A security analyst, who is working in a Windows environment, has noticed a significant amount of IPv6 traffic originating from a client, even though IPv6 is not currently in use. The client is a stand-alone device, not connected to the AD that manages a series of SCADA devices used for manufacturing. Which of the following is the appropriate command to disable the client's IPv6 stack?

• A.
• B.
• C.
• D.

Comment: *

Name: *

Email: *

Verification: *

A security engineer must establish a method to assess compliance with company security policies as they apply to the unique configuration of individual endpoints, as well as to the shared configuration policies of common devices.

Which of the following tools is the security engineer using to produce the above output?

• A.Vulnerability scanner
• B.SIEM
• C.Port scanner
• D.SCAP scanner

Comment: *

Name: *

Email: *

Verification: *

A large company with a very complex IT environment is considering a move from an on-premises, internally managed proxy to a cloud-based proxy solution managed by an external vendor. The current proxy provides caching, content filtering, malware analysis, and URL categorization for all staff connected behind the proxy. Staff members connect directly to the Internet outside of the corporate network. The cloud-based version of the solution would provide content filtering, TLS decryption, malware analysis, and URL categorization. After migrating to the cloud solution, all internal proxies would be decommissioned. Which of the following would MOST likely change the company's risk profile?

• A.1. There would be a loss of internal intellectual knowledge regarding proxy configurations and application data flows.2. There would be a greater likelihood of Internet access outages due to lower resilience of cloud gateways.3. There would be data sovereignty concerns due to changes required in routing and proxy PAC files.
• B.1. The loss of local caching would dramatically increase ISP changes and impact existing bandwidth.2. There would be a greater likelihood of Internet access outages due to lower resilience of cloud gateways.3. There would be a loss of internal intellectual knowledge regarding proxy configurations and application data flows.
• C.1. Outages would be likely to occur for systems or applications with hard-coded proxy information.2. The service would provide some level of protection for staff members working from home.3. Malware detection times would decrease due to third-party management of the service.
• D.1. The external vendor would have access to inbound and outbound gateway traffic.2. The service would provide some level of protection for staff working from home.3. Outages would be likely to occur for systems or applications with hard-coded proxy information.

Comment: *

Name: *

Email: *

Verification: *

The Chief Information Security Officer (CISO) at a company knows that many users store business documents on public cloud-based storage, and realizes this is a risk to the company. In response, the CISO implements a mandatory training course in which all employees are instructed on the proper use of cloud-based storage. Which of the following risk strategies did the CISO implement?

• A.Avoid
• B.Accept
• C.Mitigate
• D.Transfer

Comment: *

Name: *

Email: *

Verification: *

A database administrator is required to adhere to and implement privacy principles when executing daily
tasks. A manager directs the administrator to reduce the number of unique instances of PII stored within an
organization's systems to the greatest extent possible.
Which of the following principles is being demonstrated?

• A.Record transparency
• B.PII security
• C.Data minimization
• D.Administrator accountability

Comment: *

Name: *

Email: *

Verification: *