A medical facility wants to purchase mobile devices for doctors and nurses. To ensure accountability, each individual will be assigned a separate mobile device. Additionally, to protect patients' health information, management has identified the following requirements:
* Data must be encrypted at rest.
* The device must be disabled if it leaves the facility.
* The device must be disabled when tampered with.
Which of the following technologies would BEST support these requirements? (Select two.)

• A.eFuse
• B.NFC
• C.GPS
• D.Biometric
• E.USB 4.1
• F.MicroSD

Comment: *

Name: *

Email: *

Verification: *

An organization is in the process ofintegrating its operational technology and information technology areas. As part of the integration, some of the cultural aspects it would like to see include more efficient use of resources during change windows, better protection of critical infrastructure, and the ability to respond to incidents. The following observations have been identified:
* The ICS supplier has specified that any software installed will result in lack of support.
* There is no documented trust boundary defined between the SCADA and corporate networks.
* Operational technology staff have to manage the SCADA equipment via the engineering workstation.
* There is a lack of understanding of what is within the SCADA network.
Which of the following capabilities would BEST improve the security position?

• A.Proxy, VPN, and WAF
• B.VNC, router, and HIPS
• C.IDS, NAC, and log monitoring
• D.SIEM, VPN, and firewall

Comment: *

Name: *

Email: *

Verification: *

A security administrator wants to calculate the ROI of a security design which includes the purchase of new equipment. The equipment costs $50,000 and it will take 50 hours to install and configure the equipment. The administrator plans to hire a contractor at a rate of $100/hour to do the installation. Given that the new design and equipment will allow the company to increase revenue and make an additional $100,000 on the first year, which of the following is the ROI expressed as a percentage for the first year?

• A.-45 percent
• B.5.5 percent
• C.45 percent
• D.82 percent

Comment: *

Name: *

Email: *

Verification: *

A system administrator recently conducted a vulnerability scan of the internet. Subsequently, the organization was successfully attacked by an adversary. Which of the following in the MOST likely for why the organization network was compromised?

• A.The vulnerability database was not updated.
• B.There was a false positive since the network was fully patched.
• C.The system administrator did not perform a full system sun.
• D.The systems administrator performed a credentialed scan.

Comment: *

Name: *

Email: *

Verification: *

A penetration test is being scoped for a set of web services with API endpoints. The APIs will be hosted on existing web application servers. Some of the new APIs will be available to unauthenticated users, but some will only be available to authenticated users. Which of the following tools or activities would the penetration tester MOST likely use or do during the engagement? (Choose two.)

• A.Intercepting proxy
• B.Reverse engineering
• C.User acceptance testing
• D.Port scanner
• E.Static code analyzer
• F.Reconnaissance gathering

Comment: *

Name: *

Email: *

Verification: *