CIS-CSM

Which of the following identity access methods creates a cookie on the first login to a central authority to allow logins to subsequent applications without re-entering credentials?. Multifactor authentication. Transitive trust. Federated access. Single sign-on.

A network technician is designing a network for a small company. The network technician needs to implement an email server and web server that will be accessed by both internal employees and external customers. Which of the following would BEST secure the internal network and allow access to the needed servers?. Implementing a site-to-site VPN for server access. Implementing a DMZ segment for the server. Implementing NAT addressing for the servers. Implementing a sandbox to contain the servers.

When used together, which of the following qualify as two-factor authentication?. Password and PIN. Smart card and PIN. Proximity card and smart card. Fingerprint scanner and iris scanner.

A company has a team of penetration testers. This team has located a file on the company file server that they believe contains cleartext usernames followed by a hash. Which of the following tools should the penetration testers use to learn more about the content of this file?. Exploitation framework. Vulnerability scanner. Netcat. Password cracker.

The Chief Information Security Officer (CISO) in a company is working to maximize protection efforts of sensitive corporate data. The CISO implements a '100% shred' policy within the organization, with the intent to destroy any documentation that is not actively in use in a way that it cannot be recovered or reassembled. Which of the following attacks is this deterrent MOST likely to mitigate?. Dumpster diving. Whaling. Shoulder surfing. Vishing.