Please answer ALL the questions carefully. Thanks 56- An organization consulted
ID: 3714418 • Letter: P
Question
Please answer ALL the questions carefully. Thanks
56- An organization consulted with an outside agency to complete a security analysis of the entire network. With partial knowledge of the network, the outside agency performed several tests, one of which resulted in a core router failure. Which of the following types of tests did the outside agency MOST likely perform? A) Gray box test B) White box test C) Vulnerability assessment D) Black box test 57- A company is given a black of public class C IPv4 addresses from its ISP. Management wishes to make several web services on the LAN publicly accessible on a port 80. Which of the following would BEST accomplish this? A) Enable port triggering for the web servers B) Create DMZ using a port on the internal firewall. C) implement NAT on the edge router D) Create a separate VLAN for all publicly accessible devices E) Implement port address translation 58- Ann, a security analysis, is observing a current attack in progress from a remade IP address. She is not concerned with the attack but will study the attack method and write a new IDS signature. Which of the following is the MOST likely target of this attack? A) Proxy server B) Bastion host C) sensitive system D) Honeypot 59- As part of regulatory compliance effort, a system administrator has been asked to eliminate the user of SSL in favor of TLS. However, after taking steps to remediate, a vulnerability scan indicates the server is vulnerability to the POODLE attack. Which of the following likely cause this to occur? A) The POODLE attack only affects HTTP traffic. B) The WAF was not reconfigured to scan for TLS traffic in lieu of SSL traffic C) The server is using a self-signed SSL certificate D) Although TLS was enabled 60- A small contracting firm is working with a customer to sign an ISA and MOU but is unable to adhere to the following security parameters in the agreement: Antivirus must be installed on all hosts. >>All traffic must pass through a firewall. >>All systems must have the latest security patches installed. A VPN shall be established for all data transmission. The firm currently has laptop is connected to a WAP, which was provided by the ISP. A ecurity analyst was hired to find the most secure method to became complement with their parameters of the ISA and MOU. Which of the following should the security analyst recommended? A) Turn on host- based firewalls and instill VPN clients on the hosts and a centrally managed patch deployment system. B) Purchase a UTM, install MDM on all hosts, and ensure antivirus is installed and running on all host. OS. C) Request a VPN and enhanced WAP from the ISP, install antivirus on all hosts, and allow automatic updates is on D) Install a VPN clients and antivirus software on each host and allow automatic updates and OS.Explanation / Answer
Answer:----------
56. A. Gray box Test
57. D. Create a seperate VLAN for all publicly accessible devices
58. A. proxy Server
59. B. The WAF was not reconfigured to scan for TLS traffic in lieu of SSL traffic
60. D. A VPN shall be established for all data transmission.
61. C Request a VPN and enhanced WAP from the ISP, install antivirus on all host and allow automatic updates is on OS.
Related Questions
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.