A company is preparing to deploy a global service.
Which of the following must the company do to ensure GDPR compliance? (Choose two.)

• A.Provide optional data encryption.
• B.Provide alternative authentication techniques.
• C.Inform users regarding what data is stored.
• D.Provide data deletion capabilities.
• E.Grant data access to third parties.
• F.Provide opt-in/out for marketing messages.

Comment: *

Name: *

Email: *

Verification: *

A home automation company just purchased and installed tools for its SOC to enable incident identification and response on software the company develops. The company would like to prioritize defenses against the following attack scenarios:
Unauthorized insertions into application development environments
Authorized insiders making unauthorized changes to environment configurations Which of the following actions will enable the data feeds needed to detect these types of attacks on development environments? (Choose two.)

• A.Install an IDS on the development subnet and passively monitor for vulnerable services.
• B.Monitor dependency management tools and report on susceptible third-party libraries.
• C.Continuously monitor code commits to repositories and generate summary logs.
• D.Perform static code analysis of committed code and generate summary reports.
• E.Model user behavior and monitor for deviations from normal.
• F.Implement an XML gateway and monitor for policy violations.

Comment: *

Name: *

Email: *

Verification: *

A customer reports being unable to connect to a website at www.test.com to consume services. The customer notices the web application has the following published cipher suite:

Which of the following is the MOST likely cause of the customer's inability to connect?

• A.The default should be on port 80.
• B.The public key should be using ECDSA.
• C.The server name should be test.com.
• D.Weak ciphers are being used.

Comment: *

Name: *

Email: *

Verification: *

A company undergoing digital transformation is reviewing the resiliency of a CSP and is concerned about meeting SLA requirements in the event of a CSP incident.
Which of the following would be BEST to proceed with the transformation?

• A.An on-premises solution as a backup
• B.A multicloud provider solution
• C.An active-active solution within the same tenant
• D.A load balancer with a round-robin configuration

Comment: *

Name: *

Email: *

Verification: *

After a security incident, a network security engineer discovers that a portion of the company's sensitive external traffic has been redirected through a secondary ISP that is not normally used.
Which of the following would BEST secure the routes while allowing the network to function in the event of a single provider failure?

• A.Disable BGP and implement OSPF.
• B.Implement a BGP route reflector.
• C.Disable BGP and implement a single static route for each internal network.
• D.Implement an inbound BGP prefix list.

Comment: *

Name: *

Email: *

Verification: *