Quick Links
Why Us
Unlimited Packages
Site Secure
TESTED 16 Jun 2025
We Accept
A government agency needs to deploy a secure network connection between its offices in Chicago and New York.
What should be used to facilitate this connection?
A large technology company has discovered a known vulnerability in its network infrastructure. The infrastructure contains a number of retired assets that are no longer receiving security updates, which can potentially be exploited by attackers to compromise the network. The company has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this company?
Which technique allows someone to obtain a password while it is in transit?
Which risk management strategy will ensure the secure configuration and deployment of a new supply chain management system and prevent identity theft?
Why should an information technology (IT) professional be aware of professional associations?
An organization wants to secure remote access to its servers and is looking for a secure protocol that can provide encryption and strong authentication. The organization wants to ensure that its servers can only be accessed by authorized users and that the data exchanged during the session is encrypted.
Which protocol meets the needs of the organization?
A company has recently implemented a hybrid cloud deployment. The security team has been notified about thousands of failed attempts to connect to routers and switches in the on-premises network. A solution must be implemented to block connections after three unsuccessful SSH attempts on any network device.
An IT organization needs to enable secure communication across virtual networks in Microsoft Azure and Amazon Web Services. Which protocol will offer the most reliable and secure method for data transport?
A professional services organization deployed security edge devices in key locations on its corporate network.
How will these devices improve the organization's security posture?
Which risk management strategy will ensure that data stored on an enterprise resource planning (ERP) system is secure from exploitation in the event of a data breach?
When is it better to purchase software rather than build a software solution in-house?
Which risk management strategy will ensure the secure storage of data on a new document management system?
The security team has been tasked with selecting a password complexity policy for the organization.
Which password complexity policy option should be recommended?
A healthcare organization would like to work with another healthcare organization without needing to maintain identified accounts for members of the other organization.
Which technology concept should the company use?
A retail company has recently implemented a new point of sale (POS) system that is critical to its business.
Which security control is essential for protecting the availability of the POS system?
An IT organization has recently implemented a hybrid cloud deployment. The server team is deploying a new set of domain-joined Windows servers on cloud-based virtual machines. Users must be able to use their Active Directory credentials to sign in to applications regardless of whether they are running on Windows servers in the cloud or on-premises.
Which solution should be implemented to meet the requirements?
A government agency is evaluating its business continuity plan to ensure that its operations can continue during a crisis.
What is the term used to describe the critical services that must be maintained during a disruption?
A professional services organization deployed security edge devices in key locations on its corporate network.
How will these devices improve the organization’s security posture?
The DevSecOps team for an organization manages a continuous integration and continuous deployment (CI/CD) pipeline for a three-tier web application. Management has asked the team to perform a series of comprehensive post-deployment tests to make sure that all of the components of the application can interact and function properly.
A cybersecurity analyst at a healthcare organization was tasked with analyzing the indicators of compromise (IOCs) to identify potential threats and vulnerabilities within the enterprise. Theanalyst notices unknown users logging on to the company's wireless local-area network (WLAN).
What is a potential vulnerability the healthcare organization is facing based on the IOCs identified?
A cloud service provider is concerned about the potential risks associated with hardware-based attacks on its virtual machines. The provider has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this provider?
A company has discovered a vulnerability in its Domain Name System (DNS) that could allow attackers to redirect users to malicious websites. The company has decided to implement a risk management strategy to mitigate this vulnerability.
What is the most effective risk management strategy for this vulnerability?
An IT organization recently implemented a hybrid cloud deployment. The security team must be able to correlate event data combined from different sources in a central location.
What is the best solution?
Which two options allow an application to access a database?
Choose 2 answers
An organization's engineering team is developing a mobile application that uses near-field communication (NFC) capabilities but wants to ensure that information communicated using this protocol remains confidential.
Which IT role is responsible for the installation and maintenance of hardware and software that make up a computer network?
An employee needs to execute a program from the command line.
Which peripheral device should be used?
The security team manages a set of legacy firewalls that have been in production for nearly ten years. The organization recently issued a mandate requiring that all firewalls be configured with intrusion detection controls that alert the team in real time based on inbound threats.
Which solution meets these requirements?
A financial institution is concerned about a potential data breach due to employees accessing the company network using personal devices. They have decided to implement a bring your own device (BYOD) policy to mitigate the risk.
Which risk mitigation strategy will reduce the risk of a data breach in this scenario?
A large multinational corporation maintains a complex network of data centers across the world.
Which type of disaster recovery site will ensure business continuity in case of a disaster?
A company wants to improve the security of its software development process and reduce the risk of vulnerabilities in its applications. The company is looking for a solution that can isolate its applications and provide a secure environment for development and testing.
Which security technology meets the needs of this company?
A cloud hosting provider is concerned about the potential risks associated with attacks that target the confidentiality and integrity of sensitive data stored on its servers’ volatile memory. The provider has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this provider?
An e-learning company uses Amazon Simple Storage Service (Amazon S3) to store e-books and video files that are served to customers through a custom application. The company has realized that someone has been stealing its intellectual property. Which threat actor is most likely in this scenario?
Which encryption technique can be used to enable a third-party provider to perform calculations on encrypted data without decrypting the data?
A large healthcare provider is acquiring a small clinic and has identified a full understanding of the clinic's organizational risks. The large provider has several tools it can implement to reduce the clinic's identified risks.
Which type of risk response should the healthcare provider use?
A healthcare provider is required to comply with the Health Insurance Portability and Accountability Act (HIPAA), which sets requirements for the protection of patient healthinformation. The provider uses various software applications to manage and store patient health information, which must be coded to protect its confidentiality and integrity.
Which protocol will meet the needs of this provider?
A company recently updated its disaster recovery plan (DRP) to ensure business continuity in the event of a disruptive incident.
Which step will ensure the effectiveness of the DRP?
A healthcare organization is concerned about the potential risks associated with unauthorized access to sensitive patient information on its endpoint devices. The organization has decided to implement hardening techniques and endpoint security controls to mitigate the risk.
Which hardening technique will meet the needs of this organization?
While undergoing a security audit, it is determined that an organization has several backup repositories hosted in the cloud without any level of protection.
Which action should be taken to protect the backup repositories first?
An organization wants to implement a new encryption solution to protect sensitive data stored in a database. The organization wants to ensure that the encryption solution provides strong protection for the data and is willing to sacrifice performance.
Which type of encryption meets the needs of the organization?
An IT organization needs to enable secure communication across virtual networks in Microsoft Azure and Amazon Web Services.
Which protocol will offer the most reliable and secure method for data transport?
A financial institution conducted a cybersecurity assessment, which identified several vulnerabilities including outdated software and weak password policies. The company also needs to implement a new core banking system that can handle a large number of transactions while ensuring the security of customer data.
Which risk mitigation process is the most effective approach to address these vulnerabilities, and what is the best topology for the new core banking system?
Which device does a Local Area Network (LAN) need to communicate over the Internet?
Which system conversion method deploys the new system while the old system is still operational in order to compare output?
Which block cipher mode of operation for encrypting data is simple and efficient but provides no confidentiality beyond that of the underlying block cipher?
Which algorithm is suitable for ensuring the integrity of digital documents and detecting any unauthorized modifications?
Which data type should be used to calculate 90% of the retail price of an item?
A security engineer has been asked to audit unapproved changes that have recently taken place in a corporate application.
Which logging mechanism will create an audit trail?
A small start-up is setting up its first network, and it needs to ensure that its network security is adequate. The start-up is aware of the latest cybersecurity threats and the need for strong security measures. In addition to network security, the start-up wants to ensure that it has a disaster recovery plan in place in case of any unexpected events.
Which approach will meet the needs of the start-up?
The security team has been notified about multiple man-in-the-middle (MITM) attacks happening on the wireless network over the past thirty days. Management has agreed to upgrade the network infrastructure to help eliminate these attacks.
An organization's board of directors is reviewing the risk register and attempting to evaluate whether there is too much risk for the organization.
Which metric should the board review?
A company wants to secure its computer systems and prevent any unauthorized access to its network. The company wants to implement a security solution that can restrict network traffic to only approved services and applications.
Which security technology will meet the needs of this company?
TESTED 16 Jun 2025