A recent vulnerability scan revealed multiple servers have non-standard ports open for applications that are no longer in use. The security team is working to ensure all devices are patched and hardened. Which of the following would the security team perform to ensure the task is completed with minimal impact to production?


A. Enable HIDS on all servers and endpoints.
B. Disable unnecessary services.
C. Configure the deny list appropriately on the NGFW.
D. Ensure the antivirus is up to date.

A certificate vendor notified a company that recently invalidated certificates may need to be updated. Which of the following mechanisms should a security administrator use to determine whether the certificates installed on the company's machines need to be updated?


A. SCEP
B. OCSP
C. CSR
D. CRL

A penetration-testing firm is working with a local community bank to create a proposal that best fits the needs of the bank. The bank's information security manager would like the penetration test to resemble a real attack scenario, but it cannot afford the hours required by the penetration-testing firm. Which of the following would best address the bank's desired scenario and budget?


A. Engage the penetration-testing firm's rea-team services to fully mimic possible attackers.
B. Give the penetration tester data diagrams of core banking applications in a known-environment test.
C. Limit the scope of the penetration test to only the system that is used for teller workstations.
D. Provide limited networking details in a partially known-environment test to reduce reconnaissance efforts.

A security analyst needs to harden access to a network. One of the requirements is to authenticate users with smart cards. Which of the following should the analyst enable to best meet this requirement?


A. CHAP
B. PEAP
C. MS-CHAPv2
D. EAP-TLS

A software company adopted the following processes before releasing software to production:
Peer review
Static code scanning
Signing
A considerable number of vulnerabilities are still being detected when code is executed on production. Which of the following security tools can improve vulnerability detection on this environment?


A. File integrity monitoring for the source code
B. Dynamic code analysis tool
C. Encrypted code repository
D. Endpoint detection and response solution

The following IP information was provided to internal auditors to help assess organizational security:

Which of the following tools would most likely be used to perform network reconnaissance and help understand what is accessible to all users? (Choose two.)

A. ipconfig
B. ping
C. chmod
D. netstat
E. traceroute
F. route

A new company wants to avoid channel interference when building a WLAN. The company needs to know the radio frequency behavior, identify dead zones, and determine the best place for access points. Which of the following should be done first?


A. Configure heat maps.
B. Utilize captive portals.
C. Conduct a site survey.
D. Install Wi-Fi analyzers.

An organization is building a single virtual environment that will host customer applications and data that require availability at all times. The data center that is hosting the environment will provide generator power and ISP services. Which of the following is the best solution to support the organization's requirement?


A. NIC teaming
B. Cloud backups
C. A load balancer appliance
D. UPS

A recent malware outbreak across a subnet included successful rootkit installations on many PCs, ensuring persistence by rendering remediation efforts ineffective. Which of the following would best detect the presence of a rootkit in the future?


A. FDE
B. NIDS
C. EDR
D. DLP