A Chief Information Security Officer (CISO) has requested that a SIEM solution be implemented. The CISO wants to know upfront what the projected TCO would be before looking further into this concern. Two vendor proposals have been received:
Vendor A: product-based solution which can be purchased by the pharmaceutical company.
Capital expenses to cover central log collectors, correlators, storage and management consoles expected to be
$150,000. Operational expenses are expected to be a 0.5 full time employee (FTE) to manage the solution, and
1 full time employee to respond to incidents per year.
Vendor B: managed service-based solution which can be the outsourcer for the pharmaceutical company's needs.
Bundled offering expected to be $100,000 per year.
Operational expenses for the pharmaceutical company to partner with the vendor are expected to be a 0.5 FTE per year.
Internal employee costs are averaged to be $80,000 per year per FTE. Based on calculating TCO of the two vendor proposals over a 5 year period, which of the following options is MOST accurate?

• A.Based on cost alone, having an outsourced solution appears cheaper.
• B.Based on cost alone, having an outsourced solution appears to be more expensive.
• C.Based on cost alone, both outsourced an in-sourced solutions appear to be the same.
• D.Based on cost alone, having a purchased product solution appears cheaper.

Comment: *

Name: *

Email: *

Verification: *

Click on the exhibit buttons to view the four messages.





A security architect is working with a project team to deliver an important service that stores and processes customer banking details. The project, internally known as ProjectX, is due to launch its first set of features publicly within a week, but the team has not been able to implement encryption-at-rest of the customer records. The security architect is drafting an escalation email to senior leadership.
Which of the following BEST conveys the business impact for senior leadership?

• A.Message 2
• B.Message 1
• C.Message 4
• D.Message 3

Comment: *

Name: *

Email: *

Verification: *

An educational institution would like to make computer labs available to remote students. The labs are used for various IT networking, security, and programming courses. The requirements are:
Each lab must be on a separate network segment.
Labs must have access to the Internet, but not other lab networks.
Student devices must have network access, not simple access to hosts on the lab networks.
Students must have a private certificate installed before gaining access.
Servers must have a private certificate installed locally to provide assurance to the students.
All students must use the same VPN connection profile.
Which of the following components should be used to achieve the design in conjunction with directory services?

• A.L2TP VPN over TLS for remote connectivity, SAML for federated authentication, firewalls between each lab segment
• B.SSL VPN for remote connectivity, directory services groups for each lab group, ACLs on routing equipment
• C.IPSec VPN with mutual authentication for remote connectivity, RADIUS for authentication, ACLs on network equipment
• D.Cloud service remote access tool for remote connectivity, OAuth for authentication, ACL on routing equipment

Comment: *

Name: *

Email: *

Verification: *

IT staff within a company often conduct remote desktop sharing sessions with vendors to troubleshoot vendor product-related issues. Drag and drop the following security controls to match the associated security concern.
Options may be used once or not at all.

Correct Answer:

Explanation

Vendor may accidentally or maliciously make changes to the IT system - Allow view-only access.
With view-only access, the third party can view the desktop but cannot interact with it. In other words, they cannot control the keyboard or mouse to make any changes.
Desktop sharing traffic may be intercepted by network attackers - Use SSL for remote sessions.
SSL (Secure Sockets Layer) encrypts data in transit between computers. If an attacker intercepted the traffic, the data would be encrypted and therefore unreadable to the attacker.
No guarantees that shoulder surfing attacks are not occurring at the vendor - Identified control gap.
Shoulder surfing is where someone else gains information by looking at your computer screen. This should be identified as a risk. A control gap occurs when there are either insufficient or no actions taken to avoid or mitigate a significant risk.
Vendor may inadvertently see confidential material from the company such as email and IMs - Limit desktop session to certain windows.
The easiest way to prevent a third party from viewing your emails and IMs is to close the email and IM application windows for the duration of the desktop sharing session.

Comment: *

Name: *

Email: *

Verification: *

A company enlists a trusted agent to implement a way to authenticate email senders positively Which of the following is the BEST method for the company to prove Vie authenticity of the message?

• A.issue PlN-enabled hardware tokens
• B.Configure the server to encrypt all messages in transit
• C.include a hash in the body of the message
• D.Create a CA win all users

Comment: *

Name: *

Email: *

Verification: *