A recent assessment identified that several users' mobile devices are running outdated versions of endpoint security software that do not meet the company's security policy. Which of the following should be performed to ensure the users can access the network and meet the company's security requirements?
A company suspects a web server may have been infiltrated by a rival corporation. The security engineer reviews the web server logs and finds the following: ls -l -a /usr/heinz/public; cat ./config/db.ymlThe security engineer looks at the code with a developer, and they determine the log entry is created when the following line is run: system ("ls -l -a #{path}")Which of the following is an appropriate security control the company should implement?
A Chief Information Security Officer (CISO) is reviewing the results of a gap analysis with an outside cybersecurity consultant. The gap analysis reviewed all procedural and technical controls and found the following:✑ High-impact controls implemented: 6 out of 10✑ Medium-impact controls implemented: 409 out of 472✑ Low-impact controls implemented: 97 out of 1000The report includes a cost-benefit analysis for each control gap. The analysis yielded the following information:✑ Average high-impact control implementation cost: $15,000; Probable ALE for each high-impact control gap: $95,000✑ Average medium-impact control implementation cost: $6,250; Probable ALE for each medium-impact control gap: $11,000Due to the technical construction and configuration of the corporate enterprise, slightly more than 50% of the medium-impact controls will take two years to fully implement. Which of the following conclusions could the CISO draw from the analysis?
After investigating virus outbreaks that have cost the company $1000 per incident, the company's Chief Information Security Officer (CISO) has been researching new antivirus software solutions to use and be fully supported for the next two years. The CISO has narrowed down the potential solutions to four candidates that meet all the company's performance and capability requirements:Using the table above, which of the following would be the BEST business-driven choice among the five possible solutions?
A financial consulting firm recently recovered from some damaging incidents that were associated with malware installed via rootkit. Post-incident analysis is ongoing, and the incident responders and systems administrators are working to determine a strategy to reduce the risk of recurrence. The firm's systems are running modern operating systems and feature UEFI and TPMs. Which of the following technical options would provide the MOST preventive value?
DRAG DROP -Drag and drop the cloud deployment model to the associated use-case scenario. Options may be used only once or not at all.Select and Place:
