Question 41
A security engineer is analyzing an application during a security assessment to ensure it is configured to protect against common threats. Given the output below:
Which of the following tools did the security engineer MOST likely use to generate this output?
Question 42
Company XYZ has experienced a breach and has requested an internal investigation be conducted by the IT Department.
Which of the following represents the correct order of the investigation process?
Question 43
An organization is currently performing a market scan for managed security services and EDR capability.
Which of the following business documents should be released to the prospective vendors in the first step of the process? (Choose two.)
Question 44
Drag and drop the cloud deployment model to the associated use-case scenario. Options may be used only once or not at all.
Question 45
A security consultant was hired to audit a company's password are account policy. The company implements the following controls:
Minimum password length: 16
Maximum password age: 0
Minimum password age: 0
Password complexity: disabled
Store passwords in plain text: disabled
Failed attempts lockout: 3
Lockout timeout: 1 hour
The password database uses salted hashes and PBKDF2. Which of the following is MOST likely to yield the greatest number of plain text passwords in the shortest amount of time?