August 2021

Article

18 Aug

Posted at 16:43h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Tom is considering an intrusion prevention solution for his IaaS environment and is concerned about vendor diversity and resiliency. Which one of the following approaches would best allow him to continue outsourcing IPS work while meeting his goals?A. Third-party on-premises IPS B. Open source IPS built in an IaaS environment C. IPS solution provided by his IaaS vendor D. Third-party cloud IPS Correct Answer: D Any one of these solutions is capable of providing IPS service for Tom's environment. However, many of them fail to meet other goals. Building an open-source IPS or using an on-premises solution would not meet his goal of outsourcing the IPS. Using the IaaS vendor's IPS capability would not meet his goal of vendor diversity. Therefore, the best solution for Tom is a third-party cloud IPS solution Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

18 Aug

Posted at 16:38h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Yolanda would like to find a secure mechanism for managing keys in her cloud environment. She wants to protect key material from access by her own staff and the cloud vendor. What approach would best meet her needs? A. Hardware Security Module (HSM) B. Storing keys on a separate key server C. Storing keys on the same servers D. Storing keys in a password vault Correct Answer: A Using a cloud-based hardware security module (HSM) provides the key management that Yolanda desires, protecting keys from viewing by anyone. The other approaches all expose keys to vendor staff and/or Yolanda's own team and would not provide the same high level of secrets management as an HSM.. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

18 Aug

Posted at 16:34h in Uncategorized by

Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies. Gina would like to restrict the access that different technologists in her organization have to provision cloud resources from the company's IaaS provider. What is the best way for her to achieve this goal? A. Security Group B. Resource Policy C. CASB Policy D. ACL Correct Answer: B Resource policies are cloud-native controls designed to restrict the use of IaaS services by particular users. That would be the best way for Gina to achieve her goal. It might be possible to achieve this goal using a CASB, but that would add an unnecessary layer of complexity. Security groups and ACLs are used to restrict network access, not resource use. Interested in more practice test questions? Get a copy of my official CertMike Practice Test books for the Security+ exam, CISSP exam, SSCP exam, or CySA+ exam and practice with hundreds of questions designed just like the real test! ...

In Archive