Pease answer ALL questions carefully 29- An IT security consultant was hired to
ID: 3721776 • Letter: P
Question
Pease answer ALL questions carefully
29- An IT security consultant was hired to assess data privacy workstation in the organization's CRM system. The consultant found that many customer support supervisors routinely logged into the system using the username supervisor". Which of the following security techniques would be most logical for the company to implement FIREST to mitigate this particular risk? A) Prohibit generic accounts. B) Transition to single sign-on C) Adopt LDAP authentication. D) Issue physical security tokens. 30- Max, a new administrator, is enabling auditing of server file access successfully failures. She has configuration the system policy to enable auditing for the file access. However, when she reviews the events logs, she does not see any updates to the logs files. Which of the following should be done to ensure capture of audit logs? A) restart the audit service to enable the logs to be collected B) Enable the object's properties for auditing C) set write permission on the folders to be audited. D) Configure an audit security group, and assign the group to share files. 31- While reviewing system performance logs, administrator notice the processor and memory utilization of some hosts are consistently at 99% while others are underutilized. An approach that can improve resource utilization is: A) Virtualization B) ballooning C) clustering D) high availability 32- The Chief Information Security Officer (CISO) received a notification that a high-ranking employee is stealing cooperate secrets for a competing organization. The employee is now considered. A) a risk B) an exploit C) a threat D) a vulnerability 33- A PKl users has been compromised, and they user's certificate has been revoked. Which of the following protocols will the web application use to ensure the certificate cannot be used? A) CRL B) OCSP C) Key escrow D) CAExplanation / Answer
Q29)
The security consultant has found that many CS supervisors logged into the system using username "supervisor" which is a generic name and thus nothing can be identified that which supervisor logged into the system. Thus the most logical secrity step for the company to implement to mitigate this risk would be to:
A) Prohibit generic accounts.
Prohibiting and blocking the generic accounts such as 'supervisor' will solve the above issue.
Q30)
When the configuration has been done for the system policy to enable auditing for the file access, then it already has write access and configuration to share the files. Thus what the person needs to do is:
B) Enable the object's properties for auditing
Q31)
C) Clustering would be the approach that can improve the resource utilization in the current scenario where underutilized nodes will shared the load of the over utilized nodes.
Q32)
C) A threat - The employee stealing information for sharing with competition will be considered as a threat.
Related Questions
drjack9650@gmail.com
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.