Scribd
Upload
25 views5 pages

Ceh Question p41

Uploaded by

Thái Đỗ Văn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
25 views5 pages

Ceh Question p41

Uploaded by

Thái Đỗ Văn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Question #41

A company wants to restrict emailing of PHI documents. The company is


implementing a DLP solution. In order to restrict PHI documents, which of the
following should be performed FIRST?

A. Retention

B. Governance

C. Classification Most Voted

D. Change management

Answer: C

Community vote distribution

C (100%)

Question #42

A security analyst is investigating some users who are being redirected to a fake
website that resembles www.comptia.org. The following output was found on the
naming server of the organization:

Which of the following attacks has taken place?

A. Domain reputation

B. Domain hijacking

C. Disassociation

D. DNS poisoning Most Voted

Answer: B

Community vote distribution

D (95%)

5%

1
Question #43

Which of the following describes the continuous delivery software development


methodology?

A. Waterfall

B. Spiral

C. V-shaped

D. Agile Most Voted

Answer: D

Community vote distribution

D (100%)

Question #44

Which of the following is the BEST example of a cost-effective physical control to


enforce a USB removable media restriction policy?

A. Putting security/antitamper tape over USB ports, logging the port numbers, and
regularly inspecting the ports Most Voted

B. Implementing a GPO that will restrict access to authorized USB removable media
and regularly verifying that it is enforced Most Voted

C. Placing systems into locked, key-controlled containers with no access to the USB
ports Most Voted

D. Installing an endpoint agent to detect connectivity of USB and removable media

Answer: B

Community vote distribution

A (58%)

B (31%)

10%

Question #45

2
A company suspects that some corporate accounts were compromised. The number
of suspicious logins from locations not recognized by the users is increasing.

Employees who travel need their accounts protected without the risk of blocking
legitimate login requests that may be made over new sign-in properties. Which of the
following security controls can be implemented?

A. Enforce MFA when an account request reaches a risk threshold. Most Voted

B. Implement geofencing to only allow access from headquarters.

C. Enforce time-based login requests that align with business hours.

D. Shift the access control scheme to a discretionary access control.

Answer: A

Community vote distribution

A (100%)

Question #46

An organization wants to participate in threat intelligence information sharing with


peer groups. Which of the following would MOST likely meet the organization's
requirement?

A. Perform OSINT investigations.

B. Subscribe to threat intelligence feeds.

C. Submit RFCs.

D. Implement a TAXII server. Most Voted

Answer: D

Community vote distribution

D (92%)

8%

Question #47

Which of the following is the MOST effective control against zero-day vulnerabilities?

3
A. Network segmentation Most Voted

B. Patch management

C. Intrusion prevention system

D. Multiple vulnerability scanners

Answer: C

Community vote distribution

A (60%)

C (26%)

14%

Question #48

Which of the following is the GREATEST security concern when outsourcing code
development to third-party contractors for an internet-facing application?

A. Intellectual property theft

B. Elevated privileges

C. Unknown backdoor Most Voted

D. Quality assurance

Answer: C

Community vote distribution

C (94%)

6%

Question #49

An organization has hired a red team to simulate attacks on its security posture.
Which of the following will the blue team do after detecting an IoC?

A. Reimage the impacted workstations.

B. Activate runbooks for incident response. Most Voted

4
C. Conduct forensics on the compromised system.

D. Conduct passive reconnaissance to gather information.

Answer: C

Community vote distribution

B (86%)

14%

Question #50

An amusement park is implementing a biometric system that validates customers'


fingerprints to ensure they are not sharing tickets. The park's owner values
customers above all and would prefer customers' convenience over security. For this
reason, which of the following features should the security team prioritize

FIRST?

A. Low FAR

B. Low efficacy

C. Low FRR Most Voted

D. Low CER

Answer: C

Community vote distribution

C (100%)

You might also like