Key Phrase: "has stopped selling the model"

Explanation:
Correct Answer (B): Legacy hardware is unsupported and no longer sold. It is in the legacy phase, meaning the device is no longer being sold, and it may no longer receive updates.
Why others are wrong:

• A: End-of-life typically means the device is no longer being made but still may have support for a period of time.

• C: End-of-sales refers to when the device stops being sold, but this doesn't mean it is unsupported yet.

• D: Senescence is not a term commonly used in hardware life cycles.

Key Phrase: "unsecure services"

Explanation:
Correct Answer (C): Ports 21 (FTP), 23 (Telnet), and 80 (HTTP) are all used for unsecure services. Naomi should disable these services and use their secure equivalents (FTP/S, SSH, and HTTPS).
Why others are wrong:

• A: Port 22 (SSH) and Port 443 (HTTPS) are secure services and do not need to be disabled.

• B: Port 21 (FTP) and Port 80 (HTTP) are unsecure but Port 22 (SSH) is secure and does not need to be disabled.

• D: Port 22 (SSH) and Port 443 (HTTPS) are secure, so disabling them would be counterproductive.

Key Phrase: "before they deploy it"

Explanation:
Correct Answer (C): A data classification scheme is essential for a DLP system to know which data should be protected and what policies to apply to it.
Why others are wrong:

• A: Defining data lifecycles is important for data management but is not a required step in a DLP deployment.

• B: Encrypting all sensitive data may interfere with DLP’s ability to monitor it.

• D: Tagging all data by creator or owner is useful but not as critical as classifying the data first.

Key Phrase: "store and manage secrets"

Explanation:
Correct Answer (C): A Key Management System (KMS) is designed to securely create, store, and manage cryptographic keys and secrets in cloud environments.
Why others are wrong:

• A: ATPM (Application Threat and Protection Management) is not the correct solution for managing secrets.

• B: A secure enclave is a hardware-based solution for securing data but does not fit the requirement for managing secrets in a cloud environment.

• D: A Titan M is a hardware module designed for secure key storage in devices, not for cloud-based secret management.

Key Phrase: "key difference between EDR and XDR"

Explanation:
Correct Answer (C): XDR solutions cover a broader technology stack, including endpoints, cloud services, and other security platforms, whereas EDR is more focused on endpoint detection and response.
Why others are wrong:

• A: The variety of malware detected is not the primary distinguishing factor between EDR and XDR.

• B: The number of threat feeds is not a key differentiator for EDR and XDR.

• D: The volume of logs processed is related to the performance of the solution but not the key difference between EDR and XDR.

Key Phrase: "prevent unauthorized applications"

Explanation:
Correct Answer (B): A Group Policy Object (GPO) can be used to control whether users are able to install software on Windows systems.
Why others are wrong:

• A: Antivirus software is designed to detect and remove malicious applications but doesn't control installation permissions.

• C: EDR (Endpoint Detection and Response) systems focus on detecting and responding to threats, not blocking application installations.

• D: HIPS (Host-based Intrusion Prevention Systems) primarily monitors and prevents attacks, not application installations.

Key Phrase: "detecting and responding to suspicious activities on endpoints"

Explanation:
Correct Answer (A): EDR (Endpoint Detection and Response) tools focus on detecting and responding to suspicious activities and threats occurring on endpoints such as desktops, laptops, and mobile devices.
Why others are wrong:

• B: IAM (Identity and Access Management) focuses on managing identities and permissions, not endpoint activity.

• C: FDE (Full-Disk Encryption) is used to encrypt data on disks, not to monitor endpoint activity.

• D: ESC (Endpoint Security Control) is not a commonly used acronym.