A. Processing data on a server after decrypting in order to prevent unauthorized access in transit

B. Maintaining the confidentiality of data both at rest and in transit to and from a CSP for processing

C. Transmitting confidential data to a CSP for processing on a large number of resources without revealing information

D. Storing proprietary data across multiple nodes in a private cloud to prevent access by unauthenticated users

A. Configuring a privileged access management system

B. Launching a vulnerability management program

C. Creating a risk register

D. Implementing a GRC tool

A. Modify signing certificates in order to support IKE version 2

B. Generate device certificates using the specific template settings needed

C. Create a wildcard certificate for connections from public networks

D. Add the VPN hostname as a SAN entry on the root certificate

A. The user is not allowed to access the human resources system outside of business hours.

B. The user did not attempt to connect from an approved subnet.

C. The user inadvertently tripped the geoblock rule in NGFW.

D. A threat actor has compromised the user ' s account and attempted to log in.

A. Reader( )[1][0] X.[1-3:

B. Reader(*)[1][0] .[0-4:

C. Reader( )[1][0] .[0-3:

D. Reader[11[01X.f0-3 '

A. CAPEC

B. ATT & CK

C. OWASP

D. STRIDE

A. cat /etc/sshd/ssh_config | grep " Ciphers "

B. Disable Twofish algorithms

C. cat /etc/sshd/ssh_config | grep " PermitRootLogin "

D. Disable 3DES algorithms

E. Disable RSA algorithms

F. cat /etc/ashd/ash_config | grep " HMAC "

A. Using a secrets management platform to share and manage confidential information

B. Changing the repository technology to avoid inclusion of confidential information

C. Performing an application penetration test over the testing environment before moving to production

D. Automating the upload process of code to the repository and improving the software development life cycle

A. Update the log configuration settings on the directory server that Is not being captured properly.

B. Block employees from logging in to applications that are not part of their business area.

C. implement automation to disable accounts that nave been associated with high-risk activity.

D. Have the admin account owner change their password to avoid credential stuffing.

A. NAC, to enforce device configuration requirements

B. DLP, to enforce data protection capabilities

C. SD-WAN. to enforce web content filtering through external proxies

D. Cloud 1AM to enforce the use of token based MFA

E. PAM. to enforce local password policies

F. Conditional access, to enforce user-to-device binding

A. Incomplete mathematical primitives

B. No use cases to drive adoption

C. insufficient coprocessor support

D. Quantum computers not yetcapable

A. Unauthorized usage attempts of the administrator account

B. Anendpointthat is not submitting any logs

C. Potential activity indicating an attackermoving laterally in the network

D. Amisconfigured syslog servercreating false negatives

A. Implement all the solutions at once in a virtual lab and then run the attack simulation. Collect the metrics and then choose the best solution based on the metrics.

B. Implement all the solutions at once in a virtual lab and then collect the metrics. After collection, run the attack simulation. Choose the best solution based on the best metrics.

C. Implement every solution one at a time in a virtual lab, running a metric collection each time. After the collection, run the attack simulation, roll back each solution, and then implement the next. Choose the best solution based on the best metrics.

D. Implement every solution one at a time in a virtual lab, running an attack simulation each time while collecting metrics. Roll back each solution and then implement the next. Choose the best solution based on the best metrics.