An educational institution would like to make computer labs available to remote students.
The labs are used for various IT networking, security, and programming courses. The requirements are:
Each lab must be on a separate network segment.
Labs must have access to the Internet, but not other lab networks.
Student devices must have network access, not simple access to hosts on the lab networks.
Students must have a private certificate installed before gaining access.
Servers must have a private certificate installed locally to provide assurance to the students.
All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?

• A.L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
• B.SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
• C.IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
• D.Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

Comment: *

Name: *

Email: *

Verification: *

A security analyst works for a defense contractor that produces classified research on drones.
The contractor faces nearly constant attacks from sophisticated nation-state actors and other APIs.
Which of the following would help protect the confidentiality of the research data?

• A.Use diverse components in layers throughout the architecture
• B.Purge all data remnants from client devices' volatile memory at regularly scheduled intervals
• C.Implement non-heterogeneous components at the network perimeter
• D.Use only in-house developed applications that adhere to strict SDLC security requirements

Comment: *

Name: *

Email: *

Verification: *

A company has gone through a round of phishing attacks. More than 200 users have had their workstation infected because they clicked on a link in an email. An incident analysis has determined an executable ran and compromised the administrator account on each workstation.
Management is demanding the information security team prevent this from happening again.
Which of the following would BEST prevent this from happening again?

• A.Awareness training
• B.Application whitelisting
• C.Log monitoring
• D.Patch management
• E.Antivirus

Comment: *

Name: *

Email: *

Verification: *

An internal penetration tester was assessing a recruiting page for potential issues before it was pushed to the production website. The penetration tester discovers an issue that must be corrected before the page goes live.
The web host administrator collects the log files below and gives them to the development team so improvements can be made to the security design of the website.

Which of the following types of attack vector did the penetration tester use?

• A.SQL injection
• B.CSRF
• C.Brute force
• D.XSS
• E.TOC/TOU

Comment: *

Name: *

Email: *

Verification: *

Which of the following controls primarily detects abuse of privilege but does not prevent it?

• A.Off-boarding
• B.Least privilege
• C.Job rotation
• D.Separation of duties

Comment: *

Name: *

Email: *

Verification: *