A. Distributed connection allocation

B. Local caching C

A. Threat hunting

B. A system penetration test C

A. A vulnerability

B. A threat C

A. Deploy an RA on each branch office

B. Use Delta CRLs at the branches

A. Disable powershell

B. Restart Microsoft Windows Defender

A. In the ?? environment, use a VPN from the IT environment into the ?? environment

B. In the ?? environment, allow IT traffic into the ?? environment

A. Latency

B. Data exposure C

A. Scan the code with a static code analyzer, change privileged user passwords, and provide security training

B. Change privileged usernames, review the OS logs, and deploy hardware tokens

A network architect is designing a new SD-WAN architecture to connect all local sites to a central hub site. The hub is then responsible for redirecting traffic to public cloud and datacenter applications

A. CAPTCHA

B. Input validation C

B. Local secure password file C

A. Mobile device management, remote wipe, and data loss detection

B. Conditional access, DoH, and full disk encryption C

A. Spawn a shell using sudo and an escape string such as sudo vim -c '!sh'

B. Perform ASIC password cracking on the host

E. Use the UNION operator to extract the database schema

A. Performing deep-packet inspection of all digital audio files

B. Adding identifying filesystem metadata to the digital audio files C

A security engineer needs to recommend a solution that will meet the following requirements: Identify sensitive data in the provider's network Maintain compliance with company and regulatory guidelines Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control Which of the following solutions should the security engineer recommend to address these requirements? A. AF B

A systems administrator is in the process of hardening the host systems before connecting to the network. The administrator wants to add protection to the boot loader to ensure the hosts are secure before the OS fully boots

A. Malicious installation of an application; change the MDM configuration to remove application ID 1220

B. Resource leak; recover the device for analysis and clean up the local storage

A. Create a full inventory of information and data assets

B. Ascertain the impact of an attack on the availability of crucial resources

A. Implement rate limiting on the API

B. Implement geoblocking on the WAF

A. The availability of personal data

B. The right to personal data erasure C

A. Weak ciphers are being used

B. The public key should be using ECDSA

A. Implement Privileged Access Management (PAM), keep users in the local administrators group, and enable local administrator account monitoring

B. Implement PAM, remove users from the local administrators group, and prompt users for explicit approval when elevated privileges are required

A. 65

B. 77 C

A security engineer estimates the company's popular web application experiences 100 attempted breaches per day. In the past four years, the company's data has been breached two times

A. Cookies

B. Wildcard certificates C

B. Adding identifying filesystem metadata to the digital audio files C

A. Disable BGP and implement a single static route for each internal network

B. Implement a BGP route reflector

A. Deploy a SOAR tool

B. Modify user password history and length requirements