Sec+ Quiz - 2

An organization has developed an application that needs a patch to fix a critical vulnerability. In which of the following environments should the patch be deployed LAST?

Which of the following is the MOST effective control against zero-day vulnerabilities?

An engineer wants to inspect traffic to a cluster of web servers in a cloud environment. Which of the following solutions should the engineer implement?

A Chief Information Security Officer has defined resiliency requirements for a new data center architecture. The requirements are as follows:

• Critical file shares will remain accessible during and after a natural disaster.

• Five percent of hard disks can fail at any given time without impacting the data.

• Systems will be forced to shut down gracefully when battery levels are below 20%.

Which of the following are required to BEST meet these objectives? (Select THREE)

Which of the following actions would be recommended to improve an incident response process?

A security proposal was set up to track requests for remote access by creating a baseline of the users' common sign-in properties. When a baseline deviation is detected, an MFA challenge will be triggered. Which of the following should be configured in order to deploy the proposal?

An administrator needs to protect user passwords and has been advised to hash the passwords. Which of the following BEST describes what the administrator is being advised to do?

A database administrator wants to grant access to an application that will be reading and writing data to a database. The database is shared by other applications also used by the finance department. Which of the following account types is MOST appropriate for this purpose?

A security analyst is receiving numerous alerts reporting that the response time of an internet-facing application has been degraded. However, the internal network performance was not degraded. Which of the following MOST likely explains this behavior?

The Chief Information Security Officer directed a risk reduction in shadow IT and created a policy requiring all unsanctioned high-risk SaaS applications to be blocked from user access. Which of the following is the BEST security solution to reduce this risk?