A company monitors the performance of all web servers using WMI. A network administrator informs the security engineer that web servers hosting the company's client-facing portal are running slowly today. After some investigation, the security engineer notices a large number of attempts at enumerating host information via SNMP from multiple IP addresses.
Which of the following would be the BEST technique for the security engineer to employ in an attempt to prevent reconnaissance activity?

• A.Disable inbound traffic from offending sources
• B.Disable SNMP on the web servers
• C.Install anti-DDoS protection in the DMZ
• D.Install a HIPS on the web servers

Comment: *

Name: *

Email: *

Verification: *

Engineers at a company believe a certain type of data should be protected from competitors, but the data owner insists the information is not sensitive. An information security engineer is implementing controls to secure the corporate SAN. The controls require dividing data into four groups: non-sensitive, sensitive but accessible, sensitive but export-controlled, and extremely sensitive. Which of the following actions should the engineer take regarding the data?

• A.Label the data as sensitive but accessible.
• B.Label the data as extremely sensitive.
• C.Label the data as non-sensitive.
• D.Label the data as sensitive but export-controlled.

Comment: *

Name: *

Email: *

Verification: *

A security analyst is classifying data based on input from data owners and other stakeholders. The analyst has identified three data types:
1. Financially sensitive data
2. Project data
3. Sensitive project data
The analyst proposes that the data be protected in two major groups, with further access control separating the financially sensitive data from the sensitive project data. The normal project data will be stored in a separate, less secure location. Some stakeholders are concerned about the recommended approach and insist that commingling data from different sensitive projects would leave them vulnerable to industrial espionage.
Which of the following is the BEST course of action for the analyst to recommend?

• A.Meet with the affected stakeholders and determine which security controls would be sufficient to address the newly raised risks.
• B.Conduct a quantitative evaluation of the risks associated with commingling the data and reject or accept the concerns raised by the stakeholders.
• C.Use qualitative methods to determine aggregate risk scores for each project and use the derived scores to more finely segregate the data.
• D.Increase the number of available data storage devices to provide enough capacity for physical separation of non-sensitive project data.

Comment: *

Name: *

Email: *

Verification: *

An administrator wants to install a patch to an application.
INSTRUCTIONS
Given the scenario, download, verify, and
install the patch in the most secure manner.
The last install that is completed will be the final submission.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

• A.In this case the second link should be used (This may vary in actual exam). The first link showed the following error so it should not be used.
  
  Also, Two of the link choices used HTTP and not HTTPS as shown when hovering over the links as shown:
  
  Since we need to do this in the most secure manner possible, they should not be used.Finally, the second link was used and the MD5 utility of MD5sum should be used on the install.exe file as shown. Make sure that the hash matches.
  Finally, type in install.exe to install it and make sure there are no signature verification errors.
• B.In this case the second link should be used (This may vary in actual exam). The first link showed the following error so it should not be used.
  
  Also, Two of the link choices used HTTP and not HTTPS as shown when hovering over the links as shown:
  
  Since we need to do this in the most secure manner possible, they should not be used.Finally, the second link was used and the MD5 utility of MD5sum should be used on the install.exe file as shown. Make sure that the hash matches.
  
  Finally, type in install.exe to install it and make sure there are no signature verification errors.

Comment: *

Name: *

Email: *

Verification: *

A security analyst, who is working in a Windows environment, has noticed a significant amount of IPv6 traffic originating from a client, even though IPv6 is not currently in use. The client is a stand-alone device, not connected to the AD that manages a series of SCADA devices used for manufacturing. Which of the following is the appropriate command to disable the client's IPv6 stack?

• A.Option A
• B.Option D
• C.Option B
• D.Option C

Comment: *

Name: *

Email: *

Verification: *