Which of the following is the BEST disaster recovery solution when resources are running in a cloud environment?

• A.Cloud provider BCDR
• B.Primary provider BCDR
• C.Alternative provider BCDR
• D.Remote provider BCDR

Comment: *

Name: *

Email: *

Verification: *

An organization is deploying a new, online digital bank and needs to ensure availability and performance. The cloud-based architecture is deployed using PaaS and SaaS solutions, and it was designed with the following considerations:
- Protection from DoS attacks against its infrastructure and web applications is in place.
- Highly available and distributed DNS is implemented.
- Static content is cached in the CDN.
- A WAF is deployed inline and is in block mode.
- Multiple public clouds are utilized in an active-passive architecture.
With the above controls in place, the bank is experiencing a slowdown on the unauthenticated payments page. Which of the following is the MOST likely cause?

• A.A DDoS attack is targeted at the CDN.
• B.The public cloud provider is applying QoS to the inbound customer traffic.
• C.The API gateway endpoints are being directly targeted.
• D.The site is experiencing a brute-force credential attack.

Comment: *

Name: *

Email: *

Verification: *

SIMULATION
You are a security analyst tasked with interpreting an Nmap scan output from company's privileged network.
The company's hardening guidelines indicate the following:
There should be one primary server or service per device.
Only default ports should be used.
Non-secure protocols should be disabled.
INSTRUCTIONS
Using the Nmap output, identify the devices on the network and their roles, and any open ports that should be closed.
For each device found by Nmap, add a device entry to the Devices Discovered list, with the following information:
The IP address of the device
The primary server or service of the device (Note that each IP should by associated with one service/port only) The protocol(s) that should be disabled based on the hardening guidelines (Note that multiple ports may need to be closed to comply with the hardening guidelines) If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.

Comment: *

Name: *

Email: *

Verification: *

An organization recently started processing, transmitting, and storing its customers' credit card information.
Within a week of doing so, the organization suffered a massive breach that resulted in the exposure of the customers' information.
Which of the following provides the BEST guidance for protecting such information while it is at rest and in transit?

• A.GDPR
• B.NIST
• C.PCI DSS
• D.ISO

Comment: *

Name: *

Email: *

Verification: *

A company has decided to purchase a license for software that is used to operate a mission-critical process.
The third-party developer is new to the industry but is delivering what the company needs at this time.
Which of the following BEST describes the reason why utilizing a source code escrow will reduce the operational risk to the company if the third party stops supporting the application?

• A.The company will be able to force the third-party developer to continue support.
• B.The company will be paid by the third-party developer to hire a new development team.
• C.The company will have access to the latest version to continue development.
• D.The company will be able to manage the third-party developer's development process.

Comment: *

Name: *

Email: *

Verification: *