Winter Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

The most relevant measure of customer service performance Is:

A.

service perceived by the customer against service expected by the customer.

B.

service promised to the customer against service measured by the supplier.

C.

customer complaints received as a percentage of orders shipped.

D.

positive customer feedback as a percentage of customer feedback.

An organization discovered that malicious software was installed on an employee’s work laptop and allowed a competing vendor to access confidential files. The employee was fully aware of the policy not to install unauthorized software on the organization laptop. What is the BEST automated security practice for an organization to implement to avoid this situation?

A.

Security awareness training

B.

Role-Based Access Control (RBAC)

C.

User behavior analytics solution

D.

File integrity monitoring

A financial institution is implementing an Information Technology (IT) asset management system. Which of the following capabilities is the MOST important to include?

A.

Logging the data leak protection status of the IT asset

B.

Tracking the market value of the IT asset

C.

Receiving or transferring an IT asset

D.

Recording the bandwidth and data usage of the IT asset

What is the following is the MAIN reason why hot-spot usually adopt open security mode in wireless networks?

A.

Ease of use

B.

Limitation of Infrastructure

C.

Adapter compatibility concerns

D.

Cost concerns

What can help a security professional assess and mitigate vulnerabilities of an embedded device?

A.

Conduct black-box testing.

B.

Conduct red-box testing.

C.

Conduct yellow-box testing.

D.

Conduct green-box testing.

A company’s Marketing and Sales departments have identified an opportunity to develop a new market for a product family and requested an increase in the production plan. Which of the following actions would be most appropriate to account for the new market opportunity?

A.

Increase the production plan as requested.

B.

Regenerate the material requirements plan.

C.

Regenerate the master production schedule (MPS).

D.

Present the proposal at the executive sales and operations (S&OP) meeting.

Which of the following strategies is most appropriate for a business unit with a low relative market share in a high-growth market?

A.

Using excess cash generated to fund other business units

B.

Investing in the acquisition of competitors

C.

Investing in projects to maintain market share

D.

Designing product improvements to protect market share

A warehouse manager assigns orders to warehouse personnel grouped by where the goods are stored. This type of picking is called a(n):

A.

Zone system

B.

Area system

C.

Multi-order system

D.

Pull system

Zombieload, Meltdown, Spectre, and Fallout are all names of bugs that utilized which of the following types of attack?

A.

Side-channel

B.

Fault injection

C.

Man-In-The-Middle (MITM)

D.

Frequency analysis

A Structured Query Language (SQL) database is hosted on a hardened, secure server. All unused ports are locked down, but external connections from untrusted networks are still required to be allowed through. What is the BEST way to ensure transactions to/from this server remain secure?

A.

Secure SQL service port with a Transport Layer Security (TLS) certificate.

B.

Use Multi-Factor Authentication (MFA) for all logins to the server.

C.

Secure SQL service port with a Secure Sockets Layer (SSL) certificate.

D.

Scan all connections to the server for malicious packets.

An organization has received the results of their network security risk assessment. What is the BEST course of action for the organization to take in response to the analyzed report findings?

A.

Hire a security consulting firm with specialized expertise to fix all the issues on the report and ensure the organization’s system are secure.

B.

Work with the organization’s legal team to ensure their cyber liability insurance policy will fully cover the costs of any breach related to the network risk assessment findings.

C.

Create an organizational risk response team and assign them the task of remediating all the issues or identifying and implementing compensating controls.

D.

Accept the risk of the issues within the organization’s risk tolerance and identify responses for the remainder of the issues.

A security assessor has been engaged to perform a penetration test on control system components located on a shipping vessel. The individuals on the ship do not have any knowledge of how the component is configured or its internal workings. Which of the following test types does this scenario call for?

A.

Tandem testing

B.

Blind testing

C.

Double-gray testing

D.

Double-blind testing

Which of the following protocols BEST provides for the secure transfer of voice, data, and video over a network?

A.

Transmission Control Protocol (TCP)

B.

Voice Over Internet Protocol (VoIP)

C.

User Datagram Protocol (UDP)

D.

HyperText Transfer Protocol Secure (HTTPS)

The development team wants new commercial software to Integrate into the current systems. What steps can the security office take to ensure the software has no vulnerabilities?

A.

Request a copy of the most recent System and Organization Controls (SOC) report and/or most recent security audit reports and any vulnerability scans of the software code from the vendor.

B.

Purchase the software, deploy it in a test environment, and perform Dynamic Application Security Testing (DAST) on the software.

C.

Request a software demo with permission to have a third-party penetration test completed on it.

D.

Ask the development team to reevaluate the current program and have a toolset developed securely within the organization.

An organization is updating an Application Programming Interface (API) to support requests coming from mobile applications distributed on public application stores. The API’s primary function is to supply confidential documents when users request them within the mobile application. Which approach would BEST respond to this use case?

A.

Require that the user supplies their credential to access confidential documents.

B.

Require a Virtual Private Network (VPN) connection to the organization's network to access confidential documents.

C.

Implement Security Assertion Markup Language (SAML) to validate the identity of the user requesting access to confidential documents.

D.

Implement Open Authorization (OAuth) 2.0 to require the users to request permission to access confidential documents.