including names and
email addresses, publicly available in a cloud storage service. As a result, the company experienced an
increase in the number of requests to delete user accounts. Which of the following BEST describes the
consequence of this data disclosure?


A. Regulatory fines
B. Reputation damage
C. Increased insurance costs
D. Financial loss

A security analyst is investigating what appears to be unauthorized access to a corporate web application. The security analyst reviews the web server logs and finds the flowing entries:

Which of the following password attacks is taking place?

A. Dictionary
B. Brute-force
C. Rainbow table
D. Spraying

Which of the following control types is patch management classified under?


A. Deterrent
B. Physical
C. Corrective
D. Detective

Which of the following processes would most likely help an organization that has conducted an incident
response exercise to improve performance and identify challenges?


A. Lessons learned
B. Identification
C. Simulation
D. Containment

A security analyst is investigating a report from a penetration test. During the penetration test, consultants were able to download sensitive data from a back-end server. The back-end server was exposing an API that should have only been available from the company's mobile application. After reviewing the back-end server logs, the security analyst finds the following entries:

Which of the following is the most likely cause of the security control bypass?

A. IP address allow list
B. User-agent spoofing
C. WAF bypass
D. Referrer manipulation

A security operations technician is searching the log named /var/messages for any events that were
associated with a workstation with the IP address 10.1.1.1. Which of the following would provide this
information?


A. cat /var/messages | grep 10.1.1.1
B. grep 10.1.1.1 | cat /var/messages
C. grep /var/messages | cat 10.1.1.1
D. cat 10.1.1.1 | grep /var/messages

Cloud security engineers are planning to allow and deny access to specific features in order to increase data
security. Which of the following cloud features is the most appropriate to ensure access is granted properly?


A. API integrations
B. Auditing
C. Resource policies
D. Virtual networks