A company has decided to move an ERP application to a public cloud vendor. The company wants to replicate some of its global policies from on premises to cloud. The policies include data encryption, token management, and limited user access to the ERP application. The Chief Information Officer (CIO) is mainly concerned about privileged accounts that might be compromised and used to alter data in the ERP application. Which of the following is the BEST option to meet the requirements?

• A.Sandboxing
• B.CASB
• C.MFA
• D.Security as a service

Comment: *

Name: *

Email: *

Verification: *

Executive management is asking for a new manufacturing control and workflow automation solution. This application will facilitate management of proprietary information and closely guarded corporate trade secrets.
The information security team has been a part of the department meetings and come away with the following notes:
Human resources would like complete access to employee data stored in the application. They would like automated data interchange with the employee management application, a cloud-based SaaS application.
Sales is asking for easy order tracking to facilitate feedback to customers.
Legal is asking for adequate safeguards to protect trade secrets. They are also concerned with data ownership questions and legal jurisdiction.
Manufacturing is asking for ease of use. Employees working the assembly line cannot be bothered with additional steps or overhead. System interaction needs to be quick and easy.
Quality assurance is concerned about managing the end product and tracking overall performance of the product being produced. They would like read-only access to the entire workflow process for monitoring and baselining.
The favored solution is a user friendly software application that would be hosted onsite. It has extensive ACL functionality, but also has readily available APIs for extensibility. It supports read-only access, kiosk automation, custom fields, and data encryption.
Which of the following departments' request is in contrast to the favored solution?

• A.Manufacturing
• B.Legal
• C.Sales
• D.Quality assurance
• E.Human resources

Comment: *

Name: *

Email: *

Verification: *

A company has noticed recently that its corporate information has ended up on an online forum.
An investigation has identified that internal employees are sharing confidential corporate information on a daily basis. Which of the following are the MOST effective security controls that can be implemented to stop the above problem? (Select TWO).

• A.Implement a URL filter to block the online forum
• B.Implement NIDS on the desktop and DMZ networks
• C.Security awareness compliance training for all employees
• D.Implement DLP on the desktop, email gateway, and web proxies
• E.Review of security policies and procedures

Comment: *

Name: *

Email: *

Verification: *

An administrator attempts to install the package "named.9.3.6-12-x86_64.rpm" on a server.
Even though the package was downloaded from the official repository, the server states the package cannot be installed because no GPG key is found.
Which of the following should the administrator perform to allow the program to be installed?

• A.Import the repository's public key.
• B.Download the file from the program publisher's website.
• C.Generate RSA and DSA keys using GPG.
• D.Run sha1sum and verify the hash.

Comment: *

Name: *

Email: *

Verification: *

A security consultant is attempting to discover if the company is utilizing databases on client machines to store the customer data. The consultant reviews the following information:

Which of the following commands would have provided this output?

• A.ifconfig -arp
• B.sqlmap -w
• C.arp -s
• D.netstat -a

Comment: *

Name: *

Email: *

Verification: *