A financial institution would like to store its customer data in a cloud but still allow the data to be accessed and manipulated while encrypted. Doing so would prevent the cloud service provider from being able to decipher the data due to its sensitivity. The financial institution is not concerned about computational overheads and slow speeds.
Which of the following cryptographic techniques would BEST meet the requirement?

• A.Symmetric
• B.Asymmetric
• C.Ephemeral
• D.Homomorphic

Comment: *

Name: *

Email: *

Verification: *

Which of the following would help ensure a security analyst is able to accurately measure the overall risk to an organization when a new vulnerability is disclosed?

• A.A full inventory of all hardware and software
• B.Documentation of system classifications
• C.A list of system owners and their departments
• D.Third-party risk assessment documentation

Comment: *

Name: *

Email: *

Verification: *

A security analyst is reviewing the output of a web server log and notices a particular account is attempting to transfer large amounts of money:

Which of the following types of attack is MOST likely being conducted?

• A.SQLi
• B.Session replay
• C.API
• D.CSRF

Comment: *

Name: *

Email: *

Verification: *

A security administrator checks the table of a network switch, which shows the following output:

Which of the following is happening to this switch?

• A.ARP poisoning
• B.MAC Flooding
• C.MAC cloning
• D.DNS poisoning

Comment: *

Name: *

Email: *

Verification: *

Which of the following risk management strategies would an organization use to maintain a legacy system with known risks for operational purposes?

• A.Avoidance
• B.Transference
• C.Mitigation
• D.Acceptance

Comment: *

Name: *

Email: *

Verification: *