Alpha
What is the primary purpose of the cybersecurity approach of User Behavior Analytics (UBA) or User and Entity Behavior Analytics (UEBA)?
To monitor and analyze users' behavior to detect potential threats
A systems administrator is looking for a low-cost application-hosting solution that is cloud-based.
Which of the following meets these requirements?
Serverless framework
A sole proprietorship construction company contacted an information technology (IT) consultant for technical support for a computer issue. After resolving that issue, the consultant suggested the construction company enable computer encryption. Why might the company want to enable encryption on its computers' hard drives?
To prevent data removal from a stolen device
One of the company’s accountants submitted a ticket stating they could not access a particular section of the accounting software. Why might the accountant not have access to every part of the accounting software?
Least privilege
A healthcare provider is modernizing its data storage solutions to comply with health information privacy laws. The chief information security officer (CISO) must ensure that sending data access logs to healthcare regulatory authorities is in a specific format. What kind of reporting is taking place?
External compliance reporting
A multinational corporation has hired a lead IT consultant to assess the security of its various systems, including Windows and Linux servers, desktops, and mobile devices in different countries. To ensure consistent security across all these systems, which of the following tools would the consultant recommend the organization use to automate the deployment of secure baseline configurations?
Puppet
The governmental organization in charge of managing the personnel records of the country’s military service members reported that another country had accessed its database. Who BEST describes the adversary that breached the personnel records database?
Nation-state
A defense contractor has tasked its local network administrator with securing communications between the organization's web server and clients to protect sensitive user information. Which protocol should the network administrator choose to achieve this security objective?
HTTPS
A security consultant is working with a client to improve security practices. How can the consultant describe cryptographic hashing so the client is more likely to accept recommendations?
Hashing allows any plaintext length to look the same length as ciphertext.
An educational institution's systems administrator is responsible for securing the LDAP directory service for the organization's computing resources. Which authentication method should the systems administrator implement to ensure secure access?
Simple Authentication and Security Layer
A coworking office wants to upgrade its Wi-Fi encryption to Wi-Fi Protected Access 3 (WPA3). Which feature of WPA3 replaces the pre-shared key (PSK) exchange protocol in WPA2 to ensure an attacker cannot intercept the Wi-Fi password even when capturing data from a successful login?
Simultaneous authentication of equals (SAE)
A security administrator plans to enhance the security posture of an organization's computing infrastructure. The administrator starts by documenting the current state of all system configurations and intends to establish a foundation to enforce security standards. Given the scenario, which security technique is the security administrator preparing to implement that ensures consistent application of security configurations across all systems in the organization?
Secure baselines
An organization plans to outsource its customer service operations to a third-party vendor. The organization needs to evaluate potential vendors based on their risk profiles to ensure data security and compliance with regulatory requirements. Which of the following considerations would be the MOST important in the vendor assessment process?
The vendor's financial stability, operational reliability, and data security practices
Which cybersecurity approach monitors and analyzes the behavior of users within an organization to detect anomalies indicative of potential threats, such as insider threats, compromised accounts, or fraud?
User Behavior Analytics (UBA)/User and Entity Behavior Analytics (UEBA)
A cybersecurity analyst is implementing security measures for Near Field Communication (NFC) usage in the organization's mobile devices. Which technique should the analyst consider applying to mitigate potential risks associated with NFC technology?
Apply encryption to NFC data to prevent eavesdropping and on-path attacks.
A cybersecurity consultant is assessing risks for a new e-commerce website. The consultant identifies potential risks, evaluates their impact and likelihood, and considers the organization's ability to mitigate them. Which risk assessment methodology is the consultant MOST likely using?
Qualitative and quantitative
A multinational corporation is preparing to launch a new cloud service that will store customer data from various countries. The chief privacy officer (CPO) must ensure the service complies with cross-border data transfer regulations and individual rights under different national and international laws. What is the CPO considering?
Ensuring adherence to global data transfer frameworks and agreements
A coffee chain hired a marketing firm to set up a website that allows sign-ups. However, after running a test on the website, an error message in the browser stated that the connection was insecure. What should the marketing firm use to ensure this error message does not show up?
Public key infrastructure
A risk manager for a company providing IT support services conducts a business impact analysis (BIA) and identifies a Mission Essential Function (MEF) that relies on a server with a Mean Time Between Failures (MTBF) of 2,500 hours and a Mean Time to Repair (MTTR) of 4 hours. Given a Maximum Tolerable Downtime (MTD) of 24 hours and a Recovery Time Objective (RTO) of 6 hours for this function, what should the risk manager prioritize in the risk management strategy?
Reducing the MTTR of the server
A cybersecurity analyst in a multinational corporation is responsible for sensitive customer data and proprietary information and is now dealing with a security breach. The team is managing the incident response process using the CompTIA incident response lifecycle. The team has just completed the third step in the process. What must the team do next?
Containment
A software development company pushes a critical update for its operating system, addressing security vulnerabilities. The chief information security officer (CISO) schedules a meeting with the security team to discuss the specifics of one of these vulnerabilities exploited in recent cyberattacks. Based on common operating system vulnerabilities, which of the following has insufficient or missing data validation mechanisms that lead to the system interpreting unintended command execution?
Buffer overflow
The cybersecurity manager of a rapidly growing technology startup has just acquired a set of new Internet of Things (IoT) devices to enhance its smart office environment. However, the manager has concerns about the security of these devices due to recent reports of IoT vulnerabilities. To address this, what method would the organization use to enhance the security of these devices by changing their default configuration?
Secure baselines
A medium-sized enterprise is revamping its wireless network infrastructure to improve security. The IT manager decided to update the company's Wi-Fi authentication method as the first step. The main objective is to have a solution that ensures the identity of the connecting devices while also providing an additional layer of security for user authentication. Which Wi-Fi authentication method BEST fits the IT manager's requirement to validate device identity and robust user authentication for the company's wireless network infrastructure?
Wi-Fi Protected Access 3-Enterprise
A large multimedia company is experiencing a distributed denial of service (DDoS) attack that has led the company’s platform to become unresponsive. Customers are submitting tickets complaining that they can no longer access the platform and cannot complete their work. What BEST describes what the company is going through?
Service disruption
Your employer has a large team of software developers with constantly changing codebases for dozens of internal applications. As a part of change control any code changes go through an automated vulnerability scanning process which checks for known vulnerabilities in frameworks, programming languages, dependencies and the code itself. Due to business pressure these scans have been largely ignored and there are currently over a thousand issues found by the automated scanning. You are tasked with working with the developers and remedying 100% of the issues. What should you do next?
Organize the vulnerabilities by criticality and begin planning for solutions for the most critical vulnerabilities first