- (Exam Topic 3)
Which of the following has been implemented when a host-based firewall on a legacy Linux system allows connections from only specific internal IP addresses?
Correct Answer:
A
A compensating control is a type of security control that is implemented in lieu of a recommended security measure that is deemed too difficult or impractical to implement at the present time. A compensating control must provide equivalent or comparable protection for the system or network and meet the intent and rigor of the original security requirement. An example of a compensating control is using a host-based firewall on a legacy Linux system to allow connections from only specific internal IP addresses, as it can provide a similar level of defense as a network firewall that may not be compatible with the system. References:
https://www.techtarget.com/whatis/definition/compensating-control https://reciprocity.com/resources/whats-the-difference-between-compensating-controls-and-mitigating-co
- (Exam Topic 1)
A retail company that is launching @ new website to showcase the company’s product line and other
information for online shoppers registered the following URLs:
* www companysite com
* shop companysite com
* about-us companysite com contact-us. companysite com secure-logon company site com
Which of the following should the company use to secure its website if the company is concerned with convenience and cost?
Correct Answer:
D
The company can use a wildcard certificate to secure its website if it is concerned with convenience and cost. A wildcard certificate can secure multiple subdomains, which makes it cost-effective and convenient for securing the various registered domains.
The retail company should use a wildcard certificate if it is concerned with convenience and c1o2s.tA wildcard SSL certificate is a single SSL/TLS certificate that can provide significant time and cost savings, particularly for small businesses. The certificate includes a wildcard character (*) in the domain name field, and can secure multiple subdomains of the primary domain1
- (Exam Topic 4)
Historically, a company has had issues with users plugging in personally owned removable media devices into corporate computers. As a result, the threat of malware incidents is almost constant. Which of the following would best help prevent the malware from being installed on the computers?
Correct Answer:
D
EDR stands for Endpoint Detection and Response, which is a technology that monitors, detects, and responds to cyber threats on endpoint devices, such as laptops, desktops, servers, or mobile devices. EDR collects and analyzes data from endpoints to identify suspicious or malicious activities, such as malware installation, file modification, registry changes, network connections, or user actions. EDR also provides tools and capabilities to respond to threats, such as isolating infected devices, blocking malicious processes, removing malware, or restoring files.
Historically, a company has had issues with users plugging in personally owned removable media devices into corporate computers. As a result, the threat of malware incidents is almost constant. EDR would best help prevent the malware from being installed on the computers by detecting the insertion of removable media devices and scanning them for any malicious code or files. EDR would also alert the security team of any potential infection and enable them to take immediate action to contain and remediate the threat.
- (Exam Topic 3)
Which of the following threat actors is most likely to be motivated by ideology?
Correct Answer:
B
A hacktivist is a threat actor who is most likely to be motivated by ideology. A hacktivist is a person or group who uses hacking skills and techniques to promote a political or social cause. Hacktivists may target government, corporate, or religious entities that they disagree with or oppose. Hacktivists may use various methods to achieve their goals, such as defacing websites, leaking sensitive data, launching denial-of-service attacks, or spreading propaganda. Hacktivists are not motivated by financial gain or personal benefit, but rather by their beliefs and values. References: https://www.uscybersecurity.net/hacktivist/ https://www.fortinet.com/resources/cyberglossary/what-is-hacktivism
- (Exam Topic 4)
A company is looking to migrate some servers to the cloud to minimize its technology footprint The company has a customer relationship management system on premises Which of the following solutions will require the least infrastructure and application support from the company?
Correct Answer:
A
SaaS stands for Software as a Service and is a cloud computing model that delivers software solutions from a third party over the internet. SaaS requires the least infrastructure and application support from the company because it eliminates the need to install, manage, update, or maintain any software or hardware on-premises. The company can simply access the customer relationship management system as a SaaS application through a web browser or an API, without worrying about the underlying infrastructure, platform, or network. The SaaS provider is responsible for managing all aspects of the software delivery and performance
