Security+ Practice Test Welcome to your Security+ Practice Test A company recently transitioned to a strictly BYOB culture due to the cost of replacing lost or damaged corporate-owned mobile devices. Which of the folllowing technologies would be BEST to balance the BYOD culture while also protecting the company's data?ContainerizationGeofencingFull-disk encryptionRemote wipe A Chief Security Office's (CSO's) key priorities are to improve preparation, response, and recovery practices to minimize system downtime and enhance organizational resilience to ransonware attacks. Which of the following would BEST meet the CSO's objectives?Use email-filtering software and centralized account management, patch high-risk systems, and restrict administration privileges on fileshares.Purchase cyber insurance from a reputable provider to reduce expenses during an incident.Invest in end-user awareness training to change the long-term culture and behavior of staff and executives, reducing the organization's susceptibility to phishing attacks.Implement application whitelisting and centralized event-log management, and perform regular testing an validation of full backups. A security administrator suspects an employee has been emailing proprietary information to a competitor. Company policy requires the administrator to capture an exact copy of the employee's hard disk. Which of the following should the administrator use?ddchmoddnsenumlogger Which of the following is MOST likely to outline the roles and responsibilities of data controllers and data processors?SSAE SOC 2PCI DSSGDPRISO 31000 Phishing and spear-phishing attacks have been occurring more frequently against a company's staff. Which of the following would MOST likely help mitigate this issue?DNSSEC and DMARCDNS query loggingExact mail exchanger records in the DNSThe addition of DNS conditional forwaders Which of the following incident response steps involves actions to protect critical systems while maintaining business operations?InvestigationContainmentRecoveryLessons learned A security auditor is reviewing vulnerability scan data provided by an internal security team. Which of the following BEST indicates that valid credentials were used?The scan results show open ports, protocols, and services exposed on the target host.The scan enumerated software versions of installed programsThe scan produced a list of vulnerabilities on the target hostThe scan identified expired SSL certificates Which of the following cloud models provides clients with servers, storage, and networks but nothing else?SaaSPaaSIaaSDaaS An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance's vulnerable state?The system was configured with weak default security settings.The device uses weak encryption ciphers.The vendor has not supplied a patch for the appliance.The appliance requires administrative credentials for the assessment, A company is implementing MFA for all applications that store sensitive data. The IT manager wants MFA to be non-disruptive and user friendly. Which of the following technologies should the IT manager use when implementing MFA?One-time passwordsEmail tokensPush notificationsHardware authentication Time is Up!
