Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

A company has discovered a vulnerability in its lightweight directory access protocol (LDAP) implementation, which could potentially allow unauthorized access to sensitive information. The company has decided to implement risk mitigation strategies to reduce the risk associated with this vulnerability.

Which risk mitigation strategy will meet the needs of the company?

A.

Conducting regular security awareness training for employees to prevent social engineering attacks targeting LDAP credentials

B.

Regularly backing up data stored in the LDAP server to prevent data loss in the event of a breach

C.

Implementing intrusion detection and prevention systems (IDPS) to monitor for suspicious activities and potential LDAP attacks

D.

Implementing strong authentication mechanisms and encryption protocols to secure communication between the LDAP server and clients

How do data support an organization's business goals?

A.

Data create opportunities to compete for potential customers.

B.

Data can be manipulated to support desired outcomes.

C.

Data provide information for business decisions.

D.

Data ensure an organization's business goals are met.

A company is developing a new system to process personal information about its customers, including their names, addresses, and purchase histories.

Which term describes the process of identifying and evaluating the potential effects that the new system may have on the privacy of personal information and developing strategies to mitigate those risks?

A.

Disaster recovery (DR)

B.

Business continuity planning (BCP)

C.

Data Protection Impact Assessment (DPIA)

D.

Risk management

Which protocol can be used to provide secure email communication and ensure the confidentiality, integrity, and authenticity of email messages?

A.

Simple Mail Transfer Protocol (SMTP)

B.

Pretty Good Privacy (PGP)

C.

Secure/Multipurpose Internet Mail Extensions (S/MIME)

D.

Internet Protocol Security (IPsec)

The DevSecOps team for an organization manages a continuous integration and continuous deployment (CI/CD) pipeline for a three-tier web application. Management has asked the team toperform a series of comprehensive post-deployment tests to make sure that all of the components of the application can interact and function properly.

What should the team recommend?

A.

Static code analysis

B.

Dynamic code analysis

C.

Integration testing

D.

Package scanning

After a recent security assessment, it was discovered that many company devices have unnecessary ports opened to the network.

What should the company configure to fix this?

A.

Intrusion prevention system

B.

Web application firewall

C.

Device hardening

D.

Intrusion detection system

An IT organization has recently implemented a hybrid cloud deployment. The server team is deploying a new set of domain-joined Windows servers on cloud-based virtual machines. Users must be able to use their Active Directory credentials to sign in to applications regardless of whether they are running on Windows servers in the cloud or on-premises.

Which solution should be implemented to meet the requirements?

A.

Two-step verification

B.

Challenge-Handshake Authentication Protocol (CHAP)

C.

Privileged identity management

D.

Identity federation

A financial institution conducted a cybersecurity assessment, which identified several vulnerabilities, including outdated software and weak password policies. The company also needs to implement a new core banking system that can handle a large number of transactions while ensuring the security of customer data.

Which risk mitigation process is the most effective approach to address these vulnerabilities, and what is the best topology for the new core banking system?

A.

Creating strong password policies and enforcing multifactor authentication and using public cloud topology

B.

Implementing security patches and updates on a regular basis and using hybrid cloud topology

C.

Installing antivirus software on all endpoints and using on-premise topology

D.

Conducting regular security audits and penetration testing and using private cloud topology

A large multinational corporation maintains a complex network of data centers across the world.

Which type of disaster recovery site will ensure business continuity in case of a disaster?

A.

A mobile data center that can be deployed to the disaster zone

B.

A fully equipped hot site with up-to-date hardware and software

C.

A secondary location with basic backup hardware and software

D.

A remote location with cloud-based backups

What is a component of IT infrastructure?

A.

Data

B.

People

C.

Networks

D.

Printer