Question: 1. A recently issued audit report highlighted exceptions related to end-user handling of sensitive data and access credentials. A security manager is addressing the findings.
1. A recently issued audit report highlighted exceptions related to end-user handling of sensitive data and access credentials. A security manager is addressing the findings. Which of the following activities should be implemented? A. Update the password policy B. Increase training requirements C. Deploy a single sign-on platform D. Deploy Group Policy Objects
__________________________ A security administrator determines several months after the first instance that a local privileged user has been routinely logging into a server interactively as root and browsing the Internet. The administrator determines this by performing an annual review of the security logs on that server. For which of the following security architecture areas should the administrator recommend review and modification? (Select TWO). A. Log aggregation and analysis B. Software assurance C. Encryption D. Acceptable use policies E. Password complexity F. Network isolation and separation ____________________________ 2. A security administrator uses FTK to take an image of a hard drive that is under investigation. Which of the following processes are used to ensure the image is the same as the original disk? (Choose two.) A. Validate the folder and file directory listings on both. B. Check the hash value between the image and the original. C. Boot up the image and the original systems to compare. D. Connect a write blocker to the imaging device. E. Copy the data to a disk of the same size and manufacturer.
________________________________________________ 3. A security architect is reviewing the options for performing input validation on incoming web form submissions. Which of the following should the architect as the MOST secure and manageable option? A. Client-side whitelisting B. Server-side whitelisting C. Server-side blacklisting D. Client-side blacklisting _______________________________ 4. A system is experiencing noticeably slow response times, and users are being locked out frequently. An analyst asked for the system security plan and found the system comprises two servers: an application server in the DMZ and a database server inside the trusted domain. Which of the following should be performed NEXT to investigate the availability issue? A. Review the firewall logs. B. Review syslogs from critical servers. C. Perform fuzzing. D. Install a WAF in front of the application server
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts