A security analyst needs to find real-time data on the latest malware and IoCs.
Which of the following best describe the solution the analyst should pursue? Advisories and bulletins Threat feeds Security news articles Peer-reviewed content.
Which of the following would cause a Chief Information Security Officer (CISO) the MOST concern
regarding newly installed Internet-accessible 4K surveillance cameras? An inability to monitor 100%, of every facility could expose the company to unnecessary risk. The cameras could be compromised if not patched in a timely manner. Physical security at the facility may not protect the cameras from theft. Exported videos may take up excessive space on the file servers.
An information security officer at a credit card transaction company is conducting a framework-mapping
exercise with the internal controls. The company recently established a new office in Europe.
To which of the following frameworks should the security officer map the existing controls? (Select TWO) ISO PCI DSS SOC GDPR CSA NIST.
A global company is experiencing unauthorized logging due to credential theft and account lockouts
caused by brute-force attacks. The company is considering implementing a third- party identity provider to
help mitigate these attacks.
Which of the following would be the BEST control for the company to require from prospective vendors'? IP restrictions Multifactor authentication A banned password list A complex password policy.
While reviewing the wireless router, the systems administrator of a small business determines someone is
spoofing the MAC address of an authorized device. Given the table below: Conduct a ping sweep. Physically check each system, Deny Internet access to the "UNKNOWN" hostname. Apply MAC filtering,.
Ann, a forensic analyst, needs to prove that the data she originally acquired has remained unchanged
while in her custody.
Which of the following should Ann use? Chain of custody Checksums Non-repudiation Legal hold.
A company has discovered unauthorized devices are using its WiFi network, and it wants to harden the
access point to improve security.
Which of the following configuration should an analyst enable to improve security? (Select Two) RADIUS PEAP WPS WEP-TKIP SSL WPA2-PSK.
To mitigate the impact of a single VM being compromised by another VM on the same hypervisor, an
administrator would like to utilize a technical control to further segregate the traffic.
Which of the following solutions would BEST accomplish this objective? Install a hypervisor firewall to filter east-west traffic Add more VLANs to the hypervisor network switches. Move exposed or vulnerable VMs to the DMZ. Implement a zero-trust policy and physically segregate the hypervisor servers.
A security analyst is investigating a vulnerability in which a default file permission was set incorrectly. The
company uses non-credentialed scanning for vulnerability management.
Which of the following tools can the analyst use to verify the permissions? ssh chmod ls setuid nessus v.
A company just implemented a new telework policy that allows employees to use personal devices for
official email and file sharing while working from home. Some of the requirements are:
1. Employees must provide an alternate work location (i.e., a home address)
2. Employees must install software on the device that will prevent the loss of proprietary data but will not
restrict any other software from being installed.
Which of the following BEST describes the MDM options the company is using? Geofencing, content management, remote wipe, containerization, and storage segmentation Content management, remote wipe, geolocation, context-aware authentication, and containerization Application management, remote wipe, geofencing, context-aware authentication, and containerization Remote wipe, geolocation, screen locks, storage segmentation, and full-device encryption.
A multinational organization that offers web-based services has datacenters that are located only in the
United States; however, a large number of its customers are in Australia, Europe, and China. Payments for
services are managed by a third party in the United Kingdom that specializes in payment gateways. The
management team is concerned the organization is not compliant with privacy laws that cover some of its
customers.
Which of the following frameworks should the management team follow? Payment Card Industry Data Security Standard Cloud Security Alliance Best Practices ISO/IEC 27032 Cybersecurity Guidelines General Data Protection Regulation.
An organization regularly scans its infrastructure for missing security patches but is concerned about
hackers gaining access to the scanner's account. Which of the following would be BEST to minimize this
risk? Require a complex, eight-character password that is updated every 90 days. Perform only non-intrusive scans of workstations Use non-credentialed scans against high-risk servers. Log and alert on unusual scanner account logon times.
The concept of connecting a user account across the systems of multiple enterprises is BEST known as: federation a remote access policy. multifactor authentication. single sign-on.
A Chief Security Officer (CSO) was notified that a customer was able to access confidential internal
company files on a commonly used file-sharing service. The file-sharing service is the same one used by
company staff as one of its approved third- party applications. After further investigation, the security team
determines the sharing of confidential files was accidental and not malicious. However, the CSO wants to
implement changes to minimize this type of incident from reoccurring but does not want to impact existing
business processes.
Which of the following would BEST meet the CSO's objectives? DLP SWG CASB Virtual network segmentation Container security.
Joe. a security analyst, recently performed a network discovery to fully understand his organization's
electronic footprint from a "public" perspective. Joe ran a set of commands and received the following
output: Joe used Who is to produce this output. Joe used cURL to produce this output. Joe used Wireshark to produce this output The organization has adequate information available in public registration. The organization has too much information available in public registration The organization has too little information available in public registration.
A security administrator is trying to determine whether a server is vulnerable to a range of attacks. After
using a tool, the administrator obtains the following output: Memory leak Race conditions SQL injection Directory traversal.
After installing a Windows server, a cybersecurity administrator needs to harden it, following security best
practices.
Which of the following will achieve the administrator's goal? (Select TWO). Disabling guest accounts Disabling service accounts Enabling network sharing Disabling NetBIOS over TCP/IP Storing LAN manager hash values Enabling NTLM.
A SOC is implementing an in sider-threat-detection program. The primary concern is that users may be
accessing confidential data without authorization.
Which of the following should be deployed to detect a potential insider threat? A honeyfile ADMZ DLP File integrity monitoring.
A security analyst is reviewing a penetration-testing report from a third-party contractor. The penetration
testers used the organization's new API to bypass a driver to perform privilege escalation on the
organization's web servers. Upon looking at the API, the security analyst realizes the particular API call
was to a legacy system running an outdated OS.
Which of the following is the MOST likely attack type? Request forgery Session replay DLL injection Shimming.
Which of the following BEST describes the MFA attribute that requires a callback on a predefined landline? Something you exhibit Something you can do Someone you know Somewhere you are.
A security an analyst needs to implement security features across smartphones. laptops, and tablets
Which of the following would be the MOST effective across heterogeneous platforms? Enforcing encryption Deploying GPOs Removing administrative permissions Applying MDM software.
Which of the following is the correct order of volatility from MOST to LEAST volatile? Memory, temporary filesystems, routing tables, disk, network storage Cache, memory, temporary filesystems, disk, archival media Memory, disk, temporary filesystems, cache, archival media Cache, disk, temporary filesystems, network storage, archival media.
A recent security assessment revealed that an actor exploited a vulnerable workstation within an
organization and has persisted on the network for several months. The organization realizes the need to
reassess Its security.
Strategy for mitigating risks within the perimeter
Which of the following solutions would BEST support the organization's strategy? FIM DLP EDR UTM.
A user must introduce a password and a USB key to authenticate against a secure computer, and
authentication is limited to the state in which the company resides.
Which of the following authentication concepts are in use? Something you know, something you have, and somewhere you are Something you know, something you can do, and somewhere you are Something you are, something you know, and something you can exhibit Something you have, somewhere you are, and someone you know.
A security analyst b concerned about traffic initiated to the dark web from the corporate LAN.
Which of the following networks should he analyst monitor? SFTP AS Tor IoC.
A major political party experienced a server breach. The hacker then publicly posted stolen internal
communications concerning campaign strategies to give the opposition party an advantage.
Which of the following BEST describes these threat actors? Semi-authorized hackers State actors Script kiddies Advanced persistent threats.
During a security assessment, a security finds a file with overly permissive permissions.
Which of the following tools will allow the analyst to reduce the permission for the existing users and
groups and remove the set-user-ID from the file? ls chflags chmod leof setuid.
An end user reports a computer has been acting slower than normal for a few weeks, During an
investigation, an analyst determines the system 3 sending the users email address and a ten-digit number
ta an IP address once a day. The only resent log entry regarding the user's computer is the following: The end user purchased and installed 2 PUP from a web browser 4 bot on the computer is rule forcing passwords against a website A hacker Is attempting to exfiltrated sensitive data. Ransomware is communicating with a command-and-control server.
A company just developed a new web application for a government agency. The application must be
assessed and authorized prior to being deployed.
Which of the following is required to assess the vulnerabilities resident in the application? Repository transaction logs Common Vulnerabilities and Exposures Static code analysis Non-credentialed scans.
An organization has implemented a two-step verification process to protect user access to data that is stored in the cloud. Each employee now uses an email address or mobile number to receive a code to access the data. Which of the following authentication methods did the organization implement? Token key Static code Push notification OTP.
An.. that has a large number of mobile devices is exploring enhanced security controls to manage
unauthorized access if a device is lost or stolen. Specifically, if mobile devices are more than 3mi (4 8km)
from the building, the management team would like to have the security team alerted and server resources
restricted on those devices.
Which of the following controls should the organization implement? Geofencing Lockout Near-field communication GPS tagging.
An organization's finance department is implementing a policy to protect against collusion.
Which of the following control types and corresponding procedures should the organization implement to
fulfill this policy's requirement? (Select TWO) Corrective Deterrent Preventive Mandatory vacations Job rotation Separation of duties.
An incident, which is affecting dozens of systems, involves malware that reaches out to an Internet service
for rules and updates. The IP addresses for the Internet host appear to be different in each case. The
organization would like to determine a common IoC to support response and recovery actions.
Which of the following sources of information would BEST support this solution? Web log files Browser cache DNS query logs Antivirus.
A Chief Executive Officer (CEO) is dissatisfied with the level of service from the company's new service
provider. The service provider is preventing the CEO.From sending email from a work account to a
personal account.
Which of the following types of service providers is being used? Telecommunications service provider Cloud service provider Master managed service provider Managed security service provider.
Which of the following often operates in a client-server architecture to act as a service repository. providing
enterprise consumers access to structured threat intelligence data? STIX CIRT OSINT TAXII.
Which of the following would be BEST for a technician to review to determine the total risk an organization
can bear when assessing a "cloud-first" adoption strategy? Risk matrix Risk tolerance Risk register Risk appetite.
The lessons-learned analysis from a recent incident reveals that an administrative office worker received a
call from someone claiming to be from technical support. The caller convinced the office worker to visit a
website, and then download and install a program masquerading as an antivirus package. The program
was actually a backdoor that an attacker could later use to remote control the worker's PC.
Which of the following would be BEST to help prevent this type of attack in the future? Data loss prevention Segmentation Application whitelisting Quarantine.
The human resources department of a large online retailer has received multiple customer complaints
about the rudeness of the automated chatbots It uses to interface and assist online shoppers. The system,
which continuously learns and adapts, was working fine when it was installed a few months ago.
Which of the following BEST describes the method being used to exploit the system? Baseline modification A fileless virus Tainted training data Cryptographic manipulation.
Which of the following utilize a subset of real data and are MOST likely to be used to assess the features
and functions of a system and how it interacts or performs from an end user's perspective against defined
test cases? (Select TWO). Production Test Research and development PoC UAT SDLC.
A web server administrator has redundant servers and needs to ensure failover to the secondary server
when the primary server goes down.
Which of the following should the administrator implement to avoid disruption? NIC teaming High availability Dual power supply laaS.
Several large orders of merchandise were recently purchased on an e-commerce company's website. The
totals for each of the transactions were negative values, resulting in credits on the customers' accounts.
Which of the following should be implemented to prevent similar situations in the future? Ensure input validation is in place to prevent the use of invalid characters and values Calculate all possible values to be added together and ensure the use of the proper integer in the code Configure the web application firewall to look for and block session replay attacks. Make sure transactions that are submitted within very short time periods are prevented from being
processed.
A security administrator needs to inspect in-transit files on the enterprise network to search for Pll, credit
card data, and classification words.
Which of the following would be the BEST to use? IDS solution EDR solution HIPS software solution Network DLP solution.
A security engineer is installing a WAF to protect the company's website from malicious web requests over
SSL.
Which of the following is needed to meet the objective? A reverse proxy A decryption certificate A split-tunnel VPN Load-balanced servers.
An organization recently recovered from a data breach. During the root cause analysis, the organization
determined the source of the breach to be a personal cell phone that had been reported lost.
Which of the following solutions should the organization implement to reduce the likelihood of future data
breaches? MDM MAM VDI DLP.
Which of the following is a reason why an organization would define an AUP? To define the lowest level of privileges needed for access and use of the organization's resources To define the set of rules and behaviors for users of the organization's IT systems To define the intended partnership between two organizations To define the availability and reliability characteristics between an IT provider and consumer.
A security analyst must determine if either SSH or Telnet is being used to log in to servers.
Which of the following should the analyst use? logger Metasploit tcpdump netstat.
A Chief Security Officer (CSO) is concerned about the volume and integrity of sensitive information that is
exchanged between the organization and a third party through email. The CSO is particularly concerned
about an unauthorized party who is intercepting information that is in transit between the two organizations.
Which of the following would address the CSO's concerns? SPF DMARC SSL DKIM TLS.
A company's help desk received several AV alerts indicating Mimikatz attempted to run on the remote
systems. Several users also reported that the new company flash drives they picked up in the break room
only have 512KB of storage.
Which of the following is MOST likely the cause? The GPO prevents the use of flash drives, which triggers a false positive AV indication and restricts the
drives to only 512KB of storage. The new flash drives need a driver that is being blocked by the AV software because the flash drives
are not on the application's allow list, temporarily restricting the drives to 512KB of storage. The new flash drives are incorrectly partitioned, and the systems are automatically trying to use an
unapproved application to repartition the drives The GPO blocking the flash drives is being bypassed by a malicious flash drive that is attempting to
harvest plaintext credentials from memory.
The cost of removable media and the security risks of transporting data have become too great for a laboratory.
The laboratory has decided to interconnect with partner laboratories to make data transfers easier and more secure.
The Chief Security Officer (CSO) has several concerns about proprietary data being exposed once the interconnections are established.
Which of the following security features should the network administrator implement to prevent unwanted data exposure to users in partner laboratories? VLAN zoning with a file-transfer server in an external-facing zone DLP running on hosts to prevent file transfers between networks NAC that permits only data-transfer agents to move data between networks VPN with full tunneling and NAS authenticating through the Active Directory.
A security analyst is reviewing the following command-line output: IGMP spoofing URL redirection MAC address cloning DNS poisoning.
Which of the following represents a biometric FRR? Authorized users being denied access Users failing to enter the correct PIN The denied and authorized numbers being equal The number of unauthorized users being granted access.
A security analyst is reviewing the following output from a system: ARP poisoning Man in the middle Denial of service DNS poisoning.
To further secure a company's email system, an administrator is adding public keys to DNS records in the
company's domain
Which of the following is being used? PFS SPF DMARC DNSSEC.
A external forensics investigator has been hired to investigate a data breach at a large enterprise with
numerous assets. It is known that the breach started in the DMZ and moved to the sensitive information,
generating multiple logs as the attacker traversed through the network.
Which of the following will BEST assist with this investigation? Perform a vulnerability scan to identity the weak spots Use a packet analyzer to Investigate the NetFlow traffic Check the SIEM to review the correlated logs Require access to the routers to view current sessions.
Organization plans to transition the intrusion detection and prevention techniques on a critical subnet to an
anomaly-based system.
Which of the following does the organization need to determine for this to be successful? The baseline The endpoint configurations The adversary behavior profiles The IPS signatures.
An organization recently acquired an ISO 27001 certification.
Which of the following would MOST likely be considered a benefit of this certification? It allows for the sharing of digital forensics data across organizations It provides insurance in case of a data breach It provides complimentary training and certification resources to IT security staff. It certifies the organization can work with foreign entities that require a security clearance It assures customers that the organization meets security standards.
An enterprise needs to keep cryptographic keys in a safe manner.
Which of the following network appliances can achieve this goal? HSM CASB TPM DLP.
An organization relies on third-party video conferencing to conduct daily business. Recent security
changes now require all remote workers to utilize a VPN to corporate resources.
Which of the following would BEST maintain high-quality video conferencing while minimizing latency when
connected to the VPN? Using geographic diversity to have VPN terminators closer to end users Utilizing split tunneling so only traffic for corporate resources is encrypted Purchasing higher-bandwidth connections to meet the increased demand Configuring QoS properly on the VPN accelerators.
A security researcher is attempting to gather data on the widespread use of a Zero-day exploit.
Which of the following will the researcher MOST likely use to capture this data? A DNS sinkhole A honeypot A vulnerability scan CVSS.
The new Chief Executive Officer (CEO) of a large company has announced a partnership with a vendor
that will provide multiple collaboration applications t make remote work easier. The company has a
geographically dispersed staff located in numerous remote offices in different countries. The company's IT
administrators are concerned about network traffic and load if all users simultaneously download the
application.
Which of the following would work BEST to allow each geographic region to download the software without
negatively impacting the corporate network? Update the host IDS rules Enable application whitelisting. Modify the corporate firewall rules. Deploy all applications simultaneously.
An organization has expanded its operations by opening a remote office. The new office is fully furnished
with office resources to support up to 50 employees working on any given day.
Which of the following VPN solutions would BEST support the new office? Always On Remote access Site-to-site Full tunnel.
A customer called a company's security team to report that all invoices the customer has received over the
last five days from the company appear to have fraudulent banking details. An investigation into the matter
reveals the following:
1. The manager of the accounts payable department is using the same password across multiple external
websites and the corporate account.
2. One of the websites the manager used recently experienced a data breach.
3. The manager's corporate email account was successfully accessed in the last five days by an IP
address located in a foreign country
Which of the following attacks has MOST likely been used to compromise the manager's corporate
account? Remote access Trojan Brute-force Dictionary Credential stuffing Password spraying.
A financial institution would like to stare is customer data a could but still allow the data ta he accessed and
manipulated while encrypted. Doing se would prevent the cloud service provider from being able to
decipher the data due to its sensitivity. The financial institution is not concern about computational
overheads and slow speeds,
Which of the following cryptographic techniques would BEST meet the requirement? Asymmatric Symmetric Homeomorphic Ephemeral.
A small business office is setting up a wireless infrastructure with primary requirements centered around
protecting customer information and preventing unauthorized access to the business network.
Which of the following would BEST support the office's business needs? (Select TWO) Installing WAPs with strategic placement Configuring access using WPA3 Installing a WIDS Enabling MAC filtering Changing the WiFi password every 30 days Reducing WiFi transmit power throughout the office.
A systems administrator needs to install the same X.509 certificate on multiple servers.
Which of the following should the administrator use? Key escrow A self-signed certificate Certificate chaining An extended validation certificate.
A security analyst notices several attacks are being blocked by the NIPS but does not see anything on the
boundary firewall logs. The attack seems to have been thwarted
Which of the following resiliency techniques was applied to the network to prevent this attack? NIC Teaming Port mirroring Defense in depth High availability Geographic dispersal.
A bank detects fraudulent activity on user's account. The user confirms transactions completed yesterday
on the bank's website at https://www.company.com. A security analyst then examines the user's Internet
usage logs and observes the following output:
date; username; url;destinationport; responsecode
2020-03-01; userann; http: //www.company.org/;80;302
2020-03-01; userann: http: //www.company.org/secure_login/;80;200
2020-03-01; userann:http: //www.company.org/dashboard/;80;200
Which of the following has MOST likely occurred? Replay attack SQL injection SSL stripping Race conditions.
A desktop support technician recently installed a new document-scanning software program on a computer
However, when the end user tried to launch the program, it did not respond.
Which of the following is MOST likely the cause? A new firewall rule is needed to access the application. The system was quarantined for missing software updates The software was not added to the application whitelist. The system was isolated from the network due to infected software.
A company has been experiencing very brief power outages from its utility company over the last few
months. These outages only last for one second each time. The utility company is aware of the issue and
is working to replace a faulty transformer.
Which of the following BEST describes what the company should purchase to ensure its critical servers
and network devices stay online? Dual power supplies A UPS A generator APDU.
A network administrator is concerned about users being exposed to malicious content when accessing
company cloud applications. The administrator wants to be able to block access to sites based on the
AUP. The users must also be protected because many of them work from home or at remote locations,
providing on-site customer support.
Which of the following should the administrator employ to meet these criteria meet these criteria? Implement NAC Implement an SWG Implement a URL filter Implement an MDM.
Which of the following distributes data among nodes, making it more difficult to manipulate the data while
also minimizing downtime? MSSP Public cloud Hybrid cloud Fog computing.
After a phishing scam for a user's credentials, the red team was able to craft a payload to deploy on a
server. The attack allowed the installation of malicious software that initiates a new remote session. Which
of the following types of attacks has occurred? Privilege escalation Session replay Application programming interface Directory traversal.
A company is setting up a web server on the Internet that will utilize both encrypted and unencrypted webbrowsing protocols. A security engineer runs a port scan against the server from the Internet and sees the
following output: Allow DNS access from the internet. Block SMTP access from the Internet Block HTTPS access from the Interne Block SSH access from the Internet.
Which of the following is MOST likely to contain ranked and ordered information on the likelihood and
potential impact of catastrophic events that may affect business processes and systems, while also
highlighting the residual risks that need to be managed after mitigating controls have been implemented? An RTO report A risk register A business impact analysis An asset value register A disaster recovery plan.
Which of the following is the BEST reason to maintain a functional and effective asset management policy
that aids in ensuring the security of an organization? To provide data to quantity risk based on the organization's systems. To keep all software and hardware fully patched for known vulnerabilities To only allow approved, organization-owned devices onto the business network To standardize by selecting one laptop model for all users in the organization.
An analyst is trying to identify insecure services that are running on the internal network After performing a
port scan the analyst identifies that a server has some insecure services enabled on default ports Which of
the following BEST describes the services that are currently running and the secure alternatives for
replacing them' (Select THREE) SFTP FTPS SNMPv2 SNMPv3 HTTP, HTTPS TFTP FTP SNMPv1, SNMPv2 Telnet SSH TLS, SSL POP, IMAP Login, rlogin.
A systems analyst is responsible for generating a new digital forensics chain-of-custody form Which of the
following should the analyst Include in this documentation? (Select TWO). The order of volatility A checksum The location of the artifacts The vendor's name The date and time A warning banner.
An attacker was easily able to log in to a company's security camera by performing a baste online search
for a setup guide for that particular camera brand and model. Which of the following BEST describes the
configurations the attacker exploited? Weak encryption Unsecure protocols Default settings Open permissions.
A security architect at a large, multinational organization is concerned about the complexities and
overhead of managing multiple encryption keys securely in a multicloud provider environment. The security
architect is looking for a solution with reduced latency to allow the incorporation of the organization's
existing keys and to maintain consistent, centralized control and management regardless of the data
location.
Which of the following would BEST meet the architect's objectives? Trusted Platform Module laaS HSMaaS PaaS Key Management Service.
An attacker was easily able to log in to a company's security camera by performing a basic online search
for a setup guide for that particular camera brand and model Which of the following BEST describes the
configurations the attacker exploited? Weak encryption Unsecure protocols Default settings Open permissions.
A cloud administrator is configuring five compute instances under the same subnet in a VPC Three
instances are required to communicate with one another, and the other two must he logically isolated from
all other instances in the VPC.
Which of the following must the administrator configure to meet this requirement? One security group Two security groups Three security groups Five security groups.
A university is opening a facility in a location where there is an elevated risk of theft The university wants to
protect the desktops in its classrooms and labs Which of the following should the university use to BEST
protect these assets deployed in the facility? Visitor logs Cable locks Guards Disk encryption Motion detection.
A client sent several inquiries to a project manager about the delinquent delivery status of some critical
reports. The project manager darned the reports were previously sent via email but then quickly generated
and backdated the reports before submitting them via a new email message
Which of the following actions MOST likely supports an investigation for fraudulent submission? Establish chain of custody Inspect the file metadata Reference the data retention policy Review the email event logs.
A security analyst is running a vulnerability scan to check for missing patches during a suspected security
rodent During which of the following phases of the response process is this activity MOST likely occurring? Containment Identification Recovery Preparation.
A security operations analyst is using the company's SIEM solution to correlate alerts. Which of the
following stages of the incident response process is this an example of? Eradication Recovery Identification Preparation.
A company uses specially configured workstations tor any work that requires administrator privileges to its
Tier 0 and Tier 1 systems. The company follows a strict process to harden systems immediately upon
delivery. Even with these strict security measures in place, an incident occurred from one of the
workstations. The root cause appears to be that the SoC was tampered with or replaced.
Which of the following MOST likely occurred? Fileless malware A downgrade attack A supply-chain attack A logic bomb Misconfigured BIOS.
A local coffee shop runs a small WiFi hot-spot for its customers that utilizes WPA2-PSK. The coffee shop
would like to stay current with security trends and wants to implement WPA3 to make its WiFi even more
secure.
Which of the following technologies will the coffee shop MOST likely use in place of PSK? WEP MSCHAP WPS SAE.
A hospital's administration is concerned about a potential loss of patient data that is stored on tablets. A
security administrator needs to implement controls to alert the SOC any time the devices are near exits.
Which of the following would BEST achieve this objective? Geotargeting Geolocation Geotagging Geofencing.
Entering a secure area requires passing through two doors, both of which require someone who is already
inside to initiate access. Which of the following types of physical security controls does this describe? Cameras Faraday cage Access control vestibule Sensors Guards.
Which of the following should a data owner require all personnel to sign to legally protect intellectual
property? An NDA An AUP An ISA An MOU.
|
