.
Spiral model
Incremental model
Waterfall model
Agile model
Meet the two key VPs and request a signature on the original assessment.
Include specific case studies from other organizations in an updated report.
Schedule a meeting with key human resource application stakeholders.
Craft an RFP to begin finding a new human resource application.
Cloud-based ant ivirus solut ion, running as local admin. with push technology for definition updates.
Implementation of an offsite data center hosting all company data, as well as deployment of VOi for all client computing needs.
Host based heuristic IPS, segregated on a management VLAN, with direct control of the perimeter firewall ACLs.
Behavior based IPS with a communication lank to a cloud based vulnerabthty and threat feed
TOTP
PAP
CHAP
HOTP
ISA
BIA
MOU
SOA
BPA
Update the blog page to HTTPS
Filter metacharacters
Install HIDS on the server
Patch the web application
Perform client side input validation
The data may not be in a usable format.
The new storage array is not FCoE based.
The data may need a file system check.
The new storage array also only has a single controller.
Capture process ID data and submit to anti-virus vendor for review.
Reboot the Linux servers, check running processes, and install needed patches.
Remove a single Linux server from production and place in quarantine.
Notify upper management of a security breach.
Conduct a bit level image, including RAM, of one or more of the Linux servers.
Remote access to the ERP tool introduces additional security vulnerabilities and should not be allowed .
Allow VNC access to corporate desktops from personal computers for the users working from home.
Allow terminal services access from personal computers after the CFO provides a list of the users working from home.
Work with the executive management team to revise policies before allowing any remote access.
Require each Company XYZ employee to use an IPSec connection to the required systems
Require Company XYZ employees to establish an encrypted VDI session to the required systems
Require Company ABC employees to use two-factor authentication on the required systems
Require a site-to-site VPN for intercompany communications
Interview candidates, attend training, and hire a staffing company that specializes in technology jobs
Interview employees and managers to discover the industry h ct topics and trends
Attend meetings with staff, internal training, and become certified in software management
Attend conferences, webinars, and training to remain current with the industry and job requirements
Social media is an effective solution because it is easily adaptable to new situations.
Social media is an ineffective solution because the policy may not align with the business.
Social media is an effective solution because it implements SSL encryption.
Social media is an ineffective solution because it is not primarily intended for business applications.
LUN masking
Snapshots
VSAN
Dynamic disk pools
Multipath
Deduplication
Issue a RFQ for vendors to quote a complete vulnerability and risk management solution to the company.
Issue a policy that requires only the most stringent security standards be implemented throughout the company
Issue a policy specifying best practice security standards and a baseline to be implemented across the company.
Issue a RFI for vendors to determine which set of security standards i s best for the company
SSL certificate revocation
SSL certificate pinning
Mobile device root-kit detection
Extended Validation certificates
$6,000
$24,000
$30,000
$96,000
Meet the two key VPs and request a signature on the original assessment.
Include specific case studies from other organizations in an updated report.
Schedule a meeting with key human resource application stakeholders.
Craft an RFP to begin finding a new human resource application.
$2,000
$8,000
$12,000
$32,000
Web cameras
Instant messaging
BYOD
Desktop sharing
Presence
What are the protections against MITM?
What accountability is built into the remote support application?
What encryption standards are used in tracking database?
What snapshot or "undo" features are present in the application?
What encryption standa1ds are used in remote desktop and file transfer functionality?
$0
$7,500
$10,000
$12,500
$15,000
Deploy a branch location Read-Only Domain Controller in the DMZ at the main campus with a two-way trust.
Deploy a corporate Read-Only Domain Controller to the branch location.
Deploy a corporate Domain Controller in the DMZ at the maim campus.
Deploy a branch location Read-Only Domain Controller to the branch office location with a one-way trust.
Deploy a corporate Domain Controller to the branch location.
Deploy a branch location Domain Controller to the branch location with a one-way trust.
After the senior engineer used a network analyzer to identify an active Fraggle attack, the company's ISP should be contacted and instructed to block the malicious packets packets.
After the senior engineer used the above IPS logs to detect the ongoing DDOS attack, an IPS filter should be enabled to block the attack and restore communication.
After the senior engineer used a mirror port to capture the ongoing amplification attack. a BGP sinkhole should be configured to drop traffic at the source networks
After the senior engineer used a packet capture to identify an active Smurf attack, an ACL should be placed on the company's external router to block incoming UDP port 19 traffic.
Insider threat
Network reconnaissance
Physical security
Industrial espionage
A man-in-the-middle attack is underway on the network
An ARP flood attack is targeting at the router.
The default gateway is being spoofed on the network.
A denial of service attack is targeting at the router.
A separate physical interface placed on a private VLAN should be configured for live host operations.
Database record encryption should be used when storing sensitive information on virtual servers.
Full disk encryption should be enabled across the enterprise to ensure the confidentiality of sensitive data.
Sensitive data should be stored on a backend SAN which uses an isolated fiber channel network.
Test password complexity of all login fields and input validation of form fields
Reverse engineering any thick client software that has been provided for the test
Undertaking network-based denial of service attacks in production environment
Attempting to perform blind SOL injection and reflected cross-site scripting attacks
Running a vulnerability scanning tool to assess network and host weaknesses
Background checks
Job rotation
Least privilege
Employee termination procedures
Purchase new hardware to keep the malware isolated.
Develop a policy to outline what will be required in the secure lab
Construct a series of VMs to host the malware environment.
Create a proposal and present it to management for approval.
Online password testing
Rainbow tables attack
Dictionary attack
Brute force attack
Add a permit statement to allow traffic from 192.168.5.0/24 to the VPN network
Add a permit statement to allow traffic to 192.168.5.1 from the VPN network
IPS is blocking traffic and needs to be reconfigured
Configure the traffic shaper to limit DMZ traffic
Increase bandwidth limit on the VPN network
Linux
Windows
Solaris
OSX
Manufacturing
Legal
Sales
Quality assurance
Human resources
Discuss the issue with the software product's user groups
Consult the company's legal department on practices and law
Contact senior finance management and provide background information
Seek industry outreach for software practices and law
Sign a MOU with a marketing firm to preserve the company reputation and use in-house resources for random testing.
Sign a SPA with a small software consulting firm and use the firm to perform Black box testing and address all findings.
Sign a NDA with a large security consulting firm and use the firm to perform Grey box testing and address all findings.
Use the most qualified and senior developers on the project to perform a variety of White box testing and code reviews.
Most of company XYZ's customers are willing to accept the risks of unauthorized disclosure and access to information by outside users.
The availability requirements in SLAs with each hosted customer would have to be re-written to account for the transfer of virtual machines between physical platforms for regular maintenance.
Company XYZ could be liable for disclosure of sensitive data from one hosted customer when accessed by a malicious user who has gained access to the virtual machine of another hosted customer.
Not all of company XYZs customers require the same level of security and the administrative complexity of maintaining multiple security postures on a single hypervisor negates hardware cost savings.
The ISO is evaluating the business implications of a recent telephone system failure within the BIA.
The ISO is investigating the impact of a possible downtime of the messaging system within the RA.
The ISO is calculating the budget adjustment needed to ensure audio/video system redundancy within the RFQ.
The ISO is assessing the effect of a simulated downtime involving the telecommunication system within the AAR.
Implement data analytics to try and correlate the occurrence times.
Implement a honey pot to capture traffic during the next attack.
Configure the servers for high availability to handle the addition al bandwidth.
Log all traffic coming from the competitor's public IP addresses.
XML injection
Command injection
Cross-site scripting
SQL injection
Both VMs were left unsecured and an attacker was able to exploit network vulnerabilities to access each and move the data.
A stolen two factor token was used to move data from one virtual guest to another host on the same network segment.
A hypervisor server was left un-patched and an attacker was able to use a resource exhaustion attack to gain unauthorized access.
An employee with administrative access t o the virtual guests was able to dump the guest memory onto a mapped disk.
Spiral model
Incremental model
Waterfall model
Agile model
In the middle of the project
At the end of the project
At the inception of the project
At the time they request
The devices are being modified and settings are being overridden in production.
The patch management system is causing the devices to be noncompliant after issuing the latest patches.
The desktop applications were configured with the default username and password.
40 percent of the devices use full disk encryption.
1
2
3
4
Deduplication
Data snapshots
LUN masking
Storage multipaths
Allow the sales staff to shadow the developers and engineers to see how their sales impact the deliverables.
Allow the security engineering team to do application development so they understand why rt takes so long.
Allow the application developers to attend a sales conference so they understand how business is done.
Allow the sales staff to learn application programming and security engineering so they understand the whole lifecycle.
Install GSM tracking on each product for end-to-end delivery visibility.
Implement geo-fencing to track products.
Require drivers to geo-tag documentation at each delivery location.
Equip each truck with an RFID tag for location seMces.
The devices use EUl-64 format
The routers implement NDP
The network implements 6to4 tunneling
The router IPv6 advertisement has been disabled
The administrator must disable IPv6 tunneling
The administrator must disable the mobile IPv6 router flag
The administrator must disable the IPv6 privacy extensions
The administrator must disable OHCPv6 option code 1
Quiz Review Timeline (Updated): Mar 20, 2022 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Private Company Quiz: Test Your Corporate Knowledge
Welcome to the Private Company Quiz, where we unravel the veiled intricacies of non-public enterprises! This quiz is designed to challenge your understanding of the corporate...
Questions:
10 |
Attempts:
81 |
Last updated:
Jan 29, 2024
|
Vodafone Company Quiz: Trivia Questions!
Explore the inner workings of Vodafone's Technology Shared Services Romania (TSSR) in this engaging quiz. Assess your understanding of their technology management, global service...
Questions:
10 |
Attempts:
935 |
Last updated:
Mar 22, 2023
|
INCORPORATION OF A COMPANY QUIZZES
Test your knowledge on company incorporation, including rights, liabilities, and pre-incorporation contracts with this focused quiz.
Questions:
6 |
Attempts:
202 |
Last updated:
Mar 20, 2023
|
Wait!
Here's an interesting quiz for you.