A500 is implementing an insider threat detection program, The primary concern is that users may be accessing confidential data without authorization. Which of the fallowing should be deployed to detect a potential insider threat?

• A.ULF
• B.File integrity monitoring
• C.A DMZ
• D.A honeyfile

Comment: *

Name: *

Email: *

Verification: *

A financial institution would like to stare is customer data a could but still allow the data to be accessed and manipulated while encrypted. Doing se would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concern about computational overheads and slow speeds, Which of the following cryptographic techniques would BEST meet the requirement?

• A.Asymmetric
• B.Symmetric
• C.Homeomorphic
• D.Ephemeral

Comment: *

Name: *

Email: *

Verification: *

A security analyst is responding to an alert from the SIEM. The alert states that malware was discovered on a host and was not automatically deleted. Which of the following would be BEST for the analyst to perform?

• A.Add a deny-all rule to that host in the network ACL
• B.Revoke the client's network access certificates
• C.Quarantine the host from other parts of the network
• D.Implement a network-wide scan for other instances of the malware.

Comment: *

Name: *

Email: *

Verification: *

A dynamic application vulnerability scan identified that code injection could be performed using a web form.
Which of the following will be the best remediation to prevent this vulnerability?

• A.Implement input validations
• B.Deploy UFA
• C.Utilize a WAF
• D.Conjure HIPS

Comment: *

Name: *

Email: *

Verification: *

Which of the following is required in order for an IDS and a WAF to be effective on HTTPS traffic?

• A.Data masking
• B.Hashing
• C.DNS sinkhole
• D.TLS inspection

Comment: *

Name: *

Email: *

Verification: *