A Chief Executive Officer (CEO) is concerned about the company’s intellectual property being leaked to competitors. The security team performed an extensive review but did not find any indication of an outside breach. The data sets are currently encrypted using the Triple Data Encryption Algorithm. Which of the following courses of action is appropriate?
Correct Answer:
B
Data masking is a technique that replaces sensitive data with fictitious but realistic data, thus preventing unauthorized access to the original data. Reencrypting the data sets using AES-256 would provide a stronger level of encryption than Triple DES, which has been deprecated by NIST due to its vulnerability to attacks12
References: 1
Publication
What Is AES-256 Encryption? How Does It Work? - MU2O Archived NIST Technical Series
A security analyst notices the following proxy log entries:
Which of the following is the user attempting to do based on the log entries?
Correct Answer:
C
Scanning the network is what the user is attempting to do based on the log entries. The log entries show that the user is sending ping requests to various IP addresses on different ports using a proxy server. Ping requests are a common network diagnostic tool that can be used to test network connectivity and latency by sending packets of data and measuring their response time. However, ping requests can also be used by attackers to scan the network and discover active hosts, open ports, or potential vulnerabilities .
A company experienced a security compromise due to the inappropriate disposal of one of its hardware appliances. Sensitive information stored on the hardware appliance was not removed prior to disposal. Which of the following is the BEST manner in which to dispose of the hardware appliance?
Correct Answer:
B
Secure and thorough disposal can involve deleting or wiping all data from the hardware appliances, physically destroying or shredding them, or recycling them through certified vendors or programs. Compliance with company policies can help to ensure that the disposal follows the best practices and standards for data protection and environmental responsibility .
References: : https://www.bestbuy.com/site/services/recycling/pcmcat149900050025.c?id=pcmcat149900050025 : https://www.epa.gov/recycle/electronics-donation-and-recycling : https://www.techtarget.com/searchdatacenter/tip/A-6-step-guide-for-hardware-disposal
A security analyst is supporting an embedded software team. Which of the following is the best recommendation to ensure proper error handling at runtime?
Correct Answer:
D
Performing a code review is the best recommendation to ensure proper error handling at runtime for an embedded software team. A code review is a process of examining and evaluating source code by one or more developers other than the original author. A code review can help to identify and fix any errors, bugs, vulnerabilities, or inefficiencies in the code before it is deployed or executed. A code review can also help to ensure that the code follows the best practices, standards, and guidelines for error handling at runtime .
A security analyst is reviewing the following server statistics:
Which of the following is MOST likely occurring?
Correct Answer:
C
Resource exhaustion is most likely occurring on the server. Resource exhaustion is a condition where a system runs out of resources, such as CPU, memory, disk space, or network bandwidth, due to excessive demand or consumption by one or more processes. Resource exhaustion can cause performance degradation, system instability, or denial-of-service. The server statistics show that the CPU usage is 100%, the memory usage is 99%, and the disk usage is 98%. These indicate that the server is under heavy load and has little or no resources available to handle incoming requests or perform other tasks.