- (Exam Topic 3)
An organidation recently discovered that a purchasing officer approved an invoice for an amount that was different than the original purchase order. After further investigation, a security analyst determines that the digital signature for the fraudulent invoice is exactly the same as the digital signature for the correct invoice that had been approved. Which of the following attacks MOST likely explains the behavior?
Correct Answer:
C
- (Exam Topic 1)
A security proposal was set up to track requests for remote access by creating a baseline of the users' common sign-in properties. When a baseline deviation is detected, an Iv1FA challenge will be triggered. Which of the following should be configured in order to deploy the proposal?
Correct Answer:
A
An access control scheme that verifies an object's identity based on various environmental factors, like time, location, and behavior.
- (Exam Topic 2)
While investigating a recent security incident, a security analyst decides to view all network connections on a particular server, Which of the following would provide the desired information?
Correct Answer:
C
- (Exam Topic 4)
A Chief Security Officer (CSO) was notified that a customer was able to access confidential internal company files on a commonly used file-sharing service. The file-sharing service is the same one used by company staff as one of its approved third-party applications.
After further investigation, the security team determines the sharing of confidential files was accidental and not malicious. However, the CSO wants to implement changes to minimize this type of incident from reoccurring but does not want to impact existing business processes. Which of the following would BEST meet the CSO's objectives?
Correct Answer:
A
- (Exam Topic 4)
The website http://companywebsite.com requires users to provide personal information, including security question responses, for registration. Which of the following would MOST likely cause a data breach?
Correct Answer:
C
