A company is repeatedly being breached by hackers who valid credentials. The company's Chief information Security Officer (CISO) has installed multiple controls for authenticating users, including biometric and token-based factors. Each successive control has increased overhead and complexity but has failed to stop further breaches. An external consultant is evaluating the process currently in place to support the authentication controls. Which of the following recommendation would MOST likely reduce the risk of unauthorized access?

• A.Switch to one-time or all user authorizations.
• B.Strengthen identify-proofing procedures
• C.Implement least privilege policies
• D.Implement strict three-factor authentication.

Comment: *

Name: *

Email: *

Verification: *

A Chief information Security Officer (CISO) is developing corrective-action plans based on the following from a vulnerability scan of internal hosts:

Which of the following MOST appropriate corrective action to document for this finding?

• A.The product owner should perform a business impact assessment regarding the ability to implement a WAF.
• B.The application developer should use a static code analysis tool to ensure any application code is not vulnerable to buffer overflows.
• C.The system administrator should evaluate dependencies and perform upgrade as necessary.
• D.The security operations center should develop a custom IDS rule to prevent attacks buffer overflows against this server.

Comment: *

Name: *

Email: *

Verification: *

A security analyst receives an alert from the SIEM regarding unusual activity on an authorized public SSH jump server. To further investigate, the analyst pulls the event logs directly from /var/log/auth.log:
graphic.ssh_auth_log.
Which of the following actions would BEST address the potential risks by the activity in the logs?

• A.Implementing host-key preferences
• B.Alerting the misconfigured service account password
• C.Modifying the AllowUsers configuration directive
• D.Restricting external port 22 access

Comment: *

Name: *

Email: *

Verification: *

An organization is preparing to migrate its production environment systems from an on-premises environment to a cloud service. The lead security architect is concerned that the organization's current methods for addressing risk may not be possible in the cloud environment.
Which of the following BEST describes the reason why traditional methods of addressing risk may not be possible in the cloud?

• A.Risks to data in the cloud cannot be mitigated.
• B.Cloud providers are unable to avoid risk.
• C.Migrating operations assumes the acceptance of all risk.
• D.Specific risks cannot be transferred to the cloud provider.

Comment: *

Name: *

Email: *

Verification: *

An engineering team is developing and deploying a fleet of mobile devices to be used for specialized inventory management purposes. These devices should:
- Be based on open-source Android for user familiarity and ease.
- Provide a single application for inventory management of physical
assets.
- Permit use of the camera be only the inventory application for the
purposes of scanning
- Disallow any and all configuration baseline modifications.
- restrict all access to any device resource other than those required
for use of the inventory management application
Which of the following approaches would best meet these security requirements?

• A.Set an application wrapping policy, wrap the application, distributes the inventory APK via the MAM tool, and test the application restrictions.
• B.Swap out Android Linux kernel version for >2,4,0, but the internet build Android, remove unnecessary functions via MDL, configure to block network access, and perform integration testing
• C.Write a MAC sepolicy that defines domains with rules, label the inventory application, build the policy, and set to enforcing mode.
• D.Build and install an Android middleware policy with requirements added, copy the file into/ user/init, and then built the inventory application.

Comment: *

Name: *

Email: *

Verification: *