208 Your organization is upgrading computers. The new computers include a chipset on the motherboard that is used to store encryption keys. What is this chipset called?EKCTPMESMRSA
209 You are logged into a website. While performing activities within the website, you access a third-party application. The application asks you if it can access your profile data as part of its process. What technology is this process describing?AttestationOAuthJWTCookies
210 You are setting up a new virtual machine. What type of virtualization should you use to coordinate instructions directly to the CPU?Type B.Type 1.Type 2.No VM directly sends instructions to the CPU.
211 Your organization must perform vast amounts of computations of big data overnight. To minimize TCO, you rely on elastic cloud services. The virtual machines and containers are created and destroyed nightly. What is the biggest risk to confidentiality?Data center distributionEncryptionPhysical loss of control of assetsData scraping
212 Your DevOps team decided to use containers because they allow running applications on any hardware. What is the first thing your team should do to have a secure container environment?Install IPS.Lock down Kubernetes and monitor registries.Configure antimalware and traffic filtering.Disable services that are not required and install monitoring tools.
213 You work in information security for a stock trading organization. You have been tasked with reducing cost and managing employee workstations. One of the biggest concerns is how to prevent employees from copying data to any external storage. Which of the following best manages this situation?Move all operations to the cloud and disable VPN.Implement server virtualization and move critical applications to the server.Use VDI and disable hardware and storage mapping from a thin client.Encrypt all sensitive data at rest and in transit.
214 You are exploring the best option for your team to read data that was written onto storage material by a device you do not have access to, and the backup device has been broken. Which of the following is the best option for this?Type 1 hypervisorType 2 hypervisorEmulationPaaS
215 You are a security architect building out a new hardware-based VM. Which of the following would least likely threaten your new virtualized environment?Patching and maintenanceVM sprawlOversight and responsibilityFaster provisioning and disaster recovery
216 GPS is built into cell phones and cameras, enabling coordinated longitude and latitude to be embedded in a machine-readable format as part of a picture or in apps and games. Besides physical coordinates of longitude and latitude, which of these will not be embedded in the metadata of a photo taken with a cell phone?Names of businesses that are near your locationElevationBearingPhone number
217 Your CISO asked you to help review data protection, system configurations, and hardening guides that were developed for cloud deployment. He would like you to make a list of goals for security improvement based on your current deployment. What is the best source of information to help you build this list?Pentesting reportsCVE databaseImplementation guidesSecurity assessment reports
218 Management of your hosted application environment requires end-to-end visibility and a high-end performance connection while monitoring for security issues. What should you consider for the most control and visibility?You should consider a provider with connections from your location directly into the applications cloud resources.You should have a private T1 line installed for this access.You should secure a VPN concentrator for this task.You should use HTTPS.
219 As the IT director of a nonprofit agency, you have been challenged at a local conference to provide technical cloud infrastructure that will be shared between several organizations like yours. Which is the best cloud partnership to form?Private cloudPublic cloudHybrid cloudCommunity cloud
220 Your objectives and key results (OKRs) being measured for this quarter include realizing the benefits of a single-tenancy cloud architecture. Which one of these results is a benefit of a single-tenancy cloud service?Security and costReliability and scalingEase of restorationMaintenance
221 With 80 percent of your enterprise in a VPC model, which of the following is not a key enabling technology?Fast WAN and automatic IP addressingHigh-performance hardwareInexpensive serversComplete control over process
222 You have a new security policy that requires backing up critical data offsite. This data must be backed up hourly. Cost is important. What method are you most likely to deploy?File storageElectronic vaultingBlock storageObject storage
223 Your current data storage solution has too many vulnerabilities that are proprietary to the manufacturer who created your storage devices. This, combined with a lack of encryption, is leading you to choose cloud storage for your database over on-premises storage. By choosing cloud storage, you will gain encryption of the data, but you will also bring in which attribute to your architecture?IdentityInfrastructureComplexityConfidentiality
224 You want to implement a technology that will verify an email originated from a particular user and that the contents of the email were not altered. Of the answers provided, which technology provides such a function?Digital signatureSymmetric encryptionAsymmetric encryptionNonrepudiation
225 Which of the following protocols could be used for exchanging information while implementing a variety of web services in your organization?SOAPHTTPSNMPASP
226 Your CISO is concerned with the secure management of cryptographic keys used within the organization. She wants to use a system where the keys are broken into parts, and each part is encrypted and stored separately by contracted third parties. What is this process called?Key objectivesKey revenueKey escrowKey isolation
227 Your VPN needs the strongest authentication possible. Your network consists of Microsoft servers. Which of the following protocols provide the most secure authentication?EAP-TLS with smart cardsSPAPCHAPLEAP
228 You own a small training business with two classrooms. Your network consists of a firewall, an enterprise-class router, a 48-port switch, 1 printer, and 18 laptops in each classroom. The laptops are reimaged once a month with a golden patched image with up-to-date antivirus and antimalware. User authentication is two-factor with passwords and smart cards. The network is configured to use IPv4. You also have a wireless hotspot for students to connect their personal mobile devices. What could you improve on for a more resilient technical security posture?Enhanced TLS controlsStronger user authenticationSufficient physical controlsIPv6
229 You are a network defender and are finding it difficult to keep up with the volume of network attacks. What can you leverage to help with early detection and response to these threats, especially new ones?Machine learningSIEMDevSecOpsSecurity as Code
230 You need an encryption algorithm that offers easier key exchange and key management than symmetric offers. Which of the following is your best option?AsymmetricQuantumHashingScytale
231 Your company wants to begin using biometrics for authentication. Which of the following are not biometrics that can be verified by a system to give an individual access?Facial recognitionIris recognitionRetina recognitionPIN recognition
232 Laura is a proponent of using a distributed ledger to secure transactions. She wants to make it difficult to tamper with a single record because an attacker would need to change the block containing that record as well as those linked to it to avoid detection. Participants will have a private key assigned to their transactions that acts as a personal digital signature. What type of cryptographic system does Laura need to implement?Homomorphic encryptionSecure multiparty computationBlockchainDistributed consensus
233 Felipe wants to use a protocol that allows a client to retrieve an element of a database without the owner of that database knowing which element was selected. If implemented securely, the client will only learn about the element they are querying for and nothing else preserving privacy. Which of the following provides the best solution?Strong private information retrievalSecure function evaluationPrivate function evaluationBig data
234 Augmented reality (AR) advances are exciting, and cybersecurity is now dealing with a vast amount of complexity. The adoption of AR brings an expanding landscape of new cybersecurity vulnerabilities. Consumers and businesses are grappling with big data breaches, and implementing effective cybersecurity