A company that relies on an COL system must keep it operating until a new solution is available Which of the following is the most secure way to meet this goal?
Correct Answer:
A
To ensure the most secure way of keeping a legacy system (COL) operating until a new solution is available, isolating the system and enforcing strict firewall rules is the best approach. This method minimizes the attack surface by restricting access to only the necessary endpoints, thereby reducing the risk of unauthorized access and potential security breaches. Isolating the system ensures that it is not exposed to the broader network, while firewall rules control the traffic that can reach the system, providing a secure environment until a replacement is implemented.
References:
✑ CompTIA SecurityX Study Guide: Recommends network isolation and firewall rules as effective measures for securing legacy systems.
✑ NIST Special Publication 800-82, "Guide to Industrial Control Systems (ICS) Security": Advises on isolating critical systems and using firewalls to control access.
✑ "Network Security Assessment" by Chris McNab: Discusses techniques for isolating systems and enforcing firewall rules to protect vulnerable or legacy systems.
By isolating the system and implementing strict firewall controls, the organization can maintain the necessary operations securely while working on deploying a new solution.
A security engineer needs 10 secure the OT environment based on me following requirements
• Isolate the OT network segment
• Restrict Internet access.
• Apply security updates two workstations
• Provide remote access to third-party vendors
Which of the following design strategies should the engineer implement to best meet these requirements?
Correct Answer:
B
To secure the Operational Technology (OT) environment based on the given requirements, the best approach is to implement a bastion host in the OT network. The bastion host serves as a secure entry point for remote access, allowing third-party vendors to connect
while being monitored by security tools. Using a dedicated update server for workstations ensures that security updates are applied in a controlled manner without direct internet access.
References:
✑ CompTIA SecurityX Study Guide: Recommends the use of bastion hosts and dedicated update servers for securing OT environments.
✑ NIST Special Publication 800-82, "Guide to Industrial Control Systems (ICS) Security": Advises on isolating OT networks and using secure remote access methods.
✑ "Industrial Network Security" by Eric D. Knapp and Joel Thomas Langill: Discusses strategies for securing OT networks, including the use of bastion hosts and update servers.
After remote desktop capabilities were deployed in the environment, various vulnerabilities were noticed.
• Exfiltration of intellectual property
• Unencrypted files
• Weak user passwords
Which of the following is the best way to mitigate these vulnerabilities? (Select two).
Correct Answer:
AE
To mitigate the identified vulnerabilities, the following solutions are most appropriate:
✑ A. Implementing data loss prevention (DLP): DLP solutions help prevent the
unauthorized transfer of data outside the organization. This directly addresses the exfiltration of intellectual property by monitoring, detecting, and blocking sensitive data transfers.
✑ E. Enabling modern authentication that supports Multi-Factor Authentication
(MFA): This significantly enhances security by requiring additional verification methods beyond just passwords. It addresses the issue of weak user passwords by making it much harder for unauthorized users to gain access, even if they obtain the password.
Other options, while useful in specific contexts, do not address all the vulnerabilities mentioned:
✑ B. Deploying file integrity monitoring helps detect changes to files but does not
prevent data exfiltration or address weak passwords.
✑ C. Restricting access to critical file services improves security but is not comprehensive enough to mitigate all identified vulnerabilities.
✑ D. Deploying directory-based group policies can enforce security policies but might not directly prevent data exfiltration or ensure strong authentication.
✑ F. Implementing a version control system helps manage changes to files but is not a security measure for preventing the identified vulnerabilities.
✑ G. Implementing a CMDB platform (Configuration Management Database) helps manage IT assets but does not address the specific security issues mentioned.
References:
✑ CompTIA Security+ Study Guide
✑ NIST SP 800-53 Rev. 5, "Security and Privacy Controls for Information Systems and Organizations"
✑ CIS Controls, "Control 13: Data Protection" and "Control 16: Account Monitoring and Control"
A company wants to implement hardware security key authentication for accessing sensitive information systems The goal is to prevent unauthorized users from gaining access with a stolen password Which of the following models should the company implement to b«st solve this issue?
Correct Answer:
D
Context-based authentication enhances traditional security methods by incorporating additional layers of information about the user's current environment and behavior. This can include factors such as the user's location, the time of access, the device used, and the behavior patterns. It is particularly useful in preventing unauthorized access even if an attacker has obtained a valid password.
✑ Rule-based (A) focuses on predefined rules and is less flexible in adapting to dynamic threats.
✑ Time-based (B) authentication considers the time factor but doesn't provide comprehensive protection against stolen credentials.
✑ Role-based (C) is more about access control based on the user's role within the organization rather than authenticating the user based on current context.
By implementing context-based authentication, the company can ensure that even if a password is compromised, the additional contextual factors required for access (which an attacker is unlikely to possess) provide a robust defense mechanism.
References:
✑ CompTIA SecurityX guide on authentication models and best practices.
✑ NIST guidelines on authentication and identity proofing.
✑ Analysis of multi-factor and adaptive authentication techniques.
An organization is developing on Al-enabled digital worker to help employees complete common tasks such as template development, editing, research, and scheduling. As part of the Al workload the organization wants to Implement guardrails within the platform. Which of the following should the company do to secure the Al environment?
Correct Answer:
A
Limiting the platform's abilities to only non-sensitive functions helps to mitigate risks associated with AI operations. By ensuring that the AI-enabled digital worker is only allowed to perform tasks that do not involve sensitive or critical data, the organization reduces the potential impact of any security breaches or misuse.
Enhancing the training model's effectiveness (Option B) is important but does not directly address security guardrails. Granting the system the ability to self-govern (Option C) could increase risk as it may act beyond the organization's control. Requiring end-user acknowledgement of organizational policies (Option D) is a good practice but does not implement technical guardrails to secure the AI environment.
References:
✑ CompTIA Security+ Study Guide
✑ NIST SP 800-53 Rev. 5, "Security and Privacy Controls for Information Systems and Organizations"
✑ ISO/IEC 27001, "Information Security Management"
