During a penetration test in a hypervisor, the security engineer is able to use a script to inject a malicious payload and access the host filesystem. Which of the following best describes this vulnerability?
A security administrator needs to reduce the attack surface in the company ' s data centers. Which of the following should the security administrator do to complete this task?
An organization has a new regulatory requirement to implement corrective controls on a financial system. Which of the following is the most likely reason for the new requirement?
Which of the following uses proprietary controls and is designed to function in harsh environments over many years with limited remote access management?
A systems administrator is looking for a low-cost application-hosting solution that is cloud-based. Which of the following meets these requirements?
A government worker secretly copies classified files that contain defense tactics information to an external drive. The government worker then gives the external drive to a corrupt organization. Which of the following best describes the motivation of the worker?
Which of the following metrics are used to calculate the risk rating in a matrix format? Select two.
An organization wants to limit potential impact to its log-in database in the event of a breach. Which of the following options is the security team most likely to recommend?
During a routine audit, an analyst discovers that a department at a high school uses a simulation program that was not properly vetted before deployment. Which of the following threats is this an example of?
A company is concerned with supply chain compromise of new servers and wants to limit this risk. Which of the following should the company review first?
A security team is setting up a new environment for hosting the organization ' s on-premises software application as a cloud-based service. Which of the following should the team ensure is in place in order for the organization to follow security best practices?
Which of the following elements of digital forensics should a company use If It needs to ensure the integrity of evidence?
An administrator must replace an expired SSL certificate. Which of the following does the administrator need to create the new SSL certificate?
A customer of a large company receives a phone call from someone claiming to work for the company and asking for the customer ' s credit card information. The customer sees the caller ID is the same as the company ' s main phone number. Which of the following attacks is the customer most likely a target of?
An administrator wants to automate an account permissions update for a large number of accounts. Which of the following would best accomplish this task?
Which of the following is used to quantitatively measure the criticality of a vulnerability?
Which of the following teams combines both offensive and defensive testing techniques to protect an organization ' s critical systems?
An organization plans to expand its operations internationally and needs to keep data at the new location secure. The organization wants to use the most secure architecture model possible. Which of the following models offers the highest level of security?
A systems administrator is creating a script that would save time and prevent human error when performing account creation for a large number of users. Which of the following would be a good use case for this task?creating a script