Identifying a Security Threat

Questions and Answers

What is the most likely reason for the certificate mismatch warning when the user visits https://www.site.com?

• The website is using an invalid SSL certificate
• The website is blocking traffic from the company's network
• The user's browser is not configured to trust the website's certificate authority
• The company's network is intercepting and modifying the HTTPS traffic (correct)

Which solution would BEST meet the Chief Security Officer's requirements for increased scalability and flexibility?

• Server Clustering
• Load Balancer
• Content Delivery Network
• Application Delivery Controller (correct)

What social engineering technique seeks to exploit a person's sense of urgency?

• Phishing
• Urgency tactic (correct)
• Baiting
• Pretexting

What should a security professional implement to satisfy both the CPO's and the development team's requirements?

Synthetic data generation (C)

What is the primary goal of implementing a DLP solution on the file server?

To protect sensitive data from unauthorized access or exfiltration (B)

What kind of data is stored on the file server?

PII, financial information, and health information (B)

What is the main concern regarding user credentials in the report delivered to the CISO?

User credentials could be exfiltrated and reused (D)

What type of policy should the CISO use to prevent the use of exfiltrated credentials?

Account lockout policy (A)

What is the company's main goal for implementing a new certificate type?

To simplify the certificate management process (A)

Which type of certificate BEST suits the company's needs?

Wildcard certificate (C)