October 2019

Article

14 Oct

Posted at 02:04h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Which one of the following security principles does NOT describe a standard best practice in cybersecurity? A. Security through obscurity B. Least privilege C. Separation of duties D. Defense in depth Correct Answer: A Security through obscurity is an outdated concept that says that the security of a control may depend upon the secrecy of the details of that control's inner function. Security professionals should not use controls that rely upon security through obscurity. The principles of least privilege, separation of duties, and defense in depth are all sound security practices. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

07 Oct

Posted at 17:03h in Practice Test Questions by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. After an incident responder identifies that a security incident is in progress, what is the next step in the incident response process? A. Preparation B. Recovery C. Eradication D. Containment Correct Answer: D After identifying an incident, the team should next move into the containment phase where they seek to limit the damage caused by the incident. Containment occurs prior to the eradication and recovery phases. The preparation phase occurs before incident identification. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

In Archive