Which of the following technologies is used to actively monitor for specific file types being transmitted on the
network?


A. File integrity monitoring
B. Honeynets
C. Tcpreplay
D. Data loss prevention

A large industrial system's smart generator monitors the system status and sends alerts to third-party
maintenance personnel when critical failures occur. While reviewing the network logs, the company's security
manager notices the generator's IP is sending packets to an internal file server's IP. Which of the following
mitigations would be BEST for the security manager to implement while maintaining alerting capabilities?


A. Segmentation
B. Firewall allow list
C. Containment
D. Isolation

An employee's company account was used in a data breach. Interviews with the employee revealed:
The employee was able to avoid changing passwords by using a previous password again.
The account was accessed from a hostile, foreign nation, but the employee has never traveled to any other
countries.
Which of the following can be implemented to prevent these issues from reoccurring? (Choose two.)


A. Geographic dispersal
B. Password complexity
C. Password history
D. Geotagging
E. Password lockout
F. Geofencing

The Chief Executive Officer announced a new partnership with a strategic vendor and asked the Chief
Information Security Officer to federate user digital identities using SAML-based protocols. Which of the
following will this enable?


A. SSO
B. MFA
C. PKI
D. DLP

A security administrator needs to inspect in-transit files on the enterprise network to search for PII, credit card
data, and classification words. Which of the following would be the BEST to use?


A. IDS solution
B. EDR solution
C. HIPS software solution
D. Network DLP solution

A company is switching to a remote work model for all employees. All company and employee resources will be
in the cloud. Employees must use their personal computers to access the cloud computing environment. The
company will manage the operating system. Which of the following deployment models is the company
implementing?


A. CYOD
B. MDM
C. COPE
D. VDI

A security analyst is looking for a solution to help communicate to the leadership team the severity levels of the
organization's vulnerabilities. Which of the following would BEST meet this need?


A. CVE
B. SIEM
C. SOAR
D. CVSS

A network engineer and a security engineer are discussing ways to monitor network operations. Which of the
following is the BEST method?


A. Disable Telnet and force SSH.
B. Establish a continuous ping.
C. Utilize an agentless monitor.
D. Enable SNMPv3 with passwords.

An enterprise has hired an outside security firm to conduct penetration testing on its network and applications.
The firm has been given the documentation only available to the customers of the applications. Which of the
following BEST represents the type of testing that will occur?


A. Bug bounty
B. Black-box
C. Gray-box
D. White-box

A new security engineer has started hardening systems. One of the hardening techniques the engineer is using
involves disabling remote logins to the NAS. Users are now reporting the inability to use SCP to transfer files to
the NAS, even though the data is still viewable from the users' PCs. Which of the following is the MOST likely
cause of this issue?


A. TFTP was disabled on the local hosts.
B. SSH was turned off instead of modifying the configuration file.
C. Remote login was disabled in the networkd.conf instead of using the sshd.conf.
D. Network services are no longer running on the NAS.