Question 71
The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator's advantage. Which of the following would allow a third-party consultant to conduct an on-site review of the administrator's activity?
Question 72
Due to compliance regulations, a company requires a yearly penetration test. The Chief Information Security Officer (CISO) has asked that it be done under a black box methodology.
Which of the following would be the advantage of conducting this kind of penetration test?
Which of the following would be the advantage of conducting this kind of penetration test?
Question 73
A company has created a policy to allow employees to use their personally owned devices.
The Chief Information Officer (CISO) is getting reports of company data appearing on unapproved forums and an increase in theft of personal electronic devices. Which of the following security controls would BEST reduce the risk of exposure?
The Chief Information Officer (CISO) is getting reports of company data appearing on unapproved forums and an increase in theft of personal electronic devices. Which of the following security controls would BEST reduce the risk of exposure?
Question 74
To prepare for an upcoming audit, the Chief Information Security Officer (CISO) asks for all 1200
vulnerabilities on production servers to be remediated. The security engineer must determine which
vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the
most dangerous risks. The CISO wants the security engineer to act in the same manner as would an
external threat, while using vulnerability scan results to prioritize any actions. Which of the following
approaches is described?
vulnerabilities on production servers to be remediated. The security engineer must determine which
vulnerabilities represent real threats that can be exploited so resources can be prioritized to migrate the
most dangerous risks. The CISO wants the security engineer to act in the same manner as would an
external threat, while using vulnerability scan results to prioritize any actions. Which of the following
approaches is described?
Question 75
An organization is in the process of integrating its operational technology and information technology areas.
As part of the integration, some of the cultural aspects it would like to see include more efficient use of resources during change windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations have been identified:
* The ICS supplier has specified that any software installed will result in lack of support.
* There is no documented trust boundary defined between the SCADA and corporate networks.
* Operational technology staff have to manage the SCADA equipment via the engineering workstation.
* There is a lack of understanding of what is within the SCADA network.
Which of the following capabilities would BEST improve the security position?
As part of the integration, some of the cultural aspects it would like to see include more efficient use of resources during change windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations have been identified:
* The ICS supplier has specified that any software installed will result in lack of support.
* There is no documented trust boundary defined between the SCADA and corporate networks.
* Operational technology staff have to manage the SCADA equipment via the engineering workstation.
* There is a lack of understanding of what is within the SCADA network.
Which of the following capabilities would BEST improve the security position?