Question 226
An accountant at a small business is trying to understand the value of a server to determine if the business can afford to buy another server for DR. The risk manager only provided the accountant with the SLE of $24,000, ARO of 20% and the exposure factor of 25%. Which of the following is the correct asset value calculated by the accountant?
Question 227
A security consultant is conducting a penetration test against a customer enterprise local comprises local hosts and cloud-based servers The hosting service employs a multitenancy model with elastic provisioning to meet customer demand The customer runs multiple virtualized servers on each provisioned cloud host. The security consultant is able to obtain multiple sets of administrator credentials without penetrating the customer network. Which of the following is the MOST likely risk the tester exploited?
Question 228
A company wants to extend its help desk availability beyond business hours. The Chief Information Officer (CIO) decides to augment the help desk with a third-party service that will answer calls and provide Tier 1 problem resolution, suchas password resets and remote assistance. The security administrator implements the following firewall change:
The administrator provides the appropriate path and credentials to the third-party company. Which of the following technologies is MOST likelybeing used to provide access to the third company?
Question 229
Company ABC is hiring customer service representatives from Company XYZ. The representatives reside at Company XYZ's headquarters. Which of the following BEST prevents Company XYZ representatives from gaining access to unauthorized Company ABC systems?
Question 230
Users have reported that an internally developed web application is acting erratically, and the response output is inconsistent. The issue began after a web application dependency patch was applied to improve security. Which of the following would be the MOST appropriate tool to help identify the issue?