D488 Pre-Assessment for Cybersecurity and IT Risk Management QUESTIONS AND CORRECT DETAILED ANSWERS (VERIFIED ANSWERS) ALREADY GRADED A+

The security team recently enabled public access to a web application hosted on a server inside the corporate network. The developers of the application report that the server has received several structured query language (SQL) injection attacks in the past several days. The team needs to deploy a solution that will block the SQL injection attacks.

Web application firewall (WAF)

The chief technology officer for a small publishing company has been tasked with improving the company's security posture. As part of a network upgrade, the company has decided to implement intrusion detection, spam filtering, content filtering, and antivirus controls. The project needs to be completed using the least amount of infrastructure while meeting all requirements.

Deploying a unified threat management (UTM) appliance

An IT security team has been notified that external contractors are using their personal laptops to gain access to the corporate network. The team needs to recommend a solution that will prevent unapproved devices from accessing the network.

Implementing port security

The security team plans to deploy an intrusion detection system (IDS) solution to alert engineers about inbound threats. The team already has a database of signatures that they want the IDS solution to validate.

Signature-based detection

An IT organization had a security breach after deploying an update to its production web servers. The application currently goes through a manual update process a few times per year. The security team needs to recommend a failback option for future deployments.

Implementing versioning

A software development team is working on a new mobile application that will be used by customers. The security team must ensure that builds of the application will be trusted by a variety of mobile devices.

Code signing

An IT organization recently suffered a data leak incident. Management has asked the security team to implement a print blocking mechanism for all documents stored on a corporate file share.

Digital rights management (DRM)

A company has recently discovered that a competitor is distributing copyrighted videos produced by the in-house marketing team. Management has asked the security team to prevent these types of violations in the future.

Digital rights management (DRM)

A security team has been tasked with performing regular vulnerability scans for a cloud-based infrastructure.

Automatically

A healthcare company needs to ensure that medical researchers cannot inadvertently share protected health information (PHI) data from medical records.

Anonymization

A security team has been tasked with mitigating the risk of stolen credentials after a recent breach. The solution must isolate the use of privileged accounts. In the future, administrators must request access to mission-critical services before they can perform their tasks.

Privileged access management (PAM)

A global manufacturing company is moving its applications to the cloud. The security team has been tasked with hardening the access controls for a corporate web application that was recently migrated. End users should be granted access to different features based on their locations and departments.

Attribute-based access control (ABAC)

A team of developers is building a new corporate web application. The security team has stated that the application must authenticate users through two separate channels of communication.

Which type of authentication method should the developers include when building the application?

Out-of-band authentication

An IT organization is implementing a hybrid cloud deployment. Users should be able to sign in to all corporate resources using their email addresses as their usernames, regardless of whether they are accessing an application on-premises or in the cloud.

Single sign-on (SSO)

Which of the following protocols provides the best method for securely authenticating users and granting access?

Open Authentication (OAuth)

An IT team is preparing the network for a hybrid cloud deployment. A security analyst recently discovered that the firmware of a router in the core data center has been compromised. According to the analyst, the attack occurred over a year ago without being detected.

Advanced persistent threat

The security operations center (SOC) team just received a notification that multiple vulnerabilities are present in the codebase of a corporate application.

Supply chain

The security operations center (SOC) team for a global company is planning an initiative to defend against security breaches. Leadership wants the team to monitor for threats against the organization’s data, credentials, and brand reputation by scanning networks that can not be accessed via search engines.

Deep web

An electric power and water utility company has recently added a cybersecurity division. The security operations center (SOC) team has been tasked with leveraging an investigative framework that can accurately assess the motives, means, and opportunities associated with common security attacks.

Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for industrial control systems (ICS)

A company operates a customer service call center with over one hundred agents taking inbound sales calls. After a recent security breach, the security team believes that one or more agents have been stealing customer credit card details.

Data loss prevention (DLP)

The security team has noticed that several endpoints on the network have been infected with malware. Leadership has tasked the security team with identifying these attacks in the future. Which solution will notify the team automatically in the event of future malware variants invading the network?

Antivirus alerts

An engineer has noticed a degradation in system performance and alerts regarding high central processing unit (CPU) usage on multiple virtual machines in the environment. Further investigation shows that several unknown processes are running on the affected systems. What is the explanation for the degradation in system performance and alerts regarding high central processing unit (CPU) usage?

Outdated anti-malware signatures

A financial services company has experienced several incidents of data breaches in recent months. The company has analyzed the indicators of compromise and determined that the data breaches were caused by insider threats. The company has decided to implement hardening techniques and endpoint security controls to mitigate the risk. What should be used to prevent data breaches caused by insider threats based on the indicators of compromise?

Data loss prevention (DLP)

The cybersecurity analyst at a software company conducted a vulnerability assessment to identify potential security risks to the organization and discovered multiple vulnerabilities on the company’s webpage. The analyst then provided the results to the chief information security officer (CISO), who then decided not to fix the discrepancies due to the vulnerabilities being outside of the organization’s resources. Which risk mitigation strategy is demonstrated in this scenario?

Accept

A company wants to implement a policy to reduce the risk of unauthorized access to sensitive information. Which policy should be implemented?

Least privilege

A company is developing a cybersecurity risk management program and wants to establish metrics to measure the program's effectiveness. What should the company consider?

Key performance indicators (KPIs)

A manufacturing company recently conducted a cybersecurity assessment which identified several vulnerabilities, including unsecured wireless networks and a lack of knowledge of cybersecurity best practices by employees. Which risk mitigation process should the company use to address these vulnerabilities?

Implement wireless network encryption and enforce regular employee security training

A company has discovered a vulnerability in its Kubernetes deployment that allows attackers to execute commands on the Kubernetes cluster's nodes. The company has decided to implement risk mitigation processes to address this vulnerability. Which risk mitigation process is the most effective in mitigating the vulnerability associated with the Kubernetes deployment?

Implementing network segmentation to isolate the Kubernetes nodes from the rest of the network

An organization has recently signed a contract with a new vendor to provide a critical service. The service will involve the vendor having access to sensitive customer data. The organization's management is concerned about the risks associated with using a new vendor and wants to know the best ways to mitigate those risks. Which strategy will meet the needs of the company?

Conducting a vendor viability assessment to ensure the vendor has the necessary resources and expertise to provide the service

An organization is developing a new telemedicine platform to provide remote healthcare services to patients and has asked a cybersecurity analyst to help develop a risk management plan for the new platform. What is the correct sequence of steps in the risk management process in this scenario?

Identify business assets, identify known vulnerabilities, identify threats, identify business impact, and identify risk response

A large financial institution has experienced a significant increase in phishing attacks targeting its employees. The institution is concerned about the potential financial and reputational damages caused by a successful phishing attack. Which security control will mitigate the risk of a successful phishing attack on the financial institution's employees?

Conducting regular security awareness training for employees

A marketing agency has discovered a known vulnerability in its web content management system. The system contains a large number of obsolete and insecure snapshots of virtual machines, which can potentially be exploited by attackers to compromise the web content management system. The agency has decided to implement hardening techniques and endpoint security controls to mitigate the risk. Which technique will meet the needs of this agency?

Removing outdated and unsecured images and templates

A manufacturing company is concerned about the potential risks associated with firmware attacks on its industrial control systems. The company has decided to implement hardening techniques and endpoint security controls to mitigate the risk. Which hardening technique will meet the needs of the company?

Regularly updating and securing firmware

A financial institution is concerned about the potential risks associated with unauthorized access to sensitive data on its servers. The company has decided to implement hardening techniques and endpoint security controls to mitigate the risk. Which technique will provide a secure operating system with access controls for user applications?

SELinux

A company is concerned about the security of its network and wants to implement a control that will allow only preapproved software to run on its endpoints. Which control should the company implement to achieve this goal?

Allowlisting

A company is concerned about the potential risks associated with unauthorized access to its cloud infrastructure. The company has decided to implement security controls to mitigate the risk. Which actions can ensure the integrity and authenticity of the cloud infrastructure and applications?

Implementing attestation services

A company is looking to protect sensitive data stored on its storage devices and ensure that this data is secure from unauthorized access. The company is looking for a solution that provides a high level of security and protection for its data. Which security technology will protect sensitive data stored on the company's storage devices by automatically initiating security procedures as they are written to the device?

Self-encrypting drives

A company is concerned about advanced persistent threats and targeted attacks on its computer systems. The company wants to implement a security solution that can detect and respond to any suspicious activity on its systems. Which security technology meets the needs of this company?

Endpoint detection and response (EDR) software

An enterprise is deploying a new software application that requires a cryptographic protocol to secure data transmission. The application will be used to process sensitive customer information, and the company wants to ensure that the data is protected during transmission. Which cryptographic protocol meets the needs of the enterprise?

Transport Layer Security (TLS) with Advanced Encryption Standard (AES)

Which emerging technology has the potential to significantly impact the security of current encryption methods by making it possible to quickly solve mathematical problems that are currently considered difficult or impossible to solve?

Quantum computing

Which public-key cryptosystem uses prime factorization as the basis for its security?

Rivest-Shamir-Adleman (RSA)

The company plans to deploy a cryptographic system for their digital signatures, which employs a public key cryptosystem that is based on figures described by the equation y^2 = x^3 + ax + b.Which public-key cryptosystem does this describe?

Elliptic Curve Digital Signature Algorithm (ECDSA)

Which key exchange algorithm is used to establish a shared secret key between two parties without the need for a pre-shared secret or public key exchange?

Diffie-Hellman (DH)

Which block cipher mode of operation is resistant to ciphertext manipulation attacks by the previous ciphertext block with the current plaintext block before encryption?

Cipher block chaining (CBC)

Which authenticated encryption mode of operation uses a one-time key and a function to provide strong message authentication and is designed to be fast?

Poly1305

Which risk management strategy will ensure the security of data stored on a software application?

Encryption of all sensitive data stored within the application

Which risk management strategy will reduce the threat surface on a new web application?

Use of hardening measures to remove unnecessary services, protocols, and applications

Which statement describes the role of risk tolerance in the development of a financial services company's mobile application for managing customer accounts and on-the-go transactions?

Risk tolerance helps the company determine the acceptable level of risk for the mobile application based on its potential impact on the company and its customers.

A software company uses a structured query language (SQL) database to store customer data, such as names, addresses, and credit card information. The IT security team has identified several potential vulnerabilities that could result in a data breach, including SQL injection attacks and weak authentication controls. Which risk management strategy can reduce the risk of a data breach?

Enforcing strong authentication controls and limiting access to the SQL database to help prevent unauthorized access

A retail company is required to comply with the Payment Card Industry Data Security Standard (PCI DSS), which establishes security requirements for companies that process, store, or transmit credit card information. The company is planning to integrate wireless networks into its stores to provide free Wi-Fi to customers. Which Wi-Fi encryption standard will meet the needs of the company?

WPA2 with Advanced Encryption Standard (AES) encryption

A European Union (EU) company is required to comply with the General Data Protection Regulation (GDPR), which sets requirements for the protection of personal data for EU residents. Which security control will secure web applications and protect personal data of EU residents in compliance with the General Data Protection Regulation (GDPR)?

Encryption

Which security control will secure a web-based credit monitoring service and protect credit information of consumers in compliance with Fair Credit Reporting Act (FCRA) requirements?

Access controls

A financial institution is required to comply with the Payment Card Industry Data Security Standard (PCI DSS), which sets requirements for the protection of payment card data. The institution uses various software programs and utilities to manage payment card data, and it is essential to ensure that only authorized programs and utilities are allowed on the institution's systems. Which security control will meet the needs of the institution?

Application allowlisting

A regional hospital with budget constraints stores critical patient information and medical records on local servers. Which type of disaster recovery site will ensure that the hospital can quickly resume operations in case of a disaster?

A warm site that is partially equipped with the necessary hardware and software to be operational in a short period of time

A manufacturing company is evaluating continuity options for its critical systems and data. Which protocol will ensure that the company can respond to an unexpected event by ensuring that its critical systems are available and responsive with minimal downtime and data loss?

Disaster recovery (DR) protocol, to ensure that recovery procedures are executed in a consistent and efficient manner

An e-commerce company is developing a disaster recovery plan and wants to determine how long its systems or applications can be down before causing significant harm to the business. What is the term used to describe this metric?

Maximum tolerable downtime (MTD)

A company is planning to update its disaster recovery plan to ensure that it meets the latest regulations on securing personally identifiable information (PII). What is the term used to describe the process of identifying and evaluating the effect that the updated plan will have on the company's operations and stakeholders?

Privacy Impact Assessment (PIA)

In the event of a cyberattack, a company's security team needs to be able to respond quickly and remediate the issue to minimize the impact. Which solution will streamline the incident response process?

Security orchestration, automation, and response (SOAR)

A company's website is a critical component of their business operations. However, due to an unexpected disaster, their website is experiencing a high volume of traffic, which is negatively affecting its performance. As part of their disaster recovery plan, the company is looking for a solution that can improve website speed and performance. Which solution will meet the needs of the company?

Content delivery network (CDN)

A company is developing its disaster recovery plan and wants to ensure the security of its data, even in the event of a major disaster. The IT team is considering using a tool that provides visibility into cloud applications and enforces data security policies. Which tool will meet the needs of the company?

Cloud access security broker (CASB)