Malicious users utilized brute force to access a system. An analyst is investigating these attacks and recommends methods to management that would help secure the system. Which of the following controls should the analyst recommend? (Choose three.)

• A.Multifactor authentication
• B.Complexity policy
• C.Obfuscation
• D.Single sign-on
• E.Network segmentation
• F.Biometrics
• G.Encryption

Comment: *

Name: *

Email: *

Verification: *

SIMULATION
You are a cybersecurity analyst tasked with interpreting scan data from Company A's servers.
You must verify the requirements are being met for all of the servers and recommend changes if you find they are not.
The company's hardening guidelines indicate the following:
* TLS 1.2 is the only version of TLS running.
* Apache 2.4.18 or greater should be used.
* Only default ports should be used.
INSTRUCTIONS
Using the supplied data, record the status of compliance with the company's guidelines for each server.
The question contains two parts: make sure you complete Part 1 and Part 2. Make recommendations for issues based ONLY on the hardening guidelines provided.

Comment: *

Name: *

Email: *

Verification: *

Organizational policies require vulnerability remediation on severity 7 or greater within one week.
Anything with a severity less than 7 must be remediated within 30 days. The organization also requires security teams to investigate the details of a vulnerability before performing any remediation. If the investigation determines the finding is a false positive, no remediation is performed and the vulnerability scanner configuration is updates to omit the false positive from future scans:
The organization has three Apache web servers:

The results of a recent vulnerability scan are shown below:

The team performs some investigation and finds a statement from Apache:

Which of the following actions should the security team perform?

• A.Remediate 192.168.1.22 within 30 days
• B.Ignore the false positive on 192.168.1.22
• C.Investigate the false negative on 192.168.1.20
• D.Remediate 192.168.1.20 within 30 days

Comment: *

Name: *

Email: *

Verification: *

A security analyst was alerted to a tile integrity monitoring event based on a change to the vhost- paymonts.conf file.
The output of the diff command against the known-good backup reads as follows

Which of the following MOST likely occurred?

• A.The file was altered to accept payments without charging the cards
• B.The file was altered to verify the card numbers are valid.
• C.The file was altered to harvest credit card numbers
• D.The file was altered to avoid logging credit card information

Comment: *

Name: *

Email: *

Verification: *

Which of the following organizational initiatives would be MOST impacted by data severighty issues?

• A.Implementing non-repudiation controls
• B.Migrating to locally hosted virtual servers
• C.Moving to a cloud-based environment
• D.Encrypting local database queries

Comment: *

Name: *

Email: *

Verification: *