- Email support@dumps4free.com
Topic 3: Exam Pool C
In which of the following situations would it be BEST to use a detective control type for mitigation?
A.
company implemented a network load balancer to ensure 99.999% availability of itweb application.
B.
A company designed a backup solution to increase the chances of restoring services in case of a natural disaster.
C.
A company purchased an application-level firewall to isolate traffic between the
accounting department and the information technology department.
D.
A company purchased an IPS system, but after reviewing the requirements, the
appliance was supposed to monitor, not block, any traffic.
E.
A company purchased liability insurance for flood protection on all capital assets.
A company purchased an IPS system, but after reviewing the requirements, the
appliance was supposed to monitor, not block, any traffic.
A security analyst needs to implement an MDM solution for BYOD users that will allow the
company to retain control over company emails residing on the devices and limit data
exfiltration that might occur if the devices are lost or stolen. Which of the following would
BEST meet these requirements? (Select TWO).
A.
Full-device encryption
B.
Network usage rules
C.
Geofencing
D.
Containerization
E.
Application whitelisting
F.
Remote control
Full-device encryption
Network usage rules
The Chief Security Officer (CSO) at a major hospital wants to implement SSO to help improve in the environment patient data, particularly at shared terminals. The Chief Risk Officer (CRO) is concerned that training and guidance have been provided to frontline staff, and a risk analysis has not been performed. Which of the following is the MOST likely cause of the CRO’s concerns?
A.
SSO would simplify username and password management, making it easier for hackers to pass guess accounts.
B.
SSO would reduce password fatigue, but staff would still need to remember more complex passwords.
C.
SSO would reduce the password complexity for frontline staff.
D.
SSO would reduce the resilience and availability of system if the provider goes
SSO would reduce the resilience and availability of system if the provider goes
When selecting a technical solution for identity management, an architect chooses to go from an in-house to a third-party SaaS provider. Which of the following risk management strategies is this an example of?
A.
Acceptance
B.
Mitigation
C.
Avoidance
D.
Transference
Transference
Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?
A.
MOU
B.
MTTR
C.
SLA
D.
NDA
SLA
| Page 3 out of 178 Pages |
| Previous |